From 5505dd9afd380c1676d9d0cef3e10d5be06ffee2 Mon Sep 17 00:00:00 2001 From: Tim Roes Date: Sun, 27 Nov 2011 01:22:40 +0100 Subject: Fixed XML-RPC getAttachment method. Without creating an IXR_Base64 object, the file will be encoded as base64, but send as string. The client XML-RPC parser cannot detect that it is meant to be a base64 encoded file. --- lib/exe/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index e5e3298ae..3a05c886d 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -311,7 +311,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return new IXR_Error(1, 'The requested file does not exist'); $data = io_readFile($file, false); - $base64 = base64_encode($data); + $base64 = new IXR_Base64($data); return $base64; } -- cgit v1.2.3 From 3f3bb97fcdd30282632d96a5bb19d2ea61c01504 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Mon, 28 Nov 2011 20:59:49 +0100 Subject: removed dublicated content --- lib/exe/xmlrpc.php | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index e5e3298ae..cb8dbf42d 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -21,6 +21,7 @@ if(!$conf['xmlrpc']) die('XML-RPC server not enabled.'); class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { var $methods = array(); var $public_methods = array(); + var $remote; /** * Checks if the current user is allowed to execute non anonymous methods @@ -67,6 +68,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Constructor. Register methods and run Server */ function dokuwiki_xmlrpc_server(){ + $this->remote = new RemoteAPI(); $this->IXR_IntrospectionServer(); /* DokuWiki's own methods */ @@ -284,16 +286,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * Return a raw wiki page */ function rawPage($id,$rev=''){ - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_READ){ + try { + return $this->remote->rawPage($id, $rev); + } catch(RemoteAccessDenied $e) { return new IXR_Error(1, 'You are not allowed to read this page'); } - $text = rawWiki($id,$rev); - if(!$text) { - return pageTemplate($id); - } else { - return $text; - } } /** -- cgit v1.2.3 From 1c122589394bb9150f09facdcd6e75d054eb69a4 Mon Sep 17 00:00:00 2001 From: Tim Roes Date: Tue, 29 Nov 2011 19:17:59 +0100 Subject: Using sensefull error codes. Since there are currently a lot of error coded returning 1, that mean completly different thing, i guess it would be very nice to change this. A client should not be forced to parse the error message, the error code should be enough to explain the error. This change suggests some error codes, that have a hierarchical structure. In the following list the categories begin with = and the error codes actually used with -. = 100 Page errors == 110 Page access errors --- 111 User is not allowed to read the requested page --- 112 User is not allowed to edit the page == 120 Page existance errors --- 121 The requested page does not exist == 130 Page edit errors --- 131 Empty page id --- 132 Empty page content --- 133 Page is locked --- 134 Positive wordblock check = 200 Media errors == 210 Media access errors --- 211 User is not allowed to read media --- 215 User is not allowed to list media == 220 Media existance errors --- 221 The requested media does not exist = 300 Search errors == 310 Argument errors --- 311 The provided value is not a valid timestamp == 320 Search result errors --- 321 No chances in specified timeframe --- lib/exe/xmlrpc.php | 38 +++++++++++++++++++------------------- 1 file changed, 19 insertions(+), 19 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 3a05c886d..5d19725a3 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -286,7 +286,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function rawPage($id,$rev=''){ $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); + return new IXR_Error(111, 'You are not allowed to read this page'); } $text = rawWiki($id,$rev); if(!$text) { @@ -304,11 +304,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function getAttachment($id){ $id = cleanID($id); if (auth_quickaclcheck(getNS($id).':*') < AUTH_READ) - return new IXR_Error(1, 'You are not allowed to read this file'); + return new IXR_Error(211, 'You are not allowed to read this file'); $file = mediaFN($id); if (!@ file_exists($file)) - return new IXR_Error(1, 'The requested file does not exist'); + return new IXR_Error(221, 'The requested file does not exist'); $data = io_readFile($file, false); $base64 = new IXR_Base64($data); @@ -342,7 +342,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function htmlPage($id,$rev=''){ $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); + return new IXR_Error(111, 'You are not allowed to read this page'); } return p_wiki_xhtml($id,$rev,false); } @@ -462,7 +462,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { } return $data; } else { - return new IXR_Error(1, 'You are not allowed to list media files.'); + return new IXR_Error(215, 'You are not allowed to list media files.'); } } @@ -479,12 +479,12 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function pageInfo($id,$rev=''){ $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); + return new IXR_Error(111, 'You are not allowed to read this page'); } $file = wikiFN($id,$rev); $time = @filemtime($file); if(!$time){ - return new IXR_Error(10, 'The requested page does not exist'); + return new IXR_Error(121, 'The requested page does not exist'); } $info = getRevisionInfo($id, $time, 1024); @@ -515,22 +515,22 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $minor = $params['minor']; if(empty($id)) - return new IXR_Error(1, 'Empty page ID'); + return new IXR_Error(131, 'Empty page ID'); if(!page_exists($id) && trim($TEXT) == '' ) { - return new IXR_ERROR(1, 'Refusing to write an empty new wiki page'); + return new IXR_ERROR(132, 'Refusing to write an empty new wiki page'); } if(auth_quickaclcheck($id) < AUTH_EDIT) - return new IXR_Error(1, 'You are not allowed to edit this page'); + return new IXR_Error(112, 'You are not allowed to edit this page'); // Check, if page is locked if(checklock($id)) - return new IXR_Error(1, 'The page is currently locked'); + return new IXR_Error(133, 'The page is currently locked'); // SPAM check if(checkwordblock()) - return new IXR_Error(1, 'Positive wordblock check'); + return new IXR_Error(134, 'Positive wordblock check'); // autoset summary on new pages if(!page_exists($id) && empty($sum)) { @@ -635,7 +635,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function listLinks($id) { $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); + return new IXR_Error(111, 'You are not allowed to read this page'); } $links = array(); @@ -684,7 +684,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { */ function getRecentChanges($timestamp) { if(strlen($timestamp) != 10) - return new IXR_Error(20, 'The provided value is not a valid timestamp'); + return new IXR_Error(311, 'The provided value is not a valid timestamp'); $recents = getRecentsSince($timestamp); @@ -705,7 +705,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return $changes; } else { // in case we still have nothing at this point - return new IXR_Error(30, 'There are no changes in the specified timeframe'); + return new IXR_Error(321, 'There are no changes in the specified timeframe'); } } @@ -717,7 +717,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { */ function getRecentMediaChanges($timestamp) { if(strlen($timestamp) != 10) - return new IXR_Error(20, 'The provided value is not a valid timestamp'); + return new IXR_Error(311, 'The provided value is not a valid timestamp'); $recents = getRecentsSince($timestamp, null, '', RECENTS_MEDIA_CHANGES); @@ -738,7 +738,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { return $changes; } else { // in case we still have nothing at this point - return new IXR_Error(30, 'There are no changes in the specified timeframe'); + return new IXR_Error(321, 'There are no changes in the specified timeframe'); } } @@ -750,14 +750,14 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { function pageVersions($id, $first) { $id = cleanID($id); if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); + return new IXR_Error(111, 'You are not allowed to read this page'); } global $conf; $versions = array(); if(empty($id)) - return new IXR_Error(1, 'Empty page ID'); + return new IXR_Error(131, 'Empty page ID'); $revisions = getRevisions($id, $first, $conf['recent']+1); -- cgit v1.2.3 From f3046d2bbd96dc9a501975392e76d6ae539cdf05 Mon Sep 17 00:00:00 2001 From: Tim Roes Date: Tue, 29 Nov 2011 20:42:35 +0100 Subject: Second part of the error codes. Forgot some :( Added the new error codes and categories: --- 212 Not allowed to delete media == 230 Media edit error --- 231 Filename not given --- 232 File is still referenced --- 233 Could not delete file --- lib/exe/xmlrpc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 5d19725a3..910271461 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -575,7 +575,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $auth = auth_quickaclcheck(getNS($id).':*'); if(!isset($id)) { - return new IXR_ERROR(1, 'Filename not given.'); + return new IXR_ERROR(231, 'Filename not given.'); } global $conf; @@ -611,11 +611,11 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { if ($res & DOKU_MEDIA_DELETED) { return 0; } elseif ($res & DOKU_MEDIA_NOT_AUTH) { - return new IXR_ERROR(1, "You don't have permissions to delete files."); + return new IXR_ERROR(212, "You don't have permissions to delete files."); } elseif ($res & DOKU_MEDIA_INUSE) { - return new IXR_ERROR(1, 'File is still referenced'); + return new IXR_ERROR(232, 'File is still referenced'); } else { - return new IXR_ERROR(1, 'Could not delete file'); + return new IXR_ERROR(233, 'Could not delete file'); } } -- cgit v1.2.3 From aafb4e36f7fdc95d371cffcf351c3611efd69945 Mon Sep 17 00:00:00 2001 From: Tim Roes Date: Thu, 1 Dec 2011 22:33:16 +0100 Subject: Fixed bug in XML-RPC search. The score was randomly transfered as string or as integer. This way it will always be transfered as an integer. --- lib/exe/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 910271461..61e6f1e95 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -411,7 +411,7 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { $pages[] = array( 'id' => $id, - 'score' => $score, + 'score' => intval($score), 'rev' => filemtime($file), 'mtime' => filemtime($file), 'size' => filesize($file), -- cgit v1.2.3 From fe092d886946cca23fa8ab1be240a356a1f60492 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Sun, 11 Dec 2011 11:24:19 +0100 Subject: transfered bugfix from dokuwiki 97a000f0551735b35606d94d59abc4ff440783a5 --- lib/exe/xmlrpc.php | 35 ++++++++++++----------------------- 1 file changed, 12 insertions(+), 23 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index cb8dbf42d..bcbae0a43 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -299,17 +299,16 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Gina Haeussge */ function getAttachment($id){ - $id = cleanID($id); - if (auth_quickaclcheck(getNS($id).':*') < AUTH_READ) - return new IXR_Error(1, 'You are not allowed to read this file'); - - $file = mediaFN($id); - if (!@ file_exists($file)) - return new IXR_Error(1, 'The requested file does not exist'); - - $data = io_readFile($file, false); - $base64 = base64_encode($data); - return $base64; + try { + try { + return $this->remote->getAttachment($id); + } catch (RemoteAccessDenied $e) { + return new IXR_Error(1, 'You are not allowed to read this file'); + } + } + catch (RemoteException $e) { + return new IXR_Error(1, $e->getMessage()); + } } /** @@ -318,18 +317,8 @@ class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { * @author Gina Haeussge */ function getAttachmentInfo($id){ - $id = cleanID($id); - $info = array( - 'lastModified' => 0, - 'size' => 0, - ); - - $file = mediaFN($id); - if ((auth_quickaclcheck(getNS($id).':*') >= AUTH_READ) && file_exists($file)){ - $info['lastModified'] = new IXR_Date(filemtime($file)); - $info['size'] = filesize($file); - } - + $info = $this->remote->getAttachmentInfo($id); + $info['lastModified'] = new IXR_Date($info['lastModified']); return $info; } -- cgit v1.2.3 From 3a13cfe7e12afabb47139702b7f118d63ccf42c2 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Sun, 8 Jan 2012 18:10:38 +0100 Subject: set login as public method --- lib/exe/xmlrpc.php | 848 +---------------------------------------------------- 1 file changed, 14 insertions(+), 834 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index bcbae0a43..9888c9a61 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -10,6 +10,7 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); define('DOKU_XMLRPC_API_VERSION', 6); require_once(DOKU_INC.'inc/init.php'); +require_once(DOKU_INC.'inc/remote.php'); session_write_close(); //close session if(!$conf['xmlrpc']) die('XML-RPC server not enabled.'); @@ -18,855 +19,34 @@ if(!$conf['xmlrpc']) die('XML-RPC server not enabled.'); * Contains needed wrapper functions and registers all available * XMLRPC functions. */ -class dokuwiki_xmlrpc_server extends IXR_IntrospectionServer { - var $methods = array(); - var $public_methods = array(); +class dokuwiki_xmlrpc_server extends IXR_Server { var $remote; /** - * Checks if the current user is allowed to execute non anonymous methods - */ - function checkAuth(){ - global $conf; - global $USERINFO; - - if(!$conf['useacl']) return true; //no ACL - then no checks - if(trim($conf['xmlrpcuser']) == '') return true; //no restrictions - - return auth_isMember($conf['xmlrpcuser'],$_SERVER['REMOTE_USER'],(array) $USERINFO['grps']); - } - - /** - * Adds a callback, extends parent method - * - * add another parameter to define if anonymous access to - * this method should be granted. + * Constructor. Register methods and run Server */ - function addCallback($method, $callback, $args, $help, $public=false){ - if($public) $this->public_methods[] = $method; - return parent::addCallback($method, $callback, $args, $help); + function dokuwiki_xmlrpc_server(){ + $this->remote = new RemoteAPI(); + $this->IXR_Server(); } - /** - * Execute a call, extends parent method - * - * Checks for authentication first - */ function call($methodname, $args){ - if(!in_array($methodname,$this->public_methods) && !$this->checkAuth()){ + try { + //print 'a'; + $result = $this->remote->call($methodname, $args); + return $result; + } catch (RemoteAccessDenied $e) { if (!isset($_SERVER['REMOTE_USER'])) { header('HTTP/1.1 401 Unauthorized'); } else { header('HTTP/1.1 403 Forbidden'); } - return new IXR_Error(-32603, 'server error. not authorized to call method "'.$methodname.'".'); + return new IXR_Error(-32603, 'server error. not authorized to call method'); + } catch (RemoteException $e) { + return new IXR_Error($e->getCode(), $e->getMessage()); } - return parent::call($methodname, $args); } - /** - * Constructor. Register methods and run Server - */ - function dokuwiki_xmlrpc_server(){ - $this->remote = new RemoteAPI(); - $this->IXR_IntrospectionServer(); - - /* DokuWiki's own methods */ - $this->addCallback( - 'dokuwiki.getXMLRPCAPIVersion', - 'this:getAPIVersion', - array('integer'), - 'Returns the XMLRPC API version.', - true - ); - - $this->addCallback( - 'dokuwiki.getVersion', - 'getVersion', - array('string'), - 'Returns the running DokuWiki version.', - true - ); - - $this->addCallback( - 'dokuwiki.login', - 'this:login', - array('integer','string','string'), - 'Tries to login with the given credentials and sets auth cookies.', - true - ); - - $this->addCallback( - 'dokuwiki.getPagelist', - 'this:readNamespace', - array('struct','string','struct'), - 'List all pages within the given namespace.' - ); - - $this->addCallback( - 'dokuwiki.search', - 'this:search', - array('struct','string'), - 'Perform a fulltext search and return a list of matching pages' - ); - - $this->addCallback( - 'dokuwiki.getTime', - 'time', - array('int'), - 'Return the current time at the wiki server.' - ); - - $this->addCallback( - 'dokuwiki.setLocks', - 'this:setLocks', - array('struct','struct'), - 'Lock or unlock pages.' - ); - - - $this->addCallback( - 'dokuwiki.getTitle', - 'this:getTitle', - array('string'), - 'Returns the wiki title.', - true - ); - - $this->addCallback( - 'dokuwiki.appendPage', - 'this:appendPage', - array('int', 'string', 'string', 'struct'), - 'Append text to a wiki page.' - ); - - /* Wiki API v2 http://www.jspwiki.org/wiki/WikiRPCInterface2 */ - $this->addCallback( - 'wiki.getRPCVersionSupported', - 'this:wiki_RPCVersion', - array('int'), - 'Returns 2 with the supported RPC API version.', - true - ); - $this->addCallback( - 'wiki.getPage', - 'this:rawPage', - array('string','string'), - 'Get the raw Wiki text of page, latest version.' - ); - $this->addCallback( - 'wiki.getPageVersion', - 'this:rawPage', - array('string','string','int'), - 'Get the raw Wiki text of page.' - ); - $this->addCallback( - 'wiki.getPageHTML', - 'this:htmlPage', - array('string','string'), - 'Return page in rendered HTML, latest version.' - ); - $this->addCallback( - 'wiki.getPageHTMLVersion', - 'this:htmlPage', - array('string','string','int'), - 'Return page in rendered HTML.' - ); - $this->addCallback( - 'wiki.getAllPages', - 'this:listPages', - array('struct'), - 'Returns a list of all pages. The result is an array of utf8 pagenames.' - ); - $this->addCallback( - 'wiki.getAttachments', - 'this:listAttachments', - array('struct', 'string', 'struct'), - 'Returns a list of all media files.' - ); - $this->addCallback( - 'wiki.getBackLinks', - 'this:listBackLinks', - array('struct','string'), - 'Returns the pages that link to this page.' - ); - $this->addCallback( - 'wiki.getPageInfo', - 'this:pageInfo', - array('struct','string'), - 'Returns a struct with infos about the page.' - ); - $this->addCallback( - 'wiki.getPageInfoVersion', - 'this:pageInfo', - array('struct','string','int'), - 'Returns a struct with infos about the page.' - ); - $this->addCallback( - 'wiki.getPageVersions', - 'this:pageVersions', - array('struct','string','int'), - 'Returns the available revisions of the page.' - ); - $this->addCallback( - 'wiki.putPage', - 'this:putPage', - array('int', 'string', 'string', 'struct'), - 'Saves a wiki page.' - ); - $this->addCallback( - 'wiki.listLinks', - 'this:listLinks', - array('struct','string'), - 'Lists all links contained in a wiki page.' - ); - $this->addCallback( - 'wiki.getRecentChanges', - 'this:getRecentChanges', - array('struct','int'), - 'Returns a struct about all recent changes since given timestamp.' - ); - $this->addCallback( - 'wiki.getRecentMediaChanges', - 'this:getRecentMediaChanges', - array('struct','int'), - 'Returns a struct about all recent media changes since given timestamp.' - ); - $this->addCallback( - 'wiki.aclCheck', - 'this:aclCheck', - array('int', 'string'), - 'Returns the permissions of a given wiki page.' - ); - $this->addCallback( - 'wiki.putAttachment', - 'this:putAttachment', - array('struct', 'string', 'base64', 'struct'), - 'Upload a file to the wiki.' - ); - $this->addCallback( - 'wiki.deleteAttachment', - 'this:deleteAttachment', - array('int', 'string'), - 'Delete a file from the wiki.' - ); - $this->addCallback( - 'wiki.getAttachment', - 'this:getAttachment', - array('base64', 'string'), - 'Download a file from the wiki.' - ); - $this->addCallback( - 'wiki.getAttachmentInfo', - 'this:getAttachmentInfo', - array('struct', 'string'), - 'Returns a struct with infos about the attachment.' - ); - - /** - * Trigger XMLRPC_CALLBACK_REGISTER, action plugins can use this event - * to extend the XMLRPC interface and register their own callbacks. - * - * Event data: - * The XMLRPC server object: - * - * $event->data->addCallback() - register a callback, the second - * paramter has to be of the form "plugin::" - * - * $event->data->callbacks - an array which holds all awaylable - * callbacks - */ - trigger_event('XMLRPC_CALLBACK_REGISTER', $this); - - $this->serve(); - } - - /** - * Return a raw wiki page - */ - function rawPage($id,$rev=''){ - try { - return $this->remote->rawPage($id, $rev); - } catch(RemoteAccessDenied $e) { - return new IXR_Error(1, 'You are not allowed to read this page'); - } - } - - /** - * Return a media file encoded in base64 - * - * @author Gina Haeussge - */ - function getAttachment($id){ - try { - try { - return $this->remote->getAttachment($id); - } catch (RemoteAccessDenied $e) { - return new IXR_Error(1, 'You are not allowed to read this file'); - } - } - catch (RemoteException $e) { - return new IXR_Error(1, $e->getMessage()); - } - } - - /** - * Return info about a media file - * - * @author Gina Haeussge - */ - function getAttachmentInfo($id){ - $info = $this->remote->getAttachmentInfo($id); - $info['lastModified'] = new IXR_Date($info['lastModified']); - return $info; - } - - /** - * Return a wiki page rendered to html - */ - function htmlPage($id,$rev=''){ - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); - } - return p_wiki_xhtml($id,$rev,false); - } - - /** - * List all pages - we use the indexer list here - */ - function listPages(){ - $list = array(); - $pages = idx_get_indexer()->getPages(); - $pages = array_filter(array_filter($pages,'isVisiblePage'),'page_exists'); - - foreach(array_keys($pages) as $idx) { - $perm = auth_quickaclcheck($pages[$idx]); - if($perm < AUTH_READ) { - continue; - } - $page = array(); - $page['id'] = trim($pages[$idx]); - $page['perms'] = $perm; - $page['size'] = @filesize(wikiFN($pages[$idx])); - $page['lastModified'] = new IXR_Date(@filemtime(wikiFN($pages[$idx]))); - $list[] = $page; - } - - return $list; - } - - /** - * List all pages in the given namespace (and below) - */ - function readNamespace($ns,$opts){ - global $conf; - - if(!is_array($opts)) $opts=array(); - - $ns = cleanID($ns); - $dir = utf8_encodeFN(str_replace(':', '/', $ns)); - $data = array(); - $opts['skipacl'] = 0; // no ACL skipping for XMLRPC - search($data, $conf['datadir'], 'search_allpages', $opts, $dir); - return $data; - } - - /** - * List all pages in the given namespace (and below) - */ - function search($query){ - require_once(DOKU_INC.'inc/fulltext.php'); - - $regex = ''; - $data = ft_pageSearch($query,$regex); - $pages = array(); - - // prepare additional data - $idx = 0; - foreach($data as $id => $score){ - $file = wikiFN($id); - - if($idx < FT_SNIPPET_NUMBER){ - $snippet = ft_snippet($id,$regex); - $idx++; - }else{ - $snippet = ''; - } - - $pages[] = array( - 'id' => $id, - 'score' => $score, - 'rev' => filemtime($file), - 'mtime' => filemtime($file), - 'size' => filesize($file), - 'snippet' => $snippet, - ); - } - return $pages; - } - - /** - * Returns the wiki title. - */ - function getTitle(){ - global $conf; - return $conf['title']; - } - - /** - * List all media files. - * - * Available options are 'recursive' for also including the subnamespaces - * in the listing, and 'pattern' for filtering the returned files against - * a regular expression matching their name. - * - * @author Gina Haeussge - */ - function listAttachments($ns, $options = array()) { - global $conf; - global $lang; - - $ns = cleanID($ns); - - if (!is_array($options)) $options = array(); - $options['skipacl'] = 0; // no ACL skipping for XMLRPC - - - if(auth_quickaclcheck($ns.':*') >= AUTH_READ) { - $dir = utf8_encodeFN(str_replace(':', '/', $ns)); - - $data = array(); - search($data, $conf['mediadir'], 'search_media', $options, $dir); - $len = count($data); - if(!$len) return array(); - - for($i=0; $i<$len; $i++) { - unset($data[$i]['meta']); - $data[$i]['lastModified'] = new IXR_Date($data[$i]['mtime']); - } - return $data; - } else { - return new IXR_Error(1, 'You are not allowed to list media files.'); - } - } - - /** - * Return a list of backlinks - */ - function listBackLinks($id){ - return ft_backlinks(cleanID($id)); - } - - /** - * Return some basic data about a page - */ - function pageInfo($id,$rev=''){ - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); - } - $file = wikiFN($id,$rev); - $time = @filemtime($file); - if(!$time){ - return new IXR_Error(10, 'The requested page does not exist'); - } - - $info = getRevisionInfo($id, $time, 1024); - - $data = array( - 'name' => $id, - 'lastModified' => new IXR_Date($time), - 'author' => (($info['user']) ? $info['user'] : $info['ip']), - 'version' => $time - ); - - return ($data); - } - - /** - * Save a wiki page - * - * @author Michael Klier - */ - function putPage($id, $text, $params) { - global $TEXT; - global $lang; - global $conf; - - $id = cleanID($id); - $TEXT = cleanText($text); - $sum = $params['sum']; - $minor = $params['minor']; - - if(empty($id)) - return new IXR_Error(1, 'Empty page ID'); - - if(!page_exists($id) && trim($TEXT) == '' ) { - return new IXR_ERROR(1, 'Refusing to write an empty new wiki page'); - } - - if(auth_quickaclcheck($id) < AUTH_EDIT) - return new IXR_Error(1, 'You are not allowed to edit this page'); - - // Check, if page is locked - if(checklock($id)) - return new IXR_Error(1, 'The page is currently locked'); - - // SPAM check - if(checkwordblock()) - return new IXR_Error(1, 'Positive wordblock check'); - - // autoset summary on new pages - if(!page_exists($id) && empty($sum)) { - $sum = $lang['created']; - } - - // autoset summary on deleted pages - if(page_exists($id) && empty($TEXT) && empty($sum)) { - $sum = $lang['deleted']; - } - - lock($id); - - saveWikiText($id,$TEXT,$sum,$minor); - - unlock($id); - - // run the indexer if page wasn't indexed yet - idx_addPage($id); - - return 0; - } - - /** - * Appends text to a wiki page. - */ - function appendPage($id, $text, $params) { - $currentpage = $this->rawPage($id); - if (!is_string($currentpage)) { - return $currentpage; - } - return $this->putPage($id, $currentpage.$text, $params); - } - - /** - * Uploads a file to the wiki. - * - * Michael Klier - */ - function putAttachment($id, $file, $params) { - $id = cleanID($id); - $auth = auth_quickaclcheck(getNS($id).':*'); - - if(!isset($id)) { - return new IXR_ERROR(1, 'Filename not given.'); - } - - global $conf; - - $ftmp = $conf['tmpdir'] . '/' . md5($id.clientIP()); - - // save temporary file - @unlink($ftmp); - if (preg_match('/^[A-Za-z0-9\+\/]*={0,2}$/', $file) === 1) { - // DEPRECATED: Double-decode file if it still looks like base64 - // after first decoding (which is done by the library) - $file = base64_decode($file); - } - io_saveFile($ftmp, $file); - - $res = media_save(array('name' => $ftmp), $id, $params['ow'], $auth, 'rename'); - if (is_array($res)) { - return new IXR_ERROR(-$res[1], $res[0]); - } else { - return $res; - } - } - - /** - * Deletes a file from the wiki. - * - * @author Gina Haeussge - */ - function deleteAttachment($id){ - $id = cleanID($id); - $auth = auth_quickaclcheck(getNS($id).':*'); - $res = media_delete($id, $auth); - if ($res & DOKU_MEDIA_DELETED) { - return 0; - } elseif ($res & DOKU_MEDIA_NOT_AUTH) { - return new IXR_ERROR(1, "You don't have permissions to delete files."); - } elseif ($res & DOKU_MEDIA_INUSE) { - return new IXR_ERROR(1, 'File is still referenced'); - } else { - return new IXR_ERROR(1, 'Could not delete file'); - } - } - - /** - * Returns the permissions of a given wiki page - */ - function aclCheck($id) { - $id = cleanID($id); - return auth_quickaclcheck($id); - } - - /** - * Lists all links contained in a wiki page - * - * @author Michael Klier - */ - function listLinks($id) { - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); - } - $links = array(); - - // resolve page instructions - $ins = p_cached_instructions(wikiFN($id)); - - // instantiate new Renderer - needed for interwiki links - include(DOKU_INC.'inc/parser/xhtml.php'); - $Renderer = new Doku_Renderer_xhtml(); - $Renderer->interwiki = getInterwiki(); - - // parse parse instructions - foreach($ins as $in) { - $link = array(); - switch($in[0]) { - case 'internallink': - $link['type'] = 'local'; - $link['page'] = $in[1][0]; - $link['href'] = wl($in[1][0]); - array_push($links,$link); - break; - case 'externallink': - $link['type'] = 'extern'; - $link['page'] = $in[1][0]; - $link['href'] = $in[1][0]; - array_push($links,$link); - break; - case 'interwikilink': - $url = $Renderer->_resolveInterWiki($in[1][2],$in[1][3]); - $link['type'] = 'extern'; - $link['page'] = $url; - $link['href'] = $url; - array_push($links,$link); - break; - } - } - - return ($links); - } - - /** - * Returns a list of recent changes since give timestamp - * - * @author Michael Hamann - * @author Michael Klier - */ - function getRecentChanges($timestamp) { - if(strlen($timestamp) != 10) - return new IXR_Error(20, 'The provided value is not a valid timestamp'); - - $recents = getRecentsSince($timestamp); - - $changes = array(); - - foreach ($recents as $recent) { - $change = array(); - $change['name'] = $recent['id']; - $change['lastModified'] = new IXR_Date($recent['date']); - $change['author'] = $recent['user']; - $change['version'] = $recent['date']; - $change['perms'] = $recent['perms']; - $change['size'] = @filesize(wikiFN($recent['id'])); - array_push($changes, $change); - } - - if (!empty($changes)) { - return $changes; - } else { - // in case we still have nothing at this point - return new IXR_Error(30, 'There are no changes in the specified timeframe'); - } - } - - /** - * Returns a list of recent media changes since give timestamp - * - * @author Michael Hamann - * @author Michael Klier - */ - function getRecentMediaChanges($timestamp) { - if(strlen($timestamp) != 10) - return new IXR_Error(20, 'The provided value is not a valid timestamp'); - - $recents = getRecentsSince($timestamp, null, '', RECENTS_MEDIA_CHANGES); - - $changes = array(); - - foreach ($recents as $recent) { - $change = array(); - $change['name'] = $recent['id']; - $change['lastModified'] = new IXR_Date($recent['date']); - $change['author'] = $recent['user']; - $change['version'] = $recent['date']; - $change['perms'] = $recent['perms']; - $change['size'] = @filesize(mediaFN($recent['id'])); - array_push($changes, $change); - } - - if (!empty($changes)) { - return $changes; - } else { - // in case we still have nothing at this point - return new IXR_Error(30, 'There are no changes in the specified timeframe'); - } - } - - /** - * Returns a list of available revisions of a given wiki page - * - * @author Michael Klier - */ - function pageVersions($id, $first) { - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_READ){ - return new IXR_Error(1, 'You are not allowed to read this page'); - } - global $conf; - - $versions = array(); - - if(empty($id)) - return new IXR_Error(1, 'Empty page ID'); - - $revisions = getRevisions($id, $first, $conf['recent']+1); - - if(count($revisions)==0 && $first!=0) { - $first=0; - $revisions = getRevisions($id, $first, $conf['recent']+1); - } - - if(count($revisions)>0 && $first==0) { - array_unshift($revisions, ''); // include current revision - array_pop($revisions); // remove extra log entry - } - - $hasNext = false; - if(count($revisions)>$conf['recent']) { - $hasNext = true; - array_pop($revisions); // remove extra log entry - } - - if(!empty($revisions)) { - foreach($revisions as $rev) { - $file = wikiFN($id,$rev); - $time = @filemtime($file); - // we check if the page actually exists, if this is not the - // case this can lead to less pages being returned than - // specified via $conf['recent'] - if($time){ - $info = getRevisionInfo($id, $time, 1024); - if(!empty($info)) { - $data['user'] = $info['user']; - $data['ip'] = $info['ip']; - $data['type'] = $info['type']; - $data['sum'] = $info['sum']; - $data['modified'] = new IXR_Date($info['date']); - $data['version'] = $info['date']; - array_push($versions, $data); - } - } - } - return $versions; - } else { - return array(); - } - } - - /** - * The version of Wiki RPC API supported - */ - function wiki_RPCVersion(){ - return 2; - } - - - /** - * Locks or unlocks a given batch of pages - * - * Give an associative array with two keys: lock and unlock. Both should contain a - * list of pages to lock or unlock - * - * Returns an associative array with the keys locked, lockfail, unlocked and - * unlockfail, each containing lists of pages. - */ - function setLocks($set){ - $locked = array(); - $lockfail = array(); - $unlocked = array(); - $unlockfail = array(); - - foreach((array) $set['lock'] as $id){ - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_EDIT || checklock($id)){ - $lockfail[] = $id; - }else{ - lock($id); - $locked[] = $id; - } - } - - foreach((array) $set['unlock'] as $id){ - $id = cleanID($id); - if(auth_quickaclcheck($id) < AUTH_EDIT || !unlock($id)){ - $unlockfail[] = $id; - }else{ - $unlocked[] = $id; - } - } - - return array( - 'locked' => $locked, - 'lockfail' => $lockfail, - 'unlocked' => $unlocked, - 'unlockfail' => $unlockfail, - ); - } - - function getAPIVersion(){ - return DOKU_XMLRPC_API_VERSION; - } - - function login($user,$pass){ - global $conf; - global $auth; - if(!$conf['useacl']) return 0; - if(!$auth) return 0; - - @session_start(); // reopen session for login - if($auth->canDo('external')){ - $ok = $auth->trustExternal($user,$pass,false); - }else{ - $evdata = array( - 'user' => $user, - 'password' => $pass, - 'sticky' => false, - 'silent' => true, - ); - $ok = trigger_event('AUTH_LOGIN_CHECK', $evdata, 'auth_login_wrapper'); - } - session_write_close(); // we're done with the session - - return $ok; - } - - } $server = new dokuwiki_xmlrpc_server(); -- cgit v1.2.3 From f95017850a515969190f54df3d57a00449245bb9 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Sun, 8 Jan 2012 18:37:59 +0100 Subject: delegate file and date transformation to remote library --- lib/exe/xmlrpc.php | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 9888c9a61..44b4ba7a0 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -27,6 +27,8 @@ class dokuwiki_xmlrpc_server extends IXR_Server { */ function dokuwiki_xmlrpc_server(){ $this->remote = new RemoteAPI(); + $this->remote->setDateTransformation(array($this, 'toDate')); + $this->remote->setFileTransformation(array($this, 'toFile')); $this->IXR_Server(); } @@ -47,6 +49,14 @@ class dokuwiki_xmlrpc_server extends IXR_Server { } } + function toDate($data) { + return new IXR_Date($data); + } + + function toFile($data) { + return new IXR_Base64($data); + } + } $server = new dokuwiki_xmlrpc_server(); -- cgit v1.2.3 From e61127e4af913a252fbe5c8f427501268501895c Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Sun, 8 Jan 2012 19:31:10 +0100 Subject: refactored RemoteAccessDenied to RemoteAccessDeniedException --- lib/exe/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 44b4ba7a0..ce9ef1484 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -37,7 +37,7 @@ class dokuwiki_xmlrpc_server extends IXR_Server { //print 'a'; $result = $this->remote->call($methodname, $args); return $result; - } catch (RemoteAccessDenied $e) { + } catch (RemoteAccessDeniedException $e) { if (!isset($_SERVER['REMOTE_USER'])) { header('HTTP/1.1 401 Unauthorized'); } else { -- cgit v1.2.3 From 2203da5b13d5062626a6ecd6b599fb42dc415a06 Mon Sep 17 00:00:00 2001 From: Andreas Gohr Date: Wed, 1 Feb 2012 20:35:23 +0100 Subject: increased XMLRPC API version for 1d667b4 --- lib/exe/xmlrpc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 61e6f1e95..1264ff333 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -7,7 +7,7 @@ if(isset($HTTP_RAW_POST_DATA)) $HTTP_RAW_POST_DATA = trim($HTTP_RAW_POST_DATA); /** * Increased whenever the API is changed */ -define('DOKU_XMLRPC_API_VERSION', 6); +define('DOKU_XMLRPC_API_VERSION', 7); require_once(DOKU_INC.'inc/init.php'); session_write_close(); //close session -- cgit v1.2.3 From 750a55de568a82aaa40ca384a17a64804e94f2b9 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Sun, 5 Feb 2012 12:33:35 +0100 Subject: corrected comment --- lib/exe/xmlrpc.php | 1 - 1 file changed, 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index ce9ef1484..a48ac41b0 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -34,7 +34,6 @@ class dokuwiki_xmlrpc_server extends IXR_Server { function call($methodname, $args){ try { - //print 'a'; $result = $this->remote->call($methodname, $args); return $result; } catch (RemoteAccessDeniedException $e) { -- cgit v1.2.3 From 96946cc94d3ecb3832e2a1ce35c49743e25329e1 Mon Sep 17 00:00:00 2001 From: Dominik Eckelmann Date: Wed, 21 Mar 2012 11:25:00 +0100 Subject: replaced $HTTP_RAW_POST_DATA with http_get_raw_post_data function --- lib/exe/xmlrpc.php | 3 --- 1 file changed, 3 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index 93086e891..cbec90bff 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -1,9 +1,6 @@ Date: Thu, 22 Mar 2012 12:11:31 +0100 Subject: removed requires, changed conf check in xmlrpc.php --- lib/exe/xmlrpc.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index cbec90bff..cf3682f11 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -2,10 +2,9 @@ if(!defined('DOKU_INC')) define('DOKU_INC',dirname(__FILE__).'/../../'); require_once(DOKU_INC.'inc/init.php'); -require_once(DOKU_INC.'inc/remote.php'); session_write_close(); //close session -if(!$conf['xmlrpc']) die('XML-RPC server not enabled.'); +if(!$conf['remote']) die('XML-RPC server not enabled.'); /** * Contains needed wrapper functions and registers all available -- cgit v1.2.3 From b2a3342a5ee467dde700d5c67249400d5eb01f86 Mon Sep 17 00:00:00 2001 From: Tim Roes Date: Wed, 18 Apr 2012 14:58:27 +0200 Subject: Added more detail error code for unauthorized calls in xmlrpc interface. --- lib/exe/xmlrpc.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'lib/exe/xmlrpc.php') diff --git a/lib/exe/xmlrpc.php b/lib/exe/xmlrpc.php index cf3682f11..5e6c197d0 100644 --- a/lib/exe/xmlrpc.php +++ b/lib/exe/xmlrpc.php @@ -30,10 +30,11 @@ class dokuwiki_xmlrpc_server extends IXR_Server { } catch (RemoteAccessDeniedException $e) { if (!isset($_SERVER['REMOTE_USER'])) { header('HTTP/1.1 401 Unauthorized'); + return new IXR_Error(-32603, "server error. not authorized to call method $methodname"); } else { header('HTTP/1.1 403 Forbidden'); + return new IXR_Error(-32604, "server error. forbidden to call the method $methodname"); } - return new IXR_Error(-32603, "server error. not authorized to call method $methodname"); } catch (RemoteException $e) { return new IXR_Error($e->getCode(), $e->getMessage()); } -- cgit v1.2.3