function run()
{
$sError = false;
$this->setTitle($this->t_('title'));
if (AnwEnv::_POST("submit")) {
$sLogin = AnwEnv::_POST("login", "");
$sPassword = AnwEnv::_POST("password", "");
$bRememberMe = AnwSessions::isResumeEnabled() && AnwEnv::_POST("remember") ? true : false;
$sUrlRedirect = AnwEnv::_POST("redirect", "");
try {
//try to authenticate and open the session
AnwCurrentSession::login($sLogin, $sPassword, $bRememberMe);
$this->redirectInfo($sUrlRedirect, $this->t_("t_loggedin"), $this->t_("p_loggedin"));
} catch (AnwAuthException $e) {
$sError = $this->g_("err_auth");
} catch (AnwBadLoginException $e) {
$sError = $this->g_("err_badlogin");
} catch (AnwBadPasswordException $e) {
$sError = $this->g_("err_badpassword");
}
//error occurred, display again the login form
$this->showLoginForm($sLogin, $sUrlRedirect, $bRememberMe, $sError);
} else {
//arriving on the form
$this->showLoginForm("", AnwEnv::_GET("redirect", ""), false);
}
}
protected function createAndGrant($sLogin, $sDisplayName, $sEmail, $sPassword)
{
try {
//try to register
$sLang = AnwCurrentSession::getLang();
$nTimezone = AnwCurrentSession::getTimezone();
$oUser = AnwUsers::createUser($sLogin, $sDisplayName, $sEmail, $sLang, $nTimezone, $sPassword);
$this->grantUserAdmin($oUser);
return;
} catch (AnwLoginAlreadyTakenException $e) {
$sError = $this->g_("err_loginalreadytaken");
} catch (AnwBadLoginException $e) {
$sError = $this->g_("err_badlogin");
} catch (AnwDisplayNameAlreadyTakenException $e) {
$sError = $this->g_("err_displaynamealreadytaken");
} catch (AnwBadDisplayNameException $e) {
$sError = $this->g_("err_baddisplayname");
} catch (AnwEmailAlreadyTakenException $e) {
$sError = $this->g_("err_emailalreadytaken");
} catch (AnwBadEmailException $e) {
$sError = $this->g_("err_bademail");
} catch (AnwBadPasswordException $e) {
$sError = $this->g_("err_badpassword");
} catch (AnwBadCaptchaException $e) {
$sError = $this->g_("err_badcaptcha");
}
$this->showChooseGrant($sLogin, $sDisplayName, $sEmail, "", $sError);
}
private function doRename($sNewName, $sComment, $bUpdateLinks)
{
$nTime = time();
try {
if (!AnwCurrentSession::isActionAllowed($sNewName, 'create', $this->getoPage()->getLang())) {
throw new AnwAclException("permission create denied");
}
$oPageTest = new AnwPageByName($sNewName);
$oPageTest->setSkipLoadingContent(true);
if ($oPageTest->exists()) {
throw new AnwPageAlreadyExistsException();
}
$sOldName = $this->getoPage()->getName();
//rename page
$this->getoPage()->rename($sNewName, $bUpdateLinks);
//unlock
$this->unlockPageForEdition();
//redirect
AnwUtils::redirect(AnwUtils::link($sNewName));
} catch (AnwBadPageNameException $e) {
$sError = $this->g_("err_badpagename");
$this->renameForm($sNewName, $sComment, $sError);
} catch (AnwBadCommentException $e) {
$sError = $this->g_("err_badcomment");
$this->renameForm($sNewName, $sComment, $sError);
} catch (AnwPageAlreadyExistsException $e) {
$sError = $this->g_("err_pagealreadyexists");
$this->renameForm($sNewName, $sComment, $sError);
} catch (AnwAclException $e) {
$sError = $this->g_("err_nopermission");
$this->renameForm($sNewName, $sComment, $sError);
}
}
private function getOutput()
{
if (!AnwEnv::_GET("outputname") || !AnwEnv::_GET("outputlang")) {
return self::ERR_BADCALL;
}
$sOutput = "";
try {
//fake current page
$_GET[AnwActionPage::GET_PAGENAME] = AnwEnv::_GET("outputcurrent");
$sPageName = AnwEnv::_GET("outputname");
if (substr($sPageName, 0, 1) == '/') {
$sPageName = substr($sPageName, 1);
}
$sPageLang = AnwEnv::_GET("outputlang");
//additionnal permissions check
if (!AnwCurrentSession::isActionAllowed($sPageName, 'output', $sPageLang)) {
return self::ERR_ACLS;
}
//get page execution result
$bAutoLoadTranslatedPage = true;
$bUseCache = false;
//TODO?
$sCacheKey = "";
//"currentpage-".AnwActionPage::getCurrentPageName();
$sOutput = AnWiki::includePage($sPageName, $sPageLang, $bAutoLoadTranslatedPage, $bUseCache, $sCacheKey);
} catch (AnwPageNotFoundException $e) {
$sOutput = self::ERR_NOTFOUND;
} catch (AnwAclException $e) {
$sOutput = self::ERR_ACLS;
} catch (AnwException $e) {
$sOutput = self::ERR_UNKNOWN;
}
return $sOutput;
}
protected function doPing($bAddInDirectory)
{
//here, url is passed in any case for verification purpose
//but don't worry, it's stored on server side only when 'addindirectory' is true
$sPingTarget = ANWIKI_WEBPING . 'newinstall?' . 'siteurl=' . urlencode(AnwComponent::globalCfgUrlRoot()) . '&sitelang=' . urlencode(AnwComponent::globalCfgLangDefault()) . '&lang=' . urlencode(AnwCurrentSession::getLang()) . '&addindirectory=' . ($bAddInDirectory ? '1' : '0') . '&versionid=' . urlencode(ANWIKI_VERSION_ID) . '&nocache=' . time();
$this->out .= $this->tpl()->doPing($sPingTarget, $this->linkMe() . '&pingdone=1');
}
protected function pagenotfound()
{
if (AnwCurrentSession::isActionAllowed($this->getoPage()->getName(), 'create', -1)) {
AnwPlugins::hook('action_view_pagenotfound_create', $this->getoPage());
AnwUtils::redirect(AnwUtils::link($this->getoPage(), "create"));
} else {
AnwPlugins::hook('action_view_pagenotfound_404', $this->getoPage());
$this->error404();
}
}
static function time($nTimestamp = false, $nTimezone = false)
{
if ($nTimestamp === false) {
$nTimestamp = time();
}
if ($nTimezone === false) {
$nTimezone = AnwCurrentSession::getTimezone();
}
$nTimestamp += $nTimezone * 3600 - intval(date('Z'));
return $nTimestamp;
}
private function saveTranslation()
{
try {
$asAvailableLangs = $this->getoPage()->getPageGroup()->getAvailableLangs();
//check permissions : translate
foreach ($asAvailableLangs as $sLang) {
if (AnwEnv::_POST($this->getChkName($sLang))) {
$sTranslationName = AnwEnv::_POST($this->getInputName($sLang), "");
if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sLang)) {
throw new AnwAclException("permission translate denied");
}
}
}
$oPageTranslation = null;
AnwStorage::transactionStart();
try {
foreach ($asAvailableLangs as $sLang) {
if (AnwEnv::_POST($this->getChkName($sLang))) {
$sTranslationName = AnwEnv::_POST($this->getInputName($sLang), "");
//create translation
$oPageTranslation = $this->getoPage()->createNewTranslation($sTranslationName, $sLang);
}
}
AnwStorage::transactionCommit();
} catch (AnwException $e) {
AnwStorage::transactionRollback();
throw $e;
}
if ($oPageTranslation) {
// redirect to last created translation
AnwUtils::redirect(AnwUtils::link($oPageTranslation));
} else {
// no translation was created, show form again
$this->showForm();
}
} catch (AnwBadPageNameException $e) {
$this->showForm($this->g_("err_badpagename"));
} catch (AnwBadLangException $e) {
$this->showForm($this->g_("err_badlang"));
} catch (AnwPageAlreadyExistsException $e) {
$this->showForm($this->g_("err_pagealreadyexists"));
} catch (AnwAclException $e) {
$this->showForm($this->g_("err_nopermission"));
} catch (AnwLangExistsForPageGroupException $e) {
$this->showForm($this->g_("err_langexistsforpagegroup"));
}
}
function run()
{
if (!self::globalCfgUsersRegisterEnabled()) {
AnwUtils::redirect();
}
$this->setTitle($this->t_('title'));
$sError = false;
$sLogin = "";
$sDisplayName = "";
$sEmail = "";
if (AnwEnv::_POST("submit")) {
$sLogin = AnwEnv::_POST("login", "");
$sDisplayName = AnwEnv::_POST("displayname", "");
$sEmail = AnwEnv::_POST("email", "");
$sPassword = AnwEnv::_POST("password", "");
//try to register
try {
$this->checkCaptcha();
$sLang = AnwCurrentSession::getLang();
$nTimezone = AnwCurrentSession::getTimezone();
$oUser = AnwUsers::createUser($sLogin, $sDisplayName, $sEmail, $sLang, $nTimezone, $sPassword);
AnwCurrentSession::login($sLogin, $sPassword, false);
//open a public time-limited session
$this->redirectInfo(false, $this->t_("t_created"), $this->t_("p_created"));
} catch (AnwLoginAlreadyTakenException $e) {
$sError = $this->g_("err_loginalreadytaken");
} catch (AnwBadLoginException $e) {
$sError = $this->g_("err_badlogin");
} catch (AnwDisplayNameAlreadyTakenException $e) {
$sError = $this->g_("err_displaynamealreadytaken");
} catch (AnwBadDisplayNameException $e) {
$sError = $this->g_("err_baddisplayname");
} catch (AnwEmailAlreadyTakenException $e) {
$sError = $this->g_("err_emailalreadytaken");
} catch (AnwBadEmailException $e) {
$sError = $this->g_("err_bademail");
} catch (AnwBadPasswordException $e) {
$sError = $this->g_("err_badpassword");
} catch (AnwBadCaptchaException $e) {
$sError = $this->g_("err_badcaptcha");
}
}
//display register form
$this->out .= $this->tpl()->registerForm(AnwUtils::alink("register"), $sLogin, $sDisplayName, $sEmail, $sError);
}
static function includePage($sPageName, $sCurrentLang, $bAutoLoadTranslatedPage = true, $bUseCache = true, $sCacheKey = "")
{
//$oPage = new AnwPageByName($sPageName);
$oPage = AnwStorage::getPageByName($sPageName, false, false, $sCurrentLang);
//load translation if available
if ($bAutoLoadTranslatedPage && $oPage->getLang() != $sCurrentLang) {
$oPage = $oPage->getPageGroup()->getPreferedPage($sCurrentLang);
}
//check ACL
if (!AnwCurrentSession::isActionAllowed($oPage->getName(), 'view', $oPage->getLang())) {
throw new AnwAclException();
}
$oOutputHtml = $oPage->toHtml($bUseCache, $sCacheKey);
$sReturn = $oOutputHtml->runBody();
//$sContentHtmlDir = AnwComponent::g_("local_html_dir", array(), $oPage->getLang());
//$sReturn = '<div dir="'.$sContentHtmlDir.'">'.$sReturn.'</div>';
return $sReturn;
}
private function doChangeLang($sLang, $sComment)
{
try {
if (!AnwCurrentSession::isActionAllowed($this->getoPage()->getName(), 'create', $sLang)) {
throw new AnwAclException("permission create denied");
}
//change page lang
$this->getoPage()->changeLang($sLang, $sComment);
//unlock
$this->unlockPageForEdition();
//redirect
AnwUtils::redirect(AnwUtils::link($this->getoPage()));
} catch (AnwBadLangException $e) {
$sError = $this->g_("err_badlang");
$this->changeLangForm($sLang, $sComment, $sError);
} catch (AnwBadCommentException $e) {
$sError = $this->g_("err_badcomment");
$this->changeLangForm($sLang, $sComment, $sError);
} catch (AnwLangExistsForPageGroupException $e) {
$sError = $this->g_("err_langexistsforpagegroup");
$this->changeLangForm($sLang, $sComment, $sError);
}
}
private static function loadTranslationsFromFile($sFileName, $sLang, $sPrefix, $sTranslationName)
{
$lang = array();
//$lang is defined in the translation file
AnwDebug::log("Loading translation file : " . $sFileName);
(require_once $sFileName) or die("Unable to load language file : " . $sFileName);
foreach ($lang as $sTranslationId => $sTranslationValue) {
if ($sLang == AnwCurrentSession::getLang()) {
//we store ANY translationid for session lang
self::$translations[$sLang][$sPrefix][$sTranslationId] = $sTranslationValue;
} else {
//for other langs, we only store LOCAL translations
if (self::isLocalTranslation($sTranslationId)) {
self::$translations[$sLang][$sPrefix][$sTranslationId] = $sTranslationValue;
} else {
if (!isset(self::$translations[AnwCurrentSession::getLang()][$sPrefix][$sTranslationId])) {
self::$translations[$sLang][$sPrefix][$sTranslationId] = $sTranslationValue;
}
}
}
}
}
protected function checkCaptcha()
{
if (!AnwCurrentSession::testCaptcha()) {
throw new AnwBadCaptchaException();
}
}
private function exportData($aaExportPageGroups)
{
$oDoc = new DOMDocument("1.0", "UTF-8");
//put information as comment
$sComment = "";
$sComment .= $this->t_("xmlcomment_info") . "\n";
$sComment .= ANWIKI_WEBSITE . "\n\n";
$sComment .= $this->t_("xmlcomment_time", array("time" => Anwi18n::dateTime(time()))) . "\n";
$sComment .= $this->t_("xmlcomment_version", array("version" => ANWIKI_VERSION_NAME)) . "\n";
$sComment .= $this->t_("xmlcomment_user", array("user" => AnwCurrentSession::getUser()->getLogin())) . "\n";
$sComment .= $this->t_("xmlcomment_from", array("url" => self::globalCfgUrlRoot())) . "\n\n";
$sComment .= $this->t_("xmlcomment_contents") . "\n";
//list exported contents as comment
foreach ($aaExportPageGroups as $amPageGroup) {
foreach ($amPageGroup['PAGES'] as $oPage) {
$sPageTime = Anwi18n::dateTime($oPage->getTime());
$sComment .= ' * ' . $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ")\n";
}
}
$sCommentSeparator = "\n**************************************************\n";
$sComment = " " . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
$oCommentNode = $oDoc->createComment($sComment);
$oDoc->appendChild($oCommentNode);
//end comment
//<anwexport time="" origin="">
$oRootNode = $oDoc->createElement(self::XMLTAG_ROOT);
$oRootNode->setAttribute("time", time());
$oRootNode->setAttribute("from", AnwXml::xmlFileAttributeEncode(self::globalCfgUrlRoot()));
$oRootNode->setAttribute("version_id", ANWIKI_VERSION_ID);
$oRootNode->setAttribute("version_name", AnwXml::xmlFileAttributeEncode(ANWIKI_VERSION_NAME));
$oDoc->appendChild($oRootNode);
foreach ($aaExportPageGroups as $amPageGroup) {
$oPageGroup = $amPageGroup['GROUP'];
$sContentClassName = $oPageGroup->getContentClass()->getName();
//<anwpagegroup>
$oPageGroupNode = $oDoc->createElement(self::XMLTAG_PAGEGROUP);
$oPageGroupNode->setAttribute("contentclass", AnwXml::xmlFileAttributeEncode($sContentClassName));
foreach ($amPageGroup['PAGES'] as $oPage) {
//add comment
$sPageTime = Anwi18n::dateTime($oPage->getTime());
$sComment = $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ") (" . $oPageGroup->getContentClass()->getLabel() . "/" . $sContentClassName . ")";
//$sComment = " \n*\n* ".$sComment."\n*\n ";
$sCommentSeparator = "\n**************************************************\n";
$sComment = " \n\n" . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
$oCommentNode = $oDoc->createComment($sComment);
$oPageGroupNode->appendChild($oCommentNode);
//end comment
//using a CDATA node to preserve source breaklines :-)
//$sPageContent = $oPage->getContent()->toXml();
//$oPageContentNode = $oDoc->createCDATASection($sPageContent);
$oContentNodeDoc = $oPage->getContent()->toXml()->documentElement;
//here we got a <doc> node
$oPageContentNodeDoc = $oDoc->importNode($oContentNodeDoc, true);
//<anwpage name="" lang="" time="">
$oPageNode = $oDoc->createElement(self::XMLTAG_PAGE);
$oPageNode->setAttribute("name", AnwXml::xmlFileAttributeEncode($oPage->getName()));
$oPageNode->setAttribute("lang", AnwXml::xmlFileAttributeEncode($oPage->getLang()));
$oPageNode->setAttribute("time", $oPage->getTime());
//we need to do this to squeeze the unwanted <doc> node in
//WARNING - special loop ! childs are getting modified...
while ($oChildNode = $oPageContentNodeDoc->childNodes->item(0)) {
$oPageNode->appendChild($oChildNode);
}
$oPageGroupNode->appendChild($oPageNode);
}
$oRootNode->appendChild($oPageGroupNode);
}
$sReturn = AnwUtils::xmlDumpNode($oRootNode);
// even if final XML structure may be broken due to undeclared namespaces used in content,
// we let raw content as it is for better compatibility in later versions.
// $sReturn = AnwXml::prepareXmlValueToXml($sReturn);
return $sReturn;
}
function run()
{
AnwCurrentSession::logout();
$sUrlRedirect = AnwEnv::_GET("redirect", false);
$this->redirectInfo($sUrlRedirect, $this->t_("t_loggedout"), $this->t_("p_loggedout"));
}
/**
* Warning! This function may call overloaded functions by contentfields with tests consomming high cpu time
* (such as connecting to a database for checking that valid user/pwd have been edited).
* This function should be only called when it's really needed, and should never be called more than one time.
* This function performs ALL possible tests for checking contentfields values validity.
*
* @param $oContentParent content for which fieldValues/subcontents will be set if the test is success
*/
final function testContentFieldValues($amFieldValuesOrSubContents, $oContentParent)
{
AnwUtils::checkFriendAccess(array("AnwStructuredContent", "AnwStructuredContentField"));
//test multiplicity
$this->testContentFieldMultiplicity($amFieldValuesOrSubContents);
if ($this instanceof AnwStructuredContentField_atomic) {
//test each value
foreach ($amFieldValuesOrSubContents as $sFieldValue) {
if (is_array($sFieldValue) || is_object($sFieldValue)) {
throw new AnwUnexpectedException("testContentFieldValues on atomic: not a string");
}
//here we don't return a simple 'AnwInvalidContentFieldValueException' to prevent unauthorized users to access PHP source
//this will display a big ACL error page instead of edit form...
if (AnwUtils::contentHasPhpCode($sFieldValue)) {
AnwCurrentSession::getUser()->checkPhpEditionAllowed();
}
//check JS permission
if (AnwUtils::contentHasJsCode($sFieldValue) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
$sError = AnwComponent::g_editcontent("err_contentfield_acl_js");
throw new AnwInvalidContentFieldValueException($sError);
}
//specific tests for atomic fields
$this->testContentFieldValueAtomic($sFieldValue);
}
//if no error, test all atomic values together
$this->testAllContentFieldValuesAtomic($amFieldValuesOrSubContents);
} else {
//test each subcontents occurence
foreach ($amFieldValuesOrSubContents as $oContent) {
if (!$oContent instanceof AnwStructuredContent) {
throw new AnwUnexpectedException("testContentFieldValues on composed: not a subcontent");
}
//test subsubcontents
$aoSubContentFields = $this->getContentFields();
foreach ($aoSubContentFields as $oSubContentField) {
//recursive test
$amSubValuesOrSubContents = null;
$sSubContentFieldName = $oSubContentField->getName();
if ($oSubContentField instanceof AnwStructuredContentField_atomic) {
$amSubValuesOrSubContents = $oContent->getContentFieldValues($sSubContentFieldName);
} else {
$amSubValuesOrSubContents = $oContent->getSubContents($sSubContentFieldName);
}
$oSubContentField->testContentFieldValues($amSubValuesOrSubContents, $oContent);
}
//specific tests for composed fields - at last
$this->testContentFieldValueComposed($oContent);
}
//if no error, test all subcontents together
$this->testAllContentFieldValuesComposed($amFieldValuesOrSubContents);
}
}
private function showFormRevert($oPageGroup, $aaRevertPlan, $nRevToChangeId)
{
$aoChanges = array();
$aoChangesUnfiltered = AnwStorage::getLastChanges(false, 0, null, null, null, null, $oPageGroup);
foreach ($aoChangesUnfiltered as $oChange) {
// only keep "revertable" changes
if ($oChange->isRevertAvailable()) {
$aoChanges[] = $oChange;
}
}
$sHistoryPageGroupLink = false;
if (AnwCurrentSession::isActionGlobalAllowed("lastchanges")) {
$sHistoryPageGroupLink = AnwUtils::aLink("lastchanges", array("pagegroup" => $oPageGroup->getId()));
}
$this->out .= $this->tpl()->formRevert($this->linkMe(array("pagegroup" => $oPageGroup->getId())), $aoChanges, $nRevToChangeId, $sHistoryPageGroupLink);
foreach ($aaRevertPlan['DELETE'] as $oPageForDelete) {
$this->out .= $this->tpl()->simulateDelete($oPageForDelete->getLang(), $oPageForDelete->getName());
}
foreach ($aaRevertPlan['REVERT'] as $aoRevertPages) {
$oPageCurrent = $aoRevertPages[0];
$oPageForRevert = $aoRevertPages[1];
if ($oPageCurrent->isGlobalAndViewActionAllowed('diff')) {
$sImgDiff = AnwUtils::xQuote(AnwUtils::pathImg("diff.gif"));
$sAltDiff = AnwUtils::xQuote(self::g_("change_diff_link"));
$sLnkDiff = AnwUtils::xQuote(AnwUtils::link($oPageCurrent, "diff", array("page" => $oPageCurrent->getId(), "revfrom" => $oPageCurrent->getChangeId(), "revto" => $oPageForRevert->getChangeId())));
$sLnkDiff = <<<EOF
<a href="{$sLnkDiff}" title="{$sAltDiff}" target="_blank"><img src="{$sImgDiff}" alt="{$sAltDiff}"/></a>
EOF;
} else {
$sLnkDiff = '';
}
$this->out .= $this->tpl()->simulateRevert($oPageCurrent->getLang(), $oPageCurrent->getName(), $oPageForRevert, $sLnkDiff);
}
foreach ($aaRevertPlan['RESTORE'] as $oPageForRestore) {
$this->out .= $this->tpl()->simulateCreate($oPageForRestore);
}
foreach ($aaRevertPlan['KEEP'] as $oPageForKeep) {
$this->out .= $this->tpl()->simulateKeep($oPageForKeep->getLang(), $oPageForKeep->getName());
}
$this->out .= $this->tpl()->end();
}
private function saveTranslations($sAddLang)
{
try {
if (!Anwi18n::langExists($sAddLang)) {
throw new AnwBadLangException();
}
$this->out .= $this->tpl()->startProcess();
$bSomethingDone = false;
$aoPageGroups = AnwStorage::getPageGroups(false, null, null);
AnwStorage::transactionStart();
try {
foreach ($aoPageGroups as $oPageGroup) {
$aoPages = $oPageGroup->getPages();
$bChecked = AnwEnv::_POST($this->getChkName($oPageGroup));
if (!isset($aoPages[$sAddLang]) && $bChecked) {
$sTranslationName = AnwEnv::_POST($this->getInputName($oPageGroup));
//check permissions : translate
if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sAddLang)) {
throw new AnwAclException("permission translate denied");
}
//find PageRef
$nPageRefId = (int) AnwEnv::_POST($this->getInputRef($oPageGroup));
$oPageRef = new AnwPageById($nPageRefId);
if (isset($aoPages[$oPageRef->getLang()]) && $oPageRef->getId() == $aoPages[$oPageRef->getLang()]->getId()) {
//create translation
$oPageTranslation = $oPageRef->createNewTranslation($sTranslationName, $sAddLang);
$this->out .= $this->tpl()->newTranslationCreated($sAddLang, $oPageTranslation->link());
$bSomethingDone = true;
}
}
}
AnwStorage::transactionCommit();
} catch (AnwException $e) {
AnwStorage::transactionRollback();
throw $e;
}
$sUrlContinue = $this->linkMe(array("addlang" => $sAddLang));
if (!$bSomethingDone) {
AnwUtils::redirect($sUrlContinue);
}
$this->out .= $this->tpl()->endProcess($sUrlContinue);
} catch (AnwBadPageNameException $e) {
$this->showForm($sAddLang, $this->g_("err_badpagename"));
} catch (AnwBadLangException $e) {
$this->showForm($sAddLang, $this->g_("err_badlang"));
} catch (AnwPageAlreadyExistsException $e) {
$this->showForm($sAddLang, $this->g_("err_pagealreadyexists"));
} catch (AnwAclException $e) {
$this->showForm($sAddLang, $this->g_("err_nopermission"));
} catch (AnwLangExistsForPageGroupException $e) {
$this->showForm($sAddLang, $this->g_("err_langexistsforpagegroup"));
}
}
private function saveSession($oSession, $bCreateSessionIfNotExists = false)
{
$sSessionId = $oSession->getId();
if ($oSession->isLoggedIn()) {
//purge the old sessions from database (needed for the update/insert test)
$this->purgeExpiredSessionsFromDatabase();
//try to update session in database (if it already exists)
$sSessionIdentifier = AnwEnv::calculateSessionIdentifier();
$sSessionCode = self::generateSessionCode();
//a new code is generated (even if session already exists) to prevent session stealing
$nSessionUser = $oSession->getUser()->getId();
$sSessionResume = $oSession->isResume() ? 1 : 0;
$nSessionTimeSeen = time();
$asData = array("SessionIdentifier" => $this->db()->strtosql($sSessionIdentifier), "SessionCode" => $this->db()->strtosql($sSessionCode), "SessionUser" => $this->db()->inttosql($nSessionUser), "SessionResume" => $this->db()->strtosql($sSessionResume), "SessionTimeSeen" => $this->db()->inttosql($nSessionTimeSeen));
$this->db()->do_update($asData, "session", "WHERE SessionId=" . $this->db()->strtosql($sSessionId));
//otherwise, we may need to INSERT this new session or to kill it
if ($this->db()->affected_rows() != 1) {
if ($bCreateSessionIfNotExists) {
//user is logging in, it's normal that the session doesn't exist in database.
$asData["SessionId"] = $this->db()->strtosql($sSessionId);
$asData["SessionTimeStart"] = $this->db()->inttosql(time());
$asData["SessionTimeAuth"] = $this->db()->inttosql(time());
$this->db()->do_insert($asData, "session");
} else {
//here, the session is supposed to exist in database, but isn't found.
//this can happend in the following situations:
// - The session has expired (DurationIdle or DurationMax)
// - An user was using a session, when someone tried to steal it. The session was killed for security reasons.
// - An administrator has killed the session.
// - The session has expired.
//In both situations, the current session is no longer safe and must be closed.
self::debug("WARNING: Session doesn't exist in database, but session creation is NOT expected. Logging out.");
AnwCurrentSession::logout();
return;
}
}
//remember current session in cookies
$nCookieExpires = AnwSessions::isResumeEnabled() && $oSession->isResume() ? time() + $this->cfgResumeDelayMax() : 0;
AnwEnv::putCookie(self::COOKIE_SESSION_ID, $sSessionId, $nCookieExpires);
AnwEnv::putCookie(self::COOKIE_SESSION_CODE, $sSessionCode, $nCookieExpires);
AnwEnv::putSession(self::SESSION_CODE, $sSessionCode);
} else {
//unset cookies
AnwEnv::unsetCookie(self::COOKIE_SESSION_ID);
AnwEnv::unsetCookie(self::COOKIE_SESSION_CODE);
}
}
function selectLang($langs = null, $selectedlang = null)
{
$HTML = '';
if (!$langs) {
$langs = AnwComponent::globalCfgLangs();
}
if (!$selectedlang) {
$selectedlang = AnwCurrentSession::getLang();
}
foreach ($langs as $lang) {
$selected = $lang == $selectedlang ? ' selected="selected"' : "";
$sSrcFlag = Anwi18n::srcFlag($lang);
$HTML .= "<option value=\"" . $this->xQuote($lang) . "\"{$selected} style=\"background-image:url('{$sSrcFlag}');\">{$this->g_('lang_' . $lang)}</option>";
}
return $HTML;
}
private static function loadCurrentSession()
{
AnwDebug::startbench("Current session load");
try {
self::$oSession = AnwSessions::getCurrentSession();
//keepalive
$nElapsedTimeSinceKeepalive = time() - self::getLastKeepAlive();
$nKeepAliveInterval = AnwComponent::globalCfgKeepaliveDelay();
AnwDebug::log('(AnwSessions) Time elapsed since last keepalive: ' . $nElapsedTimeSinceKeepalive . '/' . $nKeepAliveInterval . 's');
if ($nElapsedTimeSinceKeepalive > $nKeepAliveInterval) {
AnwDebug::log('(AnwSessions) Running keepalive...');
$nTime = time();
self::resetLastKeepAlive();
//keepalive session
AnwSessions::keepAlive();
//run hooks
$oSessionUser = self::$oSession->getUser();
AnwPlugins::hook("session_keepalive_any", $oSessionUser);
if (self::$oSession->isLoggedIn()) {
AnwPlugins::hook("session_keepalive_loggedin", $oSessionUser);
} else {
AnwPlugins::hook("session_keepalive_loggedout", $oSessionUser);
}
}
} catch (AnwUserNotFoundException $e) {
//current user doesn't exist anymore
self::$oSession = new AnwSession();
self::logout();
}
AnwDebug::stopbench("Current session load");
}
function run()
{
try {
$nPageId = (int) AnwEnv::_GET("page");
if ($nPageId <= 0) {
throw new AnwBadCallException();
}
//find TO revision
$nRevToChangeId = (int) AnwEnv::_GET("revto");
if ($nRevToChangeId <= 0) {
throw new AnwBadCallException();
} else {
$oPageRevTo = AnwPage::getPageByChangeId($nPageId, $nRevToChangeId);
}
//find FROM revision
$nRevFromChangeId = (int) AnwEnv::_GET("revfrom");
if ($nRevFromChangeId <= 0) {
try {
$oPageRevFrom = $oPageRevTo->getPreviousArchive();
} catch (AnwArchiveNotFoundException $e) {
//if TO revision is already the last...
$oPageRevFrom = $oPageRevTo;
}
} else {
$oPageRevFrom = AnwPage::getPageByChangeId($nPageId, $nRevFromChangeId);
}
if (!$oPageRevTo) {
throw new AnwBadCallException("page revision TO not found :" . $nRevToChangeId);
}
if (!$oPageRevTo->getContent() instanceof AnwContentPage) {
throw new AnwUnexpectedException("error getcontent for page revision TO :" . $nRevToChangeId);
}
if (!$oPageRevFrom) {
throw new AnwBadCallException("page revision FROM not found :" . $nRevFromChangeId);
}
if (!$oPageRevFrom->getContent() instanceof AnwContentPage) {
throw new AnwUnexpectedException("error getcontent for page revision FROM :" . $nRevFromChangeId);
}
// check permissions
$oPageRevFrom->checkGlobalAndViewActionAllowed($this->getName());
$oPageRevTo->checkGlobalAndViewActionAllowed($this->getName());
$oContentXmlFrom = $oPageRevFrom->getContent()->toXml();
$oContentXmlTo = $oPageRevTo->getContent()->toXml();
} catch (AnwBadPageNameException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwBadCallException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwPageNotFoundException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwArchiveNotFoundException $e) {
$this->error($this->g_("err_badcall"));
}
$this->setTitle($this->t_("title", array("pagename" => $oPageRevTo->getName())));
$oDiffs = new AnwDiffs($oContentXmlFrom, $oContentXmlTo);
if (!AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
$oDiffs->hidePhpCode();
} else {
$oDiffs->showPhpCode();
}
$this->out .= $this->tpl()->beforeDiffs($this->linkMe(), $oPageRevFrom, $oPageRevTo, $oPageRevTo->getActivePage());
if ($oPageRevFrom->getChangeId() == $oPageRevTo->getChangeId()) {
$this->out .= $this->tpl()->drawNotice($this->t_("notice_same"));
}
if ($oPageRevFrom->getChangeId() > $oPageRevTo->getChangeId()) {
$this->out .= $this->tpl()->drawNotice($this->t_("notice_reverse"));
}
$this->renderDiffs($oDiffs);
}
private function checkPermissions($sPageName, $sPageLang, $sPageContent)
{
$asNotices = array();
//check that page don't exist
if (!AnwPage::isAvailablePageName($sPageName)) {
$asNotices[] = $this->t_("notice_exists");
}
//check PHP permission
if (AnwUtils::contentHasPhpCode($sPageContent) && !AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
$asNotices[] = $this->t_("notice_php");
}
//check JS permission
if (AnwUtils::contentHasJsCode($sPageContent) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
$asNotices[] = $this->t_("notice_js");
}
//check ACL permission : create and edit
if (!AnwCurrentSession::isActionAllowed($sPageName, "create", $sPageLang) || !AnwCurrentSession::isActionAllowed($sPageName, "edit", $sPageLang)) {
$asNotices[] = $this->t_("notice_acl");
}
return $asNotices;
}
function writeSettingsOverride()
{
//just to be sure, we check again content validity just before writing it
$this->checkContentValidity();
$sConfigDefaultFile = "none";
try {
$sConfigDefaultFile = $this->getComponent()->getConfigurableFileDefault();
} catch (AnwFileNotFoundException $e) {
}
//no default config
$cfg = $this->toOverrideCfgArray();
$sPhpCode = '<?php ' . "\n";
$sPhpCode .= ' /**' . "\n";
$sPhpCode .= ' * Anwiki override file.' . "\n";
$sPhpCode .= ' * This file can be edited directly from file system, or from Anwiki web interface.' . "\n";
$sPhpCode .= ' * ' . "\n";
$sPhpCode .= ' * Overridden file: ' . $sConfigDefaultFile . "\n";
$sPhpCode .= ' * Generated on: ' . Anwi18n::datetime(time()) . "\n";
$sPhpCode .= ' * By: ' . AnwCurrentSession::getUser()->getLogin() . "\n";
$sPhpCode .= ' * Using version: ' . ANWIKI_VERSION_NAME . ' (' . ANWIKI_VERSION_ID . ')' . "\n";
$sPhpCode .= ' */' . "\n";
$sPhpCode .= "\n";
$sPhpCode .= '$cfg = ' . AnwUtils::arrayToPhp($cfg) . "\n";
$sPhpCode .= '?>';
$sFileOverride = $this->getComponent()->getConfigurableFileOverride();
AnwUtils::file_put_contents($sFileOverride, $sPhpCode, LOCK_EX);
// clear component's cache for configurableContent
$this->getComponent()->___notifyConfigurableContentChanged();
}
protected function unlockPageForEdition()
{
AnwStorage::unlockPage($this->getoPage(), AnwCurrentSession::getSession());
}
protected function checkActionAllowed()
{
if (!AnwCurrentSession::isActionGlobalAllowed($this->getName())) {
throw new AnwAclException("You are not allowed to execute this action");
}
}
private function updateSettings()
{
//update prefs
$asErrorsPrefs = array();
try {
$sLang = AnwEnv::_POST("lang", "");
AnwCurrentSession::setLang($sLang);
$nTimezone = AnwEnv::_POST("timezone", 0);
AnwCurrentSession::setTimezone($nTimezone);
} catch (AnwBadLangException $e) {
$asErrorsPrefs[] = $this->g_("err_badlang");
} catch (AnwBadTimezoneException $e) {
$asErrorsPrefs[] = $this->g_("err_badtimezone");
} catch (AnwException $e) {
$asErrorsPrefs[] = $this->g_("err_unkn");
}
$asErrorsAccount = array();
if (AnwCurrentSession::isLoggedIn() && AnwUsers::isDriverInternal()) {
//update account
try {
//displayname change requested ?
if (self::globalCfgUsersChangeDisplayname()) {
$sDisplayname = AnwEnv::_POST("displayname", "");
if (AnwCurrentSession::getUser()->getDisplayName() != $sDisplayname) {
AnwCurrentSession::getUser()->changeDisplayName($sDisplayname);
}
}
//email change requested ?
$sEmail = AnwEnv::_POST("email", "");
if (AnwCurrentSession::getUser()->getEmail() != $sEmail) {
AnwCurrentSession::getUser()->changeEmail($sEmail);
}
//password change requested ?
$sNewPassword = AnwEnv::_POST("newpassword");
$sNewPasswordRepeat = AnwEnv::_POST("newpassword_repeat");
$sCurrentPassword = AnwEnv::_POST("currentpassword", "");
if ($sNewPassword) {
if ($sNewPassword == $sNewPasswordRepeat) {
try {
//authenticate with current password
AnwCurrentSession::getUser()->authenticate($sCurrentPassword);
//authentication ok, change the password
try {
AnwCurrentSession::getUser()->changePassword($sNewPassword);
} catch (AnwBadPasswordException $e) {
$asErrorsAccount[] = $this->t_("err_badnewpassword");
}
} catch (AnwBadPasswordException $e) {
$asErrorsAccount[] = $this->g_("err_incorrectpassword");
} catch (AnwAuthException $e) {
$asErrorsAccount[] = $this->g_("err_incorrectpassword");
}
} else {
$asErrorsAccount[] = $this->g_("err_passwordsmatch");
}
}
} catch (AnwDisplayNameAlreadyTakenException $e) {
$asErrorsAccount[] = $this->g_("err_displaynamealreadytaken");
} catch (AnwBadDisplayNameException $e) {
$asErrorsAccount[] = $this->g_("err_baddisplayname");
} catch (AnwEmailAlreadyTakenException $e) {
$asErrorsAccount[] = $this->g_("err_emailalreadytaken");
} catch (AnwBadEmailException $e) {
$asErrorsAccount[] = $this->g_("err_bademail");
} catch (AnwException $e) {
$asErrorsAccount[] = $this->g_("err_unkn");
}
}
if (count($asErrorsPrefs) > 0 || count($asErrorsAccount) > 0) {
$this->formSettings(false, $asErrorsPrefs, $asErrorsAccount);
} else {
AnwUtils::redirect($this->linkMe(array("done" => 1)));
}
}
function showHtml($aoChanges, $amAllChangeTypes, $amDisplayChangeTypes, $asAllLangs, $asDisplayLangs, $asAllClasses, $asDisplayClasses, $nStartPrev, $nStartNext, $sTitle, $bGrouped, $oPage, $oPageGroup)
{
$this->out .= $this->tpl()->lastchangesHeader($sTitle);
$sUrl = AnwEnv::_SERVER('REQUEST_URI');
$sUrl = preg_replace("/&s=([0-9]*)/", "", $sUrl);
//rss link
$sRssLink = $sUrl;
$sRssLink .= '&feed=rss2';
//without start
$this->head($this->tpl()->headRss($sRssLink));
$this->out .= $this->tpl()->filterBefore($this->linkMe());
$nPageId = $oPage ? $oPage->getId() : null;
$nPageGroupId = $oPageGroup ? $oPageGroup->getId() : null;
$bShowHistoryColumn = $oPage ? false : true;
//disable filters if a page is selected
if (!$nPageId) {
//filter lang
$this->out .= $this->tpl()->filterLangs($asAllLangs, $asDisplayLangs);
}
if (!$nPageId && !$nPageGroupId) {
//filter contentclass
$this->out .= $this->tpl()->filterClass($asAllClasses, $asDisplayClasses);
}
//filter changes types
$this->out .= $this->tpl()->filterChangeTypes($amAllChangeTypes, $amDisplayChangeTypes);
//display mode
$sHistoryPageGroupLink = false;
if ($oPage && AnwCurrentSession::isActionGlobalAllowed($this->getName())) {
$sHistoryPageGroupLink = AnwEnv::_SERVER('REQUEST_URI');
$sHistoryPageGroupLink = preg_replace("\$&page=([0-9]*)\$", "", $sHistoryPageGroupLink);
$sHistoryPageGroupLink = preg_replace("\$&pagegroup=([0-9]*)\$", "", $sHistoryPageGroupLink);
$sHistoryPageGroupLink .= '&pagegroup=' . $oPage->getPageGroup()->getId();
}
$this->out .= $this->tpl()->filterAfter($bGrouped, $nPageId, $nPageGroupId, $sRssLink, $sHistoryPageGroupLink);
//nav
$sLatestLink = "";
$sPrevLink = "";
if ($nStartPrev >= 0) {
$sPrevLink = $sUrl . '&s=' . $nStartPrev;
if ($nStartPrev > 0) {
$sLatestLink = $sUrl . '&s=0';
}
}
$sNextLink = $sUrl . '&s=' . $nStartNext;
$this->out .= $this->tpl()->nav($sLatestLink, $sPrevLink, $sNextLink, $bShowHistoryColumn);
foreach ($aoChanges as $i => $oChange) {
$sType = AnwChange::changeTypei18n($oChange->getType());
//links
$sLnkPage = '<span class="pageid">#' . $oChange->getPageId() . '</span>';
$sLnkDiff = '-';
if ($oChange->activePageExists()) {
$sLnkPage = $oChange->getActivePage()->link();
//active link, if it exists
}
//diffs link
if ($oChange->isGlobalAndViewActionAllowed('diff')) {
if ($oChange->isDiffAvailable()) {
$sImgDiff = AnwUtils::xQuote(AnwUtils::pathImg("diff.gif"));
$sAltDiff = AnwUtils::xQuote(self::g_("change_diff_link"));
$sLnkDiff = AnwUtils::xQuote(AnwUtils::alink("diff", array("page" => $oChange->getPageId(), "revto" => $oChange->getChangeId())));
$sLnkDiff = <<<EOF
<a href="{$sLnkDiff}" title="{$sAltDiff}"><img src="{$sImgDiff}" alt="{$sAltDiff}"/></a>
EOF;
}
}
//history link
$sLnkHistory = false;
if ($bShowHistoryColumn) {
$sLnkHistory = " - ";
if ($oChange->isActionAllowed('history')) {
$sImgHistory = AnwUtils::xQuote(AnwUtils::pathImg("history.gif"));
$sAltHistory = AnwUtils::xQuote($this->t_("change_history_link"));
$sLnkHistory = AnwUtils::xQuote(AnwUtils::alink("lastchanges", array("page" => $oChange->getPageId())));
$sLnkHistory = <<<EOF
<a href="{$sLnkHistory}" title="{$sAltHistory}"><img src="{$sImgHistory}" alt="{$sAltHistory}"/></a>
EOF;
}
}
//revert link
$sLnkRevert = " - ";
if ($oChange->isGlobalAndViewActionAllowed('revert')) {
if ($oChange->isRevertAvailable()) {
$sImgRevert = AnwUtils::xQuote(AnwUtils::pathImg("revert.gif"));
$sAltRevert = AnwUtils::xQuote(self::t_("change_revert_link"));
$sLnkRevert = AnwUtils::xQuote(AnwUtils::alink("revert", array("page" => $oChange->getPageId(), "revto" => $oChange->getChangeId())));
//we pass pageid instead of pagegroupid for better performances...
$sLnkRevert = <<<EOF
<a href="{$sLnkRevert}" title="{$sAltRevert}"><img src="{$sImgRevert}" alt="{$sAltRevert}"/></a>
EOF;
}
}
//output
$this->out .= $this->tpl()->lastchangesLine(Anwi18n::dateTime($oChange->getTime()), $sType, $oChange->getComment(), $oChange->getInfo(), $oChange->getUser()->getDisplayName(), $sLnkPage, $sLnkDiff, $sLnkHistory, $sLnkRevert, $oChange->getPageName(), $oChange->getPageLang());
}
$this->out .= $this->tpl()->lastchangesFooter();
}
function needsCaptcha()
{
return AnwCurrentSession::isLoggedIn() ? false : true;
}
private function createPageProcess($sLang, $sContentClass)
{
$sPageName = $this->getPageName();
if (!AnwCurrentSession::isActionAllowed($sPageName, 'create', $sLang)) {
throw new AnwAclException("permission create denied");
}
$oContentClass = AnwContentClasses::getContentClass($sContentClass);
AnwStorage::transactionStart();
try {
//create page
$oPage = AnwPage::createNewPage($oContentClass, $sPageName, $sLang);
//should we create translations for this new page?
$asAvailableLangs = $oPage->getPageGroup()->getAvailableLangs();
//check permissions : translate
foreach ($asAvailableLangs as $sLang) {
if (AnwEnv::_POST($this->getChkName($sLang))) {
$sTranslationName = AnwEnv::_POST($this->getInputName($sLang), "");
if (!AnwCurrentSession::isActionAllowed($sTranslationName, 'translate', $sLang)) {
throw new AnwAclException("permission translate denied");
}
}
}
foreach ($asAvailableLangs as $sLang) {
if (AnwEnv::_POST($this->getChkName($sLang))) {
$sTranslationName = AnwEnv::_POST($this->getInputName($sLang), "");
//create translation
$oPageTranslation = $oPage->createNewTranslation($sTranslationName, $sLang);
}
}
AnwStorage::transactionCommit();
} catch (AnwException $e) {
AnwStorage::transactionRollback();
throw $e;
}
AnwUtils::redirect(AnwUtils::link($oPage, "edit"));
}
