Exemple #1
0
/**
 * Call the needed action handlers
 *
 * @author Andreas Gohr <*****@*****.**>
 * @triggers ACTION_ACT_PREPROCESS
 * @triggers ACTION_HEADERS_SEND
 */
function act_dispatch()
{
    global $ACT;
    global $ID;
    global $INFO;
    global $QUERY;
    global $lang;
    global $conf;
    $preact = $ACT;
    // give plugins an opportunity to process the action
    $evt = new Doku_Event('ACTION_ACT_PREPROCESS', $ACT);
    if ($evt->advise_before()) {
        //sanitize $ACT
        $ACT = act_clean($ACT);
        //check if searchword was given - else just show
        $s = cleanID($QUERY);
        if ($ACT == 'search' && empty($s)) {
            $ACT = 'show';
        }
        //login stuff
        if (in_array($ACT, array('login', 'logout'))) {
            $ACT = act_auth($ACT);
        }
        //check if user is asking to (un)subscribe a page
        if ($ACT == 'subscribe') {
            try {
                $ACT = act_subscription($ACT);
            } catch (Exception $e) {
                msg($e->getMessage(), -1);
            }
        }
        //display some infos
        if ($ACT == 'check') {
            check();
            $ACT = 'show';
        }
        //check permissions
        $ACT = act_permcheck($ACT);
        //sitemap
        if ($ACT == 'sitemap') {
            $ACT = act_sitemap($ACT);
        }
        //register
        if ($ACT == 'register' && $_POST['save'] && register()) {
            $ACT = 'login';
        }
        if ($ACT == 'resendpwd' && act_resendpwd()) {
            $ACT = 'login';
        }
        //update user profile
        if ($ACT == 'profile') {
            if (!$_SERVER['REMOTE_USER']) {
                $ACT = 'login';
            } else {
                if (updateprofile()) {
                    msg($lang['profchanged'], 1);
                    $ACT = 'show';
                }
            }
        }
        //revert
        if ($ACT == 'revert') {
            if (checkSecurityToken()) {
                $ACT = act_revert($ACT);
            } else {
                $ACT = 'show';
            }
        }
        //save
        if ($ACT == 'save') {
            if (checkSecurityToken()) {
                $ACT = act_save($ACT);
            } else {
                $ACT = 'show';
            }
        }
        //cancel conflicting edit
        if ($ACT == 'cancel') {
            $ACT = 'show';
        }
        //draft deletion
        if ($ACT == 'draftdel') {
            $ACT = act_draftdel($ACT);
        }
        //draft saving on preview
        if ($ACT == 'preview') {
            $ACT = act_draftsave($ACT);
        }
        //edit
        if (in_array($ACT, array('edit', 'preview', 'recover'))) {
            $ACT = act_edit($ACT);
        } else {
            unlock($ID);
            //try to unlock
        }
        //handle export
        if (substr($ACT, 0, 7) == 'export_') {
            $ACT = act_export($ACT);
        }
        //handle admin tasks
        if ($ACT == 'admin') {
            // retrieve admin plugin name from $_REQUEST['page']
            if (!empty($_REQUEST['page'])) {
                $pluginlist = plugin_list('admin');
                if (in_array($_REQUEST['page'], $pluginlist)) {
                    // attempt to load the plugin
                    if (($plugin =& plugin_load('admin', $_REQUEST['page'])) !== null) {
                        if ($plugin->forAdminOnly() && !$INFO['isadmin']) {
                            // a manager tried to load a plugin that's for admins only
                            unset($_REQUEST['page']);
                            msg('For admins only', -1);
                        } else {
                            $plugin->handle();
                        }
                    }
                }
            }
        }
        // check permissions again - the action may have changed
        $ACT = act_permcheck($ACT);
    }
    // end event ACTION_ACT_PREPROCESS default action
    $evt->advise_after();
    // Make sure plugs can handle 'denied'
    if ($conf['send404'] && $ACT == 'denied') {
        header('HTTP/1.0 403 Forbidden');
    }
    unset($evt);
    // when action 'show', the intial not 'show' and POST, do a redirect
    if ($ACT == 'show' && $preact != 'show' && strtolower($_SERVER['REQUEST_METHOD']) == 'post') {
        act_redirect($ID, $preact);
    }
    global $INFO;
    global $conf;
    global $license;
    //call template FIXME: all needed vars available?
    $headers[] = 'Content-Type: text/html; charset=utf-8';
    trigger_event('ACTION_HEADERS_SEND', $headers, 'act_sendheaders');
    include template('main.php');
    // output for the commands is now handled in inc/templates.php
    // in function tpl_content()
}
Exemple #2
0
/**
 * Call the needed action handlers
 *
 * @author Andreas Gohr <*****@*****.**>
 * @triggers ACTION_ACT_PREPROCESS
 * @triggers ACTION_HEADERS_SEND
 */
function act_dispatch()
{
    global $ACT;
    global $ID;
    global $INFO;
    global $QUERY;
    /* @var Input $INPUT */
    global $INPUT;
    global $lang;
    global $conf;
    $preact = $ACT;
    // give plugins an opportunity to process the action
    $evt = new Doku_Event('ACTION_ACT_PREPROCESS', $ACT);
    $headers = array();
    if ($evt->advise_before()) {
        //sanitize $ACT
        $ACT = act_validate($ACT);
        //check if searchword was given - else just show
        $s = cleanID($QUERY);
        if ($ACT == 'search' && empty($s)) {
            $ACT = 'show';
        }
        //login stuff
        if (in_array($ACT, array('login', 'logout'))) {
            $ACT = act_auth($ACT);
        }
        //check if user is asking to (un)subscribe a page
        if ($ACT == 'subscribe') {
            try {
                $ACT = act_subscription($ACT);
            } catch (Exception $e) {
                msg($e->getMessage(), -1);
            }
        }
        //display some info
        if ($ACT == 'check') {
            check();
            $ACT = 'show';
        }
        //check permissions
        $ACT = act_permcheck($ACT);
        //sitemap
        if ($ACT == 'sitemap') {
            act_sitemap($ACT);
        }
        //recent changes
        if ($ACT == 'recent') {
            $show_changes = $INPUT->str('show_changes');
            if (!empty($show_changes)) {
                set_doku_pref('show_changes', $show_changes);
            }
        }
        //diff
        if ($ACT == 'diff') {
            $difftype = $INPUT->str('difftype');
            if (!empty($difftype)) {
                set_doku_pref('difftype', $difftype);
            }
        }
        //register
        if ($ACT == 'register' && $INPUT->post->bool('save') && register()) {
            $ACT = 'login';
        }
        if ($ACT == 'resendpwd' && act_resendpwd()) {
            $ACT = 'login';
        }
        // user profile changes
        if (in_array($ACT, array('profile', 'profile_delete'))) {
            if (!$INPUT->server->str('REMOTE_USER')) {
                $ACT = 'login';
            } else {
                switch ($ACT) {
                    case 'profile':
                        if (updateprofile()) {
                            msg($lang['profchanged'], 1);
                            $ACT = 'show';
                        }
                        break;
                    case 'profile_delete':
                        if (auth_deleteprofile()) {
                            msg($lang['profdeleted'], 1);
                            $ACT = 'show';
                        } else {
                            $ACT = 'profile';
                        }
                        break;
                }
            }
        }
        //revert
        if ($ACT == 'revert') {
            if (checkSecurityToken()) {
                $ACT = act_revert($ACT);
            } else {
                $ACT = 'show';
            }
        }
        //save
        if ($ACT == 'save') {
            if (checkSecurityToken()) {
                $ACT = act_save($ACT);
            } else {
                $ACT = 'preview';
            }
        }
        //cancel conflicting edit
        if ($ACT == 'cancel') {
            $ACT = 'show';
        }
        //draft deletion
        if ($ACT == 'draftdel') {
            $ACT = act_draftdel($ACT);
        }
        //draft saving on preview
        if ($ACT == 'preview') {
            $headers[] = "X-XSS-Protection: 0";
            $ACT = act_draftsave($ACT);
        }
        //edit
        if (in_array($ACT, array('edit', 'preview', 'recover'))) {
            $ACT = act_edit($ACT);
        } else {
            unlock($ID);
            //try to unlock
        }
        //handle export
        if (substr($ACT, 0, 7) == 'export_') {
            $ACT = act_export($ACT);
        }
        //handle admin tasks
        if ($ACT == 'admin') {
            // retrieve admin plugin name from $_REQUEST['page']
            if (($page = $INPUT->str('page', '', true)) != '') {
                /** @var $plugin DokuWiki_Admin_Plugin */
                if ($plugin = plugin_getRequestAdminPlugin()) {
                    $plugin->handle();
                }
            }
        }
        // check permissions again - the action may have changed
        $ACT = act_permcheck($ACT);
    }
    // end event ACTION_ACT_PREPROCESS default action
    $evt->advise_after();
    // Make sure plugs can handle 'denied'
    if ($conf['send404'] && $ACT == 'denied') {
        http_status(403);
    }
    unset($evt);
    // when action 'show', the intial not 'show' and POST, do a redirect
    if ($ACT == 'show' && $preact != 'show' && strtolower($INPUT->server->str('REQUEST_METHOD')) == 'post') {
        act_redirect($ID, $preact);
    }
    global $INFO;
    global $conf;
    global $license;
    //call template FIXME: all needed vars available?
    $headers[] = 'Content-Type: text/html; charset=utf-8';
    trigger_event('ACTION_HEADERS_SEND', $headers, 'act_sendheaders');
    include template('main.php');
    // output for the commands is now handled in inc/templates.php
    // in function tpl_content()
}