public function build($runData) { $pl = $runData->getParameterList(); $threadId = $pl->getParameterValue("threadId"); $site = $runData->getTemp("site"); $db = Database::connection(); $db->begin(); $thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId); if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) { throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread"); } $category = $thread->getForumCategory(); WDPermissionManager::instance()->hasForumPermission('moderate_forum', $runData->getUser(), $category); $runData->contextAdd("thread", $thread); $runData->contextAdd("category", $thread->getForumCategory()); // and select categories to move into too. $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->addOrderDescending("visible"); $c->addOrderAscending("sort_index"); $groups = DB_ForumGroupPeer::instance()->select($c); $res = array(); foreach ($groups as $g) { $c = new Criteria(); $c->add("group_id", $g->getGroupId()); $c->addOrderAscending("sort_index"); $categories = DB_ForumCategoryPeer::instance()->select($c); foreach ($categories as $cat) { $res[] = array('group' => $g, 'category' => $cat); } } $runData->contextAdd("categories", $res); $db->commit(); }
public function build($runData) { $site = $runData->getTemp("site"); $pl = $runData->getParameterList(); $categoryId = $pl->getParameterValue("c"); if ($categoryId == null || !is_numeric($categoryId)) { throw new ProcessException(_("No forum category has been specified.")); } // check for suggested title $sTitle = $pl->getParameterValue("title"); $c = new Criteria(); $c->add("category_id", $categoryId); $c->add("site_id", $site->getSiteId()); $category = DB_ForumCategoryPeer::instance()->selectOne($c); if ($category == null) { throw new ProcessException(_("No forum category has been specified.")); } WDPermissionManager::instance()->hasForumPermission('new_thread', $runData->getUser(), $category); // keep the session - i.e. put an object into session storage not to delete it!!! $runData->sessionAdd("keep", true); $this->category = $category; $runData->contextAdd("category", $category); $userId = $runData->getUserId(); if ($userId == null) { $userString = $runData->createIpString(); $runData->contextAdd("anonymousString", $userString); } if ($sTitle) { $runData->contextAdd("title", $sTitle); } }
public function build($runData) { $pl = $runData->getParameterList(); $threadId = $pl->getParameterValue("threadId"); $site = $runData->getTemp("site"); $user = $runData->getUser(); $db = Database::connection(); $db->begin(); $thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId); if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) { throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread"); } // check if thread blocked if ($thread->getBlocked()) { // check if moderator or admin $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $rel = DB_ModeratorPeer::instance()->selectOne($c); if (!$rel || strpos($rel->getPermissions(), 'f') == false) { $rel = DB_AdminPeer::instance()->selectOne($c); if (!$rel) { throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones.")); } } } $category = $thread->getCategory(); WDPermissionManager::instance()->hasForumPermission('edit_thread', $runData->getUser(), $category, $thread); $runData->contextAdd("thread", $thread); $db->commit(); }
public function build($runData) { $pl = $runData->getParameterList(); $postId = $pl->getParameterValue("postId", "AMODULE"); $user = $runData->getUser(); $site = $runData->getTemp("site"); if ($postId == null || !is_numeric($postId)) { throw new ProcessException(_("No post specified."), "no_post"); } $post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId); if ($post == null || $post->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("No post specified."), "no_post"); } $category = $post->getForumThread()->getCategory(); try { WDPermissionManager::instance()->hasForumPermission('moderate_forum', $runData->getUser(), $category); } catch (Exception $e) { throw new WDPermissionException(_("Sorry, you are not allowed to delete posts. Only site administrators and moderators are the ones who can.")); } // OK for now... //check if there any child posts $c = new Criteria(); $c->add("parent_id", $postId); $chpc = DB_ForumPostPeer::instance()->selectCount($c); if ($chpc > 0) { $runData->contextAdd("hasChildren", true); } $runData->contextAdd("post", $post); $runData->ajaxResponseAdd("postId", $postId); }
public function build($runData) { $user = $runData->getUser(); $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("pageId"); $site = $runData->getTemp("site"); if (!$pageId || !is_numeric($pageId)) { throw new ProcessException(_("The page can not be found or does not exist."), "no_page"); } $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if ($page == null || $page->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("Error getting page information."), "no_page"); } $category = $page->getCategory(); WDPermissionManager::instance()->hasPagePermission('edit', $user, $category, $page); // get the tags now $c = new Criteria(); $c->add("page_id", $pageId); $c->addOrderAscending("tag"); $tags = DB_PageTagPeer::instance()->select($c); $t2 = array(); foreach ($tags as $t) { $t2[] = $t->getTag(); } $t3 = implode(' ', $t2); $runData->contextAdd("tags", $t3); }
public function cloneSiteEvent($runData) { $pl = $runData->getParameterList(); $site = $runData->getTemp("site"); $siteId = $site->getSiteId(); WDPermissionManager::instance()->canBecomeAdmin($runData->getUser()); $name = trim($pl->getParameterValue("name")); $unixName = trim($pl->getParameterValue("unixname")); $tagline = trim($pl->getParameterValue("tagline")); $description = trim($pl->getParameterValue("description")); $private = (bool) $pl->getParameterValue("private"); // validate form data: $errors = array(); if (strlen($name) < 1) { $errors['name'] = _("Site name must be present."); } elseif (strlen8($name) > 30) { $errors['name'] = _("Site name should not be longer than 30 characters."); } // site unix name ************* if ($unixName === null || strlen($unixName) < 3) { $errors['unixname'] = _("Web address must be present and should be at least 3 characters long."); } elseif (strlen($unixName) > 30) { $errors['unixname'] = _("Web address name should not be longer than 30 characters."); } elseif (preg_match("/^[a-z0-9\\-]+\$/", $unixName) == 0) { $errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address.'); } elseif (preg_match("/\\-\\-/", $unixName) !== 0) { $errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address. Double-dash (--) is not allowed.'); } else { $unixName = WDStringUtils::toUnixName($unixName); if (!$runData->getUser()->getSuperAdmin()) { // handle forbidden names $forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_site_names.conf')); foreach ($forbiddenUnixNames as $f) { if (preg_match($f, $unixName) > 0) { $errors['unixname'] = _('For some reason this web address is not allowed or is reserved for future use.'); } } } // check if the domain is not taken. $c = new Criteria(); $c->add("unix_name", $unixName); $ss = DB_SitePeer::instance()->selectOne($c); if ($ss) { $errors['unixname'] = _('Sorry, this web address is already used by another site.'); } } if (strlen8($tagline) > 50) { $errors['tagline'] = _("Tagline should not be longer than 50 characters"); } if (count($errors) > 0) { $runData->ajaxResponseAdd("formErrors", $errors); throw new ProcessException("Form errors", "form_errors"); } // and now... CREATE THE SITE!!!!!!!!!!!!!!!! $siteProps = array('name' => $name, 'subtitle' => $tagline, 'unixname' => $unixName, 'description' => $description, 'private' => $private); $dup = new Duplicator(); $dup->cloneSite($site, $siteProps); }
public function saveEvent($runData) { $site = $runData->getTemp("site"); $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("pageId"); if (!is_numeric($pageId)) { throw new ProcessException(_("Page does not exist.")); } $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if (!$page) { throw new ProcessException(_("Page does not exist.")); } // check permissions $category = $page->getCategory(); WDPermissionManager::instance()->hasPagePermission('edit', $runData->getUser(), $category, $page); $data = $pl->getParameterValue("data"); $json = new JSONService(); $listData = $json->decode($data); //it's time to do some checking $listData->label = trim($listData->label); if (!$listData->label) { throw new ProcessException(_('The SimpleTodo module must have an id (e.g. id="list1").')); } $dataArray['label'] = $listData->label; $listData->title = trim($listData->title); if (!$listData->title) { throw new ProcessException(_('Your title field is empty, please correct that.')); } $dataArray['title'] = $listData->title; for ($i = 0; $i < count($listData->data); $i++) { $listData->data[$i]->text = trim($listData->data[$i]->text); $listData->data[$i]->link = trim($listData->data[$i]->link); if (!is_bool($listData->data[$i]->checked)) { throw new ProcessException(_('Something is wrong witch checkbox (it is not a boolean value).')); } if (empty($listData->data[$i]->text)) { throw new ProcessException(_('One of your text fields is empty, please correct that.')); } $dataArray['data'][$i]['text'] = $listData->data[$i]->text; $dataArray['data'][$i]['link'] = $listData->data[$i]->link; $dataArray['data'][$i]['checked'] = $listData->data[$i]->checked; } $c = new Criteria(); $c->add('label', $listData->label); $c->add('site_id', $site->getSiteId()); $list = DB_SimpletodoListPeer::instance()->selectOne($c); if (!$list) { $list = new DB_SimpletodoList(); $list->setSiteId($site->getSiteId()); $list->setLabel($dataArray['label']); } $list->setTitle($dataArray['title']); $itemData = $json->encode($dataArray['data']); $list->setData($itemData); $list->save(); }
public function isAllowed($runData) { $pl = $runData->getParameterList(); if ($key = $pl->getParameterValue("key")) { if (GlobalProperties::$SECRET_MANAGE_SUPERADMIN == $key) { return true; } } WDPermissionManager::instance()->hasPermission('manage_site', $runData->getUser(), $runData->getTemp("site")); return true; }
/** * Get categories from a site * * Argument array keys: * site: site to get categories from * * @param struct $args * @return struct */ public function categories($args) { $this->parseArgs($args, array("performer", "site")); WDPermissionManager::instance()->canAccessSite($this->performer, $this->site); $c = new Criteria(); $c->add("site_id", $this->site->getSiteId()); $ret = array(); foreach (DB_CategoryPeer::instance()->selectByCriteria($c) as $category) { $ret[] = $this->repr($category); } return $ret; }
public function build($runData) { $users = array(); $c = new Criteria(); $c->add('user_id', '1', '>'); foreach (DB_OzoneUserPeer::instance()->select($c) as $user) { $admin = WDPermissionManager::hasPermission('manage_site', $user, 1) ? 1 : 0; $mod = WDPermissionManager::hasPermission('moderate_site', $user, 1) ? 1 : 0; $users[] = array("nick_name" => $user->getNickName(), "user_id" => $user->getUserId(), "mod" => $mod, "admin" => $admin); } for ($i = 0; $i < 5; $i++) { $users[] = array("user_id" => "new{$i}"); } $runData->contextAdd("users", $users); }
public function build($runData) { $pl = $runData->getParameterList(); $threadId = $pl->getParameterValue("threadId"); $site = $runData->getTemp("site"); $db = Database::connection(); $db->begin(); $thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId); if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) { throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread"); } $category = $thread->getForumCategory(); WDPermissionManager::instance()->hasForumPermission('moderate_forum', $runData->getUser(), $category); $runData->contextAdd("thread", $thread); $db->commit(); }
public function build($runData) { $pageId = $runData->getParameterList()->getParameterValue("page_id"); $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if ($page == null || $page->getSiteId() != $runData->getTemp("site")->getSiteId()) { throw new ProcessException(_("Error getting page information."), "no_page"); } $user = $runData->getUser(); // check permissions now $category = $page->getCategory(); // now check for permissions!!! WDPermissionManager::instance()->hasPagePermission('edit', $user, $category, $page); if ($page->getParentPageId() !== null) { $parentPage = DB_PagePeer::instance()->selectByPrimaryKey($page->getParentPageId()); $runData->contextAdd("parentPageName", $parentPage->getUnixName()); } }
public function build($runData) { $user = $runData->getUser(); if (self::$_counter == 0) { // check permissions $page = $runData->getTemp("page"); if ($page) { $category = $page->getCategory(); //s$runData->getTemp("category"); try { WDPermissionManager::instance()->hasPagePermission('create', $user, $category); self::$_canEdit = true; } catch (Exception $e) { } } } $runData->contextAdd('canEdit', self::$_canEdit); $runData->contextAdd('listCounter', self::$_counter); self::$_counter++; $pl = $runData->getParameterList(); $label = $pl->getParameterValue("id"); $label = trim($label); if (!$label) { throw new ProcessException(_('The SimpleTodo module must have an id.')); } if (!in_array($label, self::$_labelArray)) { array_push(self::$_labelArray, $label); } else { throw new ProcessException(_('The id attribute sholud be unique.')); } $runData->contextAdd("label", $label); $site = $runData->getTemp("site"); $c = new Criteria(); $c->add('label', $label); $c->add('site_id', $site->getSiteId()); $list = DB_SimpletodoListPeer::instance()->selectOne($c); if ($list) { $json = new JSONService(); $listData = $json->decode($list->getData()); $runData->contextAdd("title", $list->getTitle()); $runData->contextAdd("data", $listData); } }
public function build($runData) { $pl = $runData->getParameterList(); $fileId = $pl->getParameterValue("file_id"); $file = DB_FilePeer::instance()->selectByPrimaryKey($fileId); if ($file == null || $file->getSiteId() != $runData->getTemp("site")->getSiteId()) { throw new ProcessException(_("Error getting file information."), "no_file"); } $page = DB_PagePeer::instance()->selectByPrimaryKey($file->getPageId()); if ($page == null || $page->getSiteId() != $runData->getTemp("site")->getSiteId()) { throw new ProcessException(_("Error getting file information."), "no_page"); } // check permissions $category = $page->getCategory(); // now check for permissions!!! $user = $runData->getUser(); WDPermissionManager::instance()->hasPagePermission('rename_file', $user, $category); $runData->contextAdd("file", $file); }
public function sendEvent($runData) { $pl = $runData->getParameterList(); $source = $pl->getParameterValue("source"); $subject = $pl->getParameterValue("subject"); if ($subject == null || $subject === '') { $subject = "(No subject)"; } $db = Database::connection(); $db->begin(); $toUserId = $pl->getParameterValue("to_user_id"); // TODO: validation. also check if user exists $toUser = DB_OzoneUserPeer::instance()->selectByPrimaryKey($toUserId); if ($toUser == null) { $message = _("The recipient does not exist."); throw new ProcessException($message, "no_recipient"); } // check if allowed $fromUser = $runData->getUser(); WDPermissionManager::instance()->hasPmPermission($fromUser, $toUser); // compile content $wt = new WikiTransformation(); $wt->setMode('pm'); $body = $wt->processSource($source); $message = new DB_PrivateMessage(); $message->setDate(new ODate()); $message->setFromUserId($runData->getUserId()); $message->setToUserId($toUserId); $message->setSubject($subject); $message->setBody($body); $message->setFlag(0); // 0 for inbox $message->save(); NotificationMaker::instance()->privateMessageNotification($message); //also make a copy for "sent" folder $message->setNew(true); $message->setMessageId(null); $message->setFlag(1); //1 for sent $message->save(); $db->commit(); }
public function build($runData) { $pl = $runData->getParameterList(); $postId = $pl->getParameterValue("postId", "AMODULE"); $user = $runData->getUser(); $site = $runData->getTemp("site"); if ($postId == null || !is_numeric($postId)) { throw new ProcessException(_("No post specified."), "no_post"); } $post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId); if ($post == null || $post->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("No post specified."), "no_post"); } $category = $post->getForumThread()->getCategory(); WDPermissionManager::instance()->hasForumPermission('edit_post', $runData->getUser(), $category, null, $post); // check if thread blocked $thread = $post->getForumThread(); if ($thread->getBlocked()) { // check if moderator or admin $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $rel = DB_ModeratorPeer::instance()->selectOne($c); if (!$rel || strpos($rel->getPermissions(), 'f') == false) { $rel = DB_AdminPeer::instance()->selectOne($c); if (!$rel) { throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones.")); } } } // OK for now... // keep the session - i.e. put an object into session storage not to delete it!!! $runData->sessionAdd("keep", true); $runData->contextAdd("post", $post); $runData->ajaxResponseAdd("postId", $postId); $userId = $runData->getUserId(); if ($userId == null) { $userString = $runData->createIpString(); $runData->contextAdd("anonymousString", $userString); } }
public function build($runData) { $site = $runData->getTemp("site"); $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("pageId"); $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if ($page == null || $page->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("Problem selecting destination page."), "no_page"); } $category = $page->getCategory(); // now check for permissions!!! $user = $runData->getUser(); WDPermissionManager::instance()->hasPagePermission('attach_file', $user, $category, $page); $totalSize = FileHelper::totalSiteFilesSize($site->getSiteId()); $allowed = $site->getSettings()->getFileStorageSize(); $maxUpload = min($allowed - $totalSize, $site->getSettings()->getMaxUploadFileSize()); $runData->contextAdd("totalSiteSize", FileHelper::formatSize($totalSize)); $runData->contextAdd("totalSiteAllowedSize", FileHelper::formatSize($allowed)); $runData->contextAdd("availableSiteSize", FileHelper::formatSize($allowed - $totalSize)); $runData->contextAdd("maxUpload", $maxUpload); $runData->contextAdd("maxUploadString", FileHelper::formatSize($maxUpload)); }
public function build($runData) { // only check for permissions $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("pageId"); $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if ($page == null || $page->getSiteId() != $runData->getTemp("site")->getSiteId()) { throw new ProcessException(_("Error getting page information."), "no_page"); } $delete = $pl->getParameterValue("delete"); $user = $runData->getUser(); if ($delete) { $newName = 'deleted:' . $page->getUnixName(); $runData->contextAdd("delete", true); } else { $newName = $page->getUnixName(); } $category = $page->getCategory(); $runData->contextAdd("page", $page); $runData->contextAdd("newName", $newName); // now check for permissions!!! WDPermissionManager::instance()->hasPagePermission('move', $user, $category, $page); $canDelete = true; try { WDPermissionManager::instance()->hasPagePermission('delete', $user, $category, $page); } catch (Exception $e) { $canDelete = false; } $runData->contextAdd("canDelete", $canDelete); // check if belongs to a special category... $categoryName = $category->getName(); if ($categoryName == "forum") { $runData->contextAdd("isForum", true); } if ($categoryName == "admin") { $runData->contextAdd("isAdmin", true); } }
public function createSiteEvent($runData) { WDPermissionManager::instance()->canBecomeAdmin($runData->getUser()); $pl = $runData->getParameterList(); $name = trim($pl->getParameterValue("name")); $unixName = trim($pl->getParameterValue("unixname")); $tagline = trim($pl->getParameterValue("tagline")); $templateId = $pl->getParameterValue("template"); $private = (bool) $pl->getParameterValue("private"); // validate form data: $errors = array(); if (strlen($name) < 1) { $errors['name'] = _("Site name must be present."); } elseif (strlen8($name) > 30) { $errors['name'] = _("Site name should not be longer than 30 characters."); } // site unix name ************* if ($unixName === null || strlen($unixName) < 3) { $errors['unixname'] = _("Web address must be present and should be at least 3 characters long."); } elseif (strlen($unixName) > 30) { $errors['unixname'] = _("Web address name should not be longer than 30 characters."); } elseif (preg_match("/^[a-z0-9\\-]+\$/", $unixName) == 0) { $errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address.'); } elseif (preg_match("/\\-\\-/", $unixName) !== 0) { $errors['unixname'] = _('Only lowercase alphanumeric and "-" (dash) characters allowed in the web address. Double-dash (--) is not allowed.'); } else { $unixName = WDStringUtils::toUnixName($unixName); if (!$runData->getUser()->getSuperAdmin()) { // handle forbidden names $forbiddenUnixNames = explode("\n", file_get_contents(WIKIDOT_ROOT . '/conf/forbidden_site_names.conf')); foreach ($forbiddenUnixNames as $f) { if (preg_match($f, $unixName) > 0) { $errors['unixname'] = _('For some reason this web address is not allowed or is reserved for future use.'); } } } // check if the domain is not taken. $c = new Criteria(); $c->add("unix_name", $unixName); $ss = DB_SitePeer::instance()->selectOne($c); if ($ss) { $errors['unixname'] = _('Sorry, this web address is already used by another site.'); } } // template if (!$templateId) { $errors['template'] = _('Please choose a template for your site'); } if (strlen8($tagline) > 50) { $errors['tagline'] = _("Tagline should not be longer than 50 characters"); } // TOS if (!$pl->getParameterValue("tos")) { $errors['tos'] = _("Please read and agree to the Terms of Service."); } if (count($errors) > 0) { $runData->ajaxResponseAdd("formErrors", $errors); throw new ProcessException("Form errors", "form_errors"); } // and now... CREATE THE SITE!!!!!!!!!!!!!!!! $dup = new Duplicator(); $dup->setOwner($runData->getUser()); $db = Database::connection(); $db->begin(); $templateSite = DB_SitePeer::instance()->selectByPrimaryKey($templateId); if (!preg_match(';^template\\-;', $templateSite->getUnixName())) { throw new ProcessException('Error'); } $site = new DB_Site(); $site->setName($name); $site->setSubtitle($tagline); $site->setUnixName($unixName); $site->setLanguage($templateSite->getLanguage()); $site->setDateCreated(new ODate()); $site->setPrivate($private); if ($private) { // change file flag too $flagDir = WIKIDOT_ROOT . '/web/files--sites/' . $site->getUnixName() . '/flags'; $flagFile = $flagDir . '/private'; mkdirfull($flagDir); //just to make sure if (!file_exists($flagFile)) { file_put_contents($flagFile, "private"); } } $site->save(); $dup->addExcludedCategory("forum"); // should be initialized independently $dup->addExcludedCategory("profile"); $dup->duplicateSite($templateSite, $site); // index the site too $ind = Indexer::instance(); $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $pages = DB_PagePeer::instance()->select($c); foreach ($pages as $p) { $ind->indexPage($p); } $db->commit(); // clear captcha code $runData->sessionDel("captchaCode"); $runData->ajaxResponseAdd("siteUnixName", $unixName); }
public function applyByPasswordEvent($runData) { $site = $runData->getTemp("site"); $pl = $runData->getParameterList(); $comment = $pl->getParameterValue("comment"); $userId = $runData->getUserId(); $settings = $site->getSettings(); $db = Database::connection(); $db->begin(); if (!$settings->getAllowMembershipByPassword()) { throw new ProcessException(_("Applying is disabled for this site."), "not_enabled"); } $user = $runData->getUser(); if ($user == null) { throw new ProcessException(_("Sorry, you are not logged in. Anonymous users can not apply ;-)")); } // check for permissions WDPermissionManager::instance()->hasPermission("become_member", $user, $site); $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $userId); $a = DB_MemberPeer::instance()->selectOne($c); if ($a != null) { $runData->ajaxResponseAdd('status', 'already_member'); $runData->ajaxResponseAdd("message", _("You already are a member of this site.")); $db->commit(); return; } $password = $pl->getParameterValue("password"); if ($password === $settings->getMembershipPassword()) { // create member... // check if not >=10 members if ($site->getPrivate()) { $settings = $site->getSettings(); $maxMembers = $settings->getMaxPrivateMembers(); $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $cmem = DB_MemberPeer::instance()->selectCount($c); if ($cmem >= $maxMembers) { throw new ProcessException(sprintf(_('Sorry, at the moment max %d member limit apply for private Wikis. The Site would have to be upgraded to allow more members.'), $maxMembers)); } } $mem = new DB_Member(); $mem->setUserId($userId); $mem->setSiteId($site->getSiteId()); $mem->setDateJoined(new ODate()); $mem->save(); $ml = new DB_MembershipLink(); $ml->setUserId($userId); $ml->setSiteId($site->getSiteId()); $ml->setDate(new ODate()); $ml->setType('BY_PASSWORD'); $ml->save(); $runData->ajaxResponseAdd("message", _("Congratulations! You are now a member of this site!")); // remove application (if any) and invitations $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $userId); DB_MemberApplicationPeer::instance()->delete($c); DB_MemberInvitationPeer::instance()->delete($c); AdminNotificationMaker::instance()->newMemberByPassword($site, $user); } else { $runData->ajaxResponseAdd('status', 'wrong_password'); $runData->ajaxResponseAdd("message", _("Sorry, wrong password...")); $db->commit(); return; } $db->commit(); }
public function build($runData) { $pl = $runData->getParameterList(); $postId = $pl->getParameterValue("postId"); $threadId = $pl->getParameterValue("threadId"); $user = $runData->getUser(); $site = $runData->getTemp("site"); $title = ''; $db = Database::connection(); $db->begin(); $thread = DB_ForumThreadPeer::instance()->selectByPrimaryKey($threadId); if ($thread == null || $thread->getSiteId() !== $site->getSiteId()) { throw new ProcessException(_("No thread found... Is it deleted?"), "no_thread"); } // check if thread blocked if ($thread->getBlocked()) { // check if moderator or admin if ($runData->getUser()) { $c = new Criteria(); $c->add("site_id", $site->getSiteId()); $c->add("user_id", $user->getUserId()); $rel = DB_ModeratorPeer::instance()->selectOne($c); } if (!$rel || strpos($rel->getPermissions(), 'f') == false) { $rel = DB_AdminPeer::instance()->selectOne($c); if (!$rel) { throw new WDPermissionException(_("Sorry, this thread is blocked. Nobody can add new posts nor edit existing ones.")); } } } // now check if user is allowed $category = $thread->getCategory(); WDPermissionManager::instance()->hasForumPermission('new_post', $runData->getUser(), $category); if ($postId !== null && is_numeric($postId)) { $post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId); if ($post == null || $post->getThreadId() !== $thread->getThreadId()) { throw new ProcessException(_("Original post does not exist! Please reload the page to make it up-to-date."), "no_post"); } // try to determine true parent id based on the nesting level. // TODO! $maxNest = $thread->getForumCategory()->getEffectiveMaxNestLevel(); // now check the nest level of the post... woooo... $parentId6 = $post->getParentId(); $nestLevel6 = 0; $parents = array(); while ($parentId6 != null) { $parent6 = DB_ForumPostPeer::instance()->selectByPrimaryKey($parentId6); $parents[] = $parent6; $parentId6 = $parent6->getParentId(); $nestLevel6++; } if ($nestLevel6 >= $maxNest) { // change parent id to the maxNest-1 in the chain $parent = $parents[$nestLevel6 - ($maxNest - 1) - 1]; if ($parent) { $parentId = $parent->getPostId(); $parentChanged = true; } } else { $parentId = $post->getPostId(); } $title = preg_replace('/^Re:\\s?/', '', $post->getTitle()); $title = 'Re: ' . $title; } else { // only if NOT a page discussion if ($thread->getPageId() == null) { $title = 'Re: ' . $thread->getTitle(); } } $runData->contextAdd("thread", $thread); if ($parentId) { $runData->ajaxResponseAdd("parentId", $parentId); $runData->contextAdd("parentId", $parentId); if ($parentChanged) { $runData->ajaxResponseAdd("parentChanged", true); } } $runData->contextAdd("title", $title); // keep the session - i.e. put an object into session storage not to delete it!!! $runData->sessionAdd("keep", true); $userId = $runData->getUserId(); if ($userId == null) { $userString = $runData->createIpString(); $runData->contextAdd("anonymousString", $userString); } $db->commit(); }
public function save($args) { $db = Database::connection(); $db->begin(); // simple argument checking if (!isset($args['page'])) { throw new Wikidot_Facade_Exception_WrongArguments("Page argument must be passed"); } $pm = new WDPermissionManager(); $now = new ODate(); // page (existant or not) name $arg_page = WDStringUtils::toUnixName($args['page']); // parse the rest (beside page name) unset($args['page']); $this->parseArgs($args, array("performer", "site")); try { // parse page name to figure out if it points to an existant page $page = $this->_parsePage($this->site, $arg_page); $new = false; // check permissions to edit the page $pm->hasPagePermission('edit', $this->performer, $page->getCategory(), $page); } catch (Wikidot_Facade_Exception_WrongArguments $e) { if ($this->source === null) { $this->source = ""; } if ($this->title === null) { $this->title = $arg_page; } $new = true; $category_name = preg_replace('/^([^:]*):.*$/', '\\1', $arg_page); if ($category_name == $arg_page) { $category_name = '_default'; } $category = $this->_getOrCreateCategory($this->site, $category_name); $page = new DB_Page(); $page->setSiteId($this->site->getSiteId()); $page->setCategoryId($category->getCategoryId()); $page->setUnixName($arg_page); $page->setDateCreated(new ODate()); $page->setOwnerUserId($this->performer->getUserId()); $page->save(); $compiled = new DB_PageCompiled(); $compiled->setPageId($page->getPageId()); $compiled->save(); } // get current revision and metadata if (!$new) { $cur_rev = $page->getCurrentRevision(); $cur_meta = $cur_rev->getMetadata(); } // construct new metadata if ($new) { $new_meta = new DB_PageMetadata(); $new_meta->setUnixName($arg_page); $new_meta->setOwnerUserId($this->performer->getUserId()); } else { $new_meta = clone $cur_meta; $new_meta->setNew(true); $new_meta->setMetadataId(null); } // construct new revision $new_rev = new DB_PageRevision(); $new_rev->setSiteId($this->site->getSiteId()); $new_rev->setPageId($page->getPageId()); $new_rev->setUserId($this->performer->getUserId()); $new_rev->setDateLastEdited($now); if ($new) { $new_rev->setRevisionNumber(0); } else { $new_rev->setRevisionNumber($cur_rev->getRevisionNumber() + 1); } $src_changed = false; $title_changed = false; $parent_changed = false; $tags_changed = false; // handle source change if ($new || $this->source !== null && $page->getSource() != $this->source) { $new_src = new DB_PageSource(); $new_src->setText($this->source); $new_src->save(); $new_rev->setSourceId($new_src->getSourceId()); $src_changed = true; } else { $new_rev->setSourceId($cur_rev->getSourceId()); $new_rev->setSinceFullSource($cur_rev->getSinceFullSource()); $new_rev->setDiffSource($cur_rev->getDiffSource()); } // handle tags change if ($this->tags) { $new_tags = $this->tags; $cur_tags = $page->getTagsAsArray(); sort($cur_tags); sort($new_tags); if ($cur_tags != $new_tags) { $tags_changed = true; $tags_deleted = array(); $tags_added = array(); foreach ($cur_tags as $tag) { if (!in_array($tag, $new_tags)) { $c = new Criteria(); $c->add('page_id', $page->getPageId()); $c->add('tag', $tag); if ($t = DB_PageTagPeer::instance()->selectOne($c)) { $t->delete(); $tags_deleted[] = $tag; } } } foreach ($new_tags as $tag) { if (!in_array($tag, $cur_tags)) { $t = new DB_PageTag(); $t->getPageId($page->getPageId()); $t->setSiteId($this->site->getSiteId()); $t->setTag($tag); $t->save(); $tags_added[] = $tag; } } } } // handle metadata: title change if ($new || $this->title !== null && $cur_meta->getTitle() != $this->title) { $new_meta->setTitle($this->title); $page->setTitle($this->title); $title_changed = true; } // handle metadata: parent page change if ($this->parent_page) { if (!$cur_meta->getParentPageId() || $cur_meta->getParentPageId() != $this->parent_page->getPageId()) { $new_meta->setParentPageId($this->parent_page->getPageId()); $parent_changed = true; } } if ($this->clear_parent_page && $page->getParentPageId()) { $new_meta->setParentPageId(null); $parent_changed = true; } $meta_changed = $title_changed || $parent_changed; // decide whether to use previous metadata or create a new object if ($meta_changed) { $new_meta->save(); $new_rev->setMetadataId($new_meta->getMetadataId()); } else { $new_rev->setMetadataId($cur_meta->getMetadataId()); } // set flag on revision if ($new) { $new_rev->setFlagNew(true); } else { if ($src_changed) { $new_rev->setFlagText(true); } if ($title_changed) { $new_rev->setFlagTitle(true); } if ($parent_changed) { $new_rev->setFlagMeta(true); } } if ($src_changed || $meta_changed || $tags_changed) { $new_rev->save(); $page->setSourceId($new_rev->getSourceId()); $page->setDateLastEdited($now); $page->setMetadataId($new_rev->getMetadataId()); $page->setRevisionNumber($new_rev->getRevisionNumber()); $page->setRevisionId($new_rev->getRevisionId()); $page->save(); $db->commit(); $GLOBALS['site'] = $this->site; $outdater = new Outdater(); if ($src_changed) { $outdater->pageEvent("source_changed", $page); } if ($title_changed) { $outdater->pageEvent("title_changed", $page); } if ($parent_changed) { $outdater->pageEvent("parent_changed", $page); } if ($tags_changed) { $outdater->pageEvent("tag_changed", $page); } } else { /* This place is reached when API client tries to set source or * title or parent page or tags that are already set (in the DB) * to the same value. * * Let's suppose doing nothing is the desired behavior in this case * * Other possible way to react can be raising an exception. * But it should be different from Wikidot_Facade_Exception_WrongArguments * because this one implies client error (and client does not need * to know the exact database state). */ } }
public function deletePostEvent($runData) { $pl = $runData->getParameterList(); $site = $runData->getTemp("site"); $postId = $pl->getParameterValue("postId"); if ($postId == null || !is_numeric($postId)) { throw new ProcessException(_("No such post."), "no_post"); } $db = Database::connection(); $db->begin(); $post = DB_ForumPostPeer::instance()->selectByPrimaryKey($postId); if ($post == null || $post->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("No such post."), "no_post"); } $thread = $post->getForumThread(); $category = $thread->getForumCategory(); try { WDPermissionManager::instance()->hasForumPermission('moderate_forum', $runData->getUser(), $category); } catch (Exception $e) { throw new WDPermissionException(_("Sorry, you are not allowed to delete posts. Only site administrators and moderators are the ones who can.")); } $c = new Criteria(); $c->add("parent_id", $postId); $toDelete = array(); $chposts = DB_ForumPostPeer::instance()->select($c); while ($chposts && count($chposts) > 0) { $toDelete = array_merge($toDelete, $chposts); $c = new Criteria(); foreach ($chposts as $f) { $c->addOr("parent_id", $f->getPostId()); } $chposts = DB_ForumPostPeer::instance()->select($c); } DB_ForumPostPeer::instance()->deleteByPrimaryKey($post->getPostId()); foreach ($toDelete as $f) { DB_ForumPostPeer::instance()->deleteByPrimaryKey($f->getPostId()); } // now recalculate a few things... $thread->calculateNumberPosts(); $thread->findLastPost(); $thread->save(); $category->calculateNumberPosts(); $category->findLastPost(); $category->save(); // outdate $o = new Outdater(); $o->forumEvent("thread_save", $thread); // index thread Indexer::instance()->indexThread($thread); EventLogger::instance()->logPostDelete($thread, $post->getTitle()); $db->commit(); if (GlobalProperties::$UI_SLEEP) { sleep(1); } }
public function __construct() { self::$pageActionsDesc = array('view' => _('view this page'), 'edit' => _('edit this page'), 'create' => _('create a new page in this category'), 'move' => _('move this page'), 'delete' => _('delete this page'), 'attach_file' => _('attach a new file to this page'), 'rename_file' => _('rename file attachment in this page'), 'replace_file' => _('replace existing file attachment in this page'), 'move_file' => _('move file attachment to another page'), 'delete_file' => _('delete file in this page'), 'options' => _('what????')); self::$forumActionsDesc = array('new_thread' => _('start new discussion thread'), 'new_post' => _('add new post in this thread'), 'edit_post' => _('edit a post in this thread'), 'edit_thread' => _('edit this thread'), 'split' => 's', 'moderate_forum' => _('perform this action')); self::$userClassesDesc = array('anonymous' => _('anonymous users'), 'registered' => _('<a href="http://www.wikidot.com">Wikidot.com</a> registered users'), 'member' => _('members of this site'), 'owner' => _('owner (creator) of this page')); }
public function saveEvent($runData) { $params = $runData->getParameterList()->asArray(); $ids = array(); foreach ($params as $param_key => $param_val) { $m = array(); if (preg_match(';^nick_name_([new0-9]+)$;', $param_key, $m)) { $ids[] = $m[1]; } } foreach ($ids as $id) { $nick_name = $params["nick_name_{$id}"]; $password = $params["password_{$id}"]; $admin = $params["admin_{$id}"] ? true : false; $mod = $params["mod_{$id}"] ? true : false; $site = $runData->getTemp('site'); if ($nick_name) { if ($id = 1 * $id) { $u = DB_OzoneUserPeer::instance()->selectByPrimaryKey($id); } else { $u = null; } $next = false; if (!$u) { $u = new DB_OzoneUser(); if (!$password) { $next = true; } $u->save(); $m = new DB_Member(); $m->setUserId($u->getUserId()); $m->setSiteId($site->getSiteId()); $m->save(); } if (!$next) { $u->setName($nick_name); $u->setEmail($nick_name); $u->setNickName($nick_name); $u->setUnixName(WDStringUtils::toUnixName($nick_name)); if ($password) { $u->setPassword(md5($password)); } $u->save(); if ($admin) { if (!WDPermissionManager::hasPermission('manage_site', $u, $site)) { $a = new DB_Admin(); $a->setUserId($u->getUserId()); $a->setSiteId($site->getSiteId()); $a->save(); } } else { // ! $admin $c = new Criteria(); $c->add('site_id', $site->getSiteId()); $c->add('user_id', $u->getUserId()); DB_AdminPeer::instance()->delete($c); } if ($mod) { if (!WDPermissionManager::hasPermission('moderate_site', $u, $site)) { $m = new DB_Moderator(); $m->setUserId($u->getUserId()); $m->setSiteId($site->getSiteId()); $m->save(); } } else { // ! $mod $c = new Criteria(); $c->add('site_id', $site->getSiteId()); $c->add('user_id', $u->getUserId()); DB_ModeratorPeer::instance()->delete($c); } } } } }
public function isAllowed($runData) { WDPermissionManager::instance()->hasPermission('manage_site', $runData->getUser(), $runData->getTemp("site")); return true; }
public function deletePageEvent($runData) { $pl = $runData->getParameterList(); $pageId = $pl->getParameterValue("page_id"); $site = $runData->getTemp("site"); $db = Database::connection(); $db->begin(); $c = new Criteria(); $c->add("page_id", $pageId); $c->setForUpdate(true); $page = DB_PagePeer::instance()->selectOne($c); if ($page == null || $page->getSiteId() != $site->getSiteId()) { throw new ProcessException(_("Error getting page information."), "no_page"); } $user = $runData->getUser(); $category = $page->getCategory(); WDPermissionManager::instance()->hasPagePermission('delete', $user, $category, $page); // ok, delete... sad but true. $deleter = Deleter::instance(); $deleter->deletePage($page, $site); $db->commit(); if (GlobalProperties::$UI_SLEEP) { sleep(1); } }
public function render($runData) { // quickly check - show or not. $pl = $runData->getParameterList(); $pageName = $runData->getTemp("pageUnixName"); $page = $runData->getTemp("page"); //$pl->getParameterValue("page", "MODULE"); // get category name and get the category by name. // this should be enchanced to use memcache later // to get category to avoid db connection. // extract category name if (strpos($pageName, ':') != false) { // ok, there is category! $exp = explode(':', $pageName); $categoryName = $exp[0]; } else { $categoryName = "_default"; } $site = $runData->getTemp("site"); $category = DB_CategoryPeer::instance()->selectByName($categoryName, $site->getSiteId()); $user = $runData->getUser(); $pm = new WDPermissionManager(); $pm->setThrowExceptions(false); $pm->setCheckIpBlocks(false); // to avoid database connection. if (!$pm->hasPagePermission('options', $user, $category, $pageName, $site)) { return ''; } $showDiscuss = $pl->getParameterValue("showDiscuss"); if ($showDiscuss) { $threadId = $pl->getParameterValue("threadId"); $pageUnixName = $pl->getParameterValue("pageUnixName"); } $showRate = $category->getRatingEnabledEff(); // now a nasty part - make it inline such that // the Smarty engine does need to be initialized. // nasty way but saves a LOT of time with caching enabled. $otext = ''; if ($page) { $otext .= '<div id="page-info">' . _('page_revision') . ': ' . $page->getRevisionNumber() . ', ' . _('last_edited') . ': <span class="odate">' . $page->getDateLastEdited()->getTimestamp() . '|%e %b %Y, %H:%M %Z (%O ' . _('ago') . ')</span>' . '</div>'; } $otext .= ' <div id="page-options-bottom" class="page-options-bottom"> <a href="javascript:;" id="edit-button">' . _('edit') . '</a>'; if ($showRate && $page) { $otext .= '<a href="javascript:;" id="pagerate-button">' . _('rate') . ' (<span id="prw54355">' . ($page->getRate() > 0 ? '+' : '') . $page->getRate() . '</span>)</a>'; } $otext .= '<a href="javascript:;" id="tags-button">' . _('tags') . '</a>'; if ($showDiscuss && $page) { if ($threadId) { $no = $page->getTemp("numberPosts"); $otext .= '<a href="/forum/t-' . $threadId . '/' . $pageUnixName . '" id="discuss-button">' . _('discuss') . ' (' . $no . ')</a>'; } else { $otext .= '<a href="javascript:;" id="discuss-button" onclick="WIKIDOT.page.listeners.createPageDiscussion(event)">' . _('discuss') . '</a> '; } } $otext .= ' <a href="javascript:;" id="history-button">' . _('history') . '</a> <a href="javascript:;" id="files-button">' . _('files') . '</a> ' . '<a href="javascript:;" id="print-button">' . _('print') . '</a> ' . '<a href="javascript:;" id="site-tools-button">' . _('site tools') . '</a>'; if ($site->getPrivate()) { } $otext .= '<a href="javascript:;" id="more-options-button">+ ' . _('options') . '</a> </div> <div id="page-options-bottom-2" class="page-options-bottom" style="display:none"> <a href="javascript:;" id="edit-sections-button">' . _('edit sections') . '</a> <a href="javascript:;" id="edit-append-button">' . _('append') . '</a> <a href="javascript:;" id="backlinks-button">' . _('backlinks') . '</a> <a href="javascript:;" id="view-source-button">' . _('view source') . '</a> <a href="javascript:;" id="parent-page-button">' . _('parent') . '</a> <a href="javascript:;" id="page-block-button">' . _('block') . '</a> <a href="javascript:;" id="rename-move-button">' . _('rename') . '</a> <a href="javascript:;" id="delete-button">' . _('delete') . '</a> </div> <div id="page-options-area-bottom"> </div> '; return $otext; }
public function toAdminsEvent($runData) { $userId = $runData->getParameterList()->getParameterValue("user_id"); $siteId = $runData->getTemp("site")->getSiteId(); $site = $runData->getTemp("site"); $db = Database::connection(); $db->begin(); $user = DB_OzoneUserPeer::instance()->selectByPrimaryKey($userId); if ($user == null) { $runData->ajaxResponseAdd("status", "no_user"); $runData->ajaxResponseAdd("message", _("The user does not exist? This should not happen.")); $db->commit(); return; } // check if a member $c = new Criteria(); $c->add("user_id", $userId); $c->add("site_id", $siteId); $mem = DB_MemberPeer::instance()->selectOne($c); if ($mem == null) { $runData->ajaxResponseAdd("status", "not_member"); $runData->ajaxResponseAdd("message", _("The user is not a member of this site (anymore).")); $db->commit(); return; } // check if not already a moderator $mod = DB_ModeratorPeer::instance()->selectOne($c); if ($mod != null) { $runData->ajaxResponseAdd("status", "already_moderator"); $runData->ajaxResponseAdd("message", _("The user is already a moderator of this site.")); $db->commit(); return; } // check if not already an admin. The roles should not duplicate. $mod = DB_AdminPeer::instance()->selectOne($c); if ($mod != null) { $runData->ajaxResponseAdd("status", "already_admin"); $runData->ajaxResponseAdd("message", _("The user is already an administrator of this site.")); $db->commit(); return; } WDPermissionManager::instance()->canBecomeAdmin($user); // ok, add now! $mod = new DB_Admin(); $mod->setSiteId($siteId); $mod->setUserId($userId); $mod->save(); // and create a notification too... NotificationMaker::instance()->addedToAdmins($site, $user); $runData->ajaxResponseAdd("userName", $user->getNickName()); $db->commit(); }
public function build($runData) { $pl = $runData->getParameterList(); $site = $runData->getTemp("site"); $pageId = $pl->getParameterValue("page_id"); $mode = $pl->getParameterValue("mode"); $runData->ajaxResponseAdd("mode", $mode); $user = $runData->getUser(); $userId = $runData->getUserId(); if ($userId == null) { $userString = $runData->createIpString(); $runData->contextAdd("anonymousString", $userString); } $db = Database::connection(); $db->begin(); if ($pageId === null || $pageId === '') { // means probably creating a new page // no context is needed $runData->sessionStart(); $mode = "page"; $runData->contextAdd("mode", $mode); $runData->contextAdd("newPage", true); // first create if a page not already exists! $unixName = $pl->getParameterValue("wiki_page"); $unixName = WDStringUtils::toUnixName($unixName); // purify! (for sure) if (!$unixName) { throw new ProcessException(_("The page can not be found or does not exist."), "no_page"); } $page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $unixName); if ($page != null) { // page exists!!! error! throw new ProcessException(_("The page you want to create already exists. Please refresh the page in your browser to see it.")); /* $runData->ajaxResponseAdd("pageExists", true); $runData->ajaxResponseAdd("locked", true); //well, it is somehow locked... $runData->setModuleTemplate("edit/NewPageExistsWinModule"); $db->commit(); return; */ } // extract category name if (strpos($unixName, ':') != false) { // ok, there is category! $exp = explode(':', $unixName); $categoryName = $exp[0]; $suggestedTitle = ucwords(str_replace("-", " ", $exp[1])); } else { // no category name, "_default" assumed $categoryName = "_default"; $suggestedTitle = ucwords(str_replace("-", " ", $unixName)); } $stitle = $pl->getParameterValue("title"); if ($stitle) { $suggestedTitle = $stitle; } $category = DB_CategoryPeer::instance()->selectByName($categoryName, $site->getSiteId()); if ($category == null) { // get the default! //$category = DB_CategoryPeer::instance()->selectByName('_default', $site->getSiteId()); $category = $this->createTempCategory($categoryName, $site); } // now check for permissions!!! WDPermissionManager::instance()->hasPagePermission('create', $user, $category); $autoincrement = false; if (preg_match(';^([a-z0-9]+:)?' . self::$AUTOINCREMENT_PAGE . '$;', $unixName)) { $autoincrement = true; } if (!$autoincrement) { $lock = new DB_PageEditLock(); $lock->setPageUnixName($unixName); $lock->setSiteId($site->getSiteId()); $lock->setUserId($runData->getUserId()); $lock->setUserString($runData->getSession()->getIpAddress()); $lock->setDateStarted(new ODate()); $lock->setDateLastAccessed(new ODate()); $lock->setMode("page"); if ($pl->getParameterValue("force_lock") != null) { $lock->deleteConflicts(); } else { // check for conflicts $conflicts = $lock->getConflicts(); if ($conflicts != null) { $runData->ajaxResponseAdd("locked", true); $runData->setModuleTemplate("edit/NewPageLockedWinModule"); $runData->contextAdd("locks", $conflicts); return; } } $secret = md5(time() . rand(1000, 9999)); $lock->setSecret($secret); $lock->setSessionId($runData->getSession()->getSessionId()); $lock->save(); $runData->ajaxResponseAdd('lock_id', $lock->getLockId()); $runData->ajaxResponseAdd('lock_secret', $secret); } else { $runData->contextAdd('disableLocks', true); $runData->ajaxResponseAdd('disableLocks', true); } $runData->contextAdd("title", $suggestedTitle); /* Select available templates, but only if the category does not have a live template. */ $templatePage = $category->getTemplatePage(); if ($templatePage && ($form = Wikidot_Form::fromSource($templatePage->getSource()))) { $runData->contextAdd("form", new Wikidot_Form_Renderer($form)); } elseif (!$templatePage || !preg_match(';^={4,}$;sm', $templatePage->getSource())) { $templatesCategory = DB_CategoryPeer::instance()->selectByName("template", $site->getSiteId()); if ($templatesCategory != null) { $c = new Criteria(); $c->add("category_id", $templatesCategory->getCategoryId()); $c->addOrderAscending("title"); $templates = DB_PagePeer::instance()->select($c); $runData->contextAdd("templates", $templates); } // check if there is a default template... if ($category != null) { if ($category->getTemplateId() != null) { $runData->contextAdd("templateId", $category->getTemplateId()); } } } else { /* Has default template, try to populate the edit box with initial content. */ $templateSource = $templatePage->getSource(); $split = preg_split(';^={4,}$;sm', $templateSource); if (count($split) >= 2) { /* Fine, there is some initial content. */ $templateSource = trim(preg_replace(";^.*?\n={4,};s", '', $templateSource)); } else { $templateSource = ''; } $runData->contextAdd('source', $templateSource); } $db->commit(); return; } // now if editing an existing page... if (!$pageId || !is_numeric($pageId)) { throw new ProcessException(_("The page can not be found or does not exist."), "no_page"); } $page = DB_PagePeer::instance()->selectByPrimaryKey($pageId); if (!$page || $page->getSiteId() !== $site->getSiteId()) { throw new ProcessException(_("The page can not be found or does not exist."), "no_page"); } $category = $page->getCategory(); if ($category == null) { throw new ProcessException(_("Internal error - page category does not exist!!!")); } // now check for permissions! WDPermissionManager::instance()->hasPagePermission('edit', $user, $category, $page); // now check if form is defined $templatePage = $category->getTemplatePage(); if (preg_match('/^[^:]*:[^_]|^[^_:][^:]*$/', $page->getUnixName()) && $templatePage && ($form = Wikidot_Form::fromSource($templatePage->getSource()))) { $form->setDataFromYaml($page->getSource()); $runData->contextAdd("form", new Wikidot_Form_Renderer($form)); // check if mode is sections if page is editable in this mode } elseif ($mode == "section") { $compiledContent = $page->getCompiled()->getText(); $editable = WDEditUtils::sectionsEditable($compiledContent); if ($editable == false) { throw new ProcessException(_("Sections are not editable due to unclear section structure. This sometimes happen when nested headings are used (inside other page elements) or the page include other pages."), "sections_uneditable"); } // ok, get ranges for edit now. $pageSource = $page->getSource(); $rangeMap = WDEditUtils::sectionMapping($pageSource); $sectionId = $pl->getParameterValue("section"); if (!isset($rangeMap[$sectionId])) { throw new ProcessException(_("Sections are not editable due to unclear section structure. This sometimes happen when nested headings are used (inside other page elements) or the page include other pages."), "sections_uneditable"); } $rangeStart = $rangeMap[$sectionId]['start']; $rangeEnd = $rangeMap[$sectionId]['end']; $runData->ajaxResponseAdd('section', $sectionId); $runData->ajaxResponseAdd('rangeStart', $rangeStart); $runData->ajaxResponseAdd('rangeEnd', $rangeEnd); } // if we have not returned yet it means that the lock does not exist or is expired // if session is not started - start it! $runData->sessionStart(); // create new page lock $lock = new DB_PageEditLock(); $lock->setPageId($page->getPageId()); $lock->setPageUnixName($page->getUnixName()); $lock->setSiteId($site->getSiteId()); $lock->setUserId($runData->getUserId()); $lock->setUserString($runData->getSession()->getIpAddress()); $lock->setDateStarted(new ODate()); $lock->setDateLastAccessed(new ODate()); $lock->setMode($mode); if ($mode == "section") { $lock->setRangeStart($rangeStart); $lock->setRangeEnd($rangeEnd); } // delete outdated... DB_PageEditLockPeer::instance()->deleteOutdated($pageId); // check for conflicts if ($pl->getParameterValue("force_lock") != null) { $lock->deleteConflicts(); } else { $blocklocks = $lock->getConflicts(); if ($blocklocks != null) { // conflicting locks exist. $runData->setModuleTemplate("edit/LockExistsWinModule"); $runData->ajaxResponseAdd("locked", true); $runData->contextAdd("locks", $blocklocks); return; } } $secret = md5(time() . rand(1000, 9999)); $lock->setSecret($secret); $lock->setSessionId($runData->getSession()->getSessionId()); $lock->save(); $runData->ajaxResponseAdd('lock_id', $lock->getLockId()); $runData->ajaxResponseAdd('lock_secret', $secret); // also put current page revision in case one wants to regain lock after expired. $runData->ajaxResponseAdd('page_revision_id', $page->getRevisionId()); // keep the session - i.e. put an object into session storage not to delete it!!! $runData->sessionAdd("keep", true); if ($mode == "page") { $pageSource = $page->getSource(); $runData->contextAdd("source", $pageSource); } if ($mode == "append") { $runData->contextAdd("source", ""); // source not required... } if ($mode == "section") { // slice the source... $sliced = explode("\n", $pageSource); $s = array_slice($sliced, $rangeStart, $rangeEnd - $rangeStart + 1); $runData->contextAdd("source", trim(implode("\n", $s))); } $runData->contextAdd("title", $page->getTitleRaw()); $runData->contextAdd("pageId", $page->getPageId()); $runData->contextAdd("mode", $mode); $runData->ajaxResponseAdd("timeLeft", 15 * 60); $db->commit(); }