/** Returns the instance of Logger. If the instance does not exist -
* it is created.
*/
public static function instance()
{
if (self::$loggerInstance === null) {
self::$loggerInstance = new OzoneLogger();
}
return self::$loggerInstance;
}
public function processXMLTable($xmlTable)
{
$freferences = $xmlTable->foreignReference;
foreach ($freferences as $fr) {
$this->addReference($fr['foreignTable'], $fr['foreignKey'], $xmlTable['name'], $fr['localKey'], $fr['customFunction']);
OzoneLogger::instance()->debug("found reference: M: " . $fr['foreignTable'] . "." . $fr['foreignKey'] . ", S: " . $xmlTable['name'] . "." . $fr['localKey'] . " " . $fr['customFunction']);
}
}
public function handleInlineModule($exception, $runData)
{
// rollback the transaction
$db = Database::connection();
$db->rollback();
$out .= '<div class="error-block">';
if ($exception instanceof ProcessException) {
$out .= nl2br($exception->getMessage());
} elseif ($exception instanceof WDPermissionException) {
$out .= '<div class="title">Permission error</div>';
$out .= nl2br($exception->getMessage());
} else {
$out .= "An error occured when processing your request.";
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing inline module:\n\n" . $exception->__toString());
}
$out .= '</div>';
return $out;
}
/**
* Checks if a page is editable by sections.
*/
public static function sectionsEditable($content)
{
// create a xml tree? not always valid xhtml.
// rather check if <h[1-6] id="toc.+*? > elements are inside any div
// the test should be already in the javascript but we should not rely on it...
// first count all occurences of <h[1-6]> tags.
$content = preg_replace("/%+/", '', $content);
$content = preg_replace('/<(h[1-6]) id="toc.+?>.+?<\\/\\1>/s', "%%%%", $content);
$count1 = preg_match_all("/%%%%/", $content, &$matches);
// now remove all tags with contents and recount.
// now remove all tags with insides
$content = preg_replace("/<(\\w+)[^>]*?>.*?<\\/\\1>/sm", "", $content);
OzoneLogger::instance()->debug($content);
$count2 = preg_match_all("/%%%%/", $content, &$matches2);
if ($count2 == 0) {
return false;
}
if ($count1 == $count2) {
return true;
} else {
return false;
}
}
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* For more information about licensing visit:
* http://www.wikidot.org/license
*
* @category Wikidot
* @package Wikidot_Web
* @version $Id$
* @copyright Copyright (c) 2008, Wikidot Inc.
* @license http://www.gnu.org/licenses/agpl-3.0.html GNU Affero General Public License
*/
require '../php/setup.php';
// to avoid caching
header("Cache-Control: no-cache, must-revalidate");
// HTTP/1.1
header("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
// Date in the past
header("content-type: text/xml");
try {
$controller = new FeedFlowController();
$out = $controller->process();
} catch (Exception $e) {
echo "A nasty error has occurred. If the problem repeats, please fill (if possible) a bug report.";
echo "<br/><br/>";
echo $e;
// hope the logger is initialized...
$logger = OzoneLogger::instance();
$logger->error("Exception caught:\n\n" . $e->__toString());
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "OK");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
} else {
// $module->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure module to render!
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
$runData->setAction(null);
}
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
Ozone::initServices();
$logger->debug("Smarty template services loaded");
Ozone::parseMacros();
$logger->debug("Smarty macros parsed");
Ozone::updateSmartyPlain();
$logger->debug("plain version of Smarty created");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
// action security check
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getModuleClassPath()) {
$runData->setModuleTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
}
$json = new JSONService();
$out = $json->encode($rVars);
echo $out;
$runData->handleSessionEnd();
}
public function savePageEvent($runData)
{
$pl = $runData->getParameterList();
$pageId = $pl->getParameterValue("page_id");
$mode = $pl->getParameterValue("mode");
if ($pl->getParameterValue("form")) {
$data = array();
$newpages = array();
foreach ($runData->getParameterList()->asArray() as $name => $val) {
$m = array();
if (preg_match("/^field_(.*)\$/", $name, $m)) {
$data[$m[1]] = $val;
}
}
$source = Wikidot_Yaml::dump($data);
} else {
$source = trim($pl->getParameterValue("source"));
}
$comments = trim($pl->getParameterValue("comments"));
$title = trim($pl->getParameterValue("title"));
$userId = $runData->getUserId();
if ($userId == null) {
$userString = $runData->createIpString();
}
if ($title === '') {
$title = null;
}
$unixName = $pl->getParameterValue("wiki_page");
$unixName = WDStringUtils::toUnixName($unixName);
// purify! (for sure)
$lockId = $pl->getParameterValue("lock_id");
$lockSecret = $pl->getParameterValue("lock_secret");
$site = $runData->getTemp("site");
// validate input first
$db = Database::connection();
$db->begin();
// remove old locks.
if (strlen8($title) > 128) {
throw new ProcessException(_("Title of the page should not be longer than 128 characters."), "title_too_long");
}
// if page source not too long...
if (strlen8($source) > 200000) {
throw new ProcessException(_("Source of the page should not be longer than 200 000 characters which is large enough. Pages longer than that can indicate improper usage \tof the wiki site."), "source_too_long");
}
// if comment too long
if (strlen8($comments) > 210) {
throw new ProcessException(_("The changes comment is longer than 200 characters. Please keep this description short and informative. And no longer than this limit please..."), "comment_too_long");
}
$autoincrement = false;
$nowDate = new ODate();
if ($pageId === null || $pageId === '') {
if (preg_match(';^([a-z0-9]+:)?' . self::$AUTOINCREMENT_PAGE . '$;', $unixName)) {
$autoincrement = true;
}
if (!$autoincrement) {
DB_PageEditLockPeer::instance()->deleteOutdatedByPageName($site->getSiteId(), $unixName);
}
// a page should be created!
// extract category name
if (strpos($unixName, ':') != false) {
// ok, there is category!
$exp = explode(':', $unixName);
$categoryName = $exp[0];
} else {
// no category name, "_default" assumed
$categoryName = "_default";
}
// check if category exists. if not - create it!
$category = DB_CategoryPeer::instance()->selectByName($categoryName, $site->getSiteId(), false);
if ($category == null) {
// create the category - just clone the default category!!!
$category = DB_CategoryPeer::instance()->selectByName("_default", $site->getSiteId(), false);
$category->setName($categoryName);
// fill with some important things - we assume the _default category exists!!! IT REALLY SHOULD!!!
$category->setCategoryId(null);
$category->setNew(true);
// this will make it INSERT, not UPDATE on save()
$category->setPerPageDiscussion(null);
//default value
// set default permissions theme and license
$category->setPermissionsDefault(true);
$category->setThemeDefault(true);
$category->setLicenseDefault(true);
$category->setNavDefault(true);
$category->save();
}
// first look at permissions!
WDPermissionManager::instance()->hasPagePermission('create', $runData->getUser(), $category);
// check the locks!
// check if the lock still exists.
if (!$autoincrement) {
$c = new Criteria();
$c->add("lock_id", $lockId);
$c->add("secret", $lockSecret);
$lock = DB_PageEditLockPeer::instance()->selectOne($c);
if ($lock == null) {
$page = DB_PagePeer::instance()->selectByName($site->getSiteId(), $unixName);
if ($page != null) {
// page exists!!! error!
$runData->ajaxResponseAdd("noLockError", "other_locks");
$runData->ajaxResponseAdd("pageExists", true);
$runData->ajaxResponseAdd("locked", true);
//well, it is somehow locked...
$runData->setModuleTemplate("edit/NewPageExistsWinModule");
$runData->contextAdd("nonrecoverable", true);
$runData->ajaxResponseAdd("nonrecoverable", true);
$db->commit();
return;
}
// check if we can TRANSPARENTLY recreate the lock IF there is no
// conflicting lock and the revision_id has not changed.
$lock = new DB_PageEditLock();
$lock->setPageUnixName($unixName);
$lock->setSiteId($site->getSiteId());
$lock->setUserId($runData->getUserId());
$lock->setUserString($runData->getSession()->getIpAddress());
$lock->setDateStarted(new ODate());
$lock->setDateLastAccessed(new ODate());
$lock->setMode("page");
$conflictLocks = $lock->getConflicts();
if ($conflictLocks == null) {
// safely recreate lock
$secret = md5(time() . rand(1000, 9999));
$lock->setSecret($secret);
$lock->setSessionId($runData->getSession()->getSessionId());
$lock->save();
$lockId = $lock->getLockId();
// send back new lock information
$runData->ajaxResponseAdd("lockRecreated", true);
$runData->ajaxResponseAdd("lockId", $lockId);
$runData->ajaxResponseAdd("lockSecret", $secret);
$runData->ajaxResponseAdd('timeLeft', 60 * 15);
} else {
$runData->ajaxResponseAdd("noLockError", "other_locks");
$runData->setModuleTemplate("edit/LockInterceptedWinModule");
$runData->contextAdd("locks", $conflictLocks);
$db->commit();
return;
}
} else {
$lock->setDateLastAccessed(new ODate());
$lock->save();
$runData->ajaxResponseAdd('timeLeft', 60 * 15);
}
}
/* Change unixName to integer. */
if ($autoincrement) {
/* Check max number taken. */
$db = Database::connection();
$q = "select max(substring(unix_name from '[0-9]+')::integer) + 1 as max from page where category_id={$category->getCategoryId()} AND unix_name ~ '^([a-z0-9]+:)?[0-9]+\$'";
$r = $db->query($q);
$row = $r->nextRow();
$unixName = $row['max'];
if ($category->getName() != '_default') {
$unixName = $category->getName() . ':' . $unixName;
}
$runData->ajaxResponseAdd('pageUnixName', $unixName);
}
$page = new DB_Page();
$page->obtainPK();
$pageRevision = new DB_PageRevision();
$pageRevision->setSiteId($site->getSiteId());
$pageRevision->setPageId($page->getPageId());
$pageRevision->setFlagNew(true);
$pageRevision->setComments($comments);
$pageRevision->obtainPK();
$pageRevision->setDateLastEdited($nowDate);
$pageRevision->setPageId($page->getPageId());
$page->setRevisionId($pageRevision->getRevisionId());
$pageSource = new DB_PageSource();
$pageSource->setText($source);
$pageSource->save();
$pageRevision->setSourceId($pageSource->getSourceId());
$pageMetadata = new DB_PageMetadata();
$pageMetadata->setTitle($title);
$pageMetadata->setUnixName($unixName);
if ($userId) {
$pageMetadata->setOwnerUserId($userId);
}
$pageMetadata->save();
$pageRevision->setMetadataId($pageMetadata->getMetadataId());
$pageCompiled = new DB_PageCompiled();
$pageCompiled->setPageId($page->getPageId());
$newPage = true;
// update the page object
$page->setUnixName($unixName);
$page->setDateCreated($nowDate);
$page->setSiteId($site->getSiteId());
$page->setSourceId($pageSource->getSourceId());
$page->setMetadataId($pageMetadata->getMetadataId());
$page->setTitle($title);
$page->setDateLastEdited($nowDate);
$pageCompiled = new DB_PageCompiled();
$pageCompiled->setPageId($page->getPageId());
$pageCompiled->outdate();
$newPage = true;
$page->setCategoryId($category->getCategoryId());
// now set user_id, user_string
if ($userId) {
$pageRevision->setUserId($userId);
$page->setLastEditUserId($userId);
} else {
$pageRevision->setUserId(0);
$page->setLastEditUserId(0);
$pageRevision->setUserString($userString);
$page->setLastEditUserString($userString);
}
$page->setOwnerUserId($userId);
$pageRevision->save();
$page->setRevisionId($pageRevision->getRevisionId());
$page->save();
$pageCompiled->save();
$sourceChanged = true;
$outdater = new Outdater();
$outdater->pageEvent("new_page", $page);
// index page
if (!$autoincrement) {
$c = new Criteria();
$c->add("lock_id", $lockId);
DB_PageEditLockPeer::instance()->delete($c);
}
EventLogger::instance()->logNewPage($page);
} else {
// THE PAGE ALREADY EXISTS
DB_PageEditLockPeer::instance()->deleteOutdated($pageId);
$c = new Criteria();
$c->add("page_id", $pageId);
$c->setForUpdate(true);
$page = DB_PagePeer::instance()->selectOne($c);
if ($page == null) {
throw new ProcessException(_("Page does not exist."));
}
// check permissions
$category = $page->getCategory();
WDPermissionManager::instance()->hasPagePermission('edit', $runData->getUser(), $category, $page);
// check if the lock still exists.
$c = new Criteria();
$c->add("lock_id", $lockId);
$c->add("secret", $lockSecret);
$lock = DB_PageEditLockPeer::instance()->selectOne($c);
if ($lock == null) {
OzoneLogger::instance()->debug("no lock");
// no lock!!! not good.
if ($page->getRevisionId() != $pl->getParameterValue("revision_id")) {
// this is nonrecoverable.
// author should stop editing now!!!
OzoneLogger::instance()->debug("page changed");
$runData->ajaxResponseAdd("noLockError", "page_changed");
$runData->setModuleTemplate("edit/LockInterceptedWinModule");
$runData->contextAdd("nonrecoverable", true);
$runData->ajaxResponseAdd("nonrecoverable", true);
$db->commit();
return;
}
// check if we can TRANSPARENTLY recreate the lock IF there is no
// conflicting lock and the revision_id has not changed.
$lock = new DB_PageEditLock();
$lock->setPageId($page->getPageId());
$lock->setPageUnixName($page->getUnixName());
$lock->setSiteId($site->getSiteId());
$lock->setUserId($runData->getUserId());
$lock->setUserString($runData->getSession()->getIpAddress());
$lock->setDateStarted(new ODate());
$lock->setDateLastAccessed(new ODate());
$lock->setMode($mode);
if ($mode == "section") {
$rangeStart = $pl->getParameterValue("range_start");
$rangeEnd = $pl->getParameterValue("range_end");
$lock->setRangeStart($rangeStart);
$lock->setRangeEnd($rangeEnd);
}
$conflictLocks = $lock->getConflicts();
if ($conflictLocks == null) {
// safely recreate lock
$secret = md5(time() . rand(1000, 9999));
$lock->setSecret($secret);
$lock->setSessionId($runData->getSession()->getSessionId());
$lock->save();
$lockId = $lock->getLockId();
// send back new lock information
$runData->ajaxResponseAdd("lockRecreated", true);
$runData->ajaxResponseAdd("lockId", $lockId);
$runData->ajaxResponseAdd("lockSecret", $secret);
$runData->ajaxResponseAdd('timeLeft', 60 * 15);
} else {
$runData->ajaxResponseAdd("noLockError", "other_locks");
$runData->setModuleTemplate("edit/LockInterceptedWinModule");
$runData->contextAdd("locks", $conflictLocks);
$db->commit();
return;
}
} else {
$lock->setDateLastAccessed(new ODate());
$lock->save();
$runData->ajaxResponseAdd('timeLeft', 60 * 15);
// here is a good place to check conditions for
// "save & continue" which when first called
// creates new revision, but the subsequent calls
// do not.
}
// check if source or metadata has changed. if neither is changed - do nothing
// get current revision
$currentRevision = $page->getCurrentRevision();
// compare source text
$oldSourceText = $page->getSource();
$sourceChanged = false;
if ($mode == "append") {
$source = $oldSourceText . "\n\n" . $source;
}
if ($mode == "section") {
$rangeStart = $lock->getRangeStart();
//$pl->getParameterValue("range_start");
$rangeEnd = $lock->getRangeEnd();
//$pl->getParameterValue("range_end");
$s2 = explode("\n", $oldSourceText);
// fix source last empty line
if (!ereg("\n\$", $source)) {
$source .= "\n";
}
array_splice($s2, $rangeStart, $rangeEnd - $rangeStart + 1, explode("\n", $source));
$source = implode("\n", $s2);
}
if ($oldSourceText !== $source) {
$sourceChanged = true;
}
// create new revision
$pageRevision = new DB_PageRevision();
$pageRevision->setSiteId($site->getSiteId());
// compare metadata
$metadataChanged = false;
$oldMetadata = $page->getMetadata();
// title
if ($mode == 'page') {
// check only if the whole page is edited
if ($title !== $oldMetadata->getTitle()) {
$pageRevision->setFlagTitle(true);
$metadataChanged = true;
}
}
// and act accordingly to the situation
if ($sourceChanged == false && $metadataChanged == false) {
$c = new Criteria();
$c->add("lock_id", $lockId);
DB_PageEditLockPeer::instance()->delete($c);
$db->commit();
return;
}
$pageRevision->setPageId($page->getPageId());
$pageRevision->setDateLastEdited($nowDate);
$pageRevision->setRevisionNumber($currentRevision->getRevisionNumber() + 1);
if ($sourceChanged) {
$fullSource = false;
// first check if store new source as a diff or as a full-source.
if (true || $currentRevision->getSinceFullSource() > 9) {
$fullSource = true;
} else {
// also compare size of diff against size of new source.
// must be less than %50 to qualify
$differ = new ODiff();
$diff = $differ->diffString($oldSourceText, $source);
if (strlen($diff) > 0.5 * strlen($source)) {
$fullSource = true;
}
}
$pageSource = new DB_PageSource();
if ($fullSource) {
$pageSource->setText($source);
} else {
$pageSource->setText($diff);
$pageRevision->setDiffSource(true);
$pageRevision->setSinceFullSource($currentRevision->getSinceFullSource() + 1);
}
$pageSource->save();
$pageRevision->setSourceId($pageSource->getSourceId());
$pageRevision->setFlagText(true);
} else {
// copy source id
$pageRevision->setSourceId($currentRevision->getSourceId());
$pageRevision->setSinceFullSource($currentRevision->getSinceFullSource());
$pageRevision->setDiffSource($currentRevision->getDiffSource());
}
if ($metadataChanged) {
$pageMetadata = clone $oldMetadata;
$pageMetadata->setNew(true);
$pageMetadata->setMetadataId(null);
$pageMetadata->setTitle($title);
$pageMetadata->save();
$pageRevision->setMetadataId($pageMetadata->getMetadataId());
} else {
// copy metadata id
$pageRevision->setMetadataId($currentRevision->getMetadataId());
}
// now set user_id, user_string
if ($userId) {
$pageRevision->setUserId($userId);
$page->setLastEditUserId($userId);
} else {
$pageRevision->setUserId(0);
$page->setLastEditUserId(0);
$pageRevision->setUserString($userString);
$page->setLastEditUserString($userString);
}
$pageRevision->setComments($comments);
$pageRevision->save();
$page->setRevisionId($pageRevision->getRevisionId());
// update Page object
$page->setSourceId($pageRevision->getSourceId());
if ($mode == 'page') {
$page->setTitle($title);
}
$page->setDateLastEdited($nowDate);
$page->setMetadataId($pageRevision->getMetadataId());
$page->setRevisionNumber($pageRevision->getRevisionNumber());
$page->save();
// also if "section edit" - find other locks that refer to
// blocks with higher line numbers and change start/end accordingly
if ($mode == "section") {
$c = new Criteria();
$c->add("page_id", $pageId);
$c->add("range_start", $lock->getRangeEnd(), ">=");
$c->add("mode", "section");
$laterLocks = DB_PageEditLockPeer::instance()->select($c);
if (count($laterLocks) > 0) {
// take the length of the current lock
$sectionLength = $lock->getRangeEnd() - $lock->getRangeStart() + 1;
$newSourceLength = count(explode("\n", trim($pl->getParameterValue("source")))) + 1;
// +1 for the new line at the end
$lengthDifference = $newSourceLength - $sectionLength;
foreach ($laterLocks as $llock) {
$llock->setRangeStart($llock->getRangeStart() + $lengthDifference);
$llock->setRangeEnd($llock->getRangeEnd() + $lengthDifference);
$llock->save();
}
}
}
// OUTDATING PARTY!!!
$outdater = new Outdater();
if ($sourceChanged) {
$outdater->pageEvent("source_changed", $page);
}
if ($metadataChanged) {
$outdater->pageEvent("title_changed", $page);
}
// index page
EventLogger::instance()->logSavePage($page);
}
// remove lock too?
if (!$pl->getParameterValue("and_continue") && !$autoincrement) {
$c = new Criteria();
$c->add("lock_id", $lockId);
DB_PageEditLockPeer::instance()->delete($c);
$runData->ajaxResponseAdd("revisionId", $pageRevision->getRevisionId());
}
$db->commit();
}
function query($query)
{
if (!is_array($query)) {
//if query is empty
if ($query == '' || $query == null) {
return;
}
OzoneLogger::instance()->debug("executing query \"{$query}\"");
$result = mysql_query($query);
if (!$result) {
throw new Exception("error: " . mysql_error() . "\n");
}
} else {
//if query is empty
if (count($query) == 0) {
return;
}
foreach ($query as $q) {
$result = $this->query($q);
}
}
return new MyResult($result);
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("AJAX module request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
/* processing an AJAX request! */
$runData->setAjaxMode(true);
$runData->init();
// extra return array - just for ajax handling
$runData->ajaxResponseAdd("status", "ok");
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
try {
// check security token
if ($_COOKIE['wikidot_token7'] == null || $_COOKIE['wikidot_token7'] !== $runData->getParameterList()->getParameterValue('wikidot_token7', 'AMODULE')) {
throw new ProcessException("no", "wrong_token7");
}
//remove token from parameter list!!!
$runData->getParameterList()->delParameter('wikidot_token7');
$callbackIndex = $runData->getParameterList()->getParameterValue('callbackIndex');
$runData->getParameterList()->delParameter('callbackIndex');
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
throw new ProcessException(_('The requested site does not exist.'));
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
// PRIVATE SITES: check if the site is private and if the user is its member
if ($site->getPrivate()) {
// check if not allow anyway
$template = $runData->getModuleTemplate();
$actionClass = $runData->getAction();
$proceed = in_array($actionClass, array('', 'LoginAction', 'MembershipApplyAction', 'CreateAccountAction', 'PasswordRecoveryAction')) && ($template == '' || $template == 'Empty' || preg_match(';^createaccount/;', $template) || preg_match(';^login/;', $template) || preg_match(';^membership/;', $template) || preg_match(';^passwordrecovery/;', $template));
if (!$proceed) {
$user = $runData->getUser();
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
if ($user == null) {
throw new ProcessException(_('This Site is private and accessible only to its members.'));
}
}
}
$template = $runData->getModuleTemplate();
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
// module security check
if (!$module->isAllowed($runData)) {
throw new WDPermissionException(_("Not allowed."));
}
Ozone::initSmarty();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
$runData->setTemp("jsInclude", array());
$runData->setTemp("cssInclude", array());
if ($actionClass) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getModuleClassPath();
if (!$action->isAllowed($runData)) {
throw new WDPermissionException("Not allowed.");
}
$actionEvent = $runData->getActionEvent();
/*try{*/
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
}
// end action process
// check if template has been changed by the module. if so...
if ($template != $runData->getModuleTemplate()) {
$classFile = $runData->getModuleClassPath();
$className = $runData->getModuleClassName();
$logger->debug("processing template: " . $runData->getModuleTemplate() . ", class: {$className}");
require_once $classFile;
$module = new $className();
}
$module->setTemplate($template);
$rendered = $module->render($runData);
$jsInclude = $runData->getTemp("jsInclude");
$jsInclude = array_merge($jsInclude, $module->getExtraJs());
$runData->setTemp("jsInclude", $jsInclude);
$cssInclude = $runData->getTemp("cssInclude");
$cssInclude = array_merge($cssInclude, $module->getExtraCss());
$runData->setTemp("cssInclude", $cssInclude);
} catch (ProcessException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", $e->getStatus());
$runData->setModuleTemplate(null);
$template = null;
} catch (WDPermissionException $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", $e->getMessage());
$runData->ajaxResponseAdd("status", "no_permission");
$runData->setModuleTemplate(null);
$template = null;
} catch (Exception $e) {
$db = Database::connection();
$db->rollback();
$runData->ajaxResponseAdd("message", _("An error occured while processing the request.") . ' ' . $e->getMessage());
$runData->ajaxResponseAdd("status", "not_ok");
$runData->setModuleTemplate(null);
$template = null;
// LOG ERROR TOO!!!
$logger = OzoneLogger::instance();
$logger->error("Exception caught while processing ajax module:\n\n" . $e->__toString());
}
$rVars = $runData->getAjaxResponse();
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
$rVars['body'] = $out;
// check the javascript files for inclusion
}
if ($template != null && $template != "Empty") {
$jsInclude = $runData->getTemp("jsInclude");
if ($module->getIncludeDefaultJs()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_JS_PATH . '/' . $template . '.js';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_JS_URL . '/' . $template . '.js';
$incl = $url;
$jsInclude[] = $incl;
}
}
$rVars['jsInclude'] = $jsInclude;
$cssInclude = $runData->getTemp("cssInclude");
if ($module->getIncludeDefaultCss()) {
$file = WIKIDOT_ROOT . '/' . GlobalProperties::$MODULES_CSS_PATH . '/' . $template . '.css';
if (file_exists($file)) {
$url = GlobalProperties::$MODULES_CSS_URL . '/' . $template . '.css';
$incl = $url;
$cssInclude[] = $incl;
}
}
$rVars['cssInclude'] = $cssInclude;
}
// specify (copy) jscallback. ugly, right? ;-)
$rVars['callbackIndex'] = $callbackIndex;
$json = new JSONService();
$out = $json->encode($rVars);
$runData->handleSessionEnd();
echo $out;
}
/**
* Returns an instance of the FormTool. FormTool requires usage of sessions!
*/
public function formTool()
{
$formTool = $this->sessionGet('form_tool');
if ($formTool == null) {
$formTool = new FormTool();
$this->sessionAdd('form_tool', $formTool);
OzoneLogger::instance()->debug("obtaining new FormTool");
}
//
if ($this->formToolHttpProcessed == false) {
// extract form data form the http request
$formTool->processHttpRequest($this);
$this->formToolHttpProcessed = true;
}
return $formTool;
}
public function process()
{
global $timeStart;
// quick fix to prevent recursive RSS access by Wikidot itself.
if (strpos($_SERVER['HTTP_USER_AGENT'], 'MagpieRSS') !== false) {
exit;
}
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if (!$site) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$memcache->set($mcKey, $site, 0, 864000);
}
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if (!$site) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$memcache->set($mcKey, $site, 0, 3600);
}
}
if (!$site) {
// check for redirects
$c = new Criteria();
$q = "SELECT site.* FROM site, domain_redirect WHERE domain_redirect.url='" . db_escape_string($siteHost) . "' " . "AND site.deleted = false AND site.site_id = domain_redirect.site_id LIMIT 1";
$c->setExplicitQuery($q);
$site = DB_SitePeer::instance()->selectOne($c);
if ($site) {
$newUrl = 'http://' . $site->getDomain() . $_SERVER['REQUEST_URI'];
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . $newUrl);
exit;
}
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if (!$site) {
$content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html");
echo $content;
return $content;
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$lang = $site->getLanguage();
$runData->setLanguage($lang);
$GLOBALS['lang'] = $lang;
// and for gettext too:
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, redirect to http:
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . 'http://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']);
exit;
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
header("HTTP/1.1 301 Moved Permanently");
header("Location: " . 'https://' . $_SERVER["HTTP_HOST"] . $_SERVER['REQUEST_URI']);
exit;
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
$rendered = $screen->render($runData);
if ($rendered != null) {
$runData->setTemp("jsInclude", array());
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
//$moduleProcessor->setJavascriptInline(true); // embed associated javascript files in <script> tags
$moduleProcessor->setCssInline(true);
$rendered = $moduleProcessor->process($rendered);
$jss = $runData->getTemp("jsInclude");
$jss = array_unique($jss);
$incl = '';
foreach ($jss as $js) {
$incl .= '<script type="text/javascript" src="' . $js . '"></script>';
}
$rendered = preg_replace(';</head>;', $incl . '</head>', $rendered);
}
$runData->handleSessionEnd();
// one more thing - some url will need to be rewritten if using HTTPS
if ($_SERVER['HTTPS']) {
// ?
// scripts
$rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered);
$rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered);
$rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered);
do {
$renderedOld = $rendered;
$rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered);
} while ($renderedOld != $rendered);
}
if (GlobalProperties::$SEARCH_HIGHLIGHT) {
$rendered = Wikidot_Search_Highlighter::highlightIfSuitable($rendered, $_SERVER["REQUEST_URI"], $_SERVER["HTTP_REFERER"]);
}
echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered);
return $rendered;
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// screen security check
if (!$screen->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
} else {
// $screen->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure screen to render!
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$runData->setAction(null);
}
}
$logger->info("Ozone engines successfully initialized");
// caching of LAYOUT tasks should start here
$cacheSettings = $screen->getScreenCacheSettings();
$updateLayoutContentLater = false;
if ($runData->getRequestMethod() == "GET" && $runData->getAction() == null && $cacheSettings != null && $cacheSettings->isLayoutCacheable($runData)) {
$content = ScreenCacheManager::instance()->cachedLayout($runData, $screen->getScreenCacheSettings());
if ($content != null && $content != "") {
// process modules!!!
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($content);
echo $out;
$runData->handleSessionEnd();
return;
} else {
$updateLayoutContentLater = true;
}
}
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getScreenClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the action. if so...
if ($template != $runData->getScreenTemplate) {
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
}
$rendered = $screen->render($runData);
if ($rendered != null) {
// process modules...
$moduleProcessor = new ModuleProcessor($runData);
$out = $moduleProcessor->process($rendered);
}
if ($updateLayoutContentLater == true) {
ScreenCacheManager::instance()->updateCachedLayout($runData, $rendered);
}
$runData->handleSessionEnd();
echo $out;
}
public function process()
{
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("Feed request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if ($site == null) {
$content = file_get_contents(WIKIDOT_ROOT . "/files/site_not_exists.html");
echo $content;
return $content;
}
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
// set language
$lang = $site->getLanguage();
$runData->setLanguage($lang);
$GLOBALS['lang'] = $lang;
// and for gettext too:
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, redirect to http:
echo _("Secure access is not enabled for this Wiki.");
exit;
}
}
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// check if requires authentication
if ($screen->getRequiresAuthentication() || $site->getPrivate()) {
$username = $_SERVER['PHP_AUTH_USER'];
$password = $_SERVER['PHP_AUTH_PW'];
$user = null;
if ($username !== null && $password !== null) {
$user = SecurityManager::getUserByName($username);
if ($user) {
$upass = md5("feed_hashed_password_" . $user->getPassword());
$upass = substr($upass, 0, 15);
if ($upass !== $password) {
$user = null;
}
}
}
if ($site->getPrivate()) {
if ($user && !$user->getSuperAdmin() && !$user->getSuperModerator()) {
// check if member
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$mem = DB_MemberPeer::instance()->selectOne($c);
if (!$mem) {
// check if a viewer
$c = new Criteria();
$c->add("site_id", $site->getSiteId());
$c->add("user_id", $user->getUserId());
$vi = DB_SiteViewerPeer::instance()->selectOne($c);
if (!$vi) {
$user = null;
}
}
}
}
if ($user == null) {
header('WWW-Authenticate: Basic realm="Private"');
header('HTTP/1.0 401 Unauthorized');
header('Content-type: text/plain; charset=utf-8');
echo _("This is a private feed. User authentication required via Basic HTTP Authentication. You can not access it. Please go to 'Account settings' -> 'Notifications' to get the password if you believe you should be allowed.");
exit;
}
$runData->setTemp("user", $user);
}
$logger->debug("OZONE initialized");
$logger->info("Ozone engines successfully initialized");
$rendered = $screen->render($runData);
echo str_replace("%%%CURRENT_TIMESTAMP%%%", time(), $rendered);
return $rendered;
}
public function process()
{
global $timeStart;
// initialize logging service
$logger = OzoneLogger::instance();
$loggerFileOutput = new OzoneLoggerFileOutput();
$loggerFileOutput->setLogFileName(WIKIDOT_ROOT . "/logs/ozone.log");
$logger->addLoggerOutput($loggerFileOutput);
$logger->setDebugLevel(GlobalProperties::$LOGGER_LEVEL);
$logger->debug("request processing started, logger initialized");
Ozone::init();
$runData = new RunData();
$runData->init();
Ozone::setRunData($runData);
$logger->debug("RunData object created and initialized");
// check if site (wiki) exists!
$siteHost = $_SERVER["HTTP_HOST"];
$memcache = Ozone::$memcache;
if (preg_match("/^([a-zA-Z0-9\\-]+)\\." . GlobalProperties::$URL_DOMAIN_PREG . "\$/", $siteHost, $matches) == 1) {
$siteUnixName = $matches[1];
// select site based on the unix name
// check memcached first!
// the memcache block is to avoid database connection if possible
$mcKey = 'site..' . $siteUnixName;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("unix_name", $siteUnixName);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
} else {
// select site based on the custom domain
$mcKey = 'site_cd..' . $siteHost;
$site = $memcache->get($mcKey);
if ($site == false) {
$c = new Criteria();
$c->add("custom_domain", $siteHost);
$c->add("site.deleted", false);
$site = DB_SitePeer::instance()->selectOne($c);
$memcache->set($mcKey, $site, 0, 3600);
}
GlobalProperties::$SESSION_COOKIE_DOMAIN = '.' . $siteHost;
}
if ($site == null) {
$runData->setScreenTemplate("wiki/SiteNotFound");
exit(1);
} else {
$runData->setTemp("site", $site);
//nasty global thing...
$GLOBALS['siteId'] = $site->getSiteId();
$GLOBALS['site'] = $site;
}
// set language
$runData->setLanguage($site->getLanguage());
$GLOBALS['lang'] = $site->getLanguage();
// and for gettext too:
$lang = $site->getLanguage();
switch ($lang) {
case 'pl':
$glang = "pl_PL";
break;
case 'en':
$glang = "en_US";
break;
}
putenv("LANG={$glang}");
putenv("LANGUAGE={$glang}");
setlocale(LC_ALL, $glang . '.UTF-8');
// Set the text domain as 'messages'
$gdomain = 'messages';
bindtextdomain($gdomain, WIKIDOT_ROOT . '/locale');
textdomain($gdomain);
$settings = $site->getSettings();
// handle SSL
$sslMode = $settings->getSslMode();
if ($_SERVER['HTTPS']) {
if (!$sslMode) {
// not enabled, issue an errorr
throw new ProcessException(_("Secure access is not enabled for this Wiki."));
} elseif ($sslMode == "ssl_only_paranoid") {
// use secure authentication cookie
// i.e. change authentication scheme
GlobalProperties::$SESSION_COOKIE_NAME = "WIKIDOT_SESSION_SECURE_ID";
GlobalProperties::$SESSION_COOKIE_SECURE = true;
}
} else {
// page accessed via http (nonsecure)
switch ($sslMode) {
case 'ssl':
//enabled, but nonsecure allowed too.
break;
case 'ssl_only_paranoid':
case 'ssl_only':
throw new ProcessException(_("Nonsecure access is not enabled for this Wiki."));
break;
}
}
// handle session at the begging of procession
$runData->handleSessionStart();
$template = $runData->getScreenTemplate();
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
// screen security check
if (!$screen->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
} else {
// $screen->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
// reload the class again - we do not want the unsecure screen to render!
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
$runData->setAction(null);
}
}
// PROCESS ACTION
$actionClass = $runData->getAction();
$logger->debug("processing action {$actionClass}");
while ($actionClass != null) {
require_once PathManager::actionClass($actionClass);
$tmpa1 = explode('/', $actionClass);
$actionClassStripped = end($tmpa1);
$action = new $actionClassStripped();
$classFile = $runData->getScreenClassPath();
if (!$action->isAllowed($runData)) {
if ($classFile == $runData->getScreenClassPath()) {
$runData->setScreenTemplate("errors/NotAllowed");
}
// $action->isAllowed() should set the error template!!! if not -
// default NotAllowed is used
break;
}
$actionEvent = $runData->getActionEvent();
if ($actionEvent != null) {
$action->{$actionEvent}($runData);
$logger->debug("processing action: {$actionClass}, event: {$actionEvent}");
} else {
$logger->debug("processing action: {$actionClass}");
$action->perform($runData);
}
// this is in case action changes the action name so that
// the next action can be executed.
if ($runData->getNextAction() != null) {
$actionClass = $runData->getNextAction();
$runData->setAction($actionClass);
$runData->setActionEvent($runData->getNextActionEvent());
} else {
$actionClass = null;
}
}
// end action process
// check if template has been changed by the action. if so...
if ($template != $runData->getScreenTemplate) {
$classFile = $runData->getScreenClassPath();
$className = $runData->getScreenClassName();
$logger->debug("processing template: " . $runData->getScreenTemplate() . ", class: {$className}");
require_once $classFile;
$screen = new $className();
}
$rendered = $screen->render($runData);
if ($rendered != null) {
$moduleProcessor = new ModuleProcessor($runData);
$moduleProcessor->setJavascriptInline(true);
// embed associated javascript files in <script> tags
$moduleProcessor->setCssInline(true);
$rendered = $moduleProcessor->process($rendered);
}
$runData->handleSessionEnd();
// one more thing - some url will need to be rewritten if using HTTPS
if ($_SERVER['HTTPS']) {
// ?
// scripts
$rendered = preg_replace(';<script(.*?)src="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)</script>;s', '<script\\1src="https://' . GlobalProperties::$URL_HOST . '\\2</script>', $rendered);
$rendered = preg_replace(';<link(.*?)href="http://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>;s', '<link\\1href="https://' . GlobalProperties::$URL_HOST . '\\2/>', $rendered);
$rendered = preg_replace(';(<img\\s+.*?src=")http(://' . GlobalProperties::$URL_HOST_PREG . '(.*?)/>);s', '\\1https\\2', $rendered);
do {
$renderedOld = $rendered;
$rendered = preg_replace(';(<style\\s+[^>]*>.*?@import url\\()http(://' . GlobalProperties::$URL_HOST_PREG . '.*?</style>);si', '\\1https\\2', $rendered);
} while ($renderedOld != $rendered);
}
echo $rendered;
}
function query($query)
{
if (!is_array($query)) {
//if query is empty
if ($query == '' || $query == null) {
return;
}
$time_start = microtime(true);
$result = pg_query($this->link, $query);
if (!$result) {
OzoneLogger::instance()->error("execution of query \"{$query}\" failed");
throw new OzoneDatabaseException("error: " . pg_last_error($this->link) . "\n");
}
$time_end = microtime(true);
$t = $time_end - $time_start;
OzoneLogger::instance()->debug("executed query \"{$query}\" ({$t} sec)");
} else {
//if query is empty
if (count($query) == 0) {
return null;
}
foreach ($query as $q) {
$result = $this->query($q);
}
}
return new PgResult($result);
}
