/**
* @throws AnwBadCommentException
*/
function __construct($nType, $oPage, $nTime, $sComment, $sInfo = "", $sPageName = "", $sPageLang = "")
{
if (!self::isValidComment($sComment)) {
throw new AnwBadCommentException();
}
$this->nType = $nType;
$this->nTime = $nTime;
$this->sComment = $sComment;
if ($oPage) {
if ($oPage->exists()) {
$this->nPageId = $oPage->getId();
}
$this->oPage = $oPage;
}
$this->sInfo = $sInfo;
$this->sPageName = $sPageName ? $sPageName : ($oPage ? $oPage->getName() : "");
$this->sPageLang = $sPageLang ? $sPageLang : ($oPage ? $oPage->getLang() : "");
$this->oUser = AnwCurrentSession::getUser();
$this->sIp = AnwCurrentSession::getIp();
}
function run()
{
try {
$nPageId = (int) AnwEnv::_GET("page");
if ($nPageId <= 0) {
throw new AnwBadCallException();
}
//find TO revision
$nRevToChangeId = (int) AnwEnv::_GET("revto");
if ($nRevToChangeId <= 0) {
throw new AnwBadCallException();
} else {
$oPageRevTo = AnwPage::getPageByChangeId($nPageId, $nRevToChangeId);
}
//find FROM revision
$nRevFromChangeId = (int) AnwEnv::_GET("revfrom");
if ($nRevFromChangeId <= 0) {
try {
$oPageRevFrom = $oPageRevTo->getPreviousArchive();
} catch (AnwArchiveNotFoundException $e) {
//if TO revision is already the last...
$oPageRevFrom = $oPageRevTo;
}
} else {
$oPageRevFrom = AnwPage::getPageByChangeId($nPageId, $nRevFromChangeId);
}
if (!$oPageRevTo) {
throw new AnwBadCallException("page revision TO not found :" . $nRevToChangeId);
}
if (!$oPageRevTo->getContent() instanceof AnwContentPage) {
throw new AnwUnexpectedException("error getcontent for page revision TO :" . $nRevToChangeId);
}
if (!$oPageRevFrom) {
throw new AnwBadCallException("page revision FROM not found :" . $nRevFromChangeId);
}
if (!$oPageRevFrom->getContent() instanceof AnwContentPage) {
throw new AnwUnexpectedException("error getcontent for page revision FROM :" . $nRevFromChangeId);
}
// check permissions
$oPageRevFrom->checkGlobalAndViewActionAllowed($this->getName());
$oPageRevTo->checkGlobalAndViewActionAllowed($this->getName());
$oContentXmlFrom = $oPageRevFrom->getContent()->toXml();
$oContentXmlTo = $oPageRevTo->getContent()->toXml();
} catch (AnwBadPageNameException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwBadCallException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwPageNotFoundException $e) {
$this->error($this->g_("err_badcall"));
} catch (AnwArchiveNotFoundException $e) {
$this->error($this->g_("err_badcall"));
}
$this->setTitle($this->t_("title", array("pagename" => $oPageRevTo->getName())));
$oDiffs = new AnwDiffs($oContentXmlFrom, $oContentXmlTo);
if (!AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
$oDiffs->hidePhpCode();
} else {
$oDiffs->showPhpCode();
}
$this->out .= $this->tpl()->beforeDiffs($this->linkMe(), $oPageRevFrom, $oPageRevTo, $oPageRevTo->getActivePage());
if ($oPageRevFrom->getChangeId() == $oPageRevTo->getChangeId()) {
$this->out .= $this->tpl()->drawNotice($this->t_("notice_same"));
}
if ($oPageRevFrom->getChangeId() > $oPageRevTo->getChangeId()) {
$this->out .= $this->tpl()->drawNotice($this->t_("notice_reverse"));
}
$this->renderDiffs($oDiffs);
}
private function updateSettings()
{
//update prefs
$asErrorsPrefs = array();
try {
$sLang = AnwEnv::_POST("lang", "");
AnwCurrentSession::setLang($sLang);
$nTimezone = AnwEnv::_POST("timezone", 0);
AnwCurrentSession::setTimezone($nTimezone);
} catch (AnwBadLangException $e) {
$asErrorsPrefs[] = $this->g_("err_badlang");
} catch (AnwBadTimezoneException $e) {
$asErrorsPrefs[] = $this->g_("err_badtimezone");
} catch (AnwException $e) {
$asErrorsPrefs[] = $this->g_("err_unkn");
}
$asErrorsAccount = array();
if (AnwCurrentSession::isLoggedIn() && AnwUsers::isDriverInternal()) {
//update account
try {
//displayname change requested ?
if (self::globalCfgUsersChangeDisplayname()) {
$sDisplayname = AnwEnv::_POST("displayname", "");
if (AnwCurrentSession::getUser()->getDisplayName() != $sDisplayname) {
AnwCurrentSession::getUser()->changeDisplayName($sDisplayname);
}
}
//email change requested ?
$sEmail = AnwEnv::_POST("email", "");
if (AnwCurrentSession::getUser()->getEmail() != $sEmail) {
AnwCurrentSession::getUser()->changeEmail($sEmail);
}
//password change requested ?
$sNewPassword = AnwEnv::_POST("newpassword");
$sNewPasswordRepeat = AnwEnv::_POST("newpassword_repeat");
$sCurrentPassword = AnwEnv::_POST("currentpassword", "");
if ($sNewPassword) {
if ($sNewPassword == $sNewPasswordRepeat) {
try {
//authenticate with current password
AnwCurrentSession::getUser()->authenticate($sCurrentPassword);
//authentication ok, change the password
try {
AnwCurrentSession::getUser()->changePassword($sNewPassword);
} catch (AnwBadPasswordException $e) {
$asErrorsAccount[] = $this->t_("err_badnewpassword");
}
} catch (AnwBadPasswordException $e) {
$asErrorsAccount[] = $this->g_("err_incorrectpassword");
} catch (AnwAuthException $e) {
$asErrorsAccount[] = $this->g_("err_incorrectpassword");
}
} else {
$asErrorsAccount[] = $this->g_("err_passwordsmatch");
}
}
} catch (AnwDisplayNameAlreadyTakenException $e) {
$asErrorsAccount[] = $this->g_("err_displaynamealreadytaken");
} catch (AnwBadDisplayNameException $e) {
$asErrorsAccount[] = $this->g_("err_baddisplayname");
} catch (AnwEmailAlreadyTakenException $e) {
$asErrorsAccount[] = $this->g_("err_emailalreadytaken");
} catch (AnwBadEmailException $e) {
$asErrorsAccount[] = $this->g_("err_bademail");
} catch (AnwException $e) {
$asErrorsAccount[] = $this->g_("err_unkn");
}
}
if (count($asErrorsPrefs) > 0 || count($asErrorsAccount) > 0) {
$this->formSettings(false, $asErrorsPrefs, $asErrorsAccount);
} else {
AnwUtils::redirect($this->linkMe(array("done" => 1)));
}
}
private function doReauth($sReauthPassword)
{
self::debug("Captured reauth request, processing...");
AnwCurrentSession::getUser()->authenticate($sReauthPassword);
//throws exception
//password is correct, reset the reauth timer
AnwCurrentSession::resetReauth();
self::debug("Reauth success.");
}
private function exportData($aaExportPageGroups)
{
$oDoc = new DOMDocument("1.0", "UTF-8");
//put information as comment
$sComment = "";
$sComment .= $this->t_("xmlcomment_info") . "\n";
$sComment .= ANWIKI_WEBSITE . "\n\n";
$sComment .= $this->t_("xmlcomment_time", array("time" => Anwi18n::dateTime(time()))) . "\n";
$sComment .= $this->t_("xmlcomment_version", array("version" => ANWIKI_VERSION_NAME)) . "\n";
$sComment .= $this->t_("xmlcomment_user", array("user" => AnwCurrentSession::getUser()->getLogin())) . "\n";
$sComment .= $this->t_("xmlcomment_from", array("url" => self::globalCfgUrlRoot())) . "\n\n";
$sComment .= $this->t_("xmlcomment_contents") . "\n";
//list exported contents as comment
foreach ($aaExportPageGroups as $amPageGroup) {
foreach ($amPageGroup['PAGES'] as $oPage) {
$sPageTime = Anwi18n::dateTime($oPage->getTime());
$sComment .= ' * ' . $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ")\n";
}
}
$sCommentSeparator = "\n**************************************************\n";
$sComment = " " . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
$oCommentNode = $oDoc->createComment($sComment);
$oDoc->appendChild($oCommentNode);
//end comment
//<anwexport time="" origin="">
$oRootNode = $oDoc->createElement(self::XMLTAG_ROOT);
$oRootNode->setAttribute("time", time());
$oRootNode->setAttribute("from", AnwXml::xmlFileAttributeEncode(self::globalCfgUrlRoot()));
$oRootNode->setAttribute("version_id", ANWIKI_VERSION_ID);
$oRootNode->setAttribute("version_name", AnwXml::xmlFileAttributeEncode(ANWIKI_VERSION_NAME));
$oDoc->appendChild($oRootNode);
foreach ($aaExportPageGroups as $amPageGroup) {
$oPageGroup = $amPageGroup['GROUP'];
$sContentClassName = $oPageGroup->getContentClass()->getName();
//<anwpagegroup>
$oPageGroupNode = $oDoc->createElement(self::XMLTAG_PAGEGROUP);
$oPageGroupNode->setAttribute("contentclass", AnwXml::xmlFileAttributeEncode($sContentClassName));
foreach ($amPageGroup['PAGES'] as $oPage) {
//add comment
$sPageTime = Anwi18n::dateTime($oPage->getTime());
$sComment = $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ") (" . $oPageGroup->getContentClass()->getLabel() . "/" . $sContentClassName . ")";
//$sComment = " \n*\n* ".$sComment."\n*\n ";
$sCommentSeparator = "\n**************************************************\n";
$sComment = " \n\n" . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
$oCommentNode = $oDoc->createComment($sComment);
$oPageGroupNode->appendChild($oCommentNode);
//end comment
//using a CDATA node to preserve source breaklines :-)
//$sPageContent = $oPage->getContent()->toXml();
//$oPageContentNode = $oDoc->createCDATASection($sPageContent);
$oContentNodeDoc = $oPage->getContent()->toXml()->documentElement;
//here we got a <doc> node
$oPageContentNodeDoc = $oDoc->importNode($oContentNodeDoc, true);
//<anwpage name="" lang="" time="">
$oPageNode = $oDoc->createElement(self::XMLTAG_PAGE);
$oPageNode->setAttribute("name", AnwXml::xmlFileAttributeEncode($oPage->getName()));
$oPageNode->setAttribute("lang", AnwXml::xmlFileAttributeEncode($oPage->getLang()));
$oPageNode->setAttribute("time", $oPage->getTime());
//we need to do this to squeeze the unwanted <doc> node in
//WARNING - special loop ! childs are getting modified...
while ($oChildNode = $oPageContentNodeDoc->childNodes->item(0)) {
$oPageNode->appendChild($oChildNode);
}
$oPageGroupNode->appendChild($oPageNode);
}
$oRootNode->appendChild($oPageGroupNode);
}
$sReturn = AnwUtils::xmlDumpNode($oRootNode);
// even if final XML structure may be broken due to undeclared namespaces used in content,
// we let raw content as it is for better compatibility in later versions.
// $sReturn = AnwXml::prepareXmlValueToXml($sReturn);
return $sReturn;
}
/**
* Warning! This function may call overloaded functions by contentfields with tests consomming high cpu time
* (such as connecting to a database for checking that valid user/pwd have been edited).
* This function should be only called when it's really needed, and should never be called more than one time.
* This function performs ALL possible tests for checking contentfields values validity.
*
* @param $oContentParent content for which fieldValues/subcontents will be set if the test is success
*/
final function testContentFieldValues($amFieldValuesOrSubContents, $oContentParent)
{
AnwUtils::checkFriendAccess(array("AnwStructuredContent", "AnwStructuredContentField"));
//test multiplicity
$this->testContentFieldMultiplicity($amFieldValuesOrSubContents);
if ($this instanceof AnwStructuredContentField_atomic) {
//test each value
foreach ($amFieldValuesOrSubContents as $sFieldValue) {
if (is_array($sFieldValue) || is_object($sFieldValue)) {
throw new AnwUnexpectedException("testContentFieldValues on atomic: not a string");
}
//here we don't return a simple 'AnwInvalidContentFieldValueException' to prevent unauthorized users to access PHP source
//this will display a big ACL error page instead of edit form...
if (AnwUtils::contentHasPhpCode($sFieldValue)) {
AnwCurrentSession::getUser()->checkPhpEditionAllowed();
}
//check JS permission
if (AnwUtils::contentHasJsCode($sFieldValue) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
$sError = AnwComponent::g_editcontent("err_contentfield_acl_js");
throw new AnwInvalidContentFieldValueException($sError);
}
//specific tests for atomic fields
$this->testContentFieldValueAtomic($sFieldValue);
}
//if no error, test all atomic values together
$this->testAllContentFieldValuesAtomic($amFieldValuesOrSubContents);
} else {
//test each subcontents occurence
foreach ($amFieldValuesOrSubContents as $oContent) {
if (!$oContent instanceof AnwStructuredContent) {
throw new AnwUnexpectedException("testContentFieldValues on composed: not a subcontent");
}
//test subsubcontents
$aoSubContentFields = $this->getContentFields();
foreach ($aoSubContentFields as $oSubContentField) {
//recursive test
$amSubValuesOrSubContents = null;
$sSubContentFieldName = $oSubContentField->getName();
if ($oSubContentField instanceof AnwStructuredContentField_atomic) {
$amSubValuesOrSubContents = $oContent->getContentFieldValues($sSubContentFieldName);
} else {
$amSubValuesOrSubContents = $oContent->getSubContents($sSubContentFieldName);
}
$oSubContentField->testContentFieldValues($amSubValuesOrSubContents, $oContent);
}
//specific tests for composed fields - at last
$this->testContentFieldValueComposed($oContent);
}
//if no error, test all subcontents together
$this->testAllContentFieldValuesComposed($amFieldValuesOrSubContents);
}
}
private function checkPermissions($sPageName, $sPageLang, $sPageContent)
{
$asNotices = array();
//check that page don't exist
if (!AnwPage::isAvailablePageName($sPageName)) {
$asNotices[] = $this->t_("notice_exists");
}
//check PHP permission
if (AnwUtils::contentHasPhpCode($sPageContent) && !AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
$asNotices[] = $this->t_("notice_php");
}
//check JS permission
if (AnwUtils::contentHasJsCode($sPageContent) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
$asNotices[] = $this->t_("notice_js");
}
//check ACL permission : create and edit
if (!AnwCurrentSession::isActionAllowed($sPageName, "create", $sPageLang) || !AnwCurrentSession::isActionAllowed($sPageName, "edit", $sPageLang)) {
$asNotices[] = $this->t_("notice_acl");
}
return $asNotices;
}
function writeSettingsOverride()
{
//just to be sure, we check again content validity just before writing it
$this->checkContentValidity();
$sConfigDefaultFile = "none";
try {
$sConfigDefaultFile = $this->getComponent()->getConfigurableFileDefault();
} catch (AnwFileNotFoundException $e) {
}
//no default config
$cfg = $this->toOverrideCfgArray();
$sPhpCode = '<?php ' . "\n";
$sPhpCode .= ' /**' . "\n";
$sPhpCode .= ' * Anwiki override file.' . "\n";
$sPhpCode .= ' * This file can be edited directly from file system, or from Anwiki web interface.' . "\n";
$sPhpCode .= ' * ' . "\n";
$sPhpCode .= ' * Overridden file: ' . $sConfigDefaultFile . "\n";
$sPhpCode .= ' * Generated on: ' . Anwi18n::datetime(time()) . "\n";
$sPhpCode .= ' * By: ' . AnwCurrentSession::getUser()->getLogin() . "\n";
$sPhpCode .= ' * Using version: ' . ANWIKI_VERSION_NAME . ' (' . ANWIKI_VERSION_ID . ')' . "\n";
$sPhpCode .= ' */' . "\n";
$sPhpCode .= "\n";
$sPhpCode .= '$cfg = ' . AnwUtils::arrayToPhp($cfg) . "\n";
$sPhpCode .= '?>';
$sFileOverride = $this->getComponent()->getConfigurableFileOverride();
AnwUtils::file_put_contents($sFileOverride, $sPhpCode, LOCK_EX);
// clear component's cache for configurableContent
$this->getComponent()->___notifyConfigurableContentChanged();
}
protected function _setContent($oContent, $oSimilarContentForCheck, $bSecurityChecks = true)
{
if (ANWIKI_DEVEL) {
self::debug("_setContent: " . htmlentities($oContent->toXmlString()));
}
if (!(is_int($oSimilarContentForCheck) && $oSimilarContentForCheck == -1)) {
if (ANWIKI_DEVEL) {
self::debug("_setContent: similar was: " . htmlentities($oSimilarContentForCheck->toXmlString()));
}
self::checkSimilarContents(array($oContent, $oSimilarContentForCheck));
}
if ($bSecurityChecks) {
//check user permissions once again
$sContentAsString = $oContent->toXmlString();
//check PHP code edition
if (AnwUtils::contentHasPhpCode($sContentAsString)) {
AnwCurrentSession::getUser()->checkPhpEditionAllowed();
}
//check unsafe code edition
if (AnwUtils::contentHasJsCode($sContentAsString)) {
AnwCurrentSession::getUser()->checkJsEditionAllowed();
}
}
$this->oPreviousContent = $this->oContent;
//may be null
$this->oContent = $oContent;
$this->touchInfosContent();
}
