Exemplo n.º 1
0
 /**
  * Do article(s) to ODT conversion work
  *
  * @param Doku_Event $event
  * @param array      $param
  * @return bool
  */
 public function convert(Doku_Event $event, $param)
 {
     global $ACT;
     global $ID;
     // our event?
     if ($ACT != 'export_odtbook' && $ACT != 'export_odt' && $ACT != 'export_odtns') {
         return false;
     }
     // check user's rights
     if (auth_quickaclcheck($ID) < AUTH_READ) {
         return false;
     }
     if ($data = $this->collectExportPages($event)) {
         list($title, $this->list) = $data;
     } else {
         return false;
     }
     // it's ours, no one else's
     $event->preventDefault();
     // prepare cache and its dependencies
     $depends = array();
     $cache = $this->prepareCache($title, $depends);
     // hard work only when no cache available
     if (!$this->getConf('usecache') || !$cache->useCache($depends)) {
         $this->generateODT($cache->cache, $title);
     }
     // deliver the file
     $this->sendODTFile($cache->cache, $title);
     return true;
 }
Exemplo n.º 2
0
 /**
  * handle event
  */
 function handle_start(&$event, $param)
 {
     global $ID;
     global $ACT;
     if ($ACT != 'show') {
         return;
     }
     $redirects = confToHash($this->getsavedir() . '/shorturl.conf');
     if ($redirects[$ID]) {
         if (preg_match('/^https?:\\/\\//', $redirects[$ID])) {
             send_redirect($redirects[$ID]);
         } else {
             if ($this->getConf('showmsg')) {
                 msg(sprintf($this->getLang('redirected'), hsc($ID)));
             }
             send_redirect(wl($redirects[$ID], '', true));
         }
         exit;
     } else {
         if ($_GET['generateShortURL'] != "" && auth_quickaclcheck($ID) >= AUTH_READ) {
             $shorturl =& plugin_load('helper', 'shorturl');
             if ($shorturl) {
                 $shortID = $shorturl->autoGenerateShortUrl($ID);
             }
         }
     }
 }
Exemplo n.º 3
0
 private function render_xhtml(&$renderer, $file)
 {
     global $version_file;
     global $changelog;
     global $ID;
     if (auth_quickaclcheck($ID) == AUTH_ADMIN && $this->getConf('check updates')) {
         include dirname(__FILE__) . '/../version.php';
         $new_version = file_get_contents($version_file);
         if (strcmp($new_version, $version) > 0) {
             msg('A new version ' . $new_version . ' of the projects plugin is available. See the <a href="' . $changelog . '">change log</a>');
         }
         if (!$file) {
             return;
         }
     }
     $project = Project::project(NULL, true);
     $renderer->nocache();
     switch ($file->type()) {
         case SOURCE:
             $layout = new ProjectFileLayout($project, $ID, $file);
             break;
         case TARGET:
             $layout = new TargetLayout($project, $ID, $file);
             break;
         case CROSSLINK:
             $layout = new CrosslinkLayout($project, $ID, $file);
             break;
     }
     $layout->render($renderer);
 }
Exemplo n.º 4
0
 function handle_ajax_call(&$event, $param)
 {
     if ($event->data == 'plugin_do') {
         $id = cleanID($_REQUEST['do_page']);
         if (auth_quickaclcheck($id) < AUTH_EDIT) {
             echo -1;
             $event->preventDefault();
             $event->stopPropagation();
             return false;
         }
         // toggle status of a single task
         $hlp = plugin_load('helper', 'do');
         $status = $hlp->toggleTaskStatus($id, $_REQUEST['do_md5'], $_REQUEST['do_commit']);
         // rerender the page
         p_get_metadata(cleanID($_REQUEST['do_page']), '', true);
         header('Content-Type: text/plain; charset=utf-8');
         echo $status;
         $event->preventDefault();
         $event->stopPropagation();
         return false;
     } elseif ($event->data == 'plugin_do_status') {
         // read status for a bunch of tasks
         require_once DOKU_INC . 'inc/JSON.php';
         $JSON = new JSON();
         $hlp = plugin_load('helper', 'do');
         $status = $hlp->getAllPageStatuses(cleanID($_REQUEST['do_page']));
         $status = $JSON->encode($status);
         header('Content-Type: text/plain; charset=utf-8');
         echo $status;
         $event->preventDefault();
         $event->stopPropagation();
         return false;
     }
     return true;
 }
Exemplo n.º 5
0
 function saved(&$event, $param)
 {
     global $ID;
     global $PROJECTS_REMAKE;
     if (auth_quickaclcheck($ID) <= AUTH_READ) {
         return;
     }
     $project = Project::project();
     if ($project == NULL) {
         return;
     }
     $file = $event->data['current']['ProjectFile'];
     $name = noNS($ID);
     if ($file == NULL) {
         // check whether the file is deleted
         if ($project->file($name) == NULL) {
             return;
         }
         // it was int he project
         if (!$project->remove_file($name)) {
             msg('Other users are currently updating the project. Please save this page later.');
             $evemt->data['current']['internal']['cache'] = false;
         }
         return;
     }
     if (!$project->update_file($file)) {
         msg('Other users are currently updating the project. Please save this page later.');
         $evemt->data['current']['internal']['cache'] = false;
     }
 }
function white_pageinfo($ret = false)
{
    global $conf;
    global $lang;
    global $INFO;
    global $ID;
    // return if we are not allowed to view the page
    if (!auth_quickaclcheck($ID)) {
        return false;
    }
    $date = dformat($INFO['lastmod']);
    // print it
    if ($INFO['exists']) {
        $out = '';
        $out .= $lang['lastmod'];
        $out .= ' ';
        $out .= $date;
        if ($ret) {
            return $out;
        } else {
            echo $out;
            return true;
        }
    }
    return false;
}
Exemplo n.º 7
0
 /**
  * Initializes SQL filter of blocked graphs (no page permission by ACL rules).
  */
 function init_blocked_graphs()
 {
     if ($this->getConf('use_acl') and self::$blocked_graphs_sql == '') {
         $sql = "SELECT DISTINCT graph FROM " . self::$readable;
         // prepare query
         $query = $this->_db->prepare($sql);
         if ($query == false) {
             return;
         }
         // execute query
         $res = $query->execute($values);
         if ($res === false) {
             $error = $query->errorInfo();
             msg(sprintf($this->getLang('error_graphs_fetch'), hsc($error[2])), -1);
         }
         // fetch results and return them
         $result = $query->fetchAll(PDO::FETCH_ASSOC);
         $query->closeCursor();
         // a list of graphs reachable by the current user is generated
         $blocked_graphs = array();
         foreach ($result as $row) {
             if (auth_quickaclcheck($row['graph']) < AUTH_READ) {
                 array_push($blocked_graphs, "'" . $row['graph'] . "'");
             }
         }
         // result set is additionally filtered by graphs the user is enabled for
         self::$blocked_graphs_sql = " AND graph NOT IN (" . implode(",", $blocked_graphs) . ")";
     }
 }
Exemplo n.º 8
0
 function _hookdo(Doku_Event $event, $param)
 {
     global $ID;
     if ($event->data === 'export_svg' && auth_quickaclcheck($ID) >= AUTH_READ) {
         header('Content-type: image/svg+xml');
         die(rawWiki($ID));
     }
 }
Exemplo n.º 9
0
 /**
  * Handler to load page template.
  *
  * @param Doku_Event $event  event object by reference
  * @param mixed      $param  [the parameters passed as fifth argument to register_hook() when this
  *                           handler was registered]
  * @return void
  */
 public function get_template(Doku_Event &$event, $param)
 {
     if (strlen($_REQUEST['copyfrom']) > 0) {
         $template_id = $_REQUEST['copyfrom'];
         if (auth_quickaclcheck($template_id) >= AUTH_READ) {
             $tpl = io_readFile(wikiFN($template_id));
             $event->data['tpl'] = $tpl;
             $event->preventDefault();
         }
     }
 }
function indexmenu_search_index(&$data, $base, $file, $type, $lvl, $opts)
{
    global $conf;
    $ret = true;
    $item = array();
    if ($type == 'f' && !preg_match('#\\.txt$#', $file)) {
        // don't add
        return false;
    }
    // get page id by filename
    $id = pathID($file);
    // check hiddens
    if ($type == 'f' && isHiddenPage($id)) {
        return false;
    }
    //  bugfix for the
    //  /ns/
    //  /<ns>.txt
    //  case, need to force the 'directory' type
    if ($type == 'f' && file_exists(dirname(wikiFN($id . ":" . noNS($id))))) {
        $type = 'd';
    }
    // page target id = global id
    $target = $id;
    if ($type == 'd') {
        // this will check 3 kinds of headpage:
        // 1. /<ns>/<ns>.txt
        // 2. /<ns>/
        //    /<ns>.txt
        // 3. /<ns>/
        //    /<ns>/<start_page>
        $nsa = array($id . ":" . noNS($id), $id, $id . ":" . $conf['start']);
        $nspage = false;
        foreach ($nsa as $nsp) {
            if (@file_exists(wikiFN($nsp)) && auth_quickaclcheck($nsp) >= AUTH_READ) {
                $nspage = $nsp;
                break;
            }
        }
        //headpage exists
        if ($nspage) {
            $target = $nspage;
        } else {
            // open namespace index, if headpage does not exists
            $target = $target . ':';
        }
    }
    $data[] = array('id' => $id, 'date' => @filectime(wikiFN($target)), 'type' => $type, 'target' => $target, 'title' => $conf['useheading'] && ($title = p_get_first_heading($target)) ? $title : $id, 'level' => $lvl);
    if (substr_count($id, ":") > 2) {
        $ret = 0;
    }
    return $ret;
}
Exemplo n.º 11
0
 /**
  * Saves data for a given page (creates a new revision)
  *
  * If this call succeeds you can assume your data has either been saved or it was
  * not necessary to save it because the data already existed in the wanted form or
  * the given schemas are no longer assigned to that page.
  *
  * @param string $page
  * @param array $data ('schema' => ( 'fieldlabel' => 'value', ...))
  * @param string $summary
  * @return bool returns always true
  * @throws RemoteAccessDeniedException
  * @throws RemoteException
  */
 public function saveData($page, $data, $summary)
 {
     $page = cleanID($page);
     if (!auth_quickaclcheck($page) < AUTH_EDIT) {
         throw new RemoteAccessDeniedException('no permissions to save data for that page');
     }
     try {
         $this->hlp->saveData($page, $data, $summary);
         return true;
     } catch (StructException $e) {
         throw new RemoteException($e->getMessage(), 0, $e);
     }
 }
Exemplo n.º 12
0
 public function handle_ajax_call_unknown(Doku_Event &$event, $param)
 {
     if ($event->data != 'plugin_imgpaste') {
         return;
     }
     global $lang;
     // get data
     global $INPUT;
     $data = $INPUT->post->str('data');
     list($type, $data) = explode(';', $data);
     if (!$data) {
         $this->fail(400, $this->getLang('e_nodata'));
     }
     // process data encoding
     $type = strtolower(substr($type, 5));
     // strip 'data:' prefix
     $data = substr($data, 7);
     // strip 'base64,' prefix
     $data = base64_decode($data);
     // check for supported mime type
     $mimetypes = array_flip(getMimeTypes());
     if (!isset($mimetypes[$type])) {
         $this->fail(415, $lang['uploadwrong']);
     }
     // prepare file names
     $tempname = $this->storetemp($data);
     $filename = $this->getConf('filename');
     $filename = str_replace(array('@NS@', '@ID@', '@USER@'), array(getNS($INPUT->post->str('id')), $INPUT->post->str('id'), $_SERVER['REMOTE_USER']), $filename);
     $filename = strftime($filename);
     $filename .= '.' . $mimetypes[$type];
     $filename = cleanID($filename);
     // check ACLs
     $auth = auth_quickaclcheck($filename);
     if ($auth < AUTH_UPLOAD) {
         $this->fail(403, $lang['uploadfail']);
     }
     // do the actual saving
     $result = media_save(array('name' => $tempname, 'mime' => $type, 'ext' => $mimetypes[$type]), $filename, false, $auth, 'copy');
     if (is_array($result)) {
         $this->fail(500, $result[0]);
     }
     //Still here? We had a successful upload
     $this->clean();
     header('Content-Type: application/json');
     $json = new JSON();
     echo $json->encode(array('message' => $lang['uploadsucc'], 'id' => $result));
     $event->preventDefault();
     $event->stopPropagation();
 }
Exemplo n.º 13
0
 /**
  * @param string $pageId wiki page ID to check
  * @throws Exception exception on error or nothing
  */
 protected function checkPage($pageId)
 {
     if (empty($pageId)) {
         throw new Exception('No page ID was sent to delete.');
     }
     if (auth_quickaclcheck($pageId) < AUTH_DELETE) {
         throw new Exception("You do not have permissions to delete page <b>{$pageId}</b>. You need AUTH_DELETE or higher rights");
     }
     if (checklock($pageId)) {
         throw new Exception('Page is locked by another user');
     }
     if (!checklock($pageId) && file_exists(wikiLockFN($pageId))) {
         throw new Exception('Page is locked by You. You cannot delete page during edit.');
     }
 }
Exemplo n.º 14
0
function getBarFN($ns, $file)
{
    // check for wiki page = $ns:$file (or $file where no namespace)
    $nsFile = $ns ? "{$ns}:{$file}" : $file;
    if (file_exists(wikiFN($nsFile)) && auth_quickaclcheck($nsFile)) {
        return $nsFile;
    }
    // remove deepest namespace level and call function recursively
    // no namespace left, exit with no file found
    if (!$ns) {
        return '';
    }
    $i = strrpos($ns, ":");
    $ns = $i ? substr($ns, 0, $i) : false;
    return getBarFN($ns, $file);
}
Exemplo n.º 15
0
    function print_overlay(&$event, $param)
    {
        global $ID;
        $overlay = '';
        $paths = $this->getConf('nsoverlays');
        $namespace = getNS($ID);
        $sort_paths = $this->_natsort_ns($paths);
        $sort_paths = explode(',', $sort_paths);
        $overlays = $this->_get_overlays($sort_paths);
        $parent_ns = $this->_get_parent_ns($namespace);
        foreach ($overlays as $key => $val) {
            // first check if was specified an overlay for a specific namespace
            if ($val[1] != '') {
                if ($val[1] == ':') {
                    $overlay = $overlays[$key][0];
                } elseif (strpos($namespace, $val[1]) === 0) {
                    $overlay = $overlays[$key][0];
                    break;
                }
            } else {
                if ($overlay == '') {
                    if ('' == $val[1]) {
                        foreach ($parent_ns as $ns) {
                            $wikifile = wikiFN($ns . ':' . $val[0]);
                            if (file_exists($wikifile)) {
                                $overlay = str_replace('/', ':', $ns) . ':' . $val[0];
                                break 2;
                            }
                        }
                    }
                }
            }
        }
        if (auth_quickaclcheck($ID) >= AUTH_READ) {
            $insert = p_wiki_xhtml($overlay);
        }
        if (!$insert) {
            return;
        }
        $close = trim($this->getLang('close'));
        $text = <<<TEXT
<div id='overlay'><div  class = "close">
<a href="javascript:jQuery('#overlay').toggle();void(0);" rel="nofollow" title="{$close}">{$close}</a>
</div> {$insert}</div>
TEXT;
        echo $text;
    }
Exemplo n.º 16
0
/**
 * Renders the topbar
 *
 * @author Michael Klier <*****@*****.**>
 * @author Louis Wolf <*****@*****.**>
 */
function tpl_topbar()
{
    global $ID;
    $found = false;
    $tbar = '';
    $path = explode(':', $ID);
    while (!$found && count($path) >= 0) {
        $tbar = implode(':', $path) . ':' . 'topbar';
        $found = @file_exists(wikiFN($tbar));
        array_pop($path);
        // check if nothing was found
        if (!$found && $tbar == ':topbar') {
            return;
        }
    }
    if ($found && auth_quickaclcheck($tbar) >= AUTH_READ) {
        $toolbar = p_wiki_xhtml($tbar, '', false);
        $lines = explode("\n", $toolbar);
        $nr = count($lines);
        $open_ul = 0;
        $primary_ul = 0;
        $positions = array();
        for ($i = 0; $i < $nr; $i++) {
            if (trim($lines[$i]) == '<ul>') {
                $open_ul = $open_ul + 1;
                if ($open_ul == 1) {
                    $primary_ul++;
                    $lines[$i] = '<ul class="primary">' . "\n";
                    array_push($positions, $i);
                }
            } else {
                if (strpos($lines[$i], '</ul>') !== false) {
                    $open_ul = $open_ul - 1;
                }
            }
        }
        $first_position = $positions[0];
        $last_position = $positions[count($positions) - 1];
        $lines[$first_position] = '<ul class="primary start">' . "\n";
        $lines[$last_position] = '<ul class="primary end">' . "\n";
        $width = $primary_ul * 150;
        print '<div id="tpl_simple_navi" style="width:' . $width . 'px;">';
        print implode($lines);
        print '</div>';
    }
}
Exemplo n.º 17
0
 /**
  * This is the main function, call at every action.
  *
  * @param Doku_Event $event  event object by reference
  * @param mixed      $param  [the parameters passed as fifth argument to register_hook() when this
  *                           handler was registered]
  * @return void
  */
 public function handle_action_act_preprocess(Doku_Event &$event, $param)
 {
     // first check if it's a texit event
     if ($event->data != "texit" && $event->data != "texitns") {
         return false;
     }
     // check user's rights
     if (auth_quickaclcheck(getID()) < AUTH_READ) {
         return false;
     }
     $this->loadConfig();
     // we need to get the usual plugin config
     $pdfurl = $this->generate_pdf($event->data);
     $this->redirect_to_pdf($pdfurl);
     $event->preventDefault();
     $event->stopPropagation();
     exit;
 }
Exemplo n.º 18
0
 /**
  * Blackbox integration test of action_plugin_publish_mail::getLastApproved
  *
  * @coversNothing
  */
 public function test_getLastApproved()
 {
     global $ID;
     $ID = 'foo';
     saveWikiText('foo', 'bar old', 'foobar');
     saveWikiText('foo', 'bar approved', 'foobar');
     $data = pageinfo();
     $expected_revision = $data['currentrev'];
     //Make sure we have the rights to actully approve a revision
     $this->assertSame(255, auth_quickaclcheck('foo'));
     $request = new TestRequest();
     $request->get(array(), '/doku.php?id=foo&publish_approve');
     saveWikiText('foo', 'bar new', 'foobar');
     /** @var helper_plugin_publish $helper */
     $helper = plugin_load('helper', 'publish');
     $actual_lastapproved_helper = $helper->getLatestApprovedRevision($ID);
     $this->assertSame($expected_revision, $actual_lastapproved_helper);
 }
Exemplo n.º 19
0
 public function handle_tpl_act_unknown(Doku_Event &$event, $param)
 {
     if ($event->data != 'pageproperties') {
         return;
     }
     $event->preventDefault();
     global $lang;
     global $ID;
     // check user's rights
     if (auth_quickaclcheck($ID) < AUTH_READ) {
         print $lang['accessdenied'];
     } else {
         if ($this->getConf('use_simple_treeview') == 1) {
             $this->render_simple_treeview();
         } else {
             $this->render_complex();
         }
     }
 }
Exemplo n.º 20
0
 /**
  * Checks if 'newentry' was given as action, if so we
  * do handle the event our self and no further checking takes place
  */
 function handle_act_preprocess(&$event, $param)
 {
     //if ($event->data != 'newentry') return; // nothing to do for us
     global $ACT;
     global $ID;
     echo "param={$param}";
     return;
     // we can handle it -> prevent others
     $event->stopPropagation();
     $event->preventDefault();
     $ns = $_REQUEST['ns'];
     $title = str_replace(':', '', $_REQUEST['title']);
     $id = ($ns ? $ns . ':' : '') . cleanID($title);
     // check if we are allowed to create this file
     if (auth_quickaclcheck($id) >= AUTH_CREATE) {
         $back = $ID;
         $ID = $id;
         $file = wikiFN($ID);
         //check if locked by anyone - if not lock for my self
         if (checklock($ID)) {
             $ACT = 'locked';
         } else {
             lock($ID);
         }
         // prepare the new thread file with default stuff
         if (!@file_exists($file)) {
             global $TEXT;
             global $INFO;
             global $conf;
             $TEXT = pageTemplate($ns . ':' . $title);
             if (!$TEXT) {
                 $TEXT = "====== {$title} ======\n\n\n\n" . "~~DISCUSSION~~\n";
             }
             $ACT = 'preview';
         } else {
             $ACT = 'edit';
         }
     } else {
         $ACT = 'show';
     }
 }
Exemplo n.º 21
0
 private function button_rename_use($range)
 {
     global $ID;
     if (auth_quickaclcheck($ID) < AUTH_EDIT) {
         return '';
     }
     $self = noNS($ID);
     $project = Project::project();
     if ($project == NULL) {
         return '';
     }
     $files = array('');
     foreach (array_keys($project->files()) as $file) {
         if ($file != $self) {
             $files[] = $file;
         }
     }
     $form = new Doku_Form("change_use");
     $form->addHidden('do', 'change_use');
     $form->addHidden('range', $range);
     $form->addElement(form_makeMenuField('use', $files, '', '', '', '', array("onchange" => "submit();")));
     return $form->getForm();
 }
Exemplo n.º 22
0
 /**
  * Create the form to edit schemadata
  *
  * @param string $tablename
  * @return string The HTML for this schema's form
  */
 protected function createForm($tablename)
 {
     global $ID;
     global $REV;
     global $INPUT;
     if (auth_quickaclcheck($ID) == AUTH_READ) {
         return '';
     }
     if (checklock($ID)) {
         return '';
     }
     $schema = AccessTable::byTableName($tablename, $ID, $REV);
     if (!$schema->getSchema()->isEditable()) {
         return '';
     }
     $schemadata = $schema->getData();
     $structdata = $INPUT->arr(self::$VAR);
     if (isset($structdata[$tablename])) {
         $postdata = $structdata[$tablename];
     } else {
         $postdata = array();
     }
     // we need a short, unique identifier to use in the cookie. this should be good enough
     $schemaid = 'SRCT' . substr(str_replace(array('+', '/'), '', base64_encode(sha1($tablename, true))), 0, 5);
     $html = '<fieldset data-schema="' . $schemaid . '">';
     $html .= '<legend>' . hsc($tablename) . '</legend>';
     foreach ($schemadata as $field) {
         $label = $field->getColumn()->getLabel();
         if (isset($postdata[$label])) {
             // posted data trumps stored data
             $field->setValue($postdata[$label], true);
         }
         $html .= $this->makeField($field, self::$VAR . "[{$tablename}][{$label}]");
     }
     $html .= '</fieldset>';
     return $html;
 }
function tpl_sidebar_editbtn()
{
    global $ID, $conf, $lang;
    // check sidebar configuration
    if (!tpl_getConf('showeditbtn') || !tpl_getConf('page')) {
        return;
    }
    // check sidebar page exists
    $fileSidebar = getSidebarFN(getNS($ID), tpl_getConf('page'));
    if (!$fileSidebar) {
        return;
    }
    // check user has edit permission for the sidebar page
    if (auth_quickaclcheck($fileSidebar) < AUTH_EDIT) {
        return;
    }
    ?>
    <div class="secedit">
      <form class="button" method="post" action="<?php 
    echo wl($fileSidebar, 'do=edit');
    ?>
" onsubmit="return svchk()">
        <input type="hidden" name="do" value="edit" />
        <input type="hidden" name="rev" value="" />
        <input type="hidden" name="id" value="<?php 
    echo $fileSidebar;
    ?>
" />
        <input type="submit" value="<?php 
    echo $lang['btn_sidebaredit'];
    ?>
" class="button" />
      </form>
    </div>
<?php 
}
Exemplo n.º 24
0
 /**
  * Handles the AJAX calls
  *
  * @author Michael Klier <*****@*****.**>
  */
 function handle_ajax_call(&$event, $param)
 {
     global $lang;
     if ($event->data == 'snippet_preview' or $event->data == 'snippet_insert') {
         $event->preventDefault();
         $event->stopPropagation();
         $id = cleanID($_REQUEST['id']);
         if (page_exists($id)) {
             if ($event->data == 'snippet_preview') {
                 if (auth_quickaclcheck($id) >= AUTH_READ) {
                     print p_wiki_xhtml($id);
                 } else {
                     print p_locale_xhtml('denied');
                 }
             } elseif ($event->data == 'snippet_insert') {
                 if (auth_quickaclcheck($id) >= AUTH_READ) {
                     print "\n\n";
                     // always start on a new line (just to be safe)
                     print trim(preg_replace('/<snippet>.*?<\\/snippet>/s', '', io_readFile(wikiFN($id))));
                 }
             }
         }
     }
 }
Exemplo n.º 25
0
function _ft_pageLookup(&$data)
{
    // split out original parameters
    $id = $data['id'];
    if (preg_match('/(?:^| )@(\\w+)/', $id, $matches)) {
        $ns = cleanID($matches[1]) . ':';
        $id = str_replace($matches[0], '', $id);
    }
    $in_ns = $data['in_ns'];
    $in_title = $data['in_title'];
    $cleaned = cleanID($id);
    $Indexer = idx_get_indexer();
    $page_idx = $Indexer->getPages();
    $pages = array();
    if ($id !== '' && $cleaned !== '') {
        foreach ($page_idx as $p_id) {
            if (strpos($in_ns ? $p_id : noNSorNS($p_id), $cleaned) !== false) {
                if (!isset($pages[$p_id])) {
                    $pages[$p_id] = p_get_first_heading($p_id, METADATA_DONT_RENDER);
                }
            }
        }
        if ($in_title) {
            foreach ($Indexer->lookupKey('title', $id, '_ft_pageLookupTitleCompare') as $p_id) {
                if (!isset($pages[$p_id])) {
                    $pages[$p_id] = p_get_first_heading($p_id, METADATA_DONT_RENDER);
                }
            }
        }
    }
    if (isset($ns)) {
        foreach (array_keys($pages) as $p_id) {
            if (strpos($p_id, $ns) !== 0) {
                unset($pages[$p_id]);
            }
        }
    }
    // discard hidden pages
    // discard nonexistent pages
    // check ACL permissions
    foreach (array_keys($pages) as $idx) {
        if (!isVisiblePage($idx) || !page_exists($idx) || auth_quickaclcheck($idx) < AUTH_READ) {
            unset($pages[$idx]);
        }
    }
    uksort($pages, 'ft_pagesorter');
    return $pages;
}
 /**
  * List all files in a given Media namespace
  *
  * @see media_filelist()
  */
 function _mod_media_filelist($ns, $auth = null, $jump = '', $fullscreenview = false, $sort = false)
 {
     global $conf;
     global $lang;
     $ns = cleanID($ns);
     // check auth our self if not given (needed for ajax calls)
     if (is_null($auth)) {
         $auth = auth_quickaclcheck("{$ns}:*");
     }
     if (!$fullscreenview) {
         echo '<h1 id="media__ns">:' . hsc($ns) . '</h1>' . NL;
     }
     if ($auth < AUTH_READ) {
         // FIXME: print permission warning here instead?
         echo '<div class="nothing">' . $lang['nothingfound'] . '</div>' . NL;
     } else {
         if (!$fullscreenview) {
             media_uploadform($ns, $auth);
         }
         $dir = utf8_encodeFN(str_replace(':', '/', $ns));
         $data = array();
         search($data, $conf['mediadir'], 'search_media', array('showmsg' => true, 'depth' => 1), $dir, 1, $sort);
         if (!count($data)) {
             echo '<div class="nothing">' . $lang['nothingfound'] . '</div>' . NL;
         } else {
             if ($fullscreenview) {
                 echo '<ul class="' . _media_get_list_type() . '">';
             }
             foreach ($data as $item) {
                 if (!$fullscreenview) {
                     $this->_mod_media_printfile($item, $auth, $jump);
                 } else {
                     $this->_mod_media_printfile_thumbs($item, $auth, $jump);
                 }
             }
             if ($fullscreenview) {
                 echo '</ul>' . NL;
             }
         }
     }
     if (!$fullscreenview) {
         media_searchform($ns);
     }
 }
Exemplo n.º 27
0
$ID = cleanID($INPUT->str('id'));
if ($conf['allowdebug'] && $INPUT->has('debug')) {
    print '<pre>';
    foreach (explode(' ', 'basedir userewrite baseurl useslash') as $x) {
        print '$' . "conf['{$x}'] = '" . $conf[$x] . "';\n";
    }
    foreach (explode(' ', 'DOCUMENT_ROOT HTTP_HOST SCRIPT_FILENAME PHP_SELF ' . 'REQUEST_URI SCRIPT_NAME PATH_INFO PATH_TRANSLATED') as $x) {
        print '$' . "_SERVER['{$x}'] = '" . $_SERVER[$x] . "';\n";
    }
    print "getID('media'): " . getID('media') . "\n";
    print "getID('media',false): " . getID('media', false) . "\n";
    print '</pre>';
}
$ERROR = false;
// check image permissions
$AUTH = auth_quickaclcheck($IMG);
if ($AUTH >= AUTH_READ) {
    // check if image exists
    $SRC = mediaFN($IMG);
    if (!@file_exists($SRC)) {
        //doesn't exist!
        header("HTTP/1.0 404 File not Found");
        $ERROR = 'File not found';
    }
} else {
    // no auth
    $ERROR = p_locale_xhtml('denied');
}
// this makes some general infos available as well as the info about the
// "parent" page
$INFO = pageinfo();
Exemplo n.º 28
0
            echo '</dd>';
        }
    }
    ?>
                    </dl>
                    <?php 
    //Comment in for Debug// dbg(tpl_img_getTag('Simple.Raw'));
    ?>
                </div>
                <div class="clearer"></div>
            </div><!-- /.content -->

            <p class="back">
                <?php 
    $imgNS = getNS($IMG);
    $authNS = auth_quickaclcheck("{$imgNS}:*");
    if ($authNS >= AUTH_UPLOAD && function_exists('media_managerURL')) {
        $mmURL = media_managerURL(array('ns' => $imgNS, 'image' => $IMG));
        echo '<a href="' . $mmURL . '">' . $lang['img_manager'] . '</a><br />';
    }
    ?>
                &larr; <?php 
    echo $lang['img_backto'];
    ?>
 <?php 
    tpl_pagelink($ID);
    ?>
            </p>

        <?php 
}
Exemplo n.º 29
0
/**
 * This is a very universal callback for the search() function, replacing
 * many of the former individual functions at the cost of a more complex
 * setup.
 *
 * How the function behaves, depends on the options passed in the $opts
 * array, where the following settings can be used.
 *
 * depth      int     recursion depth. 0 for unlimited
 * keeptxt    bool    keep .txt extension for IDs
 * listfiles  bool    include files in listing
 * listdirs   bool    include namespaces in listing
 * pagesonly  bool    restrict files to pages
 * skipacl    bool    do not check for READ permission
 * sneakyacl  bool    don't recurse into nonreadable dirs
 * hash       bool    create MD5 hash for files
 * meta       bool    return file metadata
 * filematch  string  match files against this regexp
 * idmatch    string  match full ID against this regexp
 * dirmatch   string  match directory against this regexp when adding
 * nsmatch    string  match namespace against this regexp when adding
 * recmatch   string  match directory against this regexp when recursing
 * showmsg    bool    warn about non-ID files
 * showhidden bool    show hidden files too
 * firsthead  bool    return first heading for pages
 *
 * @author Andreas Gohr <*****@*****.**>
 */
function search_universal(&$data, $base, $file, $type, $lvl, $opts)
{
    $item = array();
    $return = true;
    // get ID and check if it is a valid one
    $item['id'] = pathID($file);
    if ($item['id'] != cleanID($item['id'])) {
        if ($opts['showmsg']) {
            msg(hsc($item['id']) . ' is not a valid file name for DokuWiki - skipped', -1);
        }
        return false;
        // skip non-valid files
    }
    $item['ns'] = getNS($item['id']);
    if ($type == 'd') {
        // decide if to recursion into this directory is wanted
        if (!$opts['depth']) {
            $return = true;
            // recurse forever
        } else {
            $depth = substr_count($file, '/');
            if ($depth >= $opts['depth']) {
                $return = false;
                // depth reached
            } else {
                $return = true;
            }
        }
        if ($return && !preg_match('/' . $opts['recmatch'] . '/', $file)) {
            $return = false;
            // doesn't match
        }
    }
    // check ACL
    if (!$opts['skipacl']) {
        if ($type == 'd') {
            $item['perm'] = auth_quickaclcheck($item['id'] . ':*');
        } else {
            $item['perm'] = auth_quickaclcheck($item['id']);
            //FIXME check namespace for media files
        }
    } else {
        $item['perm'] = AUTH_DELETE;
    }
    // are we done here maybe?
    if ($type == 'd') {
        if (!$opts['listdirs']) {
            return $return;
        }
        if (!$opts['skipacl'] && $opts['sneakyacl'] && $item['perm'] < AUTH_READ) {
            return false;
        }
        //neither list nor recurse
        if ($opts['dirmatch'] && !preg_match('/' . $opts['dirmatch'] . '/', $file)) {
            return $return;
        }
        if ($opts['nsmatch'] && !preg_match('/' . $opts['nsmatch'] . '/', $item['ns'])) {
            return $return;
        }
    } else {
        if (!$opts['listfiles']) {
            return $return;
        }
        if (!$opts['skipacl'] && $item['perm'] < AUTH_READ) {
            return $return;
        }
        if ($opts['pagesonly'] && substr($file, -4) != '.txt') {
            return $return;
        }
        if (!$conf['showhidden'] && isHiddenPage($id)) {
            return $return;
        }
        if ($opts['filematch'] && !preg_match('/' . $opts['filematch'] . '/', $file)) {
            return $return;
        }
        if ($opts['idmatch'] && !preg_match('/' . $opts['idmatch'] . '/', $item['id'])) {
            return $return;
        }
    }
    // still here? prepare the item
    $item['type'] = $type;
    $item['level'] = $lvl;
    $item['open'] = $return;
    if ($opts['meta']) {
        $item['file'] = basename($file);
        $item['size'] = filesize($base . '/' . $file);
        $item['mtime'] = filemtime($base . '/' . $file);
        $item['rev'] = $item['mtime'];
        $item['writable'] = is_writable($base . '/' . $file);
        $item['executable'] = is_executable($base . '/' . $file);
    }
    if ($type == 'f') {
        if ($opts['hash']) {
            $item['hash'] = md5(io_readFile($base . '/' . $file, false));
        }
        if ($opts['firsthead']) {
            $item['title'] = p_get_first_heading($item['id'], false);
        }
    }
    // finally add the item
    $data[] = $item;
    return $return;
}
Exemplo n.º 30
0
    /**
     * Gives a list of pages for a given include statement
     *
     * @author Michael Hamann <*****@*****.**>
     */
    function _get_included_pages($mode, $page, $sect, $parent_id, $flags) {
        global $conf;
        $pages = array();
        switch($mode) {
        case 'namespace':
            $page  = cleanID($page);
            $ns    = utf8_encodeFN(str_replace(':', '/', $page));
            // depth is absolute depth, not relative depth, but 0 has a special meaning.
            $depth = $flags['depth'] ? $flags['depth'] + substr_count($page, ':') + ($page ? 1 : 0) : 0;
            search($pagearrays, $conf['datadir'], 'search_allpages', array('depth' => $depth), $ns);
            if (is_array($pagearrays)) {
                foreach ($pagearrays as $pagearray) {
                    if (!isHiddenPage($pagearray['id'])) // skip hidden pages
                        $pages[] = $pagearray['id'];
                }
            }
            break;
        case 'tagtopic':
            if (!$this->taghelper)
                $this->taghelper =& plugin_load('helper', 'tag');
            if(!$this->taghelper) {
                msg('You have to install the tag plugin to use this functionality!', -1);
                return array();
            }
            $tag   = $page;
            $sect  = '';
            $pagearrays = $this->taghelper->getTopic('', null, $tag);
            foreach ($pagearrays as $pagearray) {
                $pages[] = $pagearray['id'];
            }
            break;
        default:
            $page = $this->_apply_macro($page);
            resolve_pageid(getNS($parent_id), $page, $exists); // resolve shortcuts and clean ID
            if (auth_quickaclcheck($page) >= AUTH_READ)
                $pages[] = $page;
        }

        if (count($pages) > 1) {
            if ($flags['order'] === 'id') {
                if ($flags['rsort']) {
                    usort($pages, array($this, '_r_strnatcasecmp'));
                } else {
                    natcasesort($pages);
                }
            } else {
                $ordered_pages = array();
                foreach ($pages as $page) {
                    $key = '';
                    switch ($flags['order']) {
                        case 'title':
                            $key = p_get_first_heading($page);
                            break;
                        case 'created':
                            $key = p_get_metadata($page, 'date created', METADATA_DONT_RENDER);
                            break;
                        case 'modified':
                            $key = p_get_metadata($page, 'date modified', METADATA_DONT_RENDER);
                            break;
                        case 'indexmenu':
                            $key = p_get_metadata($page, 'indexmenu_n', METADATA_RENDER_USING_SIMPLE_CACHE);
                            if ($key === null)
                                $key = '';
                            break;
                        case 'custom':
                            $key = p_get_metadata($page, 'include_n', METADATA_RENDER_USING_SIMPLE_CACHE);
                            if ($key === null)
                                $key = '';
                            break;
                    }
                    $key .= '_'.$page;
                    $ordered_pages[$key] = $page;
                }
                if ($flags['rsort']) {
                    uksort($ordered_pages, array($this, '_r_strnatcasecmp'));
                } else {
                    uksort($ordered_pages, 'strnatcasecmp');
                }
                $pages = $ordered_pages;
            }
        }

        $result = array();
        foreach ($pages as $page) {
            $exists = page_exists($page);
            $result[] = array('id' => $page, 'exists' => $exists, 'parent_id' => $parent_id);
        }
        return $result;
    }