Пример #1
0
 /**
  * @throws AnwBadCommentException
  */
 function __construct($nType, $oPage, $nTime, $sComment, $sInfo = "", $sPageName = "", $sPageLang = "")
 {
     if (!self::isValidComment($sComment)) {
         throw new AnwBadCommentException();
     }
     $this->nType = $nType;
     $this->nTime = $nTime;
     $this->sComment = $sComment;
     if ($oPage) {
         if ($oPage->exists()) {
             $this->nPageId = $oPage->getId();
         }
         $this->oPage = $oPage;
     }
     $this->sInfo = $sInfo;
     $this->sPageName = $sPageName ? $sPageName : ($oPage ? $oPage->getName() : "");
     $this->sPageLang = $sPageLang ? $sPageLang : ($oPage ? $oPage->getLang() : "");
     $this->oUser = AnwCurrentSession::getUser();
     $this->sIp = AnwCurrentSession::getIp();
 }
Пример #2
0
 function run()
 {
     try {
         $nPageId = (int) AnwEnv::_GET("page");
         if ($nPageId <= 0) {
             throw new AnwBadCallException();
         }
         //find TO revision
         $nRevToChangeId = (int) AnwEnv::_GET("revto");
         if ($nRevToChangeId <= 0) {
             throw new AnwBadCallException();
         } else {
             $oPageRevTo = AnwPage::getPageByChangeId($nPageId, $nRevToChangeId);
         }
         //find FROM revision
         $nRevFromChangeId = (int) AnwEnv::_GET("revfrom");
         if ($nRevFromChangeId <= 0) {
             try {
                 $oPageRevFrom = $oPageRevTo->getPreviousArchive();
             } catch (AnwArchiveNotFoundException $e) {
                 //if TO revision is already the last...
                 $oPageRevFrom = $oPageRevTo;
             }
         } else {
             $oPageRevFrom = AnwPage::getPageByChangeId($nPageId, $nRevFromChangeId);
         }
         if (!$oPageRevTo) {
             throw new AnwBadCallException("page revision TO not found :" . $nRevToChangeId);
         }
         if (!$oPageRevTo->getContent() instanceof AnwContentPage) {
             throw new AnwUnexpectedException("error getcontent for page revision TO :" . $nRevToChangeId);
         }
         if (!$oPageRevFrom) {
             throw new AnwBadCallException("page revision FROM not found :" . $nRevFromChangeId);
         }
         if (!$oPageRevFrom->getContent() instanceof AnwContentPage) {
             throw new AnwUnexpectedException("error getcontent for page revision FROM :" . $nRevFromChangeId);
         }
         // check permissions
         $oPageRevFrom->checkGlobalAndViewActionAllowed($this->getName());
         $oPageRevTo->checkGlobalAndViewActionAllowed($this->getName());
         $oContentXmlFrom = $oPageRevFrom->getContent()->toXml();
         $oContentXmlTo = $oPageRevTo->getContent()->toXml();
     } catch (AnwBadPageNameException $e) {
         $this->error($this->g_("err_badcall"));
     } catch (AnwBadCallException $e) {
         $this->error($this->g_("err_badcall"));
     } catch (AnwPageNotFoundException $e) {
         $this->error($this->g_("err_badcall"));
     } catch (AnwArchiveNotFoundException $e) {
         $this->error($this->g_("err_badcall"));
     }
     $this->setTitle($this->t_("title", array("pagename" => $oPageRevTo->getName())));
     $oDiffs = new AnwDiffs($oContentXmlFrom, $oContentXmlTo);
     if (!AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
         $oDiffs->hidePhpCode();
     } else {
         $oDiffs->showPhpCode();
     }
     $this->out .= $this->tpl()->beforeDiffs($this->linkMe(), $oPageRevFrom, $oPageRevTo, $oPageRevTo->getActivePage());
     if ($oPageRevFrom->getChangeId() == $oPageRevTo->getChangeId()) {
         $this->out .= $this->tpl()->drawNotice($this->t_("notice_same"));
     }
     if ($oPageRevFrom->getChangeId() > $oPageRevTo->getChangeId()) {
         $this->out .= $this->tpl()->drawNotice($this->t_("notice_reverse"));
     }
     $this->renderDiffs($oDiffs);
 }
Пример #3
0
 private function updateSettings()
 {
     //update prefs
     $asErrorsPrefs = array();
     try {
         $sLang = AnwEnv::_POST("lang", "");
         AnwCurrentSession::setLang($sLang);
         $nTimezone = AnwEnv::_POST("timezone", 0);
         AnwCurrentSession::setTimezone($nTimezone);
     } catch (AnwBadLangException $e) {
         $asErrorsPrefs[] = $this->g_("err_badlang");
     } catch (AnwBadTimezoneException $e) {
         $asErrorsPrefs[] = $this->g_("err_badtimezone");
     } catch (AnwException $e) {
         $asErrorsPrefs[] = $this->g_("err_unkn");
     }
     $asErrorsAccount = array();
     if (AnwCurrentSession::isLoggedIn() && AnwUsers::isDriverInternal()) {
         //update account
         try {
             //displayname change requested ?
             if (self::globalCfgUsersChangeDisplayname()) {
                 $sDisplayname = AnwEnv::_POST("displayname", "");
                 if (AnwCurrentSession::getUser()->getDisplayName() != $sDisplayname) {
                     AnwCurrentSession::getUser()->changeDisplayName($sDisplayname);
                 }
             }
             //email change requested ?
             $sEmail = AnwEnv::_POST("email", "");
             if (AnwCurrentSession::getUser()->getEmail() != $sEmail) {
                 AnwCurrentSession::getUser()->changeEmail($sEmail);
             }
             //password change requested ?
             $sNewPassword = AnwEnv::_POST("newpassword");
             $sNewPasswordRepeat = AnwEnv::_POST("newpassword_repeat");
             $sCurrentPassword = AnwEnv::_POST("currentpassword", "");
             if ($sNewPassword) {
                 if ($sNewPassword == $sNewPasswordRepeat) {
                     try {
                         //authenticate with current password
                         AnwCurrentSession::getUser()->authenticate($sCurrentPassword);
                         //authentication ok, change the password
                         try {
                             AnwCurrentSession::getUser()->changePassword($sNewPassword);
                         } catch (AnwBadPasswordException $e) {
                             $asErrorsAccount[] = $this->t_("err_badnewpassword");
                         }
                     } catch (AnwBadPasswordException $e) {
                         $asErrorsAccount[] = $this->g_("err_incorrectpassword");
                     } catch (AnwAuthException $e) {
                         $asErrorsAccount[] = $this->g_("err_incorrectpassword");
                     }
                 } else {
                     $asErrorsAccount[] = $this->g_("err_passwordsmatch");
                 }
             }
         } catch (AnwDisplayNameAlreadyTakenException $e) {
             $asErrorsAccount[] = $this->g_("err_displaynamealreadytaken");
         } catch (AnwBadDisplayNameException $e) {
             $asErrorsAccount[] = $this->g_("err_baddisplayname");
         } catch (AnwEmailAlreadyTakenException $e) {
             $asErrorsAccount[] = $this->g_("err_emailalreadytaken");
         } catch (AnwBadEmailException $e) {
             $asErrorsAccount[] = $this->g_("err_bademail");
         } catch (AnwException $e) {
             $asErrorsAccount[] = $this->g_("err_unkn");
         }
     }
     if (count($asErrorsPrefs) > 0 || count($asErrorsAccount) > 0) {
         $this->formSettings(false, $asErrorsPrefs, $asErrorsAccount);
     } else {
         AnwUtils::redirect($this->linkMe(array("done" => 1)));
     }
 }
Пример #4
0
 private function doReauth($sReauthPassword)
 {
     self::debug("Captured reauth request, processing...");
     AnwCurrentSession::getUser()->authenticate($sReauthPassword);
     //throws exception
     //password is correct, reset the reauth timer
     AnwCurrentSession::resetReauth();
     self::debug("Reauth success.");
 }
Пример #5
0
 private function exportData($aaExportPageGroups)
 {
     $oDoc = new DOMDocument("1.0", "UTF-8");
     //put information as comment
     $sComment = "";
     $sComment .= $this->t_("xmlcomment_info") . "\n";
     $sComment .= ANWIKI_WEBSITE . "\n\n";
     $sComment .= $this->t_("xmlcomment_time", array("time" => Anwi18n::dateTime(time()))) . "\n";
     $sComment .= $this->t_("xmlcomment_version", array("version" => ANWIKI_VERSION_NAME)) . "\n";
     $sComment .= $this->t_("xmlcomment_user", array("user" => AnwCurrentSession::getUser()->getLogin())) . "\n";
     $sComment .= $this->t_("xmlcomment_from", array("url" => self::globalCfgUrlRoot())) . "\n\n";
     $sComment .= $this->t_("xmlcomment_contents") . "\n";
     //list exported contents as comment
     foreach ($aaExportPageGroups as $amPageGroup) {
         foreach ($amPageGroup['PAGES'] as $oPage) {
             $sPageTime = Anwi18n::dateTime($oPage->getTime());
             $sComment .= ' * ' . $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ")\n";
         }
     }
     $sCommentSeparator = "\n**************************************************\n";
     $sComment = " " . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
     $oCommentNode = $oDoc->createComment($sComment);
     $oDoc->appendChild($oCommentNode);
     //end comment
     //<anwexport time="" origin="">
     $oRootNode = $oDoc->createElement(self::XMLTAG_ROOT);
     $oRootNode->setAttribute("time", time());
     $oRootNode->setAttribute("from", AnwXml::xmlFileAttributeEncode(self::globalCfgUrlRoot()));
     $oRootNode->setAttribute("version_id", ANWIKI_VERSION_ID);
     $oRootNode->setAttribute("version_name", AnwXml::xmlFileAttributeEncode(ANWIKI_VERSION_NAME));
     $oDoc->appendChild($oRootNode);
     foreach ($aaExportPageGroups as $amPageGroup) {
         $oPageGroup = $amPageGroup['GROUP'];
         $sContentClassName = $oPageGroup->getContentClass()->getName();
         //<anwpagegroup>
         $oPageGroupNode = $oDoc->createElement(self::XMLTAG_PAGEGROUP);
         $oPageGroupNode->setAttribute("contentclass", AnwXml::xmlFileAttributeEncode($sContentClassName));
         foreach ($amPageGroup['PAGES'] as $oPage) {
             //add comment
             $sPageTime = Anwi18n::dateTime($oPage->getTime());
             $sComment = $oPage->getName() . " (" . $oPage->getLang() . ") (" . $sPageTime . ") (" . $oPageGroup->getContentClass()->getLabel() . "/" . $sContentClassName . ")";
             //$sComment = " \n*\n* ".$sComment."\n*\n ";
             $sCommentSeparator = "\n**************************************************\n";
             $sComment = " \n\n" . $sCommentSeparator . $sComment . $sCommentSeparator . " ";
             $oCommentNode = $oDoc->createComment($sComment);
             $oPageGroupNode->appendChild($oCommentNode);
             //end comment
             //using a CDATA node to preserve source breaklines :-)
             //$sPageContent = $oPage->getContent()->toXml();
             //$oPageContentNode = $oDoc->createCDATASection($sPageContent);
             $oContentNodeDoc = $oPage->getContent()->toXml()->documentElement;
             //here we got a <doc> node
             $oPageContentNodeDoc = $oDoc->importNode($oContentNodeDoc, true);
             //<anwpage name="" lang="" time="">
             $oPageNode = $oDoc->createElement(self::XMLTAG_PAGE);
             $oPageNode->setAttribute("name", AnwXml::xmlFileAttributeEncode($oPage->getName()));
             $oPageNode->setAttribute("lang", AnwXml::xmlFileAttributeEncode($oPage->getLang()));
             $oPageNode->setAttribute("time", $oPage->getTime());
             //we need to do this to squeeze the unwanted <doc> node in
             //WARNING - special loop ! childs are getting modified...
             while ($oChildNode = $oPageContentNodeDoc->childNodes->item(0)) {
                 $oPageNode->appendChild($oChildNode);
             }
             $oPageGroupNode->appendChild($oPageNode);
         }
         $oRootNode->appendChild($oPageGroupNode);
     }
     $sReturn = AnwUtils::xmlDumpNode($oRootNode);
     // even if final XML structure may be broken due to undeclared namespaces used in content,
     // we let raw content as it is for better compatibility in later versions.
     // $sReturn = AnwXml::prepareXmlValueToXml($sReturn);
     return $sReturn;
 }
Пример #6
0
 /**
  * Warning! This function may call overloaded functions by contentfields with tests consomming high cpu time
  * (such as connecting to a database for checking that valid user/pwd have been edited).
  * This function should be only called when it's really needed, and should never be called more than one time.
  * This function performs ALL possible tests for checking contentfields values validity.
  * 
  * @param $oContentParent content for which fieldValues/subcontents will be set if the test is success
  */
 final function testContentFieldValues($amFieldValuesOrSubContents, $oContentParent)
 {
     AnwUtils::checkFriendAccess(array("AnwStructuredContent", "AnwStructuredContentField"));
     //test multiplicity
     $this->testContentFieldMultiplicity($amFieldValuesOrSubContents);
     if ($this instanceof AnwStructuredContentField_atomic) {
         //test each value
         foreach ($amFieldValuesOrSubContents as $sFieldValue) {
             if (is_array($sFieldValue) || is_object($sFieldValue)) {
                 throw new AnwUnexpectedException("testContentFieldValues on atomic: not a string");
             }
             //here we don't return a simple 'AnwInvalidContentFieldValueException' to prevent unauthorized users to access PHP source
             //this will display a big ACL error page instead of edit form...
             if (AnwUtils::contentHasPhpCode($sFieldValue)) {
                 AnwCurrentSession::getUser()->checkPhpEditionAllowed();
             }
             //check JS permission
             if (AnwUtils::contentHasJsCode($sFieldValue) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
                 $sError = AnwComponent::g_editcontent("err_contentfield_acl_js");
                 throw new AnwInvalidContentFieldValueException($sError);
             }
             //specific tests for atomic fields
             $this->testContentFieldValueAtomic($sFieldValue);
         }
         //if no error, test all atomic values together
         $this->testAllContentFieldValuesAtomic($amFieldValuesOrSubContents);
     } else {
         //test each subcontents occurence
         foreach ($amFieldValuesOrSubContents as $oContent) {
             if (!$oContent instanceof AnwStructuredContent) {
                 throw new AnwUnexpectedException("testContentFieldValues on composed: not a subcontent");
             }
             //test subsubcontents
             $aoSubContentFields = $this->getContentFields();
             foreach ($aoSubContentFields as $oSubContentField) {
                 //recursive test
                 $amSubValuesOrSubContents = null;
                 $sSubContentFieldName = $oSubContentField->getName();
                 if ($oSubContentField instanceof AnwStructuredContentField_atomic) {
                     $amSubValuesOrSubContents = $oContent->getContentFieldValues($sSubContentFieldName);
                 } else {
                     $amSubValuesOrSubContents = $oContent->getSubContents($sSubContentFieldName);
                 }
                 $oSubContentField->testContentFieldValues($amSubValuesOrSubContents, $oContent);
             }
             //specific tests for composed fields - at last
             $this->testContentFieldValueComposed($oContent);
         }
         //if no error, test all subcontents together
         $this->testAllContentFieldValuesComposed($amFieldValuesOrSubContents);
     }
 }
Пример #7
0
 private function checkPermissions($sPageName, $sPageLang, $sPageContent)
 {
     $asNotices = array();
     //check that page don't exist
     if (!AnwPage::isAvailablePageName($sPageName)) {
         $asNotices[] = $this->t_("notice_exists");
     }
     //check PHP permission
     if (AnwUtils::contentHasPhpCode($sPageContent) && !AnwCurrentSession::getUser()->isPhpEditionAllowed()) {
         $asNotices[] = $this->t_("notice_php");
     }
     //check JS permission
     if (AnwUtils::contentHasJsCode($sPageContent) && !AnwCurrentSession::getUser()->isJsEditionAllowed()) {
         $asNotices[] = $this->t_("notice_js");
     }
     //check ACL permission : create and edit
     if (!AnwCurrentSession::isActionAllowed($sPageName, "create", $sPageLang) || !AnwCurrentSession::isActionAllowed($sPageName, "edit", $sPageLang)) {
         $asNotices[] = $this->t_("notice_acl");
     }
     return $asNotices;
 }
Пример #8
0
 function writeSettingsOverride()
 {
     //just to be sure, we check again content validity just before writing it
     $this->checkContentValidity();
     $sConfigDefaultFile = "none";
     try {
         $sConfigDefaultFile = $this->getComponent()->getConfigurableFileDefault();
     } catch (AnwFileNotFoundException $e) {
     }
     //no default config
     $cfg = $this->toOverrideCfgArray();
     $sPhpCode = '<?php ' . "\n";
     $sPhpCode .= ' /**' . "\n";
     $sPhpCode .= '  * Anwiki override file.' . "\n";
     $sPhpCode .= '  * This file can be edited directly from file system, or from Anwiki web interface.' . "\n";
     $sPhpCode .= '  * ' . "\n";
     $sPhpCode .= '  * Overridden file: ' . $sConfigDefaultFile . "\n";
     $sPhpCode .= '  * Generated on: ' . Anwi18n::datetime(time()) . "\n";
     $sPhpCode .= '  * By: ' . AnwCurrentSession::getUser()->getLogin() . "\n";
     $sPhpCode .= '  * Using version: ' . ANWIKI_VERSION_NAME . ' (' . ANWIKI_VERSION_ID . ')' . "\n";
     $sPhpCode .= '  */' . "\n";
     $sPhpCode .= "\n";
     $sPhpCode .= '$cfg = ' . AnwUtils::arrayToPhp($cfg) . "\n";
     $sPhpCode .= '?>';
     $sFileOverride = $this->getComponent()->getConfigurableFileOverride();
     AnwUtils::file_put_contents($sFileOverride, $sPhpCode, LOCK_EX);
     // clear component's cache for configurableContent
     $this->getComponent()->___notifyConfigurableContentChanged();
 }
Пример #9
0
 protected function _setContent($oContent, $oSimilarContentForCheck, $bSecurityChecks = true)
 {
     if (ANWIKI_DEVEL) {
         self::debug("_setContent: " . htmlentities($oContent->toXmlString()));
     }
     if (!(is_int($oSimilarContentForCheck) && $oSimilarContentForCheck == -1)) {
         if (ANWIKI_DEVEL) {
             self::debug("_setContent: similar was: " . htmlentities($oSimilarContentForCheck->toXmlString()));
         }
         self::checkSimilarContents(array($oContent, $oSimilarContentForCheck));
     }
     if ($bSecurityChecks) {
         //check user permissions once again
         $sContentAsString = $oContent->toXmlString();
         //check PHP code edition
         if (AnwUtils::contentHasPhpCode($sContentAsString)) {
             AnwCurrentSession::getUser()->checkPhpEditionAllowed();
         }
         //check unsafe code edition
         if (AnwUtils::contentHasJsCode($sContentAsString)) {
             AnwCurrentSession::getUser()->checkJsEditionAllowed();
         }
     }
     $this->oPreviousContent = $this->oContent;
     //may be null
     $this->oContent = $oContent;
     $this->touchInfosContent();
 }