/** * The actual output creation. * * @param $format string output format being rendered * @param $renderer Doku_Renderer reference to the current renderer object * @param $data array data created by handler() * @return boolean rendered correctly? */ public function render($format, &$renderer, $data) { global $lang, $INFO, $ACT, $QUERY; if ($format == 'xhtml') { list($options, , ) = $data; // don't print the search form if search action has been disabled if (!actionOK('search')) { return true; } $flt = $options['filter']; $flt = "dataflt[" . $flt . "*~]"; $ns = $INFO['namespace']; /** based on tpl_datasearchform() */ $renderer->doc .= '<div class="datasearchform__form">' . "\n"; $renderer->doc .= '<form action="' . wl() . '" accept-charset="utf-8" class="search" id="datasearchform__search" method="get" role="search"><div class="no">' . "\n"; $renderer->doc .= '<input type="hidden" name="id" value="' . $ns . ':datatable" />' . "\n"; $renderer->doc .= '<input type="text" '; if ($ACT == 'search') { $renderer->doc .= 'value="' . htmlspecialchars($QUERY) . '" '; } $renderer->doc .= 'name="' . $flt . '" class="edit datasearchform__qsearch_in" />' . "\n"; $renderer->doc .= '<input type="submit" value="' . $lang['btn_search'] . '" class="button" title="' . $lang['btn_search'] . '" />' . "\n"; $renderer->doc .= '<div class="ajax_qsearch JSpopup datasearchform__qsearch_out"></div>' . "\n"; $renderer->doc .= '</div></form>' . "\n"; $renderer->doc .= '</div>' . "\n"; return true; } return false; }
function handle_login_form(&$event, $param) { global $auth; global $conf; global $lang; global $ID; if ($conf['authtype'] == 'authplaincas') { if ($this->getConf('logourl') != '') { $caslogo = '<img src="' . $this->getConf('logourl') . '" alt="" style="vertical-align: middle;" /> '; } else { $caslogo = ''; } //var_dump($event->data->_content); $event->data->_content = array(); // remove the login form $event->data->insertElement(0, '<fieldset><legend>' . $this->getConf('name') . '</legend>'); $event->data->insertElement(1, '<p style="text-align: center;">' . $caslogo . '<a href="' . $this->_selfdo('caslogin') . '">Login</a></p>'); $event->data->insertElement(2, '</fieldset>'); //instead of removing, one could implement a local login here... // if ($this->getConf('jshidelocal')) { // $event->data->insertElement(3,'<p id="normalLoginToggle" style="display: none; text-align: center;"><a href="#" onClick="javascript:document.getElementById(\'normalLogin\').style.display = \'block\'; document.getElementById(\'normalLoginToggle\').style.display = \'none\'; return false;">Show '.$this->getConf('localname').'</a></p><p style="text-align: center;">Only use this if you cannot use the '.$this->getConf('name').' above.</p>'); // $event->data->replaceElement(4,'<fieldset id="normalLogin" style="display: block;"><legend>'.$this->getConf('localname').'</legend><script type="text/javascript">document.getElementById(\'normalLoginToggle\').style.display = \'block\'; document.getElementById(\'normalLogin\').style.display = \'none\';</script>'); // } else { // $event->data->replaceElement(3,'<fieldset><legend>'.$this->getConf('localname').'</legend>'); // } $insertElement = 3; if ($auth && $auth->canDo('modPass') && actionOK('resendpwd')) { $event->data->insertElement($insertElement, '<p>' . $lang['pwdforget'] . ': <a href="' . wl($ID, 'do=resendpwd') . '" rel="nofollow" class="wikilink1">' . $lang['btn_resendpwd'] . '</a></p>'); } } }
/** * Prints the actions links * * @author Michael Klier <*****@*****.**> */ function tpl_actions() { $actions = array('admin', 'edit', 'history', 'recent', 'backlink', 'subscribe', 'subscribens', 'index', 'login', 'profile'); print '<div class="sidebar_box">' . DOKU_LF; print ' <ul>' . DOKU_LF; foreach ($actions as $action) { if (!actionOK($action)) { continue; } // start output buffering if ($action == 'edit') { // check if new page button plugin is available if (!plugin_isdisabled('npd') && ($npd =& plugin_load('helper', 'npd'))) { $npb = $npd->html_new_page_button(true); if ($npb) { print ' <li><div class="li">'; print $npb; print '</div></li>' . DOKU_LF; } } } ob_start(); print ' <li><div class="li">'; if (tpl_actionlink($action)) { print '</div></li>' . DOKU_LF; ob_end_flush(); } else { ob_end_clean(); } } print ' </ul>' . DOKU_LF; print '</div>' . DOKU_LF; }
/** * Print the search form * * If the first parameter is given a div with the ID 'qsearch_out' will * be added which instructs the ajax pagequicksearch to kick in and place * its output into this div. The second parameter controls the propritary * attribute autocomplete. If set to false this attribute will be set with an * value of "off" to instruct the browser to disable it's own built in * autocompletion feature (MSIE and Firefox) * * @author Andreas Gohr <*****@*****.**> * @param bool $ajax * @param bool $autocomplete * @return bool */ function _tpl_searchform($ajax = true, $autocomplete = true) { global $lang; global $ACT; global $QUERY; // don't print the search form if search action has been disabled if (!actionOK('search')) { return false; } print '<form action="' . wl() . '" accept-charset="utf-8" class="navbar-form navbar-right" id="dw__search" method="get" role="search">'; print '<input type="hidden" name="do" value="search" />'; print '<div class="form-group">'; print '<input type="text" '; if ($ACT == 'search') { print 'value="' . htmlspecialchars($QUERY) . '" '; } print ' autocomplete="off" '; print 'id="qsearch__in" accesskey="f" name="id" class="form-control col-lg-3" title="[F]" placeholder="' . $lang['btn_search'] . '" /> '; print '</div>'; if ($ajax) { print '<div id="qsearch__out" class="ajax_qsearch"></div>'; } print '</form>'; return true; }
function is_action_enabled($type) { $ctype = $type; if ($type == 'history') { $ctype = 'revisions'; } return actionOK($ctype); }
/** * Create link/button to register page * DW versions > 2011-02-20 can use the core function tpl_action('register') * * @author Anika Henke <*****@*****.**> */ function _tpl_register($link=0,$wrapper=0) { global $conf; global $lang; global $ID; $lang_register = !empty($lang['btn_register']) ? $lang['btn_register'] : $lang['register']; if ($_SERVER['REMOTE_USER'] || !$conf['useacl'] || !actionOK('register')) return; if ($wrapper) echo "<$wrapper>"; if ($link) tpl_link(wl($ID,'do=register'),$lang_register,'class="action register" rel="nofollow"'); else echo html_btn('register',$ID,'',array('do'=>'register'),'get',0,$lang_register); if ($wrapper) echo "</$wrapper>"; }
public function handle_action_act_preprocess(Doku_Event &$event, $param) { global $ID, $INFO, $REV, $RANGE, $TEXT, $PRE, $SUF; // check if the action was given as array key if (is_array($event->data)) { list($act) = array_keys($event->data); } else { $act = $event->data; } if ($act == 'save' && $_REQUEST['saveandedit'] && actionOK($act)) { if (act_permcheck($act) == 'save' && checkSecurityToken()) { $event->data = act_save($act); if ($event->data == 'show') { $event->data = 'edit'; $REV = ''; // now we are working on the current revision // Handle section edits if ($PRE || $SUF) { // $from and $to are 1-based indexes of the actually edited content $from = strlen($PRE) + 1; $to = $from + strlen($TEXT); $RANGE = $from . '-' . $to; } // Ensure the current text is loaded again from the file unset($GLOBALS['TEXT'], $GLOBALS['PRE'], $GLOBALS['SUF']); // Reset the date of the last modification to avoid conflict messages unset($GLOBALS['DATE']); // Reset the change check unset($_REQUEST['changecheck']); // Force rendering of the metadata in order to ensure metadata is correct p_set_metadata($ID, array(), true); $INFO = pageinfo(); // reset pageinfo to new data (e.g. if the page exists) } elseif ($event->data == 'conflict') { // DokuWiki won't accept 'conflict' as action here. // Just execute save again, the conflict will be detected again $event->data = 'save'; } } } }
/** * Sanitize the action command * * Add all allowed commands here. * * @author Andreas Gohr <*****@*****.**> */ function act_clean($act) { global $lang; global $conf; // check if the action was given as array key if (is_array($act)) { list($act) = array_keys($act); } //remove all bad chars $act = strtolower($act); $act = preg_replace('/[^1-9a-z_]+/', '', $act); if ($act == 'export_html') { $act = 'export_xhtml'; } if ($act == 'export_htmlbody') { $act = 'export_xhtmlbody'; } // check if action is disabled if (!actionOK($act)) { msg('Command disabled: ' . htmlspecialchars($act), -1); return 'show'; } //disable all acl related commands if ACL is disabled if (!$conf['useacl'] && in_array($act, array('login', 'logout', 'register', 'admin', 'subscribe', 'unsubscribe', 'profile', 'revert', 'resendpwd', 'subscribens', 'unsubscribens'))) { msg('Command unavailable: ' . htmlspecialchars($act), -1); return 'show'; } if (!in_array($act, array('login', 'logout', 'register', 'save', 'cancel', 'edit', 'draft', 'preview', 'search', 'show', 'check', 'index', 'revisions', 'diff', 'recent', 'backlink', 'admin', 'subscribe', 'revert', 'unsubscribe', 'profile', 'resendpwd', 'recover', 'wordblock', 'draftdel', 'subscribens', 'unsubscribens')) && substr($act, 0, 7) != 'export_') { msg('Command unknown: ' . htmlspecialchars($act), -1); return 'show'; } return $act; }
/** * This displays the edit form (lots of logic included) * * @fixme this is a huge lump of code and should be modularized * @triggers HTML_PAGE_FROMTEMPLATE * @triggers HTML_EDITFORM_INJECTION * @author Andreas Gohr <*****@*****.**> */ function html_edit($text = null, $include = 'edit') { //FIXME: include needed? global $ID; global $REV; global $DATE; global $RANGE; global $PRE; global $SUF; global $INFO; global $SUM; global $lang; global $conf; global $license; //set summary default if (!$SUM) { if ($REV) { $SUM = $lang['restored']; } elseif (!$INFO['exists']) { $SUM = $lang['created']; } } //no text? Load it! if (!isset($text)) { $pr = false; //no preview mode if ($INFO['exists']) { if ($RANGE) { list($PRE, $text, $SUF) = rawWikiSlices($RANGE, $ID, $REV); } else { $text = rawWiki($ID, $REV); } $check = md5($text); $mod = false; } else { //try to load a pagetemplate $data = array($ID); $text = trigger_event('HTML_PAGE_FROMTEMPLATE', $data, 'pageTemplate', true); $check = md5(''); $mod = $text !== ''; } } else { $pr = true; //preview mode if (isset($_REQUEST['changecheck'])) { $check = $_REQUEST['changecheck']; $mod = md5($text) !== $check; } else { // Why? Assume default text is unmodified. $check = md5($text); $mod = false; } } $wr = $INFO['writable'] && !$INFO['locked']; if ($wr) { if ($REV) { print p_locale_xhtml('editrev'); } print p_locale_xhtml($include); } else { // check pseudo action 'source' if (!actionOK('source')) { msg('Command disabled: source', -1); return; } print p_locale_xhtml('read'); } if (!$DATE) { $DATE = $INFO['lastmod']; } ?> <div style="width:99%;"> <div class="toolbar"> <div id="draft__status"><?php if (!empty($INFO['draft'])) { echo $lang['draftdate'] . ' ' . strftime($conf['dformat']); } ?> </div> <div id="tool__bar"><?php if ($wr) { ?> <a href="<?php echo DOKU_BASE; ?> lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']; ?> " target="_blank"><?php echo $lang['mediaselect']; ?> </a><?php } ?> </div> <?php if ($wr) { ?> <script type="text/javascript" charset="utf-8"><!--//--><![CDATA[//><!-- <?php /* sets changed to true when previewed */ ?> textChanged = <?php $mod ? print 'true' : (print 'false'); ?> ; //--><!]]></script> <span id="spell__action"></span> <div id="spell__suggest"></div> <?php } ?> </div> <div id="spell__result"></div> <?php $form = new Doku_Form('dw__editform'); $form->addHidden('id', $ID); $form->addHidden('rev', $REV); $form->addHidden('date', $DATE); $form->addHidden('prefix', $PRE); $form->addHidden('suffix', $SUF); $form->addHidden('changecheck', $check); $attr = array('tabindex' => '1'); if (!$wr) { $attr['readonly'] = 'readonly'; } $form->addElement(form_makeWikiText($text, $attr)); $form->addElement(form_makeOpenTag('div', array('id' => 'wiki__editbar'))); $form->addElement(form_makeOpenTag('div', array('id' => 'size__ctl'))); $form->addElement(form_makeCloseTag('div')); if ($wr) { $form->addElement(form_makeOpenTag('div', array('class' => 'editButtons'))); $form->addElement(form_makeButton('submit', 'save', $lang['btn_save'], array('id' => 'edbtn__save', 'accesskey' => 's', 'tabindex' => '4'))); $form->addElement(form_makeButton('submit', 'preview', $lang['btn_preview'], array('id' => 'edbtn__preview', 'accesskey' => 'p', 'tabindex' => '5'))); $form->addElement(form_makeButton('submit', 'draftdel', $lang['btn_cancel'], array('tabindex' => '6'))); $form->addElement(form_makeCloseTag('div')); $form->addElement(form_makeOpenTag('div', array('class' => 'summary'))); $form->addElement(form_makeTextField('summary', $SUM, $lang['summary'], 'edit__summary', 'nowrap', array('size' => '50', 'tabindex' => '2'))); $elem = html_minoredit(); if ($elem) { $form->addElement($elem); } $form->addElement(form_makeCloseTag('div')); } $form->addElement(form_makeCloseTag('div')); if ($conf['license']) { $form->addElement(form_makeOpenTag('div', array('class' => 'license'))); $out = $lang['licenseok']; $out .= '<a href="' . $license[$conf['license']]['url'] . '" rel="license" class="urlextern"'; if ($conf['target']['external']) { $out .= ' target="' . $conf['target']['external'] . '"'; } $out .= '> ' . $license[$conf['license']]['name'] . '</a>'; $form->addElement($out); $form->addElement(form_makeCloseTag('div')); } html_form('edit', $form); print '</div>' . NL; }
/** * Print the search form in Bootstrap Style * * If the first parameter is given a div with the ID 'qsearch_out' will * be added which instructs the ajax pagequicksearch to kick in and place * its output into this div. The second parameter controls the propritary * attribute autocomplete. If set to false this attribute will be set with an * value of "off" to instruct the browser to disable it's own built in * autocompletion feature (MSIE and Firefox) * * @author Andreas Gohr <*****@*****.**> * @author Giuseppe Di Terlizzi <*****@*****.**> * @param bool $ajax * @param bool $autocomplete * @return bool */ function bootstrap_searchform($ajax = true, $autocomplete = true) { global $lang; global $ACT; global $QUERY; // don't print the search form if search action has been disabled if (!actionOK('search')) { return false; } print '<form action="' . wl() . '" accept-charset="utf-8" class="form-inline search" id="dw__search" method="get" role="search"><div class="no">'; print '<input type="hidden" name="do" value="search" />'; print '<input type="text" '; if ($ACT == 'search') { print 'value="' . htmlspecialchars($QUERY) . '" '; } if (!$autocomplete) { print 'autocomplete="off" '; } print 'id="qsearch__in" type="search" placeholder="' . $lang['btn_search'] . '" accesskey="f" name="id" class="edit form-control" title="[F]" />'; print '<button type="submit" class="btn btn-default" title="' . $lang['btn_search'] . '"><i class="glyphicon glyphicon-search"></i></button>'; if ($ajax) { print '<div id="qsearch__out" class="panel panel-default ajax_qsearch JSpopup"></div>'; } print '</div></form>'; return true; }
if (empty($lang["btn_unsubscribe"])) { if (actionOK("subscribe")) { //check if action is disabled $_vector_tabs_right["ca-watch"]["href"] = wl(cleanID(getId()), array("do" => "subscribe"), false, "&"); $_vector_tabs_right["ca-watch"]["text"] = $lang["btn_subscribe"]; //language comes from DokuWiki core } //2009-12-25 "Lemming" and older ones. See the following for information: //<http://www.freelists.org/post/dokuwiki/Question-about-tpl-buttonsubscribe> } else { if (empty($INFO["subscribed"]) && actionOK("subscribe")) { //check if action is disabled $_vector_tabs_right["ca-watch"]["href"] = wl(cleanID(getId()), array("do" => "subscribe"), false, "&"); $_vector_tabs_right["ca-watch"]["text"] = $lang["btn_subscribe"]; //language comes from DokuWiki core } elseif (actionOK("unsubscribe")) { //check if action is disabled $_vector_tabs_right["ca-watch"]["href"] = wl(cleanID(getId()), array("do" => "unsubscribe"), false, "&"); $_vector_tabs_right["ca-watch"]["text"] = $lang["btn_unsubscribe"]; //language comes from DokuWiki core } } } } /****************************************************************************** ******************************** ATTENTION ********************************* DO NOT MODIFY THIS FILE, IT WILL NOT BE PRESERVED ON UPDATES! ****************************************************************************** If you want to add some own tabs, have a look at the README of this template and "/user/tabs.php". You have been warned! *****************************************************************************/
/** * Send a new password * * This function handles both phases of the password reset: * * - handling the first request of password reset * - validating the password reset auth token * * @author Benoit Chesneau <*****@*****.**> * @author Chris Smith <*****@*****.**> * @author Andreas Gohr <*****@*****.**> * * @return bool true on success, false on any error */ function act_resendpwd() { global $lang; global $conf; /* @var auth_basic $auth */ global $auth; /* @var Input $INPUT */ global $INPUT; if (!actionOK('resendpwd')) { msg($lang['resendna'], -1); return false; } $token = preg_replace('/[^a-f0-9]+/', '', $INPUT->str('pwauth')); if ($token) { // we're in token phase - get user info from token $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; if (!@file_exists($tfile)) { msg($lang['resendpwdbadauth'], -1); $INPUT->remove('pwauth'); return false; } // token is only valid for 3 days if (time() - filemtime($tfile) > 3 * 60 * 60 * 24) { msg($lang['resendpwdbadauth'], -1); $INPUT->remove('pwauth'); @unlink($tfile); return false; } $user = io_readfile($tfile); $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } if (!$conf['autopasswd']) { // we let the user choose a password $pass = $INPUT->str('pass'); // password given correctly? if (!$pass) { return false; } if ($pass != $INPUT->str('passchk')) { msg($lang['regbadpass'], -1); return false; } // change it if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { msg('error modifying user data', -1); return false; } } else { // autogenerate the password and send by mail $pass = auth_pwgen(); if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { msg('error modifying user data', -1); return false; } if (auth_sendPassword($user, $pass)) { msg($lang['resendpwdsuccess'], 1); } else { msg($lang['regmailfail'], -1); } } @unlink($tfile); return true; } else { // we're in request phase if (!$INPUT->post->bool('save')) { return false; } if (!$INPUT->post->str('login')) { msg($lang['resendpwdmissing'], -1); return false; } else { $user = trim($auth->cleanUser($INPUT->post->str('login'))); } $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } // generate auth token $token = md5(auth_cookiesalt() . $user); //secret but user based $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&'); io_saveFile($tfile, $user); $text = rawLocale('pwconfirm'); $trep = array('FULLNAME' => $userinfo['name'], 'LOGIN' => $user, 'CONFIRM' => $url); $mail = new Mailer(); $mail->to($userinfo['name'] . ' <' . $userinfo['mail'] . '>'); $mail->subject($lang['regpwmail']); $mail->setBody($text, $trep); if ($mail->send()) { msg($lang['resendpwdconfirm'], 1); } else { msg($lang['regmailfail'], -1); } return true; } // never reached }
/** * Sends a notify mail on new comment * * @param array $comment data array of the new comment * @param array $subscribers data of the subscribers * * @author Andreas Gohr <*****@*****.**> * @author Esther Brunner <*****@*****.**> */ function _notify($comment, &$subscribers) { global $conf; global $ID; $notify_text = io_readfile($this->localfn('subscribermail')); $confirm_text = io_readfile($this->localfn('confirmsubscribe')); $subject_notify = '[' . $conf['title'] . '] ' . $this->getLang('mail_newcomment'); $subject_subscribe = '[' . $conf['title'] . '] ' . $this->getLang('subscribe'); $mailer = new Mailer(); if (empty($_SERVER['REMOTE_USER'])) { $mailer->from($conf['mailfromnobody']); } $replace = array('PAGE' => $ID, 'TITLE' => $conf['title'], 'DATE' => dformat($comment['date']['created'], $conf['dformat']), 'NAME' => $comment['user']['name'], 'TEXT' => $comment['raw'], 'COMMENTURL' => wl($ID, '', true) . '#comment_' . $comment['cid'], 'UNSUBSCRIBE' => wl($ID, 'do=subscribe', true, '&'), 'DOKUWIKIURL' => DOKU_URL); $confirm_replace = array('PAGE' => $ID, 'TITLE' => $conf['title'], 'DOKUWIKIURL' => DOKU_URL); $mailer->subject($subject_notify); $mailer->setBody($notify_text, $replace); // send mail to notify address if ($conf['notify']) { $mailer->bcc($conf['notify']); $mailer->send(); } // notify page subscribers if (actionOK('subscribe')) { $data = array('id' => $ID, 'addresslist' => '', 'self' => false); if (class_exists('Subscription')) { /* Introduced in DokuWiki 2013-05-10 */ trigger_event('COMMON_NOTIFY_ADDRESSLIST', $data, array(new Subscription(), 'notifyaddresses')); } else { /* Old, deprecated default handler */ trigger_event('COMMON_NOTIFY_ADDRESSLIST', $data, 'subscription_addresslist'); } $to = $data['addresslist']; if (!empty($to)) { $mailer->bcc($to); $mailer->send(); } } // notify comment subscribers if (!empty($subscribers)) { foreach ($subscribers as $mail => $data) { $mailer->bcc($mail); if ($data['active']) { $replace['UNSUBSCRIBE'] = wl($ID, 'do=discussion_unsubscribe&hash=' . $data['hash'], true, '&'); $mailer->subject($subject_notify); $mailer->setBody($notify_text, $replace); $mailer->send(); } elseif (!$data['active'] && !$data['confirmsent']) { $confirm_replace['SUBSCRIBE'] = wl($ID, 'do=discussion_confirmsubscribe&hash=' . $data['hash'], true, '&'); $mailer->subject($subject_subscribe); $mailer->setBody($confirm_text, $confirm_replace); $mailer->send(); $subscribers[$mail]['confirmsent'] = true; } } } }
/** * Sends a notify mail on page change or registration * * @param string $id The changed page * @param string $who Who to notify (admin|subscribers|register) * @param int|string $rev Old page revision * @param string $summary What changed * @param boolean $minor Is this a minor edit? * @param string[] $replace Additional string substitutions, @KEY@ to be replaced by value * @return bool * * @author Andreas Gohr <*****@*****.**> */ function notify($id, $who, $rev = '', $summary = '', $minor = false, $replace = array()) { global $conf; /* @var Input $INPUT */ global $INPUT; // decide if there is something to do, eg. whom to mail if ($who == 'admin') { if (empty($conf['notify'])) { return false; } //notify enabled? $tpl = 'mailtext'; $to = $conf['notify']; } elseif ($who == 'subscribers') { if (!actionOK('subscribe')) { return false; } //subscribers enabled? if ($conf['useacl'] && $INPUT->server->str('REMOTE_USER') && $minor) { return false; } //skip minors $data = array('id' => $id, 'addresslist' => '', 'self' => false, 'replacements' => $replace); trigger_event('COMMON_NOTIFY_ADDRESSLIST', $data, array(new Subscription(), 'notifyaddresses')); $to = $data['addresslist']; if (empty($to)) { return false; } $tpl = 'subscr_single'; } else { return false; //just to be safe } // prepare content $subscription = new Subscription(); return $subscription->send_diff($to, $tpl, $id, $rev, $summary); }
/** * This displays the edit form (lots of logic included) * * @fixme this is a huge lump of code and should be modularized * @triggers HTML_PAGE_FROMTEMPLATE * @author Andreas Gohr <*****@*****.**> */ function html_edit($text = null, $include = 'edit') { //FIXME: include needed? global $ID; global $REV; global $DATE; global $RANGE; global $PRE; global $SUF; global $INFO; global $SUM; global $lang; global $conf; //set summary default if (!$SUM) { if ($REV) { $SUM = $lang['restored']; } elseif (!$INFO['exists']) { $SUM = $lang['created']; } } //no text? Load it! if (!isset($text)) { $pr = false; //no preview mode if ($INFO['exists']) { if ($RANGE) { list($PRE, $text, $SUF) = rawWikiSlices($RANGE, $ID, $REV); } else { $text = rawWiki($ID, $REV); } } else { //try to load a pagetemplate $data = array($ID); $text = trigger_event('HTML_PAGE_FROMTEMPLATE', $data, 'pageTemplate', true); } } else { $pr = true; //preview mode } $wr = $INFO['writable']; if ($wr) { if ($REV) { print p_locale_xhtml('editrev'); } print p_locale_xhtml($include); $ro = false; } else { // check pseudo action 'source' if (!actionOK('source')) { msg('Command disabled: source', -1); return; } print p_locale_xhtml('read'); $ro = 'readonly="readonly"'; } if (!$DATE) { $DATE = $INFO['lastmod']; } ?> <div style="width:99%;"> <div class="toolbar"> <div id="draft__status"><?php if (!empty($INFO['draft'])) { echo $lang['draftdate'] . ' ' . date($conf['dformat']); } ?> </div> <div id="tool__bar"><?php if (!$ro) { ?> <a href="<?php echo DOKU_BASE; ?> lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']; ?> " target="_blank"><?php echo $lang['mediaselect']; ?> </a><?php } ?> </div> <?php if ($wr) { ?> <script type="text/javascript" charset="utf-8"> <?php /* sets changed to true when previewed */ ?> textChanged = <?php $pr ? print 'true' : (print 'false'); ?> ; </script> <span id="spell__action"></span> <div id="spell__suggest"></div> <?php } ?> </div> <div id="spell__result"></div> <form id="dw__editform" method="post" action="<?php echo script(); ?> " accept-charset="<?php echo $lang['encoding']; ?> "><div class="no"> <input type="hidden" name="id" value="<?php echo $ID; ?> " /> <input type="hidden" name="rev" value="<?php echo $REV; ?> " /> <input type="hidden" name="date" value="<?php echo $DATE; ?> " /> <input type="hidden" name="prefix" value="<?php echo formText($PRE); ?> " /> <input type="hidden" name="suffix" value="<?php echo formText($SUF); ?> " /> </div> <textarea name="wikitext" id="wiki__text" <?php echo $ro; ?> cols="80" rows="10" class="edit" tabindex="1"><?php echo "\n" . formText($text); ?> </textarea> <div id="wiki__editbar"> <div id="size__ctl"></div> <?php if ($wr) { ?> <div class="editButtons"> <input class="button" id="edbtn__save" type="submit" name="do[save]" value="<?php echo $lang['btn_save']; ?> " accesskey="s" title="<?php echo $lang['btn_save']; ?> [ALT+S]" tabindex="4" /> <input class="button" id="edbtn__preview" type="submit" name="do[preview]" value="<?php echo $lang['btn_preview']; ?> " accesskey="p" title="<?php echo $lang['btn_preview']; ?> [ALT+P]" tabindex="5" /> <input class="button" type="submit" name="do[draftdel]" value="<?php echo $lang['btn_cancel']; ?> " tabindex="6" /> </div> <?php } ?> <?php if ($wr) { ?> <div class="summary"> <label for="edit__summary" class="nowrap"><?php echo $lang['summary']; ?> :</label> <input type="text" class="edit" name="summary" id="edit__summary" size="50" value="<?php echo formText($SUM); ?> " tabindex="2" /> <?php html_minoredit(); ?> </div> <?php } ?> </div> </form> </div> <?php }
function test_wikiconfig_prevents() { global $ACT, $INPUT, $conf, $auth; $ACT = 'profile_delete'; $conf['profileconfirm'] = false; $_SERVER['REMOTE_USER'] = '******'; $input = array('do' => $ACT, 'sectok' => getSecurityToken(), 'delete' => '1', 'confirm_delete' => '1'); $_POST = $input; $_REQUEST = $input; $INPUT = new Input(); $auth = new Mock_Auth_Plugin(); $conf['disableactions'] = 'profile_delete'; $this->assertFalse(actionOK('profile_delete')); $this->assertTrue($auth->canDo('delUser')); $this->assertFalse(auth_deleteprofile()); }
/** * process the user and update the $uinfo array * * @param $uinfo * @param $servicename * * @return bool */ protected function processUser(&$uinfo, $servicename) { $uinfo['user'] = $this->cleanUser((string) $uinfo['user']); if (!$uinfo['name']) { $uinfo['name'] = $uinfo['user']; } if (!$uinfo['user'] || !$uinfo['mail']) { msg("{$servicename} did not provide the needed user info. Can't log you in", -1); return false; } // see if the user is known already $user = $this->getUserByEmail($uinfo['mail']); if ($user) { $sinfo = $this->getUserData($user); // check if the user allowed access via this service if (!in_array($this->cleanGroup($servicename), $sinfo['grps'])) { msg(sprintf($this->getLang('authnotenabled'), $servicename), -1); return false; } $uinfo['user'] = $user; $uinfo['name'] = $sinfo['name']; $uinfo['grps'] = array_merge((array) $uinfo['grps'], $sinfo['grps']); } elseif (actionOK('register')) { $ok = $this->addUser($uinfo, $servicename); if (!$ok) { msg('something went wrong creating your user account. please try again later.', -1); return false; } } else { msg($this->getLang('addUser not possible'), -1); return false; } return true; }
/** * Sanitize and validate action commands. * * Add all allowed commands here. * * @author Andreas Gohr <*****@*****.**> */ function act_validate($act) { global $conf; global $INFO; $act = act_clean($act); // check if action is disabled if (!actionOK($act)) { msg('Command disabled: ' . htmlspecialchars($act), -1); return 'show'; } //disable all acl related commands if ACL is disabled if (!$conf['useacl'] && in_array($act, array('login', 'logout', 'register', 'admin', 'subscribe', 'unsubscribe', 'profile', 'revert', 'resendpwd'))) { msg('Command unavailable: ' . htmlspecialchars($act), -1); return 'show'; } //is there really a draft? if ($act == 'draft' && !file_exists($INFO['draft'])) { return 'edit'; } if (!in_array($act, array('login', 'logout', 'register', 'save', 'cancel', 'edit', 'draft', 'preview', 'search', 'show', 'check', 'index', 'revisions', 'diff', 'recent', 'backlink', 'admin', 'subscribe', 'revert', 'unsubscribe', 'profile', 'resendpwd', 'recover', 'draftdel', 'sitemap', 'media')) && substr($act, 0, 7) != 'export_') { msg('Command unknown: ' . htmlspecialchars($act), -1); return 'show'; } return $act; }
/** * Print a dropdown menu with all DokuWiki actions * * Note: this will not use any pretty URLs * * @author Andreas Gohr <*****@*****.**> */ function tpl_actiondropdown($empty = '', $button = '>') { global $ID; global $INFO; global $REV; global $ACT; global $conf; global $lang; global $auth; echo '<form method="post" accept-charset="utf-8">'; #FIXME action echo '<input type="hidden" name="id" value="' . $ID . '" />'; if ($REV) { echo '<input type="hidden" name="rev" value="' . $REV . '" />'; } echo '<input type="hidden" name="sectok" value="' . getSecurityToken() . '" />'; echo '<select name="do" id="action__selector" class="edit">'; echo '<option value="">' . $empty . '</option>'; echo '<optgroup label=" — ">'; // 'edit' - most complicated type, we need to decide on current action if ($ACT == 'show' || $ACT == 'search') { if ($INFO['writable']) { if (!empty($INFO['draft'])) { echo '<option value="edit">' . $lang['btn_draft'] . '</option>'; } else { if ($INFO['exists']) { echo '<option value="edit">' . $lang['btn_edit'] . '</option>'; } else { echo '<option value="edit">' . $lang['btn_create'] . '</option>'; } } } else { if (actionOK('source')) { //pseudo action echo '<option value="edit">' . $lang['btn_source'] . '</option>'; } } } else { echo '<option value="show">' . $lang['btn_show'] . '</option>'; } echo '<option value="revisions">' . $lang['btn_revs'] . '</option>'; echo '<option value="backlink">' . $lang['btn_backlink'] . '</option>'; echo '</optgroup>'; echo '<optgroup label=" — ">'; echo '<option value="recent">' . $lang['btn_recent'] . '</option>'; echo '<option value="index">' . $lang['btn_index'] . '</option>'; echo '</optgroup>'; echo '<optgroup label=" — ">'; if ($conf['useacl'] && $auth) { if ($_SERVER['REMOTE_USER']) { echo '<option value="logout">' . $lang['btn_logout'] . '</option>'; } else { echo '<option value="login">' . $lang['btn_login'] . '</option>'; } } if ($conf['useacl'] && $auth && $_SERVER['REMOTE_USER'] && $auth->canDo('Profile') && $ACT != 'profile') { echo '<option value="profile">' . $lang['btn_profile'] . '</option>'; } if ($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1) { if ($_SERVER['REMOTE_USER']) { if ($INFO['subscribed']) { echo '<option value="unsubscribe">' . $lang['btn_unsubscribe'] . '</option>'; } else { echo '<option value="subscribe">' . $lang['btn_subscribe'] . '</option>'; } } } if ($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1) { if ($_SERVER['REMOTE_USER']) { if ($INFO['subscribedns']) { echo '<option value="unsubscribens">' . $lang['btn_unsubscribens'] . '</option>'; } else { echo '<option value="subscribens">' . $lang['btn_subscribens'] . '</option>'; } } } if ($INFO['ismanager']) { echo '<option value="admin">' . $lang['btn_admin'] . '</option>'; } echo '</optgroup>'; echo '</select>'; echo '<input type="submit" value="' . $button . '" id="action__selectorbtn" />'; echo '</form>'; }
/** * Like the action buttons but links * * Available links are * * edit - edit/create/show link * history - old revisions * recent - recent changes * login - login/logout link - if ACL enabled * profile - user profile link (if logged in) * index - The index * admin - admin page - if enough rights * top - a back to top link * back - a back to parent link - if available * backlink - links to the list of backlinks * subscribe/subscription - subscribe/unsubscribe link * * @author Andreas Gohr <*****@*****.**> * @author Matthias Grimm <*****@*****.**> * @see tpl_button */ function tpl_actionlink($type, $pre = '', $suf = '', $inner = '') { global $ID; global $INFO; global $REV; global $ACT; global $conf; global $lang; global $auth; // check disabled actions and fix the badly named ones $ctype = $type; if ($type == 'history') { $ctype = 'revisions'; } if (!actionOK($ctype)) { return false; } switch ($type) { case 'edit': #most complicated type - we need to decide on current action if ($ACT == 'show' || $ACT == 'search') { if ($INFO['writable']) { if (!empty($INFO['draft'])) { tpl_link(wl($ID, 'do=draft'), $pre . ($inner ? $inner : $lang['btn_draft']) . $suf, 'class="action edit" accesskey="e" rel="nofollow"'); } else { if ($INFO['exists']) { tpl_link(wl($ID, 'do=edit&rev=' . $REV), $pre . ($inner ? $inner : $lang['btn_edit']) . $suf, 'class="action edit" accesskey="e" rel="nofollow"'); } else { tpl_link(wl($ID, 'do=edit&rev=' . $REV), $pre . ($inner ? $inner : $lang['btn_create']) . $suf, 'class="action create" accesskey="e" rel="nofollow"'); } } } else { if (!actionOK('source')) { return false; } //pseudo action tpl_link(wl($ID, 'do=edit&rev=' . $REV), $pre . ($inner ? $inner : $lang['btn_source']) . $suf, 'class="action source" accesskey="v" rel="nofollow"'); } } else { tpl_link(wl($ID, 'do=show'), $pre . ($inner ? $inner : $lang['btn_show']) . $suf, 'class="action show" accesskey="v" rel="nofollow"'); } return true; case 'history': tpl_link(wl($ID, 'do=revisions'), $pre . ($inner ? $inner : $lang['btn_revs']) . $suf, 'class="action revisions" accesskey="o" rel="nofollow"'); return true; case 'recent': tpl_link(wl('', 'do=recent'), $pre . ($inner ? $inner : $lang['btn_recent']) . $suf, 'class="action recent" accesskey="r" rel="nofollow"'); return true; case 'index': tpl_link(wl($ID, 'do=index'), $pre . ($inner ? $inner : $lang['btn_index']) . $suf, 'class="action index" accesskey="x" rel="nofollow"'); return true; case 'top': print '<a href="#dokuwiki__top" class="action top" accesskey="x">' . $pre . ($inner ? $inner : $lang['btn_top']) . $suf . '</a>'; return true; case 'back': if ($parent = tpl_getparent($ID)) { tpl_link(wl($parent, 'do=show'), $pre . ($inner ? $inner : $lang['btn_back']) . $suf, 'class="action back" accesskey="b" rel="nofollow"'); return true; } return false; case 'login': if ($conf['useacl'] && $auth) { if ($_SERVER['REMOTE_USER']) { tpl_link(wl($ID, 'do=logout&sectok=' . getSecurityToken()), $pre . ($inner ? $inner : $lang['btn_logout']) . $suf, 'class="action logout" rel="nofollow"'); } else { tpl_link(wl($ID, 'do=login&sectok=' . getSecurityToken()), $pre . ($inner ? $inner : $lang['btn_login']) . $suf, 'class="action login" rel="nofollow"'); } return true; } return false; case 'admin': if ($INFO['ismanager']) { tpl_link(wl($ID, 'do=admin'), $pre . ($inner ? $inner : $lang['btn_admin']) . $suf, 'class="action admin" rel="nofollow"'); return true; } return false; case 'subscribe': case 'subscription': if ($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1) { if ($_SERVER['REMOTE_USER']) { if ($INFO['subscribed']) { tpl_link(wl($ID, 'do=unsubscribe'), $pre . ($inner ? $inner : $lang['btn_unsubscribe']) . $suf, 'class="action unsubscribe" rel="nofollow"'); } else { tpl_link(wl($ID, 'do=subscribe'), $pre . ($inner ? $inner : $lang['btn_subscribe']) . $suf, 'class="action subscribe" rel="nofollow"'); } return true; } } return false; case 'subscribens': if ($conf['useacl'] && $auth && $ACT == 'show' && $conf['subscribers'] == 1) { if ($_SERVER['REMOTE_USER']) { if ($INFO['subscribedns']) { tpl_link(wl($ID, 'do=unsubscribens'), $pre . ($inner ? $inner : $lang['btn_unsubscribens']) . $suf, 'class="action unsubscribens" rel="nofollow"'); } else { tpl_link(wl($ID, 'do=subscribens'), $pre . ($inner ? $inner : $lang['btn_subscribens']) . $suf, 'class="action subscribens" rel="nofollow"'); } return true; } } return false; case 'backlink': tpl_link(wl($ID, 'do=backlink'), $pre . ($inner ? $inner : $lang['btn_backlink']) . $suf, 'class="action backlink" rel="nofollow"'); return true; case 'profile': if ($conf['useacl'] && $auth && $_SERVER['REMOTE_USER'] && $auth->canDo('Profile') && $ACT != 'profile') { tpl_link(wl($ID, 'do=profile'), $pre . ($inner ? $inner : $lang['btn_profile']) . $suf, 'class="action profile" rel="nofollow"'); return true; } return false; default: print '[unknown link type]'; return true; } }
/** * Prints given sidebar box * * @author Michael Klier <*****@*****.**> */ function _sidebar_dispatch($sb, $pos) { global $lang; global $conf; global $ID; global $REV; global $INFO; $svID = $ID; // save current ID $svREV = $REV; // save current REV $pname = $this->getConf('pagename'); switch ($sb) { case 'main': $main_sb = $pname; if (@page_exists($main_sb)) { if (auth_quickaclcheck($main_sb) >= AUTH_READ) { $always = $this->getConf('main_always'); if ($always or !$always && !getNS($ID)) { print '<div class="main_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($main_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } } else { $out = $this->locale_xhtml('nosidebar'); $link = '<a href="' . wl($pname) . '" class="wikilink2">' . $pname . '</a>' . DOKU_LF; print '<div class="main_sidebar sidebar_box">' . DOKU_LF; print str_replace('LINK', $link, $out); print '</div>' . DOKU_LF; } break; case 'namespace': $user_ns = $this->getConf('user_ns'); $group_ns = $this->getConf('group_ns'); if (!preg_match("/^" . $user_ns . ":.*?\$|^" . $group_ns . ":.*?\$/", $svID)) { // skip group/user sidebars and current ID $ns_sb = $this->_getNsSb($svID); if ($ns_sb && auth_quickaclcheck($ns_sb) >= AUTH_READ) { print '<div class="namespace_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($ns_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } break; case 'user': $user_ns = $this->getConf('user_ns'); if (isset($INFO['userinfo']['name'])) { $user = $_SERVER['REMOTE_USER']; $user_sb = $user_ns . ':' . $user . ':' . $pname; if (@page_exists($user_sb)) { $subst = array('pattern' => array('/@USER@/'), 'replace' => array($user)); print '<div class="user_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($user_sb, $pos, $subst) . DOKU_LF; print '</div>'; } // check for namespace sidebars in user namespace too if (preg_match('/' . $user_ns . ':' . $user . ':.*/', $svID)) { $ns_sb = $this->_getNsSb($svID); if ($ns_sb && $ns_sb != $user_sb && auth_quickaclcheck($ns_sb) >= AUTH_READ) { print '<div class="namespace_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($ns_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } } break; case 'group': $group_ns = $this->getConf('group_ns'); if (isset($INFO['userinfo']['grps'])) { foreach ($INFO['userinfo']['grps'] as $grp) { $group_sb = $group_ns . ':' . $grp . ':' . $pname; if (@page_exists($group_sb) && auth_quickaclcheck(cleanID($group_sb)) >= AUTH_READ) { $subst = array('pattern' => array('/@GROUP@/'), 'replace' => array($grp)); print '<div class="group_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($group_sb, $pos, $subst) . DOKU_LF; print '</div>' . DOKU_LF; } } } else { $group_sb = $group_ns . ':all:' . $pname; if (@page_exists($group_sb) && auth_quickaclcheck(cleanID($group_sb)) >= AUTH_READ) { print '<div class="group_sidebar sidebar_box">' . DOKU_LF; print $this->p_sidebar_xhtml($group_sb, $pos, $subst) . DOKU_LF; print '</div>' . DOKU_LF; } } break; case 'toolbox': $actions = array('admin', 'edit', 'history', 'recent', 'backlink', 'subscribe', 'subscribens', 'index', 'login', 'profile'); print '<div class="toolbox_sidebar sidebar_box">' . DOKU_LF; print ' <ul>' . DOKU_LF; foreach ($actions as $action) { if (!actionOK($action)) { continue; } // start output buffering if ($action == 'edit') { // check if new page button plugin is available if (!plugin_isdisabled('npd') && ($npd =& plugin_load('helper', 'npd'))) { $npb = $npd->html_new_page_button(true); if ($npb) { print ' <li class="level1"><div class="li">'; print $npb; print '</div></li>' . DOKU_LF; } } } ob_start(); print ' <li><div class="li">'; if (tpl_actionlink($action)) { print '</div></li>' . DOKU_LF; ob_end_flush(); } else { ob_end_clean(); } } print ' </ul>' . DOKU_LF; print '</div>' . DOKU_LF; break; case 'trace': print '<div class="trace_sidebar sidebar_box">' . DOKU_LF; print ' <h1>' . $lang['breadcrumb'] . '</h1>' . DOKU_LF; print ' <div class="breadcrumbs">' . DOKU_LF; $conf['youarehere'] != 1 ? tpl_breadcrumbs() : tpl_youarehere(); print ' </div>' . DOKU_LF; print '</div>' . DOKU_LF; break; case 'extra': print '<div class="extra_sidebar sidebar_box">' . DOKU_LF; @(include dirname(__FILE__) . '/sidebar.html'); print '</div>' . DOKU_LF; break; default: // check for user defined sidebars if (@file_exists(DOKU_PLUGIN . 'sidebarng/sidebars/' . $sb . '/sidebar.php')) { print '<div class="' . $sb . '_sidebar sidebar_box">' . DOKU_LF; @(require_once DOKU_PLUGIN . 'sidebarng/sidebars/' . $sb . '/sidebar.php'); print '</div>' . DOKU_LF; } break; } // restore ID and REV $ID = $svID; $REV = $svREV; }
/** * Check if subscription system is enabled * * @return bool */ public function isenabled() { return actionOK('subscribe'); }
/** * Send a new password * * This function handles both phases of the password reset: * * - handling the first request of password reset * - validating the password reset auth token * * @author Benoit Chesneau <*****@*****.**> * @author Chris Smith <*****@*****.**> * @author Andreas Gohr <*****@*****.**> * * @return bool true on success, false on any error */ function act_resendpwd() { global $lang; global $conf; global $auth; if (!actionOK('resendpwd')) { msg($lang['resendna'], -1); return false; } $token = preg_replace('/[^a-f0-9]+/', '', $_REQUEST['pwauth']); if ($token) { // we're in token phase - get user info from token $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; if (!@file_exists($tfile)) { msg($lang['resendpwdbadauth'], -1); unset($_REQUEST['pwauth']); return false; } // token is only valid for 3 days if (time() - filemtime($tfile) > 3 * 60 * 60 * 24) { msg($lang['resendpwdbadauth'], -1); unset($_REQUEST['pwauth']); @unlink($tfile); return false; } $user = io_readfile($tfile); $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } if (!$conf['autopasswd']) { // we let the user choose a password // password given correctly? if (!isset($_REQUEST['pass']) || $_REQUEST['pass'] == '') { return false; } if ($_REQUEST['pass'] != $_REQUEST['passchk']) { msg($lang['regbadpass'], -1); return false; } $pass = $_REQUEST['pass']; if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { msg('error modifying user data', -1); return false; } } else { // autogenerate the password and send by mail $pass = auth_pwgen(); if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { msg('error modifying user data', -1); return false; } if (auth_sendPassword($user, $pass)) { msg($lang['resendpwdsuccess'], 1); } else { msg($lang['regmailfail'], -1); } } @unlink($tfile); return true; } else { // we're in request phase if (!$_POST['save']) { return false; } if (empty($_POST['login'])) { msg($lang['resendpwdmissing'], -1); return false; } else { $user = trim($auth->cleanUser($_POST['login'])); } $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } // generate auth token $token = md5(auth_cookiesalt() . $user); //secret but user based $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&'); io_saveFile($tfile, $user); $text = rawLocale('pwconfirm'); $text = str_replace('@DOKUWIKIURL@', DOKU_URL, $text); $text = str_replace('@FULLNAME@', $userinfo['name'], $text); $text = str_replace('@LOGIN@', $user, $text); $text = str_replace('@TITLE@', $conf['title'], $text); $text = str_replace('@CONFIRM@', $url, $text); if (empty($conf['mailprefix'])) { $subject = $lang['regpwmail']; } else { $subject = '[' . $conf['mailprefix'] . '] ' . $lang['regpwmail']; } if (mail_send($userinfo['name'] . ' <' . $userinfo['mail'] . '>', $subject, $text, $conf['mailfrom'])) { msg($lang['resendpwdconfirm'], 1); } else { msg($lang['regmailfail'], -1); } return true; } return false; // never reached }
/** * Check the actions and get data for buttons and links * * Available actions are * * edit - edit/create/show/draft * history - old revisions * recent - recent changes * login - login/logout - if ACL enabled * profile - user profile (if logged in) * index - The index * admin - admin page - if enough rights * top - back to top * back - back to parent - if available * backlink - links to the list of backlinks * subscribe/subscription- subscribe/unsubscribe * * @author Andreas Gohr <*****@*****.**> * @author Matthias Grimm <*****@*****.**> * @author Adrian Lang <*****@*****.**> * @param string $type * @return array|bool|string */ function tpl_get_action($type) { global $ID; global $INFO; global $REV; global $ACT; // check disabled actions and fix the badly named ones if ($type == 'history') { $type = 'revisions'; } if (!actionOK($type)) { return false; } $accesskey = null; $id = $ID; $method = 'get'; $params = array('do' => $type); switch ($type) { case 'edit': // most complicated type - we need to decide on current action if ($ACT == 'show' || $ACT == 'search') { $method = 'post'; if ($INFO['writable']) { $accesskey = 'e'; if (!empty($INFO['draft'])) { $type = 'draft'; $params['do'] = 'draft'; } else { $params['rev'] = $REV; if (!$INFO['exists']) { $type = 'create'; } } } else { if (!actionOK('source')) { return false; } //pseudo action $params['rev'] = $REV; $type = 'source'; $accesskey = 'v'; } } else { $params = array(); $type = 'show'; $accesskey = 'v'; } break; case 'revisions': $type = 'revs'; $accesskey = 'o'; break; case 'recent': $accesskey = 'r'; break; case 'index': $accesskey = 'x'; break; case 'top': $accesskey = 't'; $params = array(); $id = '#dokuwiki__top'; break; case 'back': $parent = tpl_getparent($ID); if (!$parent) { return false; } $id = $parent; $params = array(); $accesskey = 'b'; break; case 'login': $params['sectok'] = getSecurityToken(); if (isset($_SERVER['REMOTE_USER'])) { if (!actionOK('logout')) { return false; } $params['do'] = 'logout'; $type = 'logout'; } break; case 'register': if ($_SERVER['REMOTE_USER']) { return false; } break; case 'resendpwd': if ($_SERVER['REMOTE_USER']) { return false; } break; case 'admin': if (!$INFO['ismanager']) { return false; } break; case 'revert': if (!$INFO['ismanager'] || !$REV || !$INFO['writable']) { return false; } $params['rev'] = $REV; $params['sectok'] = getSecurityToken(); break; /** @noinspection PhpMissingBreakStatementInspection */ /** @noinspection PhpMissingBreakStatementInspection */ case 'subscription': $type = 'subscribe'; $params['do'] = 'subscribe'; case 'subscribe': if (!$_SERVER['REMOTE_USER']) { return false; } break; case 'backlink': break; case 'profile': if (!isset($_SERVER['REMOTE_USER'])) { return false; } break; case 'media': break; default: return '[unknown %s type]'; break; } return compact('accesskey', 'type', 'id', 'method', 'params'); }
/** * Dispatches the given sidebar type to return the right content * * @author Michael Klier <*****@*****.**> */ function tpl_sidebar_dispatch($sb, $pos) { global $lang; global $conf; global $ID; global $REV; global $INFO; global $TOC; $svID = $ID; // save current ID $svREV = $REV; // save current REV $svTOC = $TOC; // save current TOC $pname = tpl_getConf('pagename'); switch ($sb) { case 'main': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } $main_sb = $pname; if (@page_exists($main_sb) && auth_quickaclcheck($main_sb) >= AUTH_READ) { $always = tpl_getConf('main_sidebar_always'); if ($always or !$always && !getNS($ID)) { print '<div class="main_sidebar sidebar_box">' . DOKU_LF; print p_sidebar_xhtml($main_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } elseif (!@page_exists($main_sb) && auth_quickaclcheck($main_sb) >= AUTH_CREATE) { if (@file_exists(DOKU_TPLINC . 'lang/' . $conf['lang'] . '/nonidebar.txt')) { $out = p_render('xhtml', p_get_instructions(io_readFile(DOKU_TPLINC . 'lang/' . $conf['lang'] . '/nosidebar.txt')), $info); } else { $out = p_render('xhtml', p_get_instructions(io_readFile(DOKU_TPLINC . 'lang/en/nosidebar.txt')), $info); } $link = '<a href="' . wl($pname) . '" class="wikilink2">' . $pname . '</a>' . DOKU_LF; print '<div class="main_sidebar sidebar_box">' . DOKU_LF; print str_replace('LINK', $link, $out); print '</div>' . DOKU_LF; } break; case 'namespace': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } $user_ns = tpl_getConf('user_sidebar_namespace'); $group_ns = tpl_getConf('group_sidebar_namespace'); if (!preg_match("/^" . $user_ns . ":.*?\$|^" . $group_ns . ":.*?\$/", $svID)) { // skip group/user sidebars and current ID $ns_sb = _getNsSb($svID); if ($ns_sb && auth_quickaclcheck($ns_sb) >= AUTH_READ) { print '<div class="namespace_sidebar sidebar_box">' . DOKU_LF; print p_sidebar_xhtml($ns_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } break; case 'user': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } $user_ns = tpl_getConf('user_sidebar_namespace'); if (isset($INFO['userinfo']['name'])) { $user = $_SERVER['REMOTE_USER']; $user_sb = $user_ns . ':' . $user . ':' . $pname; if (@page_exists($user_sb)) { $subst = array('pattern' => array('/@USER@/'), 'replace' => array($user)); print '<div class="user_sidebar sidebar_box">' . DOKU_LF; print p_sidebar_xhtml($user_sb, $pos, $subst) . DOKU_LF; print '</div>'; } // check for namespace sidebars in user namespace too if (preg_match('/' . $user_ns . ':' . $user . ':.*/', $svID)) { $ns_sb = _getNsSb($svID); if ($ns_sb && $ns_sb != $user_sb && auth_quickaclcheck($ns_sb) >= AUTH_READ) { print '<div class="namespace_sidebar sidebar_box">' . DOKU_LF; print p_sidebar_xhtml($ns_sb, $pos) . DOKU_LF; print '</div>' . DOKU_LF; } } } break; case 'group': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } $group_ns = tpl_getConf('group_sidebar_namespace'); if (isset($INFO['userinfo']['name'], $INFO['userinfo']['grps'])) { foreach ($INFO['userinfo']['grps'] as $grp) { $group_sb = $group_ns . ':' . $grp . ':' . $pname; if (@page_exists($group_sb) && auth_quickaclcheck(cleanID($group_sb)) >= AUTH_READ) { $subst = array('pattern' => array('/@GROUP@/'), 'replace' => array($grp)); print '<div class="group_sidebar sidebar_box">' . DOKU_LF; print p_sidebar_xhtml($group_sb, $pos, $subst) . DOKU_LF; print '</div>' . DOKU_LF; } } } break; case 'index': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } print '<div class="index_sidebar sidebar_box">' . DOKU_LF; print ' ' . p_index_xhtml($svID, $pos) . DOKU_LF; print '</div>' . DOKU_LF; break; case 'toc': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } if (auth_quickaclcheck($svID) >= AUTH_READ) { $toc = tpl_toc(true); // replace ids to keep XHTML compliance if (!empty($toc)) { $toc = preg_replace('/id="(.*?)"/', 'id="sb__' . $pos . '__\\1"', $toc); print '<div class="toc_sidebar sidebar_box">' . DOKU_LF; print $toc; print '</div>' . DOKU_LF; } } break; case 'toolbox': if (tpl_getConf('hideactions') && !isset($_SERVER['REMOTE_USER'])) { return; } if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { print '<div class="toolbox_sidebar sidebar_box">' . DOKU_LF; print ' <div class="level1">' . DOKU_LF; print ' <ul>' . DOKU_LF; print ' <li><div class="li">'; tpl_actionlink('login'); print ' </div></li>' . DOKU_LF; print ' </ul>' . DOKU_LF; print ' </div>' . DOKU_LF; print '</div>' . DOKU_LF; } else { $actions = array('admin', 'revert', 'edit', 'history', 'recent', 'backlink', 'subscription', 'index', 'login', 'profile', 'top'); print '<div class="toolbox_sidebar sidebar_box">' . DOKU_LF; print ' <div class="level1">' . DOKU_LF; print ' <ul>' . DOKU_LF; foreach ($actions as $action) { if (!actionOK($action)) { continue; } // start output buffering if ($action == 'edit') { // check if new page button plugin is available if (!plugin_isdisabled('npd') && ($npd =& plugin_load('helper', 'npd'))) { $npb = $npd->html_new_page_button(true); if ($npb) { print ' <li><div class="li">'; print $npb; print '</div></li>' . DOKU_LF; } } } ob_start(); print ' <li><div class="li">'; if (tpl_actionlink($action)) { print '</div></li>' . DOKU_LF; ob_end_flush(); } else { ob_end_clean(); } } print ' </ul>' . DOKU_LF; print ' </div>' . DOKU_LF; print '</div>' . DOKU_LF; } break; case 'trace': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } print '<div class="trace_sidebar sidebar_box">' . DOKU_LF; print ' <h1>' . $lang['breadcrumb'] . '</h1>' . DOKU_LF; print ' <div class="breadcrumbs">' . DOKU_LF; $conf['youarehere'] != 1 ? tpl_breadcrumbs() : tpl_youarehere(); print ' </div>' . DOKU_LF; print '</div>' . DOKU_LF; break; case 'extra': if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } print '<div class="extra_sidebar sidebar_box">' . DOKU_LF; @(include dirname(__FILE__) . '/' . $pos . '_sidebar.html'); print '</div>' . DOKU_LF; break; default: if (tpl_getConf('closedwiki') && !isset($_SERVER['REMOTE_USER'])) { return; } // check for user defined sidebars if (@file_exists(DOKU_TPLINC . 'sidebars/' . $sb . '/sidebar.php')) { print '<div class="' . $sb . '_sidebar sidebar_box">' . DOKU_LF; @(require_once DOKU_TPLINC . 'sidebars/' . $sb . '/sidebar.php'); print '</div>' . DOKU_LF; } break; } // restore ID, REV and TOC $ID = $svID; $REV = $svREV; $TOC = $svTOC; }
/** * function _print * @author Myron Turner */ function _print() { global $INFO; global $lang; global $ckgedit_lang; global $ID; global $REV; global $DATE; global $PRE; global $SUF; global $SUM; $wr = $INFO['writable']; if ($wr) { if ($REV) { print p_locale_xhtml('editrev'); } $ro = false; } else { // check pseudo action 'source' if (!actionOK('source')) { msg('Command disabled: source', -1); return false; } print p_locale_xhtml('read'); $ro = 'readonly="readonly"'; } if (!$DATE) { $DATE = $INFO['lastmod']; } $guest_toolbar = $this->getConf('guest_toolbar'); $guest_media = $this->getConf('guest_media'); if (!isset($INFO['userinfo']) && !$guest_toolbar) { $toolbar = "DokuwikiNoGuest"; } else { if (!isset($INFO['userinfo']) && !$guest_media) { $toolbar = "DokuwikiGuest"; } else { $toolbar = 'Dokuwiki'; } } $height = isset($_COOKIE['ckgEdht']) && $_COOKIE['ckgEdht'] ? $_COOKIE['ckgEdht'] : 250; $doku_url = rtrim(DOKU_URL, '/'); $ckeditor_replace = <<<CKEDITOR_REPLACE \t\t ckgeditCKInstance = CKEDITOR.replace('wiki__text', \t\t { toolbar: '{$toolbar}' , height: {$height}, filebrowserImageBrowseUrl : '{$doku_url}/lib/plugins/ckgedit/fckeditor/editor/filemanager/browser/default/browser.html?Type=Image&Connector={$doku_url}/lib/plugins/ckgedit/fckeditor/editor/filemanager/connectors/php/connector.php', filebrowserBrowseUrl: '{$doku_url}/lib/plugins/ckgedit/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector={$doku_url}/lib/plugins/ckgedit/fckeditor/editor/filemanager/connectors/php/connector.php', } \t\t ); FCKeditor_OnComplete(ckgeditCKInstance); CKEDITOR_REPLACE; echo $this->helper->registerOnLoad($ckeditor_replace); global $skip_styling; ?> <form id="dw__editform" method="post" action="<?php echo script(); ?> " accept-charset="<?php echo $lang['encoding']; ?> "> <div class="no"> <input type="hidden" name="id" value="<?php echo $ID; ?> " /> <input type="hidden" name="rev" value="<?php echo $REV; ?> " /> <input type="hidden" name="date" value="<?php echo $DATE; ?> " /> <input type="hidden" name="prefix" value="<?php echo formText($PRE); ?> " /> <input type="hidden" name="suffix" value="<?php echo formText($SUF); ?> " /> <input type="hidden" id="ckgedit_mode_type" name="mode" value="" /> <input type="hidden" id="fck_preview_mode" name="fck_preview_mode" value="nil" /> <input type="hidden" id="fck_wikitext" name="fck_wikitext" value="__false__" /> <input type="hidden" id="styling" name="styling" value="styles" /> <?php if (function_exists('formSecurityToken')) { formSecurityToken(); } ?> </div> <textarea name="wikitext" id="wiki__text" <?php echo $ro; ?> cols="80" rows="10" class="edit" tabindex="1"><?php echo "\n" . $this->xhtml; ?> </textarea> <?php $temp = array(); trigger_event('HTML_EDITFORM_INJECTION', $temp); $DW_EDIT_disabled = ''; $guest_perm = auth_quickaclcheck($_REQUEST['id']); $guest_group = false; $guest_user = false; if (isset($INFO['userinfo']) && isset($INFO['userinfo']['grps'])) { $user_groups = $INFO['userinfo']['grps']; if (is_array($user_groups) && $user_groups) { foreach ($user_groups as $group) { if (strcasecmp('guest', $group) == 0) { $guest_group = true; break; } } } if ($INFO['client'] == 'guest') { $guest_user = true; } } if (($guest_user || $guest_group) && $guest_perm <= 2) { $DW_EDIT_disabled = 'disabled'; } $DW_EDIT_hide = $this->dw_edit_displayed(); $is_ckgeditChrome = false; if (stripos($_SERVER['HTTP_USER_AGENT'], 'Chrome') !== false) { preg_match("/Chrome\\/(\\d+)/", $_SERVER['HTTP_USER_AGENT'], $cmatch); if ((int) $cmatch[1] < 26) { $is_ckgeditChrome = true; } } ?> <div id="wiki__editbar"> <div id="size__ctl" style="display: none"></div> <?php if ($wr) { ?> <div class="editButtons"> <input type="checkbox" name="ckgedit" value="ckgedit" checked="checked" style="display: none"/> <input class="button" type="button" id = "save_button" name="do[save]" value="<?php echo $lang['btn_save']; ?> " title="<?php echo $lang['btn_save']; ?> " <?php echo $DW_EDIT_disabled; ?> /> <input class="button" id="ebtn__delete" type="submit" <?php echo $DW_EDIT_disabled; ?> name="do[delete]" value="<?php echo $lang['btn_delete']; ?> " title="<?php echo $this->getLang('title_dw_delete'); ?> " style = "font-size: 100%;" /> <?php if (!$is_ckgeditChrome) { ?> <input class="button" id = "ebtn__dwedit" <?php echo $DW_EDIT_disabled; ?> <?php echo $DW_EDIT_hide; ?> style = "font-size: 100%;" type="submit" name="do[save]" value="<?php echo $this->getLang('btn_dw_edit'); ?> " title="<?php echo $this->getLang('title_dw_edit'); ?> " /> <?php } global $INFO; $disabled = 'Disabled'; $inline = $this->test ? 'inline' : 'none'; $chrome_dwedit_link = '<a href="' . wl($INFO['id'], array('do' => 'show')) . '" ' . 'onclick="draft_delete();setDWEditCookie(2);"class="action edit" rel="nofollow" title="DW Edit"><span>DW Edit</span></a>'; $backup_btn = $this->getLang('dw_btn_backup') ? $this->getLang('dw_btn_backup') : $this->getLang('dw_btn_refresh'); $backup_title = $this->getLang('title_dw_backup') ? $this->getLang('title_dw_backup') : $this->getLang('title_dw_refresh'); $using_scayt = $this->getConf('scayt') == 'on'; ?> <input class="button" type="submit" name="do[draftdel]" id = "ebut_cancel" value="<?php echo $lang['btn_cancel']; ?> " style = "font-size: 100%;" title = "<?php echo $this->getLang('title_dw_cancel'); ?> " /> <!-- aspell button removed, not supported --> <input class="button" type="button" value = "Test" title="Test" style = 'display:<?php echo $inline; ?> ;' onmousedown="parse_wikitext('test');" /> <?php if ($this->draft_found) { ?> <input class="button" style = "background-color: yellow" id="ckgedit_draft_btn" type="button" value="<?php echo $this->getLang('btn_draft'); ?> " title="<?php echo $this->getLang('title_draft'); ?> " /> <?php } else { ?> <input class="button" type="button" id = "backup_button" value="<?php echo $backup_btn; ?> " title="<?php echo $backup_title; ?> " /> <input class="button" type="button" id = "revert_to_prev_btn" value="<?php echo $this->getLang('dw_btn_revert'); ?> " title="<?php echo $this->getLang('title_dw_revert'); ?> " /> <?php if (!$skip_styling) { ?> <input class="button" type="submit" name ="do[edit]" id = "no_styling_btn" style = "font-size: 100%;" value="<?php echo $this->getLang('dw_btn_styling'); ?> " title="<?php echo $this->getLang('title_styling'); ?> " /> <?php } ?> <?php if ($is_ckgeditChrome) { echo $chrome_dwedit_link; } ?> <br /> <?php } ?> <?php if ($this->debug) { ?> <input class="button" type="button" value = "Debug" title="Debug" onclick="HTMLParser_debug();" /> <br /> <?php } ?> <div id = "backup_msg" class="backup_msg" style=" display:none;"> <table><tr><td class = "backup_msg_td"> <div id="backup_msg_area" class="backup_msg_area"></div> <td> <td align="right"> <a href="javascript:hide_backup_msg();void(0);" class="backup_msg_close">[ close ]</a> </table> </div> <label class="nowrap" for="complex_tables" > <input type="checkbox" name="complex_tables" value="complex_tables" id = "complex_tables" /><span id='complex_tables_label'> <?php echo $this->getLang('complex_tables'); ?> </span></label> <label class="nowrap" for="editor_height"><?php echo $this->getLang('editor_height'); ?> </label> <input type="text" size= "4" name="editor_height" title = "<?php echo $this->getLang('editor_height_title'); ?> " value="<?php echo $height; ?> " id = "editor_height" onchange="setEdHeight(this.value);" /> px <input style="display:none;" class="button" id="edbtn__save" type="submit" name="do[save]" value="<?php echo $lang['btn_save']; ?> " onmouseup="draft_delete();" <?php echo $DW_EDIT_disabled; ?> title="<?php echo $lang['btn_save']; ?> " /> <!-- Not used by ckgedit but required to prevent null error when DW adds events --> <input type="button" id='edbtn__preview' style="display: none"/> <div id='saved_wiki_html' style = 'display:none;' ></div> <div id='ckgedit_draft_html' style = 'display:none;' > <?php echo $this->draft_text; ?> </div> </div> <?php } ?> <?php if ($wr) { ?> <div class="summary"> <label for="edit__summary" class="nowrap"><?php echo $lang['summary']; ?> :</label> <input type="text" class="edit" name="summary" id="edit__summary" size="50" value="<?php echo formText($SUM); ?> " tabindex="2" /> <label class="nowrap" for="minoredit"><input type="checkbox" id="minoredit" name="minor" value="1" tabindex="3" /> <span><?php echo $this->getLang('minor_changes'); ?> </span></label> </div> <?php } ?> </div> </form> <!-- draft messages from DW --> <div id="draft__status"></div> <script type="text/javascript"> //<![CDATA[ <?php echo 'var backup_empty = "' . $this->getLang('backup_empty') . '";'; ?> /* aspell_window removed, not supported */ if(window.unsetDokuWikiLockTimer) window.unsetDokuWikiLockTimer(); function getComplexTables() { return document.getElementById('complex_tables').checked; } <?php global $useComplexTables; if ($useComplexTables) { ?> document.getElementById('complex_tables').click(); <?php } ?> <?php if ($this->getConf('complex_tables')) { ?> document.getElementById('complex_tables').disabled = true; <?php } ?> <?php if (preg_match("/MISIE|Trident/", $_SERVER['HTTP_USER_AGENT'])) { echo "var isIE = true;"; } else { echo "var isIE = false;"; } echo "var doku_base = '" . DOKU_BASE . "'"; ?> var ckgedit_draft_btn = "<?php echo $this->getLang('btn_exit_draft'); ?> "; var ckgedit_draft_btn_title = "<?php echo $this->getLang('title_exit_draft'); ?> "; function ckgedit_get_draft() { var dom = GetE('ckgedit_draft_html'); var draft = dom.innerHTML; var dw_text = CKEDITOR.instances.wiki__text.getData(); CKEDITOR.instances.wiki__text.setData(draft); dom.innerHTML = dw_text; var btn = GetE('ckgedit_draft_btn'); var tmp = btn.value; btn.value = ckgedit_draft_btn; ckgedit_draft_btn = tmp; tmp = ckgedit_draft_btn_title; btn.title = ckgedit_draft_btn_title; ckgedit_draft_btn_title = tmp; } function safe_convert(value) { if(oDokuWiki_FCKEditorInstance.dwiki_fnencode && oDokuWiki_FCKEditorInstance.dwiki_fnencode == 'safe') { <?php global $updateVersion; if (!isset($updateVersion)) { $updateVersion = 0; } echo "updateVersion={$updateVersion};"; $list = plugin_list('action'); $safe_converted = false; if (in_array('safefnrecode', $list)) { $safe_converted = true; } ?> if(value.match(/%25/ && value.match(/%25[a-z0-9]/))) { value = value.replace(/%25/g,"%"); <?php if ($updateVersion > 30 || $safe_converted) { echo 'value = value.replace(/%5D/g,"]");'; } ?> value = dwikiUTF8_decodeFN(value,'safe'); } } return value; } RegExp.escape = function(str) { var specials = new RegExp("[.*+?|()\\[\\]{}\\\\]", "g"); // .*+?|()[]{}\ return str.replace(specials, "\\$&"); } var ckgedit_xcl_fonts =parseInt ("<?php echo $this->getConf('font_options'); ?> "); var ckgedit_xcl_colors =parseInt("<?php echo $this->getConf('color_options'); ?> "); var ckgedit_xcl_styles = (ckgedit_xcl_fonts + ckgedit_xcl_colors ==2) ? true : false; var HTMLParser_DEBUG = ""; <?php if ($this->debug) { ?> function HTMLParser_debug() { HTMLParser_DEBUG = ""; parse_wikitext(""); /* for(var i in oDokuWiki_FCKEditorInstance) { HTMLParser_DEBUG += i + ' = ' + oDokuWiki_FCKEditorInstance[i] + "\n";; } */ var w = window.open(); w.document.write('<pre>' + HTMLParser_DEBUG + '</pre>'); w.document.close(); } <?php } ?> <?php $url = DOKU_URL . 'lib/plugins/ckgedit/scripts/script-cmpr.js'; echo "var script_url = '{$url}';"; if ($this->test) { $parse_url = DOKU_URL . 'lib/plugins/ckgedit/scripts/parse_wiki.js.unc'; } else { $parse_url = DOKU_URL . 'lib/plugins/ckgedit/scripts/parse_wiki-cmpr.js'; } echo "var parse_url = '{$parse_url}';"; // $safe_url = DOKU_URL . 'lib/plugins/ckgedit/scripts/safeFN_cmpr.js'; ?> LoadScript(parse_url); try { if(!window.HTMLParserInstalled){ LoadScript(script_url); } } catch (ex) { LoadScript(script_url); } if(window.DWikifnEncode && window.DWikifnEncode == 'safe') { LoadScript(DOKU_BASE + 'lib/plugins/ckgedit/scripts/safeFN_cmpr.js' ); } //]]> </script> <?php }
/** * Preprocess edit form data * * @author Andreas Gohr <*****@*****.**> * * @triggers HTML_EDITFORM_OUTPUT */ function html_edit() { global $ID; global $REV; global $DATE; global $PRE; global $SUF; global $INFO; global $SUM; global $lang; global $conf; global $TEXT; global $RANGE; if (isset($_REQUEST['changecheck'])) { $check = $_REQUEST['changecheck']; } elseif (!$INFO['exists']) { // $TEXT has been loaded from page template $check = md5(''); } else { $check = md5($TEXT); } $mod = md5($TEXT) !== $check; $wr = $INFO['writable'] && !$INFO['locked']; $include = 'edit'; if ($wr) { if ($REV) { $include = 'editrev'; } } else { // check pseudo action 'source' if (!actionOK('source')) { msg('Command disabled: source', -1); return; } $include = 'read'; } global $license; $form = new Doku_Form(array('id' => 'dw__editform')); $form->addHidden('id', $ID); $form->addHidden('rev', $REV); $form->addHidden('date', $DATE); $form->addHidden('prefix', $PRE . '.'); $form->addHidden('suffix', $SUF); $form->addHidden('changecheck', $check); $data = array('form' => $form, 'wr' => $wr, 'media_manager' => true, 'target' => isset($_REQUEST['target']) && $wr && $RANGE !== '' ? $_REQUEST['target'] : 'section', 'intro_locale' => $include); if ($data['target'] !== 'section') { // Only emit event if page is writable, section edit data is valid and // edit target is not section. trigger_event('HTML_EDIT_FORMSELECTION', $data, 'html_edit_form', true); } else { html_edit_form($data); } if (isset($data['intro_locale'])) { echo p_locale_xhtml($data['intro_locale']); } $form->addHidden('target', $data['target']); $form->addElement(form_makeOpenTag('div', array('id' => 'wiki__editbar'))); $form->addElement(form_makeOpenTag('div', array('id' => 'size__ctl'))); $form->addElement(form_makeCloseTag('div')); if ($wr) { $form->addElement(form_makeOpenTag('div', array('class' => 'editButtons'))); $form->addElement(form_makeButton('submit', 'save', $lang['btn_save'], array('id' => 'edbtn__save', 'accesskey' => 's', 'tabindex' => '4'))); $form->addElement(form_makeButton('submit', 'preview', $lang['btn_preview'], array('id' => 'edbtn__preview', 'accesskey' => 'p', 'tabindex' => '5'))); $form->addElement(form_makeButton('submit', 'draftdel', $lang['btn_cancel'], array('tabindex' => '6'))); $form->addElement(form_makeCloseTag('div')); $form->addElement(form_makeOpenTag('div', array('class' => 'summary'))); $form->addElement(form_makeTextField('summary', $SUM, $lang['summary'], 'edit__summary', 'nowrap', array('size' => '50', 'tabindex' => '2'))); $elem = html_minoredit(); if ($elem) { $form->addElement($elem); } $form->addElement(form_makeCloseTag('div')); } $form->addElement(form_makeCloseTag('div')); if ($wr && $conf['license']) { $form->addElement(form_makeOpenTag('div', array('class' => 'license'))); $out = $lang['licenseok']; $out .= ' <a href="' . $license[$conf['license']]['url'] . '" rel="license" class="urlextern"'; if ($conf['target']['extern']) { $out .= ' target="' . $conf['target']['extern'] . '"'; } $out .= '>' . $license[$conf['license']]['name'] . '</a>'; $form->addElement($out); $form->addElement(form_makeCloseTag('div')); } if ($wr) { // sets changed to true when previewed echo '<script type="text/javascript" charset="utf-8"><!--//--><![CDATA[//><!--' . NL; echo 'textChanged = ' . ($mod ? 'true' : 'false'); echo '//--><!]]></script>' . NL; } ?> <div style="width:99%;"> <div class="toolbar"> <div id="draft__status"><?php if (!empty($INFO['draft'])) { echo $lang['draftdate'] . ' ' . dformat(); } ?> </div> <div id="tool__bar"><?php if ($wr && $data['media_manager']) { ?> <a href="<?php echo DOKU_BASE; ?> lib/exe/mediamanager.php?ns=<?php echo $INFO['namespace']; ?> " target="_blank"><?php echo $lang['mediaselect']; ?> </a><?php } ?> </div> </div> <?php html_form('edit', $form); print '</div>' . NL; }
/** * Print the search form * * If the first parameter is given a div with the ID 'qsearch_out' will * be added which instructs the ajax pagequicksearch to kick in and place * its output into this div. The second parameter controls the propritary * attribute autocomplete. If set to false this attribute will be set with an * value of "off" to instruct the browser to disable it's own built in * autocompletion feature (MSIE and Firefox) * * @author Andreas Gohr <*****@*****.**> * @param bool $ajax * @param bool $autocomplete * @return bool */ function tpl_searchform($ajax = true, $autocomplete = true) { global $lang; global $ACT; global $QUERY; // don't print the search form if search action has been disabled if (!actionOK('search')) { return false; } print '<form action="' . wl() . '" accept-charset="utf-8" class="search" id="dw__search" method="get"><div class="no">'; print '<input type="hidden" name="do" value="search" />'; print '<input type="text" '; if ($ACT == 'search') { print 'value="' . htmlspecialchars($QUERY) . '" '; } if (!$autocomplete) { print 'autocomplete="off" '; } print 'id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" />'; print '<input type="submit" value="' . $lang['btn_search'] . '" class="button" title="' . $lang['btn_search'] . '" />'; if ($ajax) { print '<div id="qsearch__out" class="ajax_qsearch JSpopup"></div>'; } print '</div></form>'; return true; }
/** * Send digest and list mails for all subscriptions which are in effect for the * current page * * @author Adrian Lang <*****@*****.**> */ function sendDigest() { global $conf; global $ID; echo 'sendDigest(): started' . NL; if (!actionOK('subscribe')) { echo 'sendDigest(): disabled' . NL; return false; } $sub = new Subscription(); $sent = $sub->send_bulk($ID); echo "sendDigest(): sent {$sent} mails" . NL; echo 'sendDigest(): finished' . NL; return (bool) $sent; }
/** * Send a new password * * This function handles both phases of the password reset: * * - handling the first request of password reset * - validating the password reset auth token * * @author Benoit Chesneau <*****@*****.**> * @author Chris Smith <*****@*****.**> * @author Andreas Gohr <*****@*****.**> * * @return bool true on success, false on any error */ function act_resendpwd() { global $lang; global $conf; global $auth; if (!actionOK('resendpwd')) { return false; } if (!$auth) { return false; } // should not be able to get here without modPass being possible... if (!$auth->canDo('modPass')) { msg($lang['resendna'], -1); return false; } $token = preg_replace('/[^a-f0-9]+/', '', $_REQUEST['pwauth']); if ($token) { // we're in token phase $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; if (!@file_exists($tfile)) { msg($lang['resendpwdbadauth'], -1); return false; } $user = io_readfile($tfile); @unlink($tfile); $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } $pass = auth_pwgen(); if (!$auth->triggerUserMod('modify', array($user, array('pass' => $pass)))) { msg('error modifying user data', -1); return false; } if (auth_sendPassword($user, $pass)) { msg($lang['resendpwdsuccess'], 1); } else { msg($lang['regmailfail'], -1); } return true; } else { // we're in request phase if (!$_POST['save']) { return false; } if (empty($_POST['login'])) { msg($lang['resendpwdmissing'], -1); return false; } else { $user = trim($auth->cleanUser($_POST['login'])); } $userinfo = $auth->getUserData($user); if (!$userinfo['mail']) { msg($lang['resendpwdnouser'], -1); return false; } // generate auth token $token = md5(auth_cookiesalt() . $user); //secret but user based $tfile = $conf['cachedir'] . '/' . $token[0] . '/' . $token . '.pwauth'; $url = wl('', array('do' => 'resendpwd', 'pwauth' => $token), true, '&'); io_saveFile($tfile, $user); $text = rawLocale('pwconfirm'); $text = str_replace('@DOKUWIKIURL@', DOKU_URL, $text); $text = str_replace('@FULLNAME@', $userinfo['name'], $text); $text = str_replace('@LOGIN@', $user, $text); $text = str_replace('@TITLE@', $conf['title'], $text); $text = str_replace('@CONFIRM@', $url, $text); if (mail_send($userinfo['name'] . ' <' . $userinfo['mail'] . '>', $lang['regpwmail'], $text, $conf['mailfrom'])) { msg($lang['resendpwdconfirm'], 1); } else { msg($lang['regmailfail'], -1); } return true; } return false; // never reached }