Skip to content
Snippets Groups Projects
Commit e795ba4d authored by Andreas Gohr's avatar Andreas Gohr
Browse files

removed unused action methods

parent 549a9ea1
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 679 deletions
inc/actions.php
+ 1
679
View file @ e795ba4d
...@@ -12,10 +12,7 @@ if(!defined('DOKU_INC')) die('meh.'); ...@@ -12,10 +12,7 @@ if(!defined('DOKU_INC')) die('meh.');
function act_dispatch(){ function act_dispatch(){
$router = \dokuwiki\ActionRouter::getInstance(); // is this needed here or could we delegate it to tpl_content() later? $router = \dokuwiki\ActionRouter::getInstance(); // is this needed here or could we delegate it to tpl_content() later?
$headers = array('Content-Type: text/html; charset=utf-8');
//call template FIXME: all needed vars available?
$headers[] = 'Content-Type: text/html; charset=utf-8';
trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders'); trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
// clear internal variables // clear internal variables
...@@ -29,199 +26,6 @@ function act_dispatch(){ ...@@ -29,199 +26,6 @@ function act_dispatch(){
// in function tpl_content() // in function tpl_content()
} }
/**
* Call the needed action handlers
*
* @author Andreas Gohr <andi@splitbrain.org>
* @triggers ACTION_ACT_PREPROCESS
* @triggers ACTION_HEADERS_SEND
*/
function XXX_act_dispatch(){
global $ACT;
global $ID;
global $INFO;
global $QUERY;
/* @var Input $INPUT */
global $INPUT;
global $lang;
global $conf;
$preact = $ACT;
// give plugins an opportunity to process the action
$evt = new Doku_Event('ACTION_ACT_PREPROCESS',$ACT);
$headers = array();
if ($evt->advise_before()) {
//sanitize $ACT
$ACT = act_validate($ACT);
//check if searchword was given - else just show
$s = cleanID($QUERY);
if($ACT == 'search' && empty($s)){
$ACT = 'show';
}
//login stuff
if(in_array($ACT,array('login','logout'))){
$ACT = act_auth($ACT);
}
//check if user is asking to (un)subscribe a page
if($ACT == 'subscribe') {
try {
$ACT = act_subscription($ACT);
} catch (Exception $e) {
msg($e->getMessage(), -1);
}
}
//display some info
if($ACT == 'check'){
check();
$ACT = 'show';
}
//check permissions
$ACT = act_permcheck($ACT);
//sitemap
if ($ACT == 'sitemap'){
act_sitemap($ACT);
}
//recent changes
if ($ACT == 'recent'){
$show_changes = $INPUT->str('show_changes');
if (!empty($show_changes)) {
set_doku_pref('show_changes', $show_changes);
}
}
//diff
if ($ACT == 'diff'){
$difftype = $INPUT->str('difftype');
if (!empty($difftype)) {
set_doku_pref('difftype', $difftype);
}
}
//register
if($ACT == 'register' && $INPUT->post->bool('save') && register()){
$ACT = 'login';
}
if ($ACT == 'resendpwd' && act_resendpwd()) {
$ACT = 'login';
}
// user profile changes
if (in_array($ACT, array('profile','profile_delete'))) {
if(!$INPUT->server->str('REMOTE_USER')) {
$ACT = 'login';
} else {
switch ($ACT) {
case 'profile' :
if(updateprofile()) {
msg($lang['profchanged'],1);
$ACT = 'show';
}
break;
case 'profile_delete' :
if(auth_deleteprofile()){
msg($lang['profdeleted'],1);
$ACT = 'show';
} else {
$ACT = 'profile';
}
break;
}
}
}
//revert
if($ACT == 'revert'){
if(checkSecurityToken()){
$ACT = act_revert($ACT);
}else{
$ACT = 'show';
}
}
//save
if($ACT == 'save'){
if(checkSecurityToken()){
$ACT = act_save($ACT);
}else{
$ACT = 'preview';
}
}
//cancel conflicting edit
if($ACT == 'cancel')
$ACT = 'show';
//draft deletion
if($ACT == 'draftdel')
$ACT = act_draftdel($ACT);
//draft saving on preview
if($ACT == 'preview') {
$headers[] = "X-XSS-Protection: 0";
$ACT = act_draftsave($ACT);
}
//edit
if(in_array($ACT, array('edit', 'preview', 'recover'))) {
$ACT = act_edit($ACT);
}else{
unlock($ID); //try to unlock
}
//handle export
if(substr($ACT,0,7) == 'export_')
$ACT = act_export($ACT);
//handle admin tasks
if($ACT == 'admin'){
// retrieve admin plugin name from $_REQUEST['page']
if (($page = $INPUT->str('page', '', true)) != '') {
/** @var $plugin DokuWiki_Admin_Plugin */
if ($plugin = plugin_getRequestAdminPlugin()){
$plugin->handle();
}
}
}
// check permissions again - the action may have changed
$ACT = act_permcheck($ACT);
} // end event ACTION_ACT_PREPROCESS default action
$evt->advise_after();
// Make sure plugs can handle 'denied'
if($conf['send404'] && $ACT == 'denied') {
http_status(403);
}
unset($evt);
// when action 'show', the intial not 'show' and POST, do a redirect
if($ACT == 'show' && $preact != 'show' && strtolower($INPUT->server->str('REQUEST_METHOD')) == 'post'){
act_redirect($ID,$preact);
}
global $INFO;
global $conf;
global $license;
//call template FIXME: all needed vars available?
$headers[] = 'Content-Type: text/html; charset=utf-8';
trigger_event('ACTION_HEADERS_SEND',$headers,'act_sendheaders');
include(template('main.php'));
// output for the commands is now handled in inc/templates.php
// in function tpl_content()
}
/** /**
* Send the given headers using header() * Send the given headers using header()
* *
...@@ -256,97 +60,6 @@ function act_clean($act){ ...@@ -256,97 +60,6 @@ function act_clean($act){
return $act; return $act;
} }
/**
* Sanitize and validate action commands.
*
* Add all allowed commands here.
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param array|string $act
* @return string
*/
function act_validate($act) {
global $conf;
global $INFO;
$act = act_clean($act);
// check if action is disabled
if(!actionOK($act)){
msg('Command disabled: '.htmlspecialchars($act),-1);
return 'show';
}
//disable all acl related commands if ACL is disabled
if(!$conf['useacl'] && in_array($act,array('login','logout','register','admin',
'subscribe','unsubscribe','profile','revert',
'resendpwd','profile_delete'))){
msg('Command unavailable: '.htmlspecialchars($act),-1);
return 'show';
}
//is there really a draft?
if($act == 'draft' && !file_exists($INFO['draft'])) return 'edit';
if(!in_array($act,array('login','logout','register','save','cancel','edit','draft',
'preview','search','show','check','index','revisions',
'diff','recent','backlink','admin','subscribe','revert',
'unsubscribe','profile','profile_delete','resendpwd','recover',
'draftdel','sitemap','media')) && substr($act,0,7) != 'export_' ) {
msg('Command unknown: '.htmlspecialchars($act),-1);
return 'show';
}
return $act;
}
/**
* Run permissionchecks
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param string $act action command
* @return string action command
*/
function act_permcheck($act){
global $INFO;
if(in_array($act,array('save','preview','edit','recover'))){
if($INFO['exists']){
if($act == 'edit'){
//the edit function will check again and do a source show
//when no AUTH_EDIT available
$permneed = AUTH_READ;
}else{
$permneed = AUTH_EDIT;
}
}else{
$permneed = AUTH_CREATE;
}
}elseif(in_array($act,array('login','search','recent','profile','profile_delete','index', 'sitemap'))){
$permneed = AUTH_NONE;
}elseif($act == 'revert'){
$permneed = AUTH_ADMIN;
if($INFO['ismanager']) $permneed = AUTH_EDIT;
}elseif($act == 'register'){
$permneed = AUTH_NONE;
}elseif($act == 'resendpwd'){
$permneed = AUTH_NONE;
}elseif($act == 'admin'){
if($INFO['ismanager']){
// if the manager has the needed permissions for a certain admin
// action is checked later
$permneed = AUTH_READ;
}else{
$permneed = AUTH_ADMIN;
}
}else{
$permneed = AUTH_READ;
}
if($INFO['perm'] >= $permneed) return $act;
return 'denied';
}
/** /**
* Handle 'draftdel' * Handle 'draftdel'
...@@ -392,100 +105,7 @@ function act_draftsave($act){ ...@@ -392,100 +105,7 @@ function act_draftsave($act){
return $act; return $act;
} }
/**
* Handle 'save'
*
* Checks for spam and conflicts and saves the page.
* Does a redirect to show the page afterwards or
* returns a new action.
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param string $act action command
* @return string action command
*/
function act_save($act){
global $ID;
global $DATE;
global $PRE;
global $TEXT;
global $SUF;
global $SUM;
global $lang;
global $INFO;
global $INPUT;
//spam check
if(checkwordblock()) {
msg($lang['wordblock'], -1);
return 'edit';
}
//conflict check
if($DATE != 0 && $INFO['meta']['date']['modified'] > $DATE )
return 'conflict';
//save it
saveWikiText($ID,con($PRE,$TEXT,$SUF,true),$SUM,$INPUT->bool('minor')); //use pretty mode for con
//unlock it
unlock($ID);
//delete draft
act_draftdel($act);
session_write_close();
// when done, show page
return 'show';
}
/**
* Revert to a certain revision
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param string $act action command
* @return string action command
*/
function act_revert($act){
global $ID;
global $REV;
global $lang;
/* @var Input $INPUT */
global $INPUT;
// FIXME $INFO['writable'] currently refers to the attic version
// global $INFO;
// if (!$INFO['writable']) {
// return 'show';
// }
// when no revision is given, delete current one
// FIXME this feature is not exposed in the GUI currently
$text = '';
$sum = $lang['deleted'];
if($REV){
$text = rawWiki($ID,$REV);
if(!$text) return 'show'; //something went wrong
$sum = sprintf($lang['restored'], dformat($REV));
}
// spam check
if (checkwordblock($text)) {
msg($lang['wordblock'], -1);
return 'edit';
}
saveWikiText($ID,$text,$sum,false);
msg($sum,1);
//delete any draft
act_draftdel($act);
session_write_close();
// when done, show current page
$INPUT->server->set('REQUEST_METHOD','post'); //should force a redirect
$REV = '';
return 'show';
}
/** /**
* Do a redirect after receiving post data * Do a redirect after receiving post data
...@@ -525,304 +145,6 @@ function act_redirect_execute($opts){ ...@@ -525,304 +145,6 @@ function act_redirect_execute($opts){
send_redirect($go); send_redirect($go);
} }
/**
* Handle 'login', 'logout'
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param string $act action command
* @return string action command
*/
function act_auth($act){
global $ID;
global $INFO;
/* @var Input $INPUT */
global $INPUT;
//already logged in?
if($INPUT->server->has('REMOTE_USER') && $act=='login'){
return 'show';
}
//handle logout
if($act=='logout'){
$lockedby = checklock($ID); //page still locked?
if($lockedby == $INPUT->server->str('REMOTE_USER')){
unlock($ID); //try to unlock
}
// do the logout stuff
auth_logoff();
// rebuild info array
$INFO = pageinfo();
act_redirect($ID,'login');
}
return $act;
}
/**
* Handle 'edit', 'preview', 'recover'
*
* @author Andreas Gohr <andi@splitbrain.org>
*
* @param string $act action command
* @return string action command
*/
function act_edit($act){
global $ID;
global $INFO;
global $TEXT;
global $RANGE;
global $PRE;
global $SUF;
global $REV;
global $SUM;
global $lang;
global $DATE;
if (!isset($TEXT)) {
if ($INFO['exists']) {
if ($RANGE) {
list($PRE,$TEXT,$SUF) = rawWikiSlices($RANGE,$ID,$REV);
} else {
$TEXT = rawWiki($ID,$REV);
}
} else {
$TEXT = pageTemplate($ID);
}
}
//set summary default
if(!$SUM){
if($REV){
$SUM = sprintf($lang['restored'], dformat($REV));
}elseif(!$INFO['exists']){
$SUM = $lang['created'];
}
}
// Use the date of the newest revision, not of the revision we edit
// This is used for conflict detection
if(!$DATE) $DATE = @filemtime(wikiFN($ID));
//check if locked by anyone - if not lock for my self
//do not lock when the user can't edit anyway
if ($INFO['writable']) {
$lockedby = checklock($ID);
if($lockedby) return 'locked';
lock($ID);
}
return $act;
}
/**
* Export a wiki page for various formats
*
* Triggers ACTION_EXPORT_POSTPROCESS
*
* Event data:
* data['id'] -- page id
* data['mode'] -- requested export mode
* data['headers'] -- export headers
* data['output'] -- export output
*
* @author Andreas Gohr <andi@splitbrain.org>
* @author Michael Klier <chi@chimeric.de>
*
* @param string $act action command
* @return string action command
*/
function act_export($act){
global $ID;
global $REV;
global $conf;
global $lang;
$pre = '';
$post = '';
$headers = array();
// search engines: never cache exported docs! (Google only currently)
$headers['X-Robots-Tag'] = 'noindex';
$mode = substr($act,7);
switch($mode) {
case 'raw':
$headers['Content-Type'] = 'text/plain; charset=utf-8';
$headers['Content-Disposition'] = 'attachment; filename='.noNS($ID).'.txt';
$output = rawWiki($ID,$REV);
break;
case 'xhtml':
$pre .= '<!DOCTYPE html>' . DOKU_LF;
$pre .= '<html lang="'.$conf['lang'].'" dir="'.$lang['direction'].'">' . DOKU_LF;
$pre .= '<head>' . DOKU_LF;
$pre .= ' <meta charset="utf-8" />' . DOKU_LF;
$pre .= ' <title>'.$ID.'</title>' . DOKU_LF;
// get metaheaders
ob_start();
tpl_metaheaders();
$pre .= ob_get_clean();
$pre .= '</head>' . DOKU_LF;
$pre .= '<body>' . DOKU_LF;
$pre .= '<div class="dokuwiki export">' . DOKU_LF;
// get toc
$pre .= tpl_toc(true);
$headers['Content-Type'] = 'text/html; charset=utf-8';
$output = p_wiki_xhtml($ID,$REV,false);
$post .= '</div>' . DOKU_LF;
$post .= '</body>' . DOKU_LF;
$post .= '</html>' . DOKU_LF;
break;
case 'xhtmlbody':
$headers['Content-Type'] = 'text/html; charset=utf-8';
$output = p_wiki_xhtml($ID,$REV,false);
break;
default:
$output = p_cached_output(wikiFN($ID,$REV), $mode, $ID);
$headers = p_get_metadata($ID,"format $mode");
break;
}
// prepare event data
$data = array();
$data['id'] = $ID;
$data['mode'] = $mode;
$data['headers'] = $headers;
$data['output'] =& $output;
trigger_event('ACTION_EXPORT_POSTPROCESS', $data);
if(!empty($data['output'])){
if(is_array($data['headers'])) foreach($data['headers'] as $key => $val){
header("$key: $val");
}
print $pre.$data['output'].$post;
exit;
}
return 'show';
}
/**
* Handle sitemap delivery
*
* @author Michael Hamann <michael@content-space.de>
*
* @param string $act action command
*/
function act_sitemap($act) {
global $conf;
if ($conf['sitemap'] < 1 || !is_numeric($conf['sitemap'])) {
http_status(404);
print "Sitemap generation is disabled.";
exit;
}
$sitemap = Sitemapper::getFilePath();
if (Sitemapper::sitemapIsCompressed()) {
$mime = 'application/x-gzip';
}else{
$mime = 'application/xml; charset=utf-8';
}
// Check if sitemap file exists, otherwise create it
if (!is_readable($sitemap)) {
Sitemapper::generate();
}
if (is_readable($sitemap)) {
// Send headers
header('Content-Type: '.$mime);
header('Content-Disposition: attachment; filename='.utf8_basename($sitemap));
http_conditionalRequest(filemtime($sitemap));
// Send file
//use x-sendfile header to pass the delivery to compatible webservers
http_sendfile($sitemap);
readfile($sitemap);
exit;
}
http_status(500);
print "Could not read the sitemap file - bad permissions?";
exit;
}
/**
* Handle page 'subscribe'
*
* Throws exception on error.
*
* @author Adrian Lang <lang@cosmocode.de>
*
* @param string $act action command
* @return string action command
* @throws Exception if (un)subscribing fails
*/
function act_subscription($act){
global $lang;
global $INFO;
global $ID;
/* @var Input $INPUT */
global $INPUT;
// subcriptions work for logged in users only
if(!$INPUT->server->str('REMOTE_USER')) return 'show';
// get and preprocess data.
$params = array();
foreach(array('target', 'style', 'action') as $param) {
if ($INPUT->has("sub_$param")) {
$params[$param] = $INPUT->str("sub_$param");
}
}
// any action given? if not just return and show the subscription page
if(empty($params['action']) || !checkSecurityToken()) return $act;
// Handle POST data, may throw exception.
trigger_event('ACTION_HANDLE_SUBSCRIBE', $params, 'subscription_handle_post');
$target = $params['target'];
$style = $params['style'];
$action = $params['action'];
// Perform action.
$sub = new Subscription();
if($action == 'unsubscribe'){
$ok = $sub->remove($target, $INPUT->server->str('REMOTE_USER'), $style);
}else{
$ok = $sub->add($target, $INPUT->server->str('REMOTE_USER'), $style);
}
if($ok) {
msg(sprintf($lang["subscr_{$action}_success"], hsc($INFO['userinfo']['name']),
prettyprint_id($target)), 1);
act_redirect($ID, $act);
} else {
throw new Exception(sprintf($lang["subscr_{$action}_error"],
hsc($INFO['userinfo']['name']),
prettyprint_id($target)));
}
// Assure that we have valid data if act_redirect somehow fails.
$INFO['subscribed'] = $sub->user_subscription();
return 'show';
}
/** /**
* Validate POST data * Validate POST data
* *
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment