|
1 <?php |
|
2 /* |
|
3 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between |
|
4 * Version 1.0 (Banshee) |
|
5 * pageprocess.php - intelligent retrieval of pages |
|
6 * Copyright (C) 2006-2007 Dan Fuhry |
|
7 * |
|
8 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License |
|
9 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. |
|
10 * |
|
11 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied |
|
12 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details. |
|
13 */ |
|
14 |
|
15 /** |
|
16 * Class to handle fetching page text (possibly from a cache) and formatting it. |
|
17 * @package Enano |
|
18 * @subpackage UI |
|
19 * @copyright 2007 Dan Fuhry |
|
20 * @license GNU General Public License <http://www.gnu.org/licenses/gpl.html> |
|
21 */ |
|
22 |
|
23 class PageProcessor |
|
24 { |
|
25 |
|
26 /** |
|
27 * Page ID and namespace of the page handled by this instance |
|
28 * @var string |
|
29 */ |
|
30 |
|
31 var $page_id; |
|
32 var $namespace; |
|
33 |
|
34 /** |
|
35 * Tracks if the page we're loading exists in the database or not. |
|
36 * @var bool |
|
37 */ |
|
38 |
|
39 var $page_exists = false; |
|
40 |
|
41 /** |
|
42 * Permissions! |
|
43 * @var object |
|
44 */ |
|
45 |
|
46 var $perms = null; |
|
47 |
|
48 /** |
|
49 * Switch to track if redirects are allowed. Defaults to true. |
|
50 * @var bool |
|
51 */ |
|
52 |
|
53 var $allow_redir = true; |
|
54 |
|
55 /** |
|
56 * If this is set to true, this will call the header and footer funcs on $template when render() is called. |
|
57 * @var bool |
|
58 */ |
|
59 |
|
60 var $send_headers = false; |
|
61 |
|
62 /** |
|
63 * Cache the fetched text so we don't fetch it from the DB twice. |
|
64 * @var string |
|
65 */ |
|
66 |
|
67 var $text_cache = ''; |
|
68 |
|
69 /** |
|
70 * Debugging information to track errors. You can set enable to false to disable sending debug information. |
|
71 * @var array |
|
72 */ |
|
73 |
|
74 var $debug = array( |
|
75 'enable' => true, |
|
76 'works' => false |
|
77 ); |
|
78 |
|
79 /** |
|
80 * Constructor. |
|
81 * @param string The page ID (urlname) of the page |
|
82 * @param string The namespace of the page |
|
83 */ |
|
84 |
|
85 function __construct( $page_id, $namespace ) |
|
86 { |
|
87 global $db, $session, $paths, $template, $plugins; // Common objects |
|
88 |
|
89 // See if we can get some debug info |
|
90 if ( function_exists('debug_backtrace') && $this->debug['enable'] ) |
|
91 { |
|
92 $this->debug['works'] = true; |
|
93 $this->debug['backtrace'] = enano_debug_print_backtrace(true); |
|
94 } |
|
95 |
|
96 // First things first - check page existence and permissions |
|
97 |
|
98 if ( !isset($paths->nslist[$namespace]) ) |
|
99 { |
|
100 $this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.'); |
|
101 } |
|
102 |
|
103 $this->_setup( $page_id, $namespace ); |
|
104 |
|
105 } |
|
106 |
|
107 /** |
|
108 * The main method to send the page content. Also responsible for checking permissions. |
|
109 */ |
|
110 |
|
111 function send() |
|
112 { |
|
113 global $db, $session, $paths, $template, $plugins; // Common objects |
|
114 if ( !$this->perms->get_permissions('read') ) |
|
115 { |
|
116 $this->err_access_denied(); |
|
117 return false; |
|
118 } |
|
119 if ( $this->namespace == 'Special' || $this->namespace == 'Admin' ) |
|
120 { |
|
121 if ( !$this->page_exists ) |
|
122 { |
|
123 redirect( makeUrl(getConfig('main_page')), 'Can\'t find special page', 'The special or administration page you requested does not exist. You will now be transferred to the main page.', 2 ); |
|
124 } |
|
125 $func_name = "page_{$this->namespace}_{$this->page_id}"; |
|
126 if ( function_exists($func_name) ) |
|
127 { |
|
128 return @call_user_func($func_name); |
|
129 } |
|
130 else |
|
131 { |
|
132 $title = 'Page backend not found'; |
|
133 $message = "The administration page you are looking for was properly registered using the page API, but the backend function |
|
134 (<tt>$fname</tt>) was not found. If this is a plugin page, then this is almost certainly a bug with the plugin."; |
|
135 |
|
136 if ( $this->send_headers ) |
|
137 { |
|
138 $template->tpl_strings['PAGE_NAME'] = $title; |
|
139 $template->header(); |
|
140 echo "<p>$message</p>"; |
|
141 $template->footer(); |
|
142 } |
|
143 else |
|
144 { |
|
145 echo "<h2>$title</h2> |
|
146 <p>$message</p>"; |
|
147 } |
|
148 return false; |
|
149 } |
|
150 } |
|
151 else if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists ) |
|
152 { |
|
153 // Send as regular page |
|
154 $text = $this->fetch_text(); |
|
155 if ( $text == 'err_no_text_rows' ) |
|
156 { |
|
157 $this->err_no_rows(); |
|
158 return false; |
|
159 } |
|
160 else |
|
161 { |
|
162 $this->render(); |
|
163 } |
|
164 } |
|
165 else if ( ( $this->namespace == 'Template' || $this->namespace == 'System' ) && $this->page_exists ) |
|
166 { |
|
167 $this->header(); |
|
168 |
|
169 $text = $this->fetch_text(); |
|
170 $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text); |
|
171 $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text); |
|
172 |
|
173 $text = RenderMan::render( $text ); |
|
174 |
|
175 echo $text; |
|
176 |
|
177 $this->footer(); |
|
178 |
|
179 } |
|
180 else if ( !$this->page_exists ) |
|
181 { |
|
182 // Perhaps this is hooked? |
|
183 ob_start(); |
|
184 |
|
185 $code = $plugins->setHook('page_not_found'); |
|
186 foreach ( $code as $cmd ) |
|
187 { |
|
188 eval($cmd); |
|
189 } |
|
190 |
|
191 $ob = ob_get_contents(); |
|
192 |
|
193 if ( empty($ob) ) |
|
194 { |
|
195 $this->err_page_not_existent(); |
|
196 } |
|
197 |
|
198 } |
|
199 |
|
200 } |
|
201 |
|
202 /** |
|
203 * Sets internal variables. |
|
204 * @access private |
|
205 */ |
|
206 |
|
207 function _setup($page_id, $namespace) |
|
208 { |
|
209 global $db, $session, $paths, $template, $plugins; // Common objects |
|
210 |
|
211 $page_id_cleaned = sanitize_page_id($page_id); |
|
212 |
|
213 $this->page_id = $page_id_cleaned; |
|
214 $this->namespace = $namespace; |
|
215 |
|
216 $this->perms = $session->fetch_page_acl( $page_id, $namespace ); |
|
217 |
|
218 // Exception for Admin: pages |
|
219 if ( $this->namespace == 'Admin' ) |
|
220 { |
|
221 $fname = "page_Admin_{$this->page_id}"; |
|
222 } |
|
223 |
|
224 // Does the page "exist"? |
|
225 if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace == 'Admin' && !function_exists($fname) ) ) |
|
226 { |
|
227 $this->page_exists = false; |
|
228 } |
|
229 else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) ) |
|
230 { |
|
231 $this->page_exists = false; |
|
232 } |
|
233 else |
|
234 { |
|
235 $this->page_exists = true; |
|
236 } |
|
237 } |
|
238 |
|
239 /** |
|
240 * Renders it all in one go, and echoes it out. This assumes that the text is in the DB. |
|
241 * @access private |
|
242 */ |
|
243 |
|
244 function render() |
|
245 { |
|
246 $text = $this->fetch_text(); |
|
247 |
|
248 $this->header(); |
|
249 echo RenderMan::render($text); |
|
250 $this->footer(); |
|
251 } |
|
252 |
|
253 /** |
|
254 * Sends the page header, dependent on, of course, whether we're supposed to. |
|
255 */ |
|
256 |
|
257 function header() |
|
258 { |
|
259 global $db, $session, $paths, $template, $plugins; // Common objects |
|
260 if ( $this->send_headers ) |
|
261 $template->header(); |
|
262 } |
|
263 |
|
264 /** |
|
265 * Sends the page footer, dependent on, of course, whether we're supposed to. |
|
266 */ |
|
267 |
|
268 function footer() |
|
269 { |
|
270 global $db, $session, $paths, $template, $plugins; // Common objects |
|
271 if ( $this->send_headers ) |
|
272 $template->footer(); |
|
273 } |
|
274 |
|
275 /** |
|
276 * Fetches the raw, unfiltered page text. |
|
277 * @access public |
|
278 */ |
|
279 |
|
280 function fetch_text() |
|
281 { |
|
282 global $db, $session, $paths, $template, $plugins; // Common objects |
|
283 |
|
284 if ( !empty($this->text_cache) ) |
|
285 { |
|
286 return $this->text_cache; |
|
287 } |
|
288 |
|
289 $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';'); |
|
290 if ( !$q ) |
|
291 { |
|
292 $this->send_error('Error during SQL query.', true); |
|
293 } |
|
294 if ( $db->numrows() < 1 ) |
|
295 { |
|
296 $this->page_exists = false; |
|
297 return 'err_no_text_rows'; |
|
298 } |
|
299 |
|
300 $row = $db->fetchrow(); |
|
301 $db->free_result(); |
|
302 |
|
303 if ( !empty($row['char_tag']) ) |
|
304 { |
|
305 // This page text entry uses the old text-escaping format |
|
306 $from = array( |
|
307 "{APOS:{$row['char_tag']}}", |
|
308 "{QUOT:{$row['char_tag']}}", |
|
309 "{SLASH:{$row['char_tag']}}" |
|
310 ); |
|
311 $to = array("'", '"', '\\'); |
|
312 $row['page_text'] = str_replace($from, $to, $row['page_text']); |
|
313 } |
|
314 |
|
315 $this->text_cache = $row['page_text']; |
|
316 |
|
317 return $row['page_text']; |
|
318 |
|
319 } |
|
320 |
|
321 /** |
|
322 * Send the error message to the user that the access to this page is denied. |
|
323 * @access private |
|
324 */ |
|
325 |
|
326 function err_access_denied() |
|
327 { |
|
328 global $db, $session, $paths, $template, $plugins; // Common objects |
|
329 |
|
330 $ob = ''; |
|
331 $template->tpl_strings['PAGE_NAME'] = 'Access denied'; |
|
332 |
|
333 if ( $this->send_headers ) |
|
334 { |
|
335 $ob .= $template->getHeader(); |
|
336 } |
|
337 |
|
338 $ob .= '<div class="error-box"><b>Access to this page is denied.</b><br />This may be because you are not logged in or you have not met certain criteria for viewing this page.</div>'; |
|
339 |
|
340 if ( $this->send_headers ) |
|
341 { |
|
342 $ob .= $template->getFooter(); |
|
343 } |
|
344 echo $ob; |
|
345 } |
|
346 |
|
347 /** |
|
348 * Send the error message to the user complaining that there weren't any rows. |
|
349 * @access private |
|
350 */ |
|
351 |
|
352 function err_no_rows() |
|
353 { |
|
354 global $db, $session, $paths, $template, $plugins; // Common objects |
|
355 |
|
356 $title = 'No text rows'; |
|
357 $message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information.'; |
|
358 if ( $this->send_headers ) |
|
359 { |
|
360 $template->tpl_strings['PAGE_NAME'] = $title; |
|
361 $template->header(); |
|
362 echo "<p>$message</p>"; |
|
363 $template->footer(); |
|
364 } |
|
365 else |
|
366 { |
|
367 echo "<h2>$title</h2> |
|
368 <p>$message</p>"; |
|
369 } |
|
370 } |
|
371 |
|
372 /** |
|
373 * Tell the user the page doesn't exist, and present them with their options. |
|
374 * @access private |
|
375 */ |
|
376 |
|
377 function err_page_not_existent() |
|
378 { |
|
379 global $db, $session, $paths, $template, $plugins; // Common objects |
|
380 |
|
381 $this->header(); |
|
382 header('HTTP/1.1 404 Not Found'); |
|
383 echo '<h3>There is no page with this title yet.</h3> |
|
384 <p>You have requested a page that doesn\'t exist yet.'; |
|
385 if ( $session->get_permissions('create_page') ) |
|
386 { |
|
387 echo ' You can <a href="'.makeUrlNS($this->namespace, $this->page_id, 'do=edit', true).'" onclick="ajaxEditor(); return false;">create this page</a>, or return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.'; |
|
388 } |
|
389 else |
|
390 { |
|
391 echo ' Return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.</p>'; |
|
392 } |
|
393 if ( $session->get_permissions('history_rollback') ) |
|
394 { |
|
395 $e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;'); |
|
396 if ( !$e ) |
|
397 { |
|
398 $db->_die('The deletion log could not be selected.'); |
|
399 } |
|
400 if ( $db->numrows() > 0 ) |
|
401 { |
|
402 $r = $db->fetchrow(); |
|
403 echo '<p>This page also appears to have some log entries in the database - it seems that it was deleted on ' . $r['date_string'] . '. You can probably <a href="'.makeUrl($paths->page, 'do=rollback&id='.$r['time_id']).'" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;">roll back</a> the deletion.</p>'; |
|
404 } |
|
405 $db->free_result(); |
|
406 } |
|
407 echo '<p> |
|
408 HTTP Error: 404 Not Found |
|
409 </p>'; |
|
410 $this->footer(); |
|
411 } |
|
412 |
|
413 /** |
|
414 * PHP 4 constructor. |
|
415 * @see PageProcessor::__construct() |
|
416 */ |
|
417 |
|
418 function PageProcessor( $page_id, $namespace ) |
|
419 { |
|
420 $this->__construct($page_id, $namespace); |
|
421 } |
|
422 |
|
423 /** |
|
424 * Send an error message and die |
|
425 * @var string Error message |
|
426 * @var bool If true, send DBAL's debugging information as well |
|
427 */ |
|
428 |
|
429 function send_error($message, $sql = false) |
|
430 { |
|
431 global $db, $session, $paths, $template, $plugins; // Common objects |
|
432 |
|
433 $content = "<p>$message</p>"; |
|
434 $template->tpl_strings['PAGE_NAME'] = 'General error in page fetcher'; |
|
435 |
|
436 if ( $this->debug['works'] ) |
|
437 { |
|
438 $content .= $this->debug['backtrace']; |
|
439 } |
|
440 |
|
441 header('HTTP/1.1 500 Internal Server Error'); |
|
442 |
|
443 $template->header(); |
|
444 echo $content; |
|
445 $template->footer(); |
|
446 |
|
447 $db->close(); |
|
448 |
|
449 exit; |
|
450 |
|
451 } |
|
452 |
|
453 } // class PageProcessor |
|
454 |
|
455 ?> |