Subversion Repositories Applications.papyrus

Rev

Rev 1688 | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
448 ddelon 1
<?php
2
/* encoding: iso-8859-1
3
wakka.php
4
Copyright (c) 2002, Hendrik Mans <hendrik@mans.de>
5
Copyright  2003 Carlo Zottmann
6
Copyright 2002, 2003 David DELON
7
Copyright 2002, 2003, 2004 Charles NÉPOTE
8
Copyright 2002, 2003 Patrick PAUL
9
Copyright 2003 Éric DELORD
10
Copyright 2003 Éric FELDSTEIN
11
Copyright 2004 Jean-Christophe ANDRÉ
12
All rights reserved.
13
Redistribution and use in source and binary forms, with or without
14
modification, are permitted provided that the following conditions
15
are met:
16
1. Redistributions of source code must retain the above copyright
17
notice, this list of conditions and the following disclaimer.
18
2. Redistributions in binary form must reproduce the above copyright
19
notice, this list of conditions and the following disclaimer in the
20
documentation and/or other materials provided with the distribution.
21
3. The name of the author may not be used to endorse or promote products
22
derived from this software without specific prior written permission.
23
 
24
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
29
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
30
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
31
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34
*/
35
 
36
/*
37
    Yes, most of the formatting used in this file is HORRIBLY BAD STYLE. However,
38
    most of the action happens outside of this file, and I really wanted the code
39
    to look as small as what it does. Basically. Oh, I just suck. :)
40
*/
41
 
42
 
43
 
44
// do not change this line, you fool. In fact, don't change anything! Ever!
45
define("WAKKA_VERSION", "0.1.1");
46
define("WIKINI_VERSION", "0.4.3 + contributions");
47
// start the compute time
48
list($g_usec, $g_sec) = explode(" ",microtime());
49
define ("t_start", (float)$g_usec + (float)$g_sec);
50
$t_SQL=0;
51
 
52
 
53
 
54
class Wiki
55
{
56
	var $dblink;
57
	var $page;
58
	var $tag;
59
	var $parameter = array();
60
	var $queryLog = array();
61
	var $interWiki = array();
62
	var $VERSION;
63
	var $CookiePath = '/';
64
 
65
 
66
	// constructor
67
	function Wiki($config)
68
	{
69
		$this->config = $config;
70
		// some host do not allow mysql_pconnect
71
		$this->dblink = @mysql_connect (
72
			$this->config["mysql_host"],
73
			$this->config["mysql_user"],
74
			$this->config["mysql_password"]);
75
		if ($this->dblink)
76
		{
77
			if (!@mysql_select_db($this->config["mysql_database"], $this->dblink))
78
			{
79
				@mysql_close($this->dblink);
80
				$this->dblink = false;
81
			}
82
		}
83
		$this->VERSION = WAKKA_VERSION;
84
 
85
		//determine le chemin pour le cookie
86
		$a = parse_url($this->GetConfigValue('base_url'));
87
		$this->CookiePath = dirname($a['path']);
88
		if ($this->CookiePath != '/') $this->CookiePath .= '/';
89
	}
90
 
91
 
92
 
93
	// DATABASE
94
	function Query($query)
95
	{
96
		if($this->GetConfigValue("debug")) $start = $this->GetMicroTime();
97
		if (!$result = mysql_query($query, $this->dblink))
98
		{
99
			ob_end_clean();
100
			die("Query failed: ".$query." (".mysql_error().")");
101
		}
102
		if($this->GetConfigValue("debug"))
103
		{
104
			$time = $this->GetMicroTime() - $start;
105
			$this->queryLog[] = array(
106
				"query"		=> $query,
107
				"time"		=> $time);
108
		}
109
		return $result;
110
	}
111
	function LoadSingle($query) { if ($data = $this->LoadAll($query)) return $data[0]; }
112
	function LoadAll($query)
113
	{
114
	$data=array();
115
	if ($r = $this->Query($query))
116
		{
117
			while ($row = mysql_fetch_assoc($r)) $data[] = $row;
118
			mysql_free_result($r);
119
		}
120
		return $data;
121
	}
122
 
123
 
124
 
125
	// MISC
126
	function GetMicroTime() { list($usec, $sec) = explode(" ",microtime()); return ((float)$usec + (float)$sec); }
127
	function IncludeBuffered($filename, $notfoundText = "", $vars = "", $path = "")
128
	{
129
		if ($path) $dirs = explode(":", $path);
130
		else $dirs = array("");
131
 
132
		foreach($dirs as $dir)
133
		{
134
			if ($dir) $dir .= "/";
135
			$fullfilename = $dir.$filename;
136
			if (file_exists($fullfilename))
137
			{
138
				if (is_array($vars)) extract($vars);
139
 
140
				ob_start();
141
				include($fullfilename);
142
				$output = ob_get_contents();
143
				ob_end_clean();
144
				return $output;
145
			}
146
		}
147
		if ($notfoundText) return $notfoundText;
148
		else return false;
149
	}
150
 
151
 
152
 
153
	// VARIABLES
154
	function GetPageTag() { return $this->tag; }
155
	function GetPageTime() { return $this->page["time"]; }
156
	function GetMethod() { return $this->method; }
157
	function GetConfigValue($name) { return $this->config[$name]; }
158
	function GetWakkaName() { return $this->GetConfigValue("wakka_name"); }
159
	function GetWakkaVersion() { return $this->VERSION; }
160
	function GetWikiNiVersion() { return WIKINI_VERSION; }
161
 
162
 
163
 
164
	// PAGES
165
	function LoadPage($tag, $time = "", $cache = 1) {
166
		// retrieve from cache
167
		if (!$time && $cache && ($cachedPage = $this->GetCachedPage($tag))) { $page = $cachedPage;}
168
		// load page
169
		if (!isset($page)) $page = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($tag)."' ".($time ? "and time = '".mysql_escape_string($time)."'" : "and latest = 'Y'")." limit 1");
170
		// cache result
171
		if (!$time) $this->CachePage($page);
172
		return $page;
173
	}
174
	function GetCachedPage($tag) {return (isset($this->pageCache[$tag]) ? $this->pageCache[$tag] : ''); }
175
	function CachePage($page) { $this->pageCache[$page["tag"]] = $page; }
176
	function SetPage($page) { $this->page = $page; if ($this->page["tag"]) $this->tag = $this->page["tag"]; }
177
	function LoadPageById($id) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".mysql_escape_string($id)."' limit 1"); }
178
	function LoadRevisions($page) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page)."' order by time desc"); }
179
	function LoadPagesLinkingTo($tag) { return $this->LoadAll("select from_tag as tag from ".$this->config["table_prefix"]."links where to_tag = '".mysql_escape_string($tag)."' order by tag"); }
180
	function LoadRecentlyChanged($limit=50) {
181
		$limit= (int) $limit;
182
		if ($pages = $this->LoadAll("select tag, time, user, owner from ".$this->config["table_prefix"]."pages where latest = 'Y' and comment_on = '' order by time desc limit $limit"))
183
		{
184
			foreach ($pages as $page)
185
			{
186
				$this->CachePage($page);
187
			}
188
			return $pages;
189
		}
190
	}
191
	function LoadAllPages() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' order by tag"); }
192
	function FullTextSearch($phrase) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' and match(tag, body) against('".mysql_escape_string($phrase)."')"); }
193
	function LoadWantedPages() { return $this->LoadAll("select distinct ".$this->config["table_prefix"]."links.to_tag as tag,count(".$this->config["table_prefix"]."links.from_tag) as count from ".$this->config["table_prefix"]."links left join ".$this->config["table_prefix"]."pages on ".$this->config["table_prefix"]."links.to_tag = ".$this->config["table_prefix"]."pages.tag where ".$this->config["table_prefix"]."pages.tag is NULL group by tag order by count desc"); }
194
	function LoadOrphanedPages() { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on = '' order by tag"); }
195
	function IsOrphanedPage($tag) { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on ='' and tag='".mysql_escape_string($tag)."'"); }
196
	function DeleteOrphanedPage($tag) {
197
		$this->Query("delete from ".$this->config["table_prefix"]."pages where tag='".mysql_escape_string($tag)."' ");
198
		$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag='".mysql_escape_string($tag)."' ");
199
		$this->Query("delete from ".$this->config["table_prefix"]."acls where page_tag='".mysql_escape_string($tag)."' ");
200
		$this->Query("delete from ".$this->config["table_prefix"]."referrers where page_tag='".mysql_escape_string($tag)."' ");
201
	}
202
	function SavePage($tag, $body, $comment_on = "") {
203
		// get current user
204
		$user = $this->GetUserName();
205
 
206
		//die($tag);
207
 
208
		// TODO: check write privilege
209
		if ($this->HasAccess("write", $tag))
210
		{
211
			// is page new?
212
			if (!$oldPage = $this->LoadPage($tag))
213
			{
214
				// create default write acl. store empty write ACL for comments.
215
				$this->SaveAcl($tag, "write", ($comment_on ? "" : $this->GetConfigValue("default_write_acl")));
216
 
217
				// create default read acl
218
				$this->SaveAcl($tag, "read", $this->GetConfigValue("default_read_acl"));
219
 
220
				// create default comment acl.
221
				$this->SaveAcl($tag, "comment", $this->GetConfigValue("default_comment_acl"));
222
 
223
				// current user is owner; if user is logged in! otherwise, no owner.
224
				if ($this->GetUser()) $owner = $user;
225
			}
226
			else
227
			{
228
				// aha! page isn't new. keep owner!
229
				$owner = $oldPage["owner"];
230
			}
231
 
232
 
233
			// set all other revisions to old
234
			$this->Query("update ".$this->config["table_prefix"]."pages set latest = 'N' where tag = '".mysql_Escape_string($tag)."'");
235
 
236
			// add new revision
237
			$this->Query("insert into ".$this->config["table_prefix"]."pages set ".
238
				"tag = '".mysql_escape_string($tag)."', ".
239
				($comment_on ? "comment_on = '".mysql_escape_string($comment_on)."', " : "").
240
				"time = now(), ".
241
				"owner = '".mysql_escape_string($owner)."', ".
242
				"user = '".mysql_escape_string($user)."', ".
243
				"latest = 'Y', ".
244
				"body = '".mysql_escape_string(chop($body))."'");
245
		}
246
	}
247
	function PurgePages() {
248
		if ($days = $this->GetConfigValue("pages_purge_time")) {
249
			// Selection of pages which can be deleted
250
			$pages = $this->LoadAll("select distinct tag, time from ".$this->config["table_prefix"]."pages where time < date_sub(now(), interval '".mysql_escape_string($days)."' day) and latest = 'N' order by time asc");
251
			foreach ($pages as $page) {
252
				// Deletion if there are more than 2 versions avalaible (TODO : parameter ?)
253
				$tags=$this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page[tag])."' group by tag having count(*) > 2 order by tag");
254
				foreach ($tags as $tag) {
255
					$this->Query("delete from ".$this->config["table_prefix"]."pages where time = '".mysql_escape_string($page[time])."' and tag = '".mysql_escape_string($tag[tag])."'");
256
				}
257
			}
258
		}
259
	}
260
 
261
 
262
 
263
	// COOKIES
264
	function SetSessionCookie($name, $value) { SetCookie($name, $value, 0, $this->CookiePath); $_COOKIE[$name] = $value; }
265
	function SetPersistentCookie($name, $value, $remember = 0) { SetCookie($name, $value, time() + ($remember ? 90*24*60*60 : 60 * 60), $this->CookiePath); $_COOKIE[$name] = $value; }
266
	function DeleteCookie($name) { SetCookie($name, "", 1, $this->CookiePath); $_COOKIE[$name] = ""; }
267
	function GetCookie($name) { return $_COOKIE[$name]; }
268
 
269
 
270
 
271
	// HTTP/REQUEST/LINK RELATED
272
	function SetMessage($message) { $_SESSION["message"] = $message; }
273
	function GetMessage()
274
	{
275
		if (isset($_SESSION["message"])) $message = $_SESSION["message"];
276
		else $message = "";
277
		$_SESSION["message"] = "";
278
		return $message;
279
	}
280
	function Redirect($url)
281
	{
282
		header("Location: $url");
283
		exit;
284
	}
285
	// returns just PageName[/method].
286
	function MiniHref($method = "", $tag = "")
287
	{
288
		if (!$tag = trim($tag)) $tag = $this->tag;
289
		return $tag.($method ? "/".$method : "");
290
	}
291
	// returns the full url to a page/method.
292
	function Href($method = "", $tag = "", $params = "")
293
	{
294
		$href = $this->config["base_url"].$this->MiniHref($method, $tag);
295
		if ($params)
296
		{
297
			$href .= ($this->config["rewrite_mode"] ? "?" : "&amp;").$params;
298
		} // ajout TEla
299
		return $href;
300
	}
301
	function Link($tag, $method = "", $text = "", $track = 1) {
302
		$tag=htmlspecialchars($tag); //avoid xss
303
 
304
		$text=htmlspecialchars($text); //paranoiac again
305
		if (!$text) $text = $tag;
306
 
307
		// is this an interwiki link?
308
		if (preg_match("/^([A-Z][A-Z,a-z]+)[:]([A-Z,a-z,0-9]*)$/s", $tag, $matches))
309
		{
310
			$tag = $this->GetInterWikiUrl($matches[1], $matches[2]);
311
			return "<a href=\"$tag\">$text (interwiki)</a>";
312
		}
313
		// is this a full link? ie, does it contain non alpha-numeric characters?
314
		// Note : [:alnum:] is equivalent [0-9A-Za-z]
315
		//        [^[:alnum:]] means : some caracters other than [0-9A-Za-z]
316
		// For example : "www.adress.com", "mailto:adress@domain.com", "http://www.adress.com"
317
		else if (preg_match("/[^[:alnum:]]/", $tag))
318
		{
319
			// check for email addresses
320
			if (preg_match("/^.+\@.+$/", $tag))
321
			{
322
				$tag = "mailto:".$tag;
323
			}
324
			// check for protocol-less URLs
325
			else if (!preg_match("/:\/\//", $tag))
326
			{
327
				$tag = "http://".$tag;	//Very important for xss (avoid javascript:() hacking)
328
			}
329
			// is this an inline image (text!=tag and url ends png,gif,jpeg)
330
			if ($text!=$tag and preg_match("/.(gif|jpeg|png|jpg)$/i",$tag))
331
			{
332
				return "<img src=\"$tag\" alt=\"$text\" />";
333
			}
334
			else
335
			{
336
				return "<a href=\"$tag\">$text</a>";
337
			}
338
		}
339
		else
340
		{
341
			// it's a Wiki link!
342
			if (isset($_SESSION["linktracking"]) && $track) $this->TrackLinkTo($tag);
343
			return ($this->LoadPage($tag) ? "<a href=\"".$this->href($method, $tag)."\">".$text."</a>" : "<span class=\"missingpage\">".$text."</span><a href=\"".$this->href("edit", $tag)."\">?</a>");
344
		}
345
	}
346
	function ComposeLinkToPage($tag, $method = "", $text = "", $track = 1) {
347
		if (!$text) $text = $tag;
348
		$text = htmlentities($text);
349
		if (isset($_SESSION["linktracking"]) && $track)
350
			$this->TrackLinkTo($tag);
351
		return '<a href="'.$this->href($method, $tag).'">'.$text.'</a>';
352
	}
353
	// function PregPageLink($matches) { return $this->Link($matches[1]); }
354
	function IsWikiName($text) { return preg_match("/^[A-Z][a-z]+[A-Z,0-9][A-Z,a-z,0-9]*$/", $text); }
355
	function TrackLinkTo($tag) { $_SESSION["linktable"][] = $tag; }
356
	function GetLinkTable() { return $_SESSION["linktable"]; }
357
	function ClearLinkTable() { $_SESSION["linktable"] = array(); }
358
	function StartLinkTracking() { $_SESSION["linktracking"] = 1; }
359
	function StopLinkTracking() { $_SESSION["linktracking"] = 0; }
360
	function WriteLinkTable() {
361
		// delete old link table
362
		$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag = '".mysql_escape_string($this->GetPageTag())."'");
363
		if ($linktable = $this->GetLinkTable())
364
		{
365
			$from_tag = mysql_escape_string($this->GetPageTag());
366
			foreach ($linktable as $to_tag)
367
			{
368
				$lower_to_tag = strtolower($to_tag);
369
				if (!$written[$lower_to_tag])
370
				{
371
					$this->Query("insert into ".$this->config["table_prefix"]."links set from_tag = '".$from_tag."', to_tag = '".mysql_escape_string($to_tag)."'");
372
					$written[$lower_to_tag] = 1;
373
				}
374
			}
375
		}
376
	}
377
	function Header() { return $this->Action($this->GetConfigValue("header_action"), 1); }
378
	function Footer() { return $this->Action($this->GetConfigValue("footer_action"), 1); }
379
 
380
 
381
 
382
	// FORMS
383
	function FormOpen($method = "", $tag = "", $formMethod = "post") {
384
	/* Debut de la modif ACeditor */
385
	// ACEditor: id=\"ACEditor\" name=\"ACEditor\" ci-dessous le if a été ajouté (initialement, seule la ligne du else existait)
386
	// si l'url se termine par edit (expression régulière edit$), on est en mode édition et dans ce cas on donne les id et name au formulaire
387
	// Sinon surtout pas car ça marche plus dans la mesure ou plusieurs formulaires auraient ces ID et name et dans ce cas
388
	// il semble que le dernier soit considéré, c'est à dire pas le bon :o(
389
 
390
		if (ereg('edit$', $this->href($method, $tag))) {
391
			$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
392
		} else {
393
		$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
394
		}
395
 
396
/* fin de la modif ACeditor */
397
		if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"wiki\" value=\"".$this->MiniHref($method, $tag)."\" />\n";
398
		return $result;
399
	}
400
	function FormClose() {
401
		return "</form>\n";
402
	}
403
 
404
 
405
 
406
	// INTERWIKI STUFF
407
	function ReadInterWikiConfig() {
408
		if ($lines = file("interwiki.conf"))
409
		{
410
			foreach ($lines as $line)
411
			{
412
				if ($line = trim($line))
413
				{
414
					list($wikiName, $wikiUrl) = explode(" ", trim($line));
415
					$this->AddInterWiki($wikiName, $wikiUrl);
416
				}
417
			}
418
		}
419
	}
420
	function AddInterWiki($name, $url) {
421
		$this->interWiki[$name] = $url;
422
	}
423
	function GetInterWikiUrl($name, $tag) {
424
		if (isset($this->interWiki[$name]))
425
		{
426
			return $this->interWiki[$name].$tag;
427
		} else {
428
		return 'http://'.$tag; //avoid xss by putting http:// in front of JavaScript:()
429
		}
430
	}
431
 
432
 
433
 
434
	// REFERRERS
435
	function LogReferrer($tag = "", $referrer = "") {
436
		// fill values
437
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
438
		if (!$referrer = trim($referrer) AND isset($_SERVER["HTTP_REFERER"])) $referrer = $_SERVER["HTTP_REFERER"];
439
 
440
		// check if it's coming from another site
441
		if ($referrer && !preg_match("/^".preg_quote($this->GetConfigValue("base_url"), "/")."/", $referrer))
442
		{
443
			$this->Query("insert into ".$this->config["table_prefix"]."referrers set ".
444
				"page_tag = '".mysql_escape_string($tag)."', ".
445
				"referrer = '".mysql_escape_string($referrer)."', ".
446
				"time = now()");
447
		}
448
	}
449
	function LoadReferrers($tag = "") {
450
		return $this->LoadAll("select referrer, count(referrer) as num from ".$this->config["table_prefix"]."referrers ".($tag = trim($tag) ? "where page_tag = '".mysql_escape_string($tag)."'" : "")." group by referrer order by num desc");
451
	}
452
	function PurgeReferrers() {
453
		if ($days = $this->GetConfigValue("referrers_purge_time")) {
454
			$this->Query("delete from ".$this->config["table_prefix"]."referrers where time < date_sub(now(), interval '".mysql_escape_string($days)."' day)");
455
		}
456
	}
457
 
458
 
459
 
460
	// PLUGINS
461
	function Action($action, $forceLinkTracking = 0)
462
	{
463
		$action = trim($action); $vars=array();
464
		// stupid attributes check
465
		if ((stristr($action, "=\"")) || (stristr($action, "/")))
466
		{
467
			// extract $action and $vars_temp ("raw" attributes)
468
			preg_match("/^([A-Za-z0-9]*)\/?(.*)$/", $action, $matches);
469
			list(, $action, $vars_temp) = $matches;
470
			// match all attributes (key and value)
471
			$this->parameter[$vars_temp]=$vars_temp;
472
			preg_match_all("/([A-Za-z0-9]*)=\"(.*)\"/U", $vars_temp, $matches);
473
 
474
		// prepare an array for extract() to work with (in $this->IncludeBuffered())
475
		if (is_array($matches))
476
			{
477
				for ($a = 0; $a < count($matches[1]); $a++)
478
				{
479
					$vars[$matches[1][$a]] = $matches[2][$a];
480
					$this->parameter[$matches[1][$a]]=$matches[2][$a];
481
				}
482
			}
483
		}
484
		if (!$forceLinkTracking) $this->StopLinkTracking();
485
		$result = $this->IncludeBuffered(strtolower($action).".php", "<i>Action inconnue \"$action\"</i>", $vars, $this->config["action_path"]);
486
		$this->StartLinkTracking();
487
		if (isset($parameter)) unset($this->parameter[$parameter]);
488
		unset($this->parameter);
489
		return $result;
490
	}
491
	function Method($method) {
492
		if (!$handler = $this->page["handler"]) $handler = "page";
493
		$methodLocation = $handler."/".$method.".php";
494
		return $this->IncludeBuffered($methodLocation, "<i>M&eacute;thode inconnue \"$methodLocation\"</i>", "", $this->config["handler_path"]);
495
	}
496
	function Format($text, $formatter = "wakka") {
497
		return $this->IncludeBuffered("formatters/".$formatter.".php", "<i>Impossible de trouver le formateur \"$formatter\"</i>", compact("text"));
498
	}
499
 
500
 
501
 
502
	// USERS
503
	//============================= Lignes modifiées pour Tela Botanica ===================================
504
	function LoadUser($name, $password = 0) { return $this->LoadSingle("select * from ".$this->config["common_table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1"); }
505
	function LoadUsers() { return $this->LoadAll("select * from ".$this->config["common_table_prefix"]."users order by name"); }
506
	//===============================================================================================
507
    function GetUserName() { if ($user = $this->GetUser()) $name = $user["name"]; else if (!$name = gethostbyaddr($_SERVER["REMOTE_ADDR"])) $name = $_SERVER["REMOTE_ADDR"]; return $name; }
508
	function UserName() { /* deprecated! */ return $this->GetUserName(); }
509
	function GetUser() { return (isset($_SESSION["user"]) ? $_SESSION["user"] : '');}
510
	function SetUser($user, $remember=0) { $_SESSION["user"] = $user; $this->SetPersistentCookie("name", $user["name"], $remember); $this->SetPersistentCookie("password", $user["password"], $remember); $this->SetPersistentCookie("remember", $remember, $remember); }
511
	function LogoutUser() { $_SESSION["user"] = ""; $this->DeleteCookie("name"); $this->DeleteCookie("password"); }
512
	function UserWantsComments() { if (!$user = $this->GetUser()) return false; return ($user["show_comments"] == "Y"); }
513
	function GetParameter($parameter, $default = '') { return (isset($this->parameter[$parameter]) ? $this->parameter[$parameter] : $default); }
514
 
515
 
516
 
517
	// COMMENTS
518
	function LoadComments($tag) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on = '".mysql_escape_string($tag)."' and latest = 'Y' order by time"); }
519
	function LoadRecentComments() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on != '' and latest = 'Y' order by time desc"); }
520
	function LoadRecentlyCommented($limit = 50) {
521
		// NOTE: this is really stupid. Maybe my SQL-Fu is too weak, but apparently there is no easier way to simply select
522
		//       all comment pages sorted by their first revision's (!) time. ugh!
523
 
524
		// load ids of the first revisions of latest comments. err, huh?
525
		$pages=array();
526
		$comments=array();
527
		if ($ids = $this->LoadAll("select min(id) as id from ".$this->config["table_prefix"]."pages where comment_on != '' group by tag order by id desc"))
528
		{
529
			// load complete comments
530
			foreach ($ids as $id)
531
			{
532
				$comment = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".$id["id"]."' limit 1");
533
				$num=0;
534
				if (!isset($comments[$comment["comment_on"]])) $comments[$comment["comment_on"]]='';
535
				if (!$comments[$comment["comment_on"]] && $num < $limit)
536
				{
537
					$comments[$comment["comment_on"]] = $comment;
538
					$num++;
539
				}
540
			}
541
 
542
			// now load pages
543
			if ($comments)
544
			{
545
				// now using these ids, load the actual pages
546
				foreach ($comments as $comment)
547
				{
548
					$page = $this->LoadPage($comment["comment_on"]);
549
					$page["comment_user"] = $comment["user"];
550
					$page["comment_time"] = $comment["time"];
551
					$page["comment_tag"] = $comment["tag"];
552
					$pages[] = $page;
553
				}
554
			}
555
		}
556
		// load tags of pages
557
		//return $this->LoadAll("select comment_on as tag, max(time) as time, tag as comment_tag, user from ".$this->config["table_prefix"]."pages where comment_on != '' group by comment_on order by time desc");
558
		return $pages;
559
	}
560
 
561
 
562
 
563
	// ACCESS CONTROL
564
	// returns true if logged in user is owner of current page, or page specified in $tag
565
	function UserIsOwner($tag = "") {
566
		// check if user is logged in
567
		if (!$this->GetUser()) return false;
568
 
569
		// set default tag
570
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
571
 
572
		// check if user is owner
573
		if ($this->GetPageOwner($tag) == $this->GetUserName()) return true;
574
	}
575
	function GetPageOwner($tag = "", $time = "") { if (!$tag = trim($tag)) $tag = $this->GetPageTag(); if ($page = $this->LoadPage($tag, $time)) return $page["owner"]; }
576
	function SetPageOwner($tag, $user) {
577
		// check if user exists
578
		if (!$this->LoadUser($user)) return;
579
 
580
		// updated latest revision with new owner
581
		$this->Query("update ".$this->config["table_prefix"]."pages set owner = '".mysql_escape_string($user)."' where tag = '".mysql_escape_string($tag)."' and latest = 'Y' limit 1");
582
	}
583
	function LoadAcl($tag, $privilege, $useDefaults = 1) {
584
		if ((!$acl = $this->LoadSingle("select * from ".$this->config["table_prefix"]."acls where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1")) && $useDefaults)
585
		{
586
			$acl = array("page_tag" => $tag, "privilege" => $privilege, "list" => $this->GetConfigValue("default_".$privilege."_acl"));
587
		}
588
		return $acl;
589
	}
590
	function SaveAcl($tag, $privilege, $list) {
591
		if ($this->LoadAcl($tag, $privilege, 0)) $this->Query("update ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."' where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1");
592
		else $this->Query("insert into ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."', page_tag = '".mysql_escape_string($tag)."', privilege = '".mysql_escape_string($privilege)."'");
593
	}
594
	// returns true if $user (defaults to current user) has access to $privilege on $page_tag (defaults to current page)
595
	function HasAccess($privilege, $tag = "", $user = "") {
596
		// set defaults
597
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
598
		if (!$user = $this->GetUserName());
599
 
600
		// load acl
601
		$acl = $this->LoadAcl($tag, $privilege);
602
 
603
		// if current user is owner, return true. owner can do anything!
604
		if ($this->UserIsOwner($tag)) return true;
605
 
606
		// fine fine... now go through acl
607
		foreach (explode("\n", $acl["list"]) as $line)
608
		{
609
			$line = trim($line);
610
 
611
			// check for inversion character "!"
612
			if (preg_match("/^[!](.*)$/", $line, $matches))
613
			{
614
				$negate = 1;
615
				$line = $matches[1];
616
			}
617
			else
618
			{
619
				$negate = 0;
620
			}
621
 
622
			// if there's still anything left... lines with just a "!" don't count!
623
			if ($line)
624
			{
625
				switch ($line[0])
626
				{
627
				// comments
628
				case "#":
629
					break;
630
				// everyone
631
				case "*":
632
					return !$negate;
633
				// aha! a user entry.
634
				case "+":
635
					if (!$this->LoadUser($user))
636
					{
637
						return $negate;
638
					}
639
					else
640
					{
641
						return !$negate;
642
					}
643
				default:
644
					if ($line == $user)
645
					{
646
						return !$negate;
647
					}
648
				}
649
			}
650
		}
651
 
652
		// tough luck.
653
		return false;
654
	}
655
 
656
 
657
 
658
	// MAINTENANCE
659
	function Maintenance() {
660
		// purge referrers
661
		$this->PurgeReferrers();
662
		// purge old page revisions
663
		$this->PurgePages();
664
	}
665
 
666
 
667
 
668
	// THE BIG EVIL NASTY ONE!
669
	function Run($tag, $method = "") {
670
		if(!($this->GetMicroTime()%3)) $this->Maintenance();
671
 
672
		$this->ReadInterWikiConfig();
673
 
674
		// do our stuff!
675
		if (!$this->method = trim($method)) $this->method = "show";
676
		if (!$this->tag = trim($tag)) $this->Redirect($this->href("", $this->config["root_page"]));
677
		if ((!$this->GetUser() && isset($_COOKIE["name"])) && ($user = $this->LoadUser($_COOKIE["name"], $_COOKIE["password"]))) $this->SetUser($user, $_COOKIE["remember"]);
678
		$this->SetPage($this->LoadPage($tag, (isset($_REQUEST["time"]) ? $_REQUEST["time"] :'')));
679
		$this->LogReferrer();
680
 
681
      //correction pour un support plus facile de nouveaux handlers
682
      print($this->Method($this->method));
683
	}
684
}
685
 
686
 
687
 
688
// stupid version check
689
if (!isset($_REQUEST)) die('$_REQUEST[] not found. Wakka requires PHP 4.1.0 or higher!');
690
 
691
// workaround for the amazingly annoying magic quotes.
692
function magicQuotesSuck(&$a)
693
{
694
	if (is_array($a))
695
	{
696
		foreach ($a as $k => $v)
697
		{
698
			if (is_array($v))
699
				magicQuotesSuck($a[$k]);
700
			else
701
				$a[$k] = stripslashes($v);
702
		}
703
	}
704
}
705
set_magic_quotes_runtime(0);
706
if (get_magic_quotes_gpc())
707
{
708
	magicQuotesSuck($_POST);
709
	magicQuotesSuck($_GET);
710
	magicQuotesSuck($_COOKIE);
711
}
712
 
713
 
714
// default configuration values
715
$wakkaConfig= array();
716
$wakkaDefaultConfig = array(
717
	'wakka_version'		=> '',
718
	'wikini_version'	=> '',
719
	'debug'			=> 'no',
720
	"mysql_host"		=> "localhost",
721
	"mysql_database"		=> "wikini",
722
	"mysql_user"		=> "wikini",
723
	"mysql_password"		=> '',
724
	"table_prefix"		=> "wikini_",
725
	"root_page"			=> "PagePrincipale",
726
	"wakka_name"		=> "MonSiteWikiNi",
727
	"base_url"			=> "http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "?wiki=" : ""),
728
	"rewrite_mode"		=> (preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "0" : "1"),
729
	'meta_keywords'		=> '',
730
	'meta_description'	=> '',
731
	"action_path"		=> "actions",
732
	"handler_path"		=> "handlers",
733
	"header_action"		=> "header",
734
	"footer_action"		=> "footer",
735
	"navigation_links"		=> "DerniersChangements :: DerniersCommentaires :: ParametresUtilisateur",
736
	"referrers_purge_time"	=> 24,
737
	"pages_purge_time"	=> 90,
738
	"default_write_acl"	=> "*",
739
	"default_read_acl"	=> "*",
740
	"default_comment_acl"	=> "*",
741
	"menu_page"	 	=> "PageMenu",
742
	"preview_before_save"	=> "0");
743
 
744
// load config
745
if (!$configfile = GetEnv("WAKKA_CONFIG")) $configfile = "wakka.config.php";
746
if (file_exists($configfile)) include($configfile);
747
$wakkaConfigLocation = $configfile;
748
$wakkaConfig = array_merge($wakkaDefaultConfig, $wakkaConfig);
749
 
750
// check for locking
751
if (file_exists("locked")) {
752
	// read password from lockfile
753
	$lines = file("locked");
754
	$lockpw = trim($lines[0]);
755
 
756
	// is authentification given?
757
	if (isset($_SERVER["PHP_AUTH_USER"])) {
758
		if (!(($_SERVER["PHP_AUTH_USER"] == "admin") && ($_SERVER["PHP_AUTH_PW"] == $lockpw))) {
759
			$ask = 1;
760
		}
761
	} else {
762
		$ask = 1;
763
	}
764
 
765
	if ($ask) {
766
		header("WWW-Authenticate: Basic realm=\"".$wakkaConfig["wakka_name"]." Install/Upgrade Interface\"");
767
		header("HTTP/1.0 401 Unauthorized");
768
		echo "Ce site est en cours de mise &agrave; jour. Veuillez essayer plus tard." ;
769
		exit;
770
	}
771
}
772
 
773
 
774
// compare versions, start installer if necessary
775
if ($wakkaConfig["wakka_version"] && (!$wakkaConfig["wikini_version"])) { $wakkaConfig["wikini_version"]=$wakkaConfig["wakka_version"]; }
776
if (($wakkaConfig["wakka_version"] != WAKKA_VERSION) || ($wakkaConfig["wikini_version"] != WIKINI_VERSION)) {
777
	// start installer
778
	if (!isset($_REQUEST["installAction"]) OR !$installAction = trim($_REQUEST["installAction"])) $installAction = "default";
779
	include("setup/header.php");
780
	if (file_exists("setup/".$installAction.".php")) include("setup/".$installAction.".php"); else echo "<i>Invalid action</i>" ;
781
	include("setup/footer.php");
782
	exit;
783
}
784
 
785
 
786
// configuration du cookie de session
787
//determine le chemin pour le cookie
788
$a = parse_url($wakkaConfig['base_url']);
789
$CookiePath = dirname($a['path']);
790
if ($CookiePath != '/') $CookiePath .= '/';
791
$a = session_get_cookie_params();
792
session_set_cookie_params($a['lifetime'],$CookiePath);
793
unset($a);
794
unset($CookiePath);
795
 
796
// start session
797
session_start();
798
 
799
// fetch wakka location
800
if (!isset($_REQUEST["wiki"])) $_REQUEST["wiki"] = '';
801
 
802
$wiki = $_REQUEST["wiki"];
803
 
804
// remove leading slash
805
$wiki = preg_replace("/^\//", "", $wiki);
806
 
807
// split into page/method
808
if (preg_match("#^(.+?)/([A-Za-z0-9_]*)$#", $wiki, $matches)) list(, $page, $method) = $matches;
809
else if (preg_match("#^(.*)$#", $wiki, $matches)) list(, $page) = $matches;
810
 
811
// create wiki object
812
$wiki = new Wiki($wakkaConfig);
813
// check for database access
814
if (!$wiki->dblink)
815
{
816
	echo "<p>Pour des raisons ind&eacute;pendantes de notre volont&eacute;, le contenu de ce Wiki est temporairement inaccessible. Veuillez r&eacute;essayer ult&eacute;rieurement, merci de votre compr&eacute;hension.</p>";
817
	exit;
818
}
819
 
820
function compress_output($output)
821
{
822
	return gzencode($output);
823
}
824
 
825
// Check if the browser supports gzip encoding, HTTP_ACCEPT_ENCODING
826
if (strstr ($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('gzencode') )
827
{
828
	// Start output buffering, and register compress_output() (see
829
	// below)
830
	ob_start ("compress_output");
831
 
832
	// Tell the browser the content is compressed with gzip
833
	header ("Content-Encoding: gzip");
834
}
835
 
836
 
837
// go!
838
if (!isset($method)) $method='';
839
 
840
// Security (quick hack)  : Check method syntax
841
if (!(preg_match('#^[A-Za-z0-9_]*$#',$method))) {
842
	$method='';
843
}
844
 
845
$wiki->Run($page, $method);
846
?>