Subversion Repositories Applications.papyrus

Rev

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
439 ddelon 1
<?php
2
/* encoding: iso-8859-1
3
wakka.php
4
Copyright (c) 2002, Hendrik Mans <hendrik@mans.de>
5
Copyright  2003 Carlo Zottmann
6
Copyright 2002, 2003 David DELON
7
Copyright 2002, 2003, 2004 Charles NÉPOTE
8
Copyright 2002, 2003 Patrick PAUL
9
Copyright 2003 Éric DELORD
10
Copyright 2003 Éric FELDSTEIN
11
Copyright 2004 Jean-Christophe ANDRÉ
12
All rights reserved.
13
Redistribution and use in source and binary forms, with or without
14
modification, are permitted provided that the following conditions
15
are met:
16
1. Redistributions of source code must retain the above copyright
17
notice, this list of conditions and the following disclaimer.
18
2. Redistributions in binary form must reproduce the above copyright
19
notice, this list of conditions and the following disclaimer in the
20
documentation and/or other materials provided with the distribution.
21
3. The name of the author may not be used to endorse or promote products
22
derived from this software without specific prior written permission.
23
 
24
THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
25
IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
26
OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
27
IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
28
INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
29
NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
30
DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
31
THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
32
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
33
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
34
*/
35
 
36
/*
37
    Yes, most of the formatting used in this file is HORRIBLY BAD STYLE. However,
38
    most of the action happens outside of this file, and I really wanted the code
39
    to look as small as what it does. Basically. Oh, I just suck. :)
40
*/
41
 
42
 
43
 
44
// do not change this line, you fool. In fact, don't change anything! Ever!
45
define("WAKKA_VERSION", "0.1.1");
46
define("WIKINI_VERSION", "0.4.3");
47
// start the compute time
48
list($g_usec, $g_sec) = explode(" ",microtime());
49
define ("t_start", (float)$g_usec + (float)$g_sec);
50
$t_SQL=0;
51
 
52
 
53
 
54
class Wiki
55
{
56
	var $dblink;
57
	var $page;
58
	var $tag;
59
	var $parameter = array();
60
	var $queryLog = array();
61
	var $interWiki = array();
62
	var $VERSION;
63
	var $CookiePath = '/';
64
 
65
 
66
	// constructor
67
	function Wiki($config)
68
	{
69
		$this->config = $config;
70
		// some host do not allow mysql_pconnect
71
		$this->dblink = @mysql_connect (
72
			$this->config["mysql_host"],
73
			$this->config["mysql_user"],
74
			$this->config["mysql_password"]);
75
		if ($this->dblink)
76
		{
77
			if (!@mysql_select_db($this->config["mysql_database"], $this->dblink))
78
			{
79
				@mysql_close($this->dblink);
80
				$this->dblink = false;
81
			}
82
		}
83
		$this->VERSION = WAKKA_VERSION;
84
 
85
		//determine le chemin pour le cookie
86
		$a = parse_url($this->GetConfigValue('base_url'));
87
		$this->CookiePath = dirname($a['path']);
88
		if ($this->CookiePath != '/') $this->CookiePath .= '/';
89
	}
90
 
91
 
92
 
93
	// DATABASE
94
	function Query($query)
95
	{
96
		if($this->GetConfigValue("debug")) $start = $this->GetMicroTime();
97
		if (!$result = mysql_query($query, $this->dblink))
98
		{
99
			ob_end_clean();
100
			die("Query failed: ".$query." (".mysql_error().")");
101
		}
102
		if($this->GetConfigValue("debug"))
103
		{
104
			$time = $this->GetMicroTime() - $start;
105
			$this->queryLog[] = array(
106
				"query"		=> $query,
107
				"time"		=> $time);
108
		}
109
		return $result;
110
	}
111
	function LoadSingle($query) { if ($data = $this->LoadAll($query)) return $data[0]; }
112
	function LoadAll($query)
113
	{
114
	$data=array();
115
	if ($r = $this->Query($query))
116
		{
117
			while ($row = mysql_fetch_assoc($r)) $data[] = $row;
118
			mysql_free_result($r);
119
		}
120
		return $data;
121
	}
122
 
123
 
124
 
125
	// MISC
126
	function GetMicroTime() { list($usec, $sec) = explode(" ",microtime()); return ((float)$usec + (float)$sec); }
127
	function IncludeBuffered($filename, $notfoundText = "", $vars = "", $path = "")
128
	{
129
		if ($path) $dirs = explode(":", $path);
130
		else $dirs = array("");
131
 
132
		foreach($dirs as $dir)
133
		{
134
			if ($dir) $dir .= "/";
135
			$fullfilename = $dir.$filename;
136
			if (file_exists($fullfilename))
137
			{
138
				if (is_array($vars)) extract($vars);
139
 
140
				ob_start();
141
				include($fullfilename);
142
				$output = ob_get_contents();
143
				ob_end_clean();
144
				return $output;
145
			}
146
		}
147
		if ($notfoundText) return $notfoundText;
148
		else return false;
149
	}
150
 
151
 
152
 
153
	// VARIABLES
154
	function GetPageTag() { return $this->tag; }
155
	function GetPageTime() { return $this->page["time"]; }
156
	function GetMethod() { return $this->method; }
157
	function GetConfigValue($name) { return $this->config[$name]; }
158
	function GetWakkaName() { return $this->GetConfigValue("wakka_name"); }
159
	function GetWakkaVersion() { return $this->VERSION; }
160
	function GetWikiNiVersion() { return WIKINI_VERSION; }
161
 
162
 
163
 
164
	// PAGES
165
	function LoadPage($tag, $time = "", $cache = 1) {
166
		// retrieve from cache
167
		if (!$time && $cache && ($cachedPage = $this->GetCachedPage($tag))) { $page = $cachedPage;}
168
		// load page
169
		if (!isset($page)) $page = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($tag)."' ".($time ? "and time = '".mysql_escape_string($time)."'" : "and latest = 'Y'")." limit 1");
170
		// cache result
171
		if (!$time) $this->CachePage($page);
172
		return $page;
173
	}
174
	function GetCachedPage($tag) {return (isset($this->pageCache[$tag]) ? $this->pageCache[$tag] : ''); }
175
	function CachePage($page) { $this->pageCache[$page["tag"]] = $page; }
176
	function SetPage($page) { $this->page = $page; if ($this->page["tag"]) $this->tag = $this->page["tag"]; }
177
	function LoadPageById($id) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".mysql_escape_string($id)."' limit 1"); }
178
	function LoadRevisions($page) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page)."' order by time desc"); }
179
	function LoadPagesLinkingTo($tag) { return $this->LoadAll("select from_tag as tag from ".$this->config["table_prefix"]."links where to_tag = '".mysql_escape_string($tag)."' order by tag"); }
180
	function LoadRecentlyChanged($limit=50) {
181
		$limit= (int) $limit;
182
		if ($pages = $this->LoadAll("select tag, time, user, owner from ".$this->config["table_prefix"]."pages where latest = 'Y' and comment_on = '' order by time desc limit $limit"))
183
		{
184
			foreach ($pages as $page)
185
			{
186
				$this->CachePage($page);
187
			}
188
			return $pages;
189
		}
190
	}
191
	function LoadAllPages() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' order by tag"); }
192
	function FullTextSearch($phrase) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where latest = 'Y' and match(tag, body) against('".mysql_escape_string($phrase)."')"); }
193
	function LoadWantedPages() { return $this->LoadAll("select distinct ".$this->config["table_prefix"]."links.to_tag as tag,count(".$this->config["table_prefix"]."links.from_tag) as count from ".$this->config["table_prefix"]."links left join ".$this->config["table_prefix"]."pages on ".$this->config["table_prefix"]."links.to_tag = ".$this->config["table_prefix"]."pages.tag where ".$this->config["table_prefix"]."pages.tag is NULL group by tag order by count desc"); }
194
	function LoadOrphanedPages() { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on = '' order by tag"); }
195
	function IsOrphanedPage($tag) { return $this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages left join ".$this->config["table_prefix"]."links on ".$this->config["table_prefix"]."pages.tag = ".$this->config["table_prefix"]."links.to_tag where ".$this->config["table_prefix"]."links.to_tag is NULL and ".$this->config["table_prefix"]."pages.comment_on ='' and tag='".mysql_escape_string($tag)."'"); }
196
	function DeleteOrphanedPage($tag) {
197
		$this->Query("delete from ".$this->config["table_prefix"]."pages where tag='".mysql_escape_string($tag)."' ");
198
		$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag='".mysql_escape_string($tag)."' ");
199
		$this->Query("delete from ".$this->config["table_prefix"]."acls where page_tag='".mysql_escape_string($tag)."' ");
200
		$this->Query("delete from ".$this->config["table_prefix"]."referrers where page_tag='".mysql_escape_string($tag)."' ");
201
	}
202
	function SavePage($tag, $body, $comment_on = "") {
203
		// get current user
204
		$user = $this->GetUserName();
205
 
206
		//die($tag);
207
 
208
		// TODO: check write privilege
209
		if ($this->HasAccess("write", $tag))
210
		{
211
			// is page new?
212
			if (!$oldPage = $this->LoadPage($tag))
213
			{
214
				// create default write acl. store empty write ACL for comments.
215
				$this->SaveAcl($tag, "write", ($comment_on ? "" : $this->GetConfigValue("default_write_acl")));
216
 
217
				// create default read acl
218
				$this->SaveAcl($tag, "read", $this->GetConfigValue("default_read_acl"));
219
 
220
				// create default comment acl.
221
				$this->SaveAcl($tag, "comment", $this->GetConfigValue("default_comment_acl"));
222
 
223
				// current user is owner; if user is logged in! otherwise, no owner.
224
				if ($this->GetUser()) $owner = $user;
225
			}
226
			else
227
			{
228
				// aha! page isn't new. keep owner!
229
				$owner = $oldPage["owner"];
230
			}
231
 
232
 
233
			// set all other revisions to old
234
			$this->Query("update ".$this->config["table_prefix"]."pages set latest = 'N' where tag = '".mysql_Escape_string($tag)."'");
235
 
236
			// add new revision
237
			$this->Query("insert into ".$this->config["table_prefix"]."pages set ".
238
				"tag = '".mysql_escape_string($tag)."', ".
239
				($comment_on ? "comment_on = '".mysql_escape_string($comment_on)."', " : "").
240
				"time = now(), ".
241
				"owner = '".mysql_escape_string($owner)."', ".
242
				"user = '".mysql_escape_string($user)."', ".
243
				"latest = 'Y', ".
244
				"body = '".mysql_escape_string(chop($body))."'");
245
		}
246
	}
247
	function PurgePages() {
248
		if ($days = $this->GetConfigValue("pages_purge_time")) {
249
			// Selection of pages which can be deleted
250
			$pages = $this->LoadAll("select distinct tag, time from ".$this->config["table_prefix"]."pages where time < date_sub(now(), interval '".mysql_escape_string($days)."' day) and latest = 'N' order by time asc");
251
			foreach ($pages as $page) {
252
				// Deletion if there are more than 2 versions avalaible (TODO : parameter ?)
253
				$tags=$this->LoadAll("select distinct tag from ".$this->config["table_prefix"]."pages where tag = '".mysql_escape_string($page[tag])."' group by tag having count(*) > 2 order by tag");
254
				foreach ($tags as $tag) {
255
					$this->Query("delete from ".$this->config["table_prefix"]."pages where time = '".mysql_escape_string($page[time])."' and tag = '".mysql_escape_string($tag[tag])."'");
256
				}
257
			}
258
		}
259
	}
260
 
261
 
262
 
263
	// COOKIES
264
	function SetSessionCookie($name, $value) { SetCookie($name, $value, 0, $this->CookiePath); $_COOKIE[$name] = $value; }
265
	function SetPersistentCookie($name, $value, $remember = 0) { SetCookie($name, $value, time() + ($remember ? 90*24*60*60 : 60 * 60), $this->CookiePath); $_COOKIE[$name] = $value; }
266
	function DeleteCookie($name) { SetCookie($name, "", 1, $this->CookiePath); $_COOKIE[$name] = ""; }
267
	function GetCookie($name) { return $_COOKIE[$name]; }
268
 
269
 
270
 
271
	// HTTP/REQUEST/LINK RELATED
272
	function SetMessage($message) { $_SESSION["message"] = $message; }
273
	function GetMessage()
274
	{
275
		if (isset($_SESSION["message"])) $message = $_SESSION["message"];
276
		else $message = "";
277
		$_SESSION["message"] = "";
278
		return $message;
279
	}
280
	function Redirect($url)
281
	{
282
		header("Location: $url");
283
		exit;
284
	}
285
	// returns just PageName[/method].
286
	function MiniHref($method = "", $tag = "")
287
	{
288
		if (!$tag = trim($tag)) $tag = $this->tag;
289
		return $tag.($method ? "/".$method : "");
290
	}
291
	// returns the full url to a page/method.
292
	function Href($method = "", $tag = "", $params = "")
293
	{
294
		$href = $this->config["base_url"].$this->MiniHref($method, $tag);
295
		if ($params)
296
		{
297
			$href .= ($this->config["rewrite_mode"] ? "?" : "&amp;").$params;
298
		}
299
		return $href;
300
	}
301
	function Link($tag, $method = "", $text = "", $track = 1) {
302
		$tag=htmlspecialchars($tag); //avoid xss
303
		$text=htmlspecialchars($text); //paranoiac again
304
		if (!$text) $text = $tag;
305
 
306
		// is this an interwiki link?
307
		if (preg_match("/^([A-Z][A-Z,a-z]+)[:]([A-Z,a-z,0-9]*)$/s", $tag, $matches))
308
		{
309
			$tag = $this->GetInterWikiUrl($matches[1], $matches[2]);
310
			return "<a href=\"$tag\">$text (interwiki)</a>";
311
		}
312
		// is this a full link? ie, does it contain non alpha-numeric characters?
313
		// Note : [:alnum:] is equivalent [0-9A-Za-z]
314
		//        [^[:alnum:]] means : some caracters other than [0-9A-Za-z]
315
		// For example : "www.adress.com", "mailto:adress@domain.com", "http://www.adress.com"
316
		else if (preg_match("/[^[:alnum:]]/", $tag))
317
		{
318
			// check for email addresses
319
			if (preg_match("/^.+\@.+$/", $tag))
320
			{
321
				$tag = "mailto:".$tag;
322
			}
323
			// check for protocol-less URLs
324
			else if (!preg_match("/:\/\//", $tag))
325
			{
326
				$tag = "http://".$tag;	//Very important for xss (avoid javascript:() hacking)
327
			}
328
			// is this an inline image (text!=tag and url ends png,gif,jpeg)
329
			if ($text!=$tag and preg_match("/.(gif|jpeg|png|jpg)$/i",$tag))
330
			{
331
				return "<img src=\"$tag\" alt=\"$text\" />";
332
			}
333
			else
334
			{
335
				return "<a href=\"$tag\">$text</a>";
336
			}
337
		}
338
		else
339
		{
340
			// it's a Wiki link!
341
			if (isset($_SESSION["linktracking"]) && $track) $this->TrackLinkTo($tag);
342
			return ($this->LoadPage($tag) ? "<a href=\"".$this->href($method, $tag)."\">".$text."</a>" : "<span class=\"missingpage\">".$text."</span><a href=\"".$this->href("edit", $tag)."\">?</a>");
343
		}
344
	}
345
	function ComposeLinkToPage($tag, $method = "", $text = "", $track = 1) {
346
		if (!$text) $text = $tag;
347
		$text = htmlentities($text);
348
		if (isset($_SESSION["linktracking"]) && $track)
349
			$this->TrackLinkTo($tag);
350
		return '<a href="'.$this->href($method, $tag).'">'.$text.'</a>';
351
	}
352
	// function PregPageLink($matches) { return $this->Link($matches[1]); }
353
	function IsWikiName($text) { return preg_match("/^[A-Z][a-z]+[A-Z,0-9][A-Z,a-z,0-9]*$/", $text); }
354
	function TrackLinkTo($tag) { $_SESSION["linktable"][] = $tag; }
355
	function GetLinkTable() { return $_SESSION["linktable"]; }
356
	function ClearLinkTable() { $_SESSION["linktable"] = array(); }
357
	function StartLinkTracking() { $_SESSION["linktracking"] = 1; }
358
	function StopLinkTracking() { $_SESSION["linktracking"] = 0; }
359
	function WriteLinkTable() {
360
		// delete old link table
361
		$this->Query("delete from ".$this->config["table_prefix"]."links where from_tag = '".mysql_escape_string($this->GetPageTag())."'");
362
		if ($linktable = $this->GetLinkTable())
363
		{
364
			$from_tag = mysql_escape_string($this->GetPageTag());
365
			foreach ($linktable as $to_tag)
366
			{
367
				$lower_to_tag = strtolower($to_tag);
368
				if (!$written[$lower_to_tag])
369
				{
370
					$this->Query("insert into ".$this->config["table_prefix"]."links set from_tag = '".$from_tag."', to_tag = '".mysql_escape_string($to_tag)."'");
371
					$written[$lower_to_tag] = 1;
372
				}
373
			}
374
		}
375
	}
376
	function Header() { return $this->Action($this->GetConfigValue("header_action"), 1); }
377
	function Footer() { return $this->Action($this->GetConfigValue("footer_action"), 1); }
378
 
379
 
380
 
381
	// FORMS
382
	function FormOpen($method = "", $tag = "", $formMethod = "post") {
556 ddelon 383
	/* Debut de la modif ACeditor */
384
	// ACEditor: id=\"ACEditor\" name=\"ACEditor\" ci-dessous le if a été ajouté (initialement, seule la ligne du else existait)
385
	// si l'url se termine par edit (expression régulière edit$), on est en mode édition et dans ce cas on donne les id et name au formulaire
386
	// Sinon surtout pas car ça marche plus dans la mesure ou plusieurs formulaires auraient ces ID et name et dans ce cas
387
	// il semble que le dernier soit considéré, c'est à dire pas le bon :o(
388
 
389
		if (ereg('edit$', $this->href($method, $tag))) {
390
			$result = "<form id=\"ACEditor\" name=\"ACEditor\" action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
391
		} else {
439 ddelon 392
		$result = "<form action=\"".$this->href($method, $tag)."\" method=\"".$formMethod."\">\n";
556 ddelon 393
		}
394
 
395
/* fin de la modif ACeditor */
439 ddelon 396
		if (!$this->config["rewrite_mode"]) $result .= "<input type=\"hidden\" name=\"wiki\" value=\"".$this->MiniHref($method, $tag)."\" />\n";
397
		return $result;
398
	}
399
	function FormClose() {
400
		return "</form>\n";
401
	}
402
 
403
 
404
 
405
	// INTERWIKI STUFF
406
	function ReadInterWikiConfig() {
407
		if ($lines = file("interwiki.conf"))
408
		{
409
			foreach ($lines as $line)
410
			{
411
				if ($line = trim($line))
412
				{
413
					list($wikiName, $wikiUrl) = explode(" ", trim($line));
414
					$this->AddInterWiki($wikiName, $wikiUrl);
415
				}
416
			}
417
		}
418
	}
419
	function AddInterWiki($name, $url) {
420
		$this->interWiki[$name] = $url;
421
	}
422
	function GetInterWikiUrl($name, $tag) {
423
		if (isset($this->interWiki[$name]))
424
		{
425
			return $this->interWiki[$name].$tag;
426
		} else {
427
		return 'http://'.$tag; //avoid xss by putting http:// in front of JavaScript:()
428
		}
429
	}
430
 
431
 
432
 
433
	// REFERRERS
434
	function LogReferrer($tag = "", $referrer = "") {
435
		// fill values
436
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
437
		if (!$referrer = trim($referrer) AND isset($_SERVER["HTTP_REFERER"])) $referrer = $_SERVER["HTTP_REFERER"];
438
 
439
		// check if it's coming from another site
440
		if ($referrer && !preg_match("/^".preg_quote($this->GetConfigValue("base_url"), "/")."/", $referrer))
441
		{
442
			$this->Query("insert into ".$this->config["table_prefix"]."referrers set ".
443
				"page_tag = '".mysql_escape_string($tag)."', ".
444
				"referrer = '".mysql_escape_string($referrer)."', ".
445
				"time = now()");
446
		}
447
	}
448
	function LoadReferrers($tag = "") {
449
		return $this->LoadAll("select referrer, count(referrer) as num from ".$this->config["table_prefix"]."referrers ".($tag = trim($tag) ? "where page_tag = '".mysql_escape_string($tag)."'" : "")." group by referrer order by num desc");
450
	}
451
	function PurgeReferrers() {
452
		if ($days = $this->GetConfigValue("referrers_purge_time")) {
453
			$this->Query("delete from ".$this->config["table_prefix"]."referrers where time < date_sub(now(), interval '".mysql_escape_string($days)."' day)");
454
		}
455
	}
456
 
457
 
458
 
459
	// PLUGINS
460
	function Action($action, $forceLinkTracking = 0)
461
	{
462
		$action = trim($action); $vars=array();
463
		// stupid attributes check
464
		if ((stristr($action, "=\"")) || (stristr($action, "/")))
465
		{
466
			// extract $action and $vars_temp ("raw" attributes)
467
			preg_match("/^([A-Za-z0-9]*)\/?(.*)$/", $action, $matches);
468
			list(, $action, $vars_temp) = $matches;
469
			// match all attributes (key and value)
470
			$this->parameter[$vars_temp]=$vars_temp;
471
			preg_match_all("/([A-Za-z0-9]*)=\"(.*)\"/U", $vars_temp, $matches);
472
 
473
		// prepare an array for extract() to work with (in $this->IncludeBuffered())
474
		if (is_array($matches))
475
			{
476
				for ($a = 0; $a < count($matches[1]); $a++)
477
				{
478
					$vars[$matches[1][$a]] = $matches[2][$a];
479
					$this->parameter[$matches[1][$a]]=$matches[2][$a];
480
				}
481
			}
482
		}
483
		if (!$forceLinkTracking) $this->StopLinkTracking();
484
		$result = $this->IncludeBuffered(strtolower($action).".php", "<i>Action inconnue \"$action\"</i>", $vars, $this->config["action_path"]);
485
		$this->StartLinkTracking();
486
		if (isset($parameter)) unset($this->parameter[$parameter]);
487
		unset($this->parameter);
488
		return $result;
489
	}
490
	function Method($method) {
491
		if (!$handler = $this->page["handler"]) $handler = "page";
492
		$methodLocation = $handler."/".$method.".php";
493
		return $this->IncludeBuffered($methodLocation, "<i>M&eacute;thode inconnue \"$methodLocation\"</i>", "", $this->config["handler_path"]);
494
	}
495
	function Format($text, $formatter = "wakka") {
496
		return $this->IncludeBuffered("formatters/".$formatter.".php", "<i>Impossible de trouver le formateur \"$formatter\"</i>", compact("text"));
497
	}
498
 
499
 
500
 
501
	// USERS
502
	function LoadUser($name, $password = 0) { return $this->LoadSingle("select * from ".$this->config["table_prefix"]."users where name = '".mysql_escape_string($name)."' ".($password === 0 ? "" : "and password = '".mysql_escape_string($password)."'")." limit 1"); }
503
	function LoadUsers() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."users order by name"); }
504
	function GetUserName() { if ($user = $this->GetUser()) $name = $user["name"]; else if (!$name = gethostbyaddr($_SERVER["REMOTE_ADDR"])) $name = $_SERVER["REMOTE_ADDR"]; return $name; }
505
	function UserName() { /* deprecated! */ return $this->GetUserName(); }
506
	function GetUser() { return (isset($_SESSION["user"]) ? $_SESSION["user"] : '');}
507
	function SetUser($user, $remember=0) { $_SESSION["user"] = $user; $this->SetPersistentCookie("name", $user["name"], $remember); $this->SetPersistentCookie("password", $user["password"], $remember); $this->SetPersistentCookie("remember", $remember, $remember); }
508
	function LogoutUser() { $_SESSION["user"] = ""; $this->DeleteCookie("name"); $this->DeleteCookie("password"); }
509
	function UserWantsComments() { if (!$user = $this->GetUser()) return false; return ($user["show_comments"] == "Y"); }
510
	function GetParameter($parameter, $default = '') { return (isset($this->parameter[$parameter]) ? $this->parameter[$parameter] : $default); }
511
 
512
 
513
 
514
	// COMMENTS
515
	function LoadComments($tag) { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on = '".mysql_escape_string($tag)."' and latest = 'Y' order by time"); }
516
	function LoadRecentComments() { return $this->LoadAll("select * from ".$this->config["table_prefix"]."pages where comment_on != '' and latest = 'Y' order by time desc"); }
517
	function LoadRecentlyCommented($limit = 50) {
518
		// NOTE: this is really stupid. Maybe my SQL-Fu is too weak, but apparently there is no easier way to simply select
519
		//       all comment pages sorted by their first revision's (!) time. ugh!
520
 
521
		// load ids of the first revisions of latest comments. err, huh?
522
		$pages=array();
523
		$comments=array();
524
		if ($ids = $this->LoadAll("select min(id) as id from ".$this->config["table_prefix"]."pages where comment_on != '' group by tag order by id desc"))
525
		{
526
			// load complete comments
527
			foreach ($ids as $id)
528
			{
529
				$comment = $this->LoadSingle("select * from ".$this->config["table_prefix"]."pages where id = '".$id["id"]."' limit 1");
556 ddelon 530
				$num=0;
531
				if (!isset($comments[$comment["comment_on"]])) $comments[$comment["comment_on"]]='';
532
				if (!$comments[$comment["comment_on"]] && $num < $limit)
439 ddelon 533
				{
534
					$comments[$comment["comment_on"]] = $comment;
535
					$num++;
536
				}
537
			}
538
 
539
			// now load pages
540
			if ($comments)
541
			{
542
				// now using these ids, load the actual pages
543
				foreach ($comments as $comment)
544
				{
545
					$page = $this->LoadPage($comment["comment_on"]);
546
					$page["comment_user"] = $comment["user"];
547
					$page["comment_time"] = $comment["time"];
548
					$page["comment_tag"] = $comment["tag"];
549
					$pages[] = $page;
550
				}
551
			}
552
		}
553
		// load tags of pages
554
		//return $this->LoadAll("select comment_on as tag, max(time) as time, tag as comment_tag, user from ".$this->config["table_prefix"]."pages where comment_on != '' group by comment_on order by time desc");
555
		return $pages;
556
	}
557
 
558
 
559
 
560
	// ACCESS CONTROL
561
	// returns true if logged in user is owner of current page, or page specified in $tag
562
	function UserIsOwner($tag = "") {
563
		// check if user is logged in
564
		if (!$this->GetUser()) return false;
565
 
566
		// set default tag
567
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
568
 
569
		// check if user is owner
570
		if ($this->GetPageOwner($tag) == $this->GetUserName()) return true;
571
	}
572
	function GetPageOwner($tag = "", $time = "") { if (!$tag = trim($tag)) $tag = $this->GetPageTag(); if ($page = $this->LoadPage($tag, $time)) return $page["owner"]; }
573
	function SetPageOwner($tag, $user) {
574
		// check if user exists
575
		if (!$this->LoadUser($user)) return;
576
 
577
		// updated latest revision with new owner
578
		$this->Query("update ".$this->config["table_prefix"]."pages set owner = '".mysql_escape_string($user)."' where tag = '".mysql_escape_string($tag)."' and latest = 'Y' limit 1");
579
	}
580
	function LoadAcl($tag, $privilege, $useDefaults = 1) {
581
		if ((!$acl = $this->LoadSingle("select * from ".$this->config["table_prefix"]."acls where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1")) && $useDefaults)
582
		{
583
			$acl = array("page_tag" => $tag, "privilege" => $privilege, "list" => $this->GetConfigValue("default_".$privilege."_acl"));
584
		}
585
		return $acl;
586
	}
587
	function SaveAcl($tag, $privilege, $list) {
588
		if ($this->LoadAcl($tag, $privilege, 0)) $this->Query("update ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."' where page_tag = '".mysql_escape_string($tag)."' and privilege = '".mysql_escape_string($privilege)."' limit 1");
589
		else $this->Query("insert into ".$this->config["table_prefix"]."acls set list = '".mysql_escape_string(trim(str_replace("\r", "", $list)))."', page_tag = '".mysql_escape_string($tag)."', privilege = '".mysql_escape_string($privilege)."'");
590
	}
591
	// returns true if $user (defaults to current user) has access to $privilege on $page_tag (defaults to current page)
592
	function HasAccess($privilege, $tag = "", $user = "") {
593
		// set defaults
594
		if (!$tag = trim($tag)) $tag = $this->GetPageTag();
595
		if (!$user = $this->GetUserName());
596
 
597
		// load acl
598
		$acl = $this->LoadAcl($tag, $privilege);
599
 
600
		// if current user is owner, return true. owner can do anything!
601
		if ($this->UserIsOwner($tag)) return true;
602
 
603
		// fine fine... now go through acl
604
		foreach (explode("\n", $acl["list"]) as $line)
605
		{
606
			$line = trim($line);
607
 
608
			// check for inversion character "!"
609
			if (preg_match("/^[!](.*)$/", $line, $matches))
610
			{
611
				$negate = 1;
612
				$line = $matches[1];
613
			}
614
			else
615
			{
616
				$negate = 0;
617
			}
618
 
619
			// if there's still anything left... lines with just a "!" don't count!
620
			if ($line)
621
			{
622
				switch ($line[0])
623
				{
624
				// comments
625
				case "#":
626
					break;
627
				// everyone
628
				case "*":
629
					return !$negate;
630
				// aha! a user entry.
631
				case "+":
632
					if (!$this->LoadUser($user))
633
					{
634
						return $negate;
635
					}
636
					else
637
					{
638
						return !$negate;
639
					}
640
				default:
641
					if ($line == $user)
642
					{
643
						return !$negate;
644
					}
645
				}
646
			}
647
		}
648
 
649
		// tough luck.
650
		return false;
651
	}
652
 
653
 
654
 
655
	// MAINTENANCE
656
	function Maintenance() {
657
		// purge referrers
658
		$this->PurgeReferrers();
659
		// purge old page revisions
660
		$this->PurgePages();
661
	}
662
 
663
 
664
 
665
	// THE BIG EVIL NASTY ONE!
666
	function Run($tag, $method = "") {
667
		if(!($this->GetMicroTime()%3)) $this->Maintenance();
668
 
669
		$this->ReadInterWikiConfig();
670
 
671
		// do our stuff!
672
		if (!$this->method = trim($method)) $this->method = "show";
673
		if (!$this->tag = trim($tag)) $this->Redirect($this->href("", $this->config["root_page"]));
674
		if ((!$this->GetUser() && isset($_COOKIE["name"])) && ($user = $this->LoadUser($_COOKIE["name"], $_COOKIE["password"]))) $this->SetUser($user, $_COOKIE["remember"]);
675
		$this->SetPage($this->LoadPage($tag, (isset($_REQUEST["time"]) ? $_REQUEST["time"] :'')));
676
		$this->LogReferrer();
677
 
678
      //correction pour un support plus facile de nouveaux handlers
679
      print($this->Method($this->method));
680
	}
681
}
682
 
683
 
684
 
685
// stupid version check
686
if (!isset($_REQUEST)) die('$_REQUEST[] not found. Wakka requires PHP 4.1.0 or higher!');
687
 
688
// workaround for the amazingly annoying magic quotes.
689
function magicQuotesSuck(&$a)
690
{
691
	if (is_array($a))
692
	{
693
		foreach ($a as $k => $v)
694
		{
695
			if (is_array($v))
696
				magicQuotesSuck($a[$k]);
697
			else
698
				$a[$k] = stripslashes($v);
699
		}
700
	}
701
}
702
set_magic_quotes_runtime(0);
703
if (get_magic_quotes_gpc())
704
{
705
	magicQuotesSuck($_POST);
706
	magicQuotesSuck($_GET);
707
	magicQuotesSuck($_COOKIE);
708
}
709
 
710
 
711
// default configuration values
712
$wakkaConfig= array();
713
$wakkaDefaultConfig = array(
714
	'wakka_version'		=> '',
715
	'wikini_version'	=> '',
716
	'debug'			=> 'no',
717
	"mysql_host"		=> "localhost",
718
	"mysql_database"		=> "wikini",
719
	"mysql_user"		=> "wikini",
720
	"mysql_password"		=> '',
721
	"table_prefix"		=> "wikini_",
722
	"root_page"			=> "PagePrincipale",
723
	"wakka_name"		=> "MonSiteWikiNi",
724
	"base_url"			=> "http://".$_SERVER["SERVER_NAME"].($_SERVER["SERVER_PORT"] != 80 ? ":".$_SERVER["SERVER_PORT"] : "").$_SERVER["REQUEST_URI"].(preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "?wiki=" : ""),
725
	"rewrite_mode"		=> (preg_match("/".preg_quote("wakka.php")."$/", $_SERVER["REQUEST_URI"]) ? "0" : "1"),
726
	'meta_keywords'		=> '',
727
	'meta_description'	=> '',
728
	"action_path"		=> "actions",
729
	"handler_path"		=> "handlers",
730
	"header_action"		=> "header",
731
	"footer_action"		=> "footer",
732
	"navigation_links"		=> "DerniersChangements :: DerniersCommentaires :: ParametresUtilisateur",
733
	"referrers_purge_time"	=> 24,
734
	"pages_purge_time"	=> 90,
735
	"default_write_acl"	=> "*",
736
	"default_read_acl"	=> "*",
737
	"default_comment_acl"	=> "*",
556 ddelon 738
	"menu_page"	 	=> "PageMenu",
439 ddelon 739
	"preview_before_save"	=> "0");
740
 
741
// load config
742
if (!$configfile = GetEnv("WAKKA_CONFIG")) $configfile = "wakka.config.php";
743
if (file_exists($configfile)) include($configfile);
744
$wakkaConfigLocation = $configfile;
745
$wakkaConfig = array_merge($wakkaDefaultConfig, $wakkaConfig);
746
 
747
// check for locking
748
if (file_exists("locked")) {
749
	// read password from lockfile
750
	$lines = file("locked");
751
	$lockpw = trim($lines[0]);
752
 
753
	// is authentification given?
754
	if (isset($_SERVER["PHP_AUTH_USER"])) {
755
		if (!(($_SERVER["PHP_AUTH_USER"] == "admin") && ($_SERVER["PHP_AUTH_PW"] == $lockpw))) {
756
			$ask = 1;
757
		}
758
	} else {
759
		$ask = 1;
760
	}
761
 
762
	if ($ask) {
763
		header("WWW-Authenticate: Basic realm=\"".$wakkaConfig["wakka_name"]." Install/Upgrade Interface\"");
764
		header("HTTP/1.0 401 Unauthorized");
765
		echo "Ce site est en cours de mise &agrave; jour. Veuillez essayer plus tard." ;
766
		exit;
767
	}
768
}
769
 
770
 
771
// compare versions, start installer if necessary
772
if ($wakkaConfig["wakka_version"] && (!$wakkaConfig["wikini_version"])) { $wakkaConfig["wikini_version"]=$wakkaConfig["wakka_version"]; }
773
if (($wakkaConfig["wakka_version"] != WAKKA_VERSION) || ($wakkaConfig["wikini_version"] != WIKINI_VERSION)) {
774
	// start installer
775
	if (!isset($_REQUEST["installAction"]) OR !$installAction = trim($_REQUEST["installAction"])) $installAction = "default";
776
	include("setup/header.php");
777
	if (file_exists("setup/".$installAction.".php")) include("setup/".$installAction.".php"); else echo "<i>Invalid action</i>" ;
778
	include("setup/footer.php");
779
	exit;
780
}
781
 
782
 
783
// configuration du cookie de session
784
//determine le chemin pour le cookie
785
$a = parse_url($wakkaConfig['base_url']);
786
$CookiePath = dirname($a['path']);
787
if ($CookiePath != '/') $CookiePath .= '/';
788
$a = session_get_cookie_params();
789
session_set_cookie_params($a['lifetime'],$CookiePath);
790
unset($a);
791
unset($CookiePath);
792
 
793
// start session
794
session_start();
795
 
796
// fetch wakka location
797
if (!isset($_REQUEST["wiki"])) $_REQUEST["wiki"] = '';
798
 
799
$wiki = $_REQUEST["wiki"];
800
 
801
// remove leading slash
802
$wiki = preg_replace("/^\//", "", $wiki);
803
 
804
// split into page/method
805
if (preg_match("#^(.+?)/([A-Za-z0-9_]*)$#", $wiki, $matches)) list(, $page, $method) = $matches;
806
else if (preg_match("#^(.*)$#", $wiki, $matches)) list(, $page) = $matches;
807
 
808
// create wiki object
809
$wiki = new Wiki($wakkaConfig);
810
// check for database access
811
if (!$wiki->dblink)
812
{
813
	echo "<p>Pour des raisons ind&eacute;pendantes de notre volont&eacute;, le contenu de ce Wiki est temporairement inaccessible. Veuillez r&eacute;essayer ult&eacute;rieurement, merci de votre compr&eacute;hension.</p>";
814
	exit;
815
}
816
 
817
function compress_output($output)
818
{
819
	return gzencode($output);
820
}
821
 
822
// Check if the browser supports gzip encoding, HTTP_ACCEPT_ENCODING
823
if (strstr ($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip') && function_exists('gzencode') )
824
{
825
	// Start output buffering, and register compress_output() (see
826
	// below)
827
	ob_start ("compress_output");
828
 
829
	// Tell the browser the content is compressed with gzip
830
	header ("Content-Encoding: gzip");
831
}
832
 
833
 
834
// go!
835
if (!isset($method)) $method='';
836
 
837
// Security (quick hack)  : Check method syntax
838
if (!(preg_match('#^[A-Za-z0-9_]*$#',$method))) {
839
	$method='';
840
}
841
 
842
$wiki->Run($page, $method);
843
?>