<?php

/*

 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between

 * Version 1.0 (Banshee)

 * pageprocess.php - intelligent retrieval of pages

 * Copyright (C) 2006-2007 Dan Fuhry

 *

 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied

 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.

 */

/**

 * Class to handle fetching page text (possibly from a cache) and formatting it.

 * @package Enano

 * @subpackage UI

 * @copyright 2007 Dan Fuhry

 * @license GNU General Public License <http://www.gnu.org/licenses/gpl.html>

 */

class PageProcessor

{

  /**

   * Page ID and namespace of the page handled by this instance

   * @var string

   */

  var $page_id;

  var $namespace;

  /**

   * The revision ID (history entry) to send. If set to 0 (the default) then the most recent revision will be sent.

   * @var int

   */

  var $revision_id = 0;

  /**

   * Unsanitized page ID.

   * @var string

   */

  var $page_id_unclean;

  /**

   * Tracks if the page we're loading exists in the database or not.

   * @var bool

   */

  var $page_exists = false;

  /**

   * Permissions!

   * @var object

   */

  var $perms = null;

  /**

   * Switch to track if redirects are allowed. Defaults to true.

   * @var bool

   */

  var $allow_redir = true;

  /**

   * If this is set to true, this will call the header and footer funcs on $template when render() is called.

   * @var bool

   */

  var $send_headers = false;

  /**

   * Cache the fetched text so we don't fetch it from the DB twice.

   * @var string

   */

  var $text_cache = '';

  /**

   * Debugging information to track errors. You can set enable to false to disable sending debug information.

   * @var array

   */

  var $debug = array(

      'enable' => false,

      'works'  => false

    );

  /**

   * Constructor.

   * @param string The page ID (urlname) of the page

   * @param string The namespace of the page

   * @param int Optional. The revision ID to send.

   */

  function __construct( $page_id, $namespace, $revision_id = 0 )

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    // See if we can get some debug info

    if ( function_exists('debug_backtrace') && $this->debug['enable'] )

    {

      $this->debug['works'] = true;

      $this->debug['backtrace'] = enano_debug_print_backtrace(true);

    }

    // First things first - check page existence and permissions

    if ( !isset($paths->nslist[$namespace]) )

    {

      $this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.');

    }

    if ( !is_int($revision_id) )

      $revision_id = 0;

    $this->_setup( $page_id, $namespace, $revision_id );

  }

  /**

   * The main method to send the page content. Also responsible for checking permissions.

   */

  function send()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    if ( !$this->perms->get_permissions('read') )

    {

      $this->err_access_denied();

      return false;

    }

    if ( $this->namespace == 'Special' || $this->namespace == 'Admin' )

    {

      if ( !$this->page_exists )

      {

        redirect( makeUrl(getConfig('main_page')), 'Can\'t find special page', 'The special or administration page you requested does not exist. You will now be transferred to the main page.', 2 );

      }

      $func_name = "page_{$this->namespace}_{$this->page_id}";

      if ( function_exists($func_name) )

      {

        return @call_user_func($func_name);

      }

      else

      {

        $title = 'Page backend not found';

        $message = "The administration page you are looking for was properly registered using the page API, but the backend function

                    (<tt>$fname</tt>) was not found. If this is a plugin page, then this is almost certainly a bug with the plugin.";

        if ( $this->send_headers )

        {

          $template->tpl_strings['PAGE_NAME'] = $title;

          $template->header();

          echo "<p>$message</p>";

          $template->footer();

        }

        else

        {

          echo "<h2>$title</h2>

                <p>$message</p>";

        }

        return false;

      }

    }

    else if ( $this->namespace == 'User' )

    {

      $this->_handle_userpage();

    }

    else if ( ( $this->namespace == 'Template' || $this->namespace == 'System' ) && $this->page_exists )

    {

      $this->header();

      $text = $this->fetch_text();

      $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text);

      $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text);

      $text = RenderMan::render( $text );

      echo $text;

      $this->footer();

    }

    else if ( !$this->page_exists )

    {

      // Perhaps this is hooked?

      ob_start();

      $code = $plugins->setHook('page_not_found');

      foreach ( $code as $cmd )

      {

        eval($cmd);

      }

      $ob = ob_get_contents();

      if ( empty($ob) )

      {

        $this->err_page_not_existent();

      }

    }

    else // (disabled for compatibility reasons) if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists )

    {

      // Send as regular page

      // die($this->page_id);

      $text = $this->fetch_text();

      if ( $text == 'err_no_text_rows' )

      {

        $this->err_no_rows();

        return false;

      }

      else

      {

      }

    }

  }

  /**

   * Sets internal variables.

   * @access private

   */

  function _setup($page_id, $namespace, $revision_id)

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    $page_id_cleaned = sanitize_page_id($page_id);

    $this->page_id = $page_id_cleaned;

    $this->namespace = $namespace;

    $this->revision_id = $revision_id;

    $this->page_id_unclean = dirtify_page_id($page_id);

    $this->perms = $session->fetch_page_acl( $page_id, $namespace );

    // Exception for Admin: pages

    if ( $this->namespace == 'Admin' )

    {

      $fname = "page_Admin_{$this->page_id}";

    }

    // Does the page "exist"?

    if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) )

    {

      $this->page_exists = false;

    }

    else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) )

    {

      $this->page_exists = false;

    }

    else

    {

      $this->page_exists = true;

    }

    // Compatibility with older databases

    if ( strstr($this->page_id, '.2e') && !$this->page_exists )

    {

      $page_id = str_replace('.2e', '.', $page_id);

      if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace != 'Admin' || ($this->namespace == 'Admin' && !function_exists($fname) ) ) )

      {

        $this->page_exists = false;

      }

      else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) )

      {

        $this->page_exists = false;

      }

      else

      {

        $this->page_exists = true;

      }

    }

  }

  /**

   * Renders it all in one go, and echoes it out. This assumes that the text is in the DB.

   * @access private

   */

  {

    $text = $this->fetch_text();

    $this->header();

      display_page_headers();

    if ( $this->revision_id )

    {

      echo '<div class="info-box" style="margin-left: 0; margin-top: 5px;"><b>Notice:</b><br />The page you are viewing was archived on '.date('F d, Y \a\t h:i a', $this->revision_id).'.<br /><a href="'.makeUrlNS($this->namespace, $this->page_id).'" onclick="ajaxReset(); return false;">View current version</a>  |  <a href="'.makeUrlNS($this->namespace, $this->pageid, 'do=rollback&amp;id='.$this->revision_id).'" onclick="ajaxRollback(\''.$this->revision_id.'\')">Restore this version</a></div><br />';

    }

    $text = '?>' . RenderMan::render($text);

    // echo('<pre>'.htmlspecialchars($text).'</pre>');

    eval ( $text );

      display_page_footers();

    $this->footer();

  }

  /**

   * Sends the page header, dependent on, of course, whether we're supposed to.

   */

  function header()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    if ( $this->send_headers )

      $template->header();

  }

  /**

   * Sends the page footer, dependent on, of course, whether we're supposed to.

   */

  function footer()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    if ( $this->send_headers )

      $template->footer();

  }

  /**

   * Fetches the raw, unfiltered page text.

   * @access public

   */

  function fetch_text()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    if ( !empty($this->text_cache) )

    {

      return $this->text_cache;

    }

    if ( $this->revision_id > 0 && is_int($this->revision_id) )

    {

      $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';');

      if ( !$q )

      {

        $this->send_error('Error during SQL query.', true);

      }

      if ( $db->numrows() < 1 )

      {

        // Compatibility fix for old pages with dots in the page ID

        if ( strstr($this->page_id, '.2e') )

        {

          $db->free_result();

          $page_id = str_replace('.2e', '.', $this->page_id);

          $q = $db->sql_query('SELECT page_text, char_tag, date_string FROM '.table_prefix.'logs WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\' AND time_id=' . $this->revision_id . ';');

          if ( !$q )

          {

            $this->send_error('Error during SQL query.', true);

          }

          if ( $db->numrows() < 1 )

          {

            $this->page_exists = false;

            return 'err_no_text_rows';

          }

        }

        else

        {

          $this->page_exists = false;

          return 'err_no_text_rows';

        }

      }

      else

      {

        $row = $db->fetchrow();

      }

      $db->free_result();

    }

    else

    {

      $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';');

      if ( !$q )

      {

        $this->send_error('Error during SQL query.', true);

      }

      if ( $db->numrows() < 1 )

      {

        // Compatibility fix for old pages with dots in the page ID

        if ( strstr($this->page_id, '.2e') )

        {

          $db->free_result();

          $page_id = str_replace('.2e', '.', $this->page_id);

          $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $page_id . '\' AND namespace=\'' . $this->namespace . '\';');

          if ( !$q )

          {

            $this->send_error('Error during SQL query.', true);

          }

          if ( $db->numrows() < 1 )

          {

            $this->page_exists = false;

            return 'err_no_text_rows';

          }

        }

        else

        {

          $this->page_exists = false;

          return 'err_no_text_rows';

        }

      }

      $row = $db->fetchrow();

      $db->free_result();

    }

    if ( !empty($row['char_tag']) )

    {

      // This page text entry uses the old text-escaping format

      $from = array(

          "{APOS:{$row['char_tag']}}",

          "{QUOT:{$row['char_tag']}}",

          "{SLASH:{$row['char_tag']}}"

        );

      $to = array("'", '"',  '\\');

      $row['page_text'] = str_replace($from, $to, $row['page_text']);

    }

    $this->text_cache = $row['page_text'];

    return $row['page_text'];

  }

  /**

   * Handles the extra overhead required for user pages.

   * @access private

   */

  function _handle_userpage()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    if ( $this->page_id == $paths->cpage['urlname_nons'] && $this->namespace == $paths->namespace )

    {

      $page_name = ( isset($paths->cpage['name']) ) ? $paths->cpage['name'] : $this->page_id;

    }

    else

    {

      $page_name = ( isset($paths->pages[$this->page_id]) ) ? $paths->pages[$this->page_id]['name'] : $this->page_id;

    }

    $target_username = strtr($page_name, 

      Array(

        '_' => ' ',

        '<' => '&lt;',

        '>' => '>'

        ));

    $target_username = preg_replace('/^' . preg_quote($paths->nslist['User']) . '/', '', $target_username);

    if ( ( $page_name == str_replace('_', ' ', $this->page_id) || $page_name == $paths->nslist['User'] . str_replace('_', ' ', $this->page_id) ) || !$this->page_exists )

    {

      $page_name = "$target_username's user page";

    }

    else

    {

      // User has a custom title for their userpage

      $page_name = $paths->pages[ $paths->nslist[$this->namespace] . $this->page_id ]['name'];

    }

    $template->tpl_strings['PAGE_NAME'] = htmlspecialchars($page_name);

    $q = $db->sql_query('SELECT u.username, u.user_id AS authoritative_uid, u.real_name, u.email, u.reg_time, x.*, COUNT(c.comment_id) AS n_comments

                           FROM '.table_prefix.'users u

                           LEFT JOIN '.table_prefix.'users_extra AS x

                             ON ( u.user_id = x.user_id OR x.user_id IS NULL ) 

                           LEFT JOIN '.table_prefix.'comments AS c

                             ON ( ( c.user_id=u.user_id AND c.approved=1 ) OR ( c.comment_id IS NULL AND c.approved IS NULL ) )

                           WHERE u.username=\'' . $db->escape($target_username) . '\'

                           GROUP BY u.user_id;');

    if ( !$q )

      $db->_die();

    $user_exists = true;