includes/pageprocess.php~
changeset 3 2b2084ca1e60
parent 2 0931d60f5bdb
child 4 0b3a0aedfd53
equal deleted inserted replaced
2:0931d60f5bdb 3:2b2084ca1e60
     1 <?php
       
     2 /*
       
     3  * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between
       
     4  * Version 1.0 (Banshee)
       
     5  * pageprocess.php - intelligent retrieval of pages
       
     6  * Copyright (C) 2006-2007 Dan Fuhry
       
     7  *
       
     8  * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License
       
     9  * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
       
    10  *
       
    11  * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
       
    12  * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.
       
    13  */
       
    14 
       
    15 /**
       
    16  * Class to handle fetching page text (possibly from a cache) and formatting it.
       
    17  * @package Enano
       
    18  * @subpackage UI
       
    19  * @copyright 2007 Dan Fuhry
       
    20  * @license GNU General Public License <http://www.gnu.org/licenses/gpl.html>
       
    21  */
       
    22 
       
    23 class PageProcessor
       
    24 {
       
    25   
       
    26   /**
       
    27    * Page ID and namespace of the page handled by this instance
       
    28    * @var string
       
    29    */
       
    30   
       
    31   var $page_id;
       
    32   var $namespace;
       
    33   
       
    34   /**
       
    35    * Tracks if the page we're loading exists in the database or not.
       
    36    * @var bool
       
    37    */
       
    38   
       
    39   var $page_exists = false;
       
    40   
       
    41   /**
       
    42    * Permissions!
       
    43    * @var object
       
    44    */
       
    45   
       
    46   var $perms = null;
       
    47   
       
    48   /**
       
    49    * Switch to track if redirects are allowed. Defaults to true.
       
    50    * @var bool
       
    51    */
       
    52   
       
    53   var $allow_redir = true;
       
    54   
       
    55   /**
       
    56    * If this is set to true, this will call the header and footer funcs on $template when render() is called.
       
    57    * @var bool
       
    58    */
       
    59   
       
    60   var $send_headers = false;
       
    61   
       
    62   /**
       
    63    * Cache the fetched text so we don't fetch it from the DB twice.
       
    64    * @var string
       
    65    */
       
    66   
       
    67   var $text_cache = '';
       
    68   
       
    69   /**
       
    70    * Debugging information to track errors. You can set enable to false to disable sending debug information.
       
    71    * @var array
       
    72    */
       
    73   
       
    74   var $debug = array(
       
    75       'enable' => true,
       
    76       'works'  => false
       
    77     );
       
    78   
       
    79   /**
       
    80    * Constructor.
       
    81    * @param string The page ID (urlname) of the page
       
    82    * @param string The namespace of the page
       
    83    */
       
    84   
       
    85   function __construct( $page_id, $namespace )
       
    86   {
       
    87     global $db, $session, $paths, $template, $plugins; // Common objects
       
    88     
       
    89     // See if we can get some debug info
       
    90     if ( function_exists('debug_backtrace') && $this->debug['enable'] )
       
    91     {
       
    92       $this->debug['works'] = true;
       
    93       $this->debug['backtrace'] = enano_debug_print_backtrace(true);
       
    94     }
       
    95     
       
    96     // First things first - check page existence and permissions
       
    97     
       
    98     if ( !isset($paths->nslist[$namespace]) )
       
    99     {
       
   100       $this->send_error('The namespace "' . htmlspecialchars($namespace) . '" does not exist.');
       
   101     }
       
   102     
       
   103     $this->_setup( $page_id, $namespace );
       
   104     
       
   105   }
       
   106   
       
   107   /**
       
   108    * The main method to send the page content. Also responsible for checking permissions.
       
   109    */
       
   110   
       
   111   function send()
       
   112   {
       
   113     global $db, $session, $paths, $template, $plugins; // Common objects
       
   114     if ( !$this->perms->get_permissions('read') )
       
   115     {
       
   116       $this->err_access_denied();
       
   117       return false;
       
   118     }
       
   119     if ( $this->namespace == 'Special' || $this->namespace == 'Admin' )
       
   120     {
       
   121       if ( !$this->page_exists )
       
   122       {
       
   123         redirect( makeUrl(getConfig('main_page')), 'Can\'t find special page', 'The special or administration page you requested does not exist. You will now be transferred to the main page.', 2 );
       
   124       }
       
   125       $func_name = "page_{$this->namespace}_{$this->page_id}";
       
   126       if ( function_exists($func_name) )
       
   127       {
       
   128         return @call_user_func($func_name);
       
   129       }
       
   130       else
       
   131       {
       
   132         $title = 'Page backend not found';
       
   133         $message = "The administration page you are looking for was properly registered using the page API, but the backend function
       
   134                     (<tt>$fname</tt>) was not found. If this is a plugin page, then this is almost certainly a bug with the plugin.";
       
   135                     
       
   136         if ( $this->send_headers )
       
   137         {
       
   138           $template->tpl_strings['PAGE_NAME'] = $title;
       
   139           $template->header();
       
   140           echo "<p>$message</p>";
       
   141           $template->footer();
       
   142         }
       
   143         else
       
   144         {
       
   145           echo "<h2>$title</h2>
       
   146                 <p>$message</p>";
       
   147         }
       
   148         return false;
       
   149       }
       
   150     }
       
   151     else if ( in_array($this->namespace, array('Article', 'User', 'Project', 'Help', 'File', 'Category')) && $this->page_exists )
       
   152     {
       
   153       // Send as regular page
       
   154       $text = $this->fetch_text();
       
   155       if ( $text == 'err_no_text_rows' )
       
   156       {
       
   157         $this->err_no_rows();
       
   158         return false;
       
   159       }
       
   160       else
       
   161       {
       
   162         $this->render();
       
   163       }
       
   164     }
       
   165     else if ( ( $this->namespace == 'Template' || $this->namespace == 'System' ) && $this->page_exists )
       
   166     {
       
   167       $this->header();
       
   168       
       
   169       $text = $this->fetch_text();
       
   170       $text = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '\\1', $text);
       
   171       $text = preg_replace('/<nodisplay>(.*?)<\/nodisplay>/is', '', $text);
       
   172       
       
   173       $text = RenderMan::render( $text );
       
   174       
       
   175       echo $text;
       
   176       
       
   177       $this->footer();
       
   178       
       
   179     }
       
   180     else if ( !$this->page_exists )
       
   181     {
       
   182       // Perhaps this is hooked?
       
   183       ob_start();
       
   184       
       
   185       $code = $plugins->setHook('page_not_found');
       
   186       foreach ( $code as $cmd )
       
   187       {
       
   188         eval($cmd);
       
   189       }
       
   190       
       
   191       $ob = ob_get_contents();
       
   192       
       
   193       if ( empty($ob) )
       
   194       {
       
   195         $this->err_page_not_existent();
       
   196       }
       
   197       
       
   198     }
       
   199     
       
   200   }
       
   201   
       
   202   /**
       
   203    * Sets internal variables.
       
   204    * @access private
       
   205    */
       
   206   
       
   207   function _setup($page_id, $namespace)
       
   208   {
       
   209     global $db, $session, $paths, $template, $plugins; // Common objects
       
   210     
       
   211     $page_id_cleaned = sanitize_page_id($page_id);
       
   212     
       
   213     $this->page_id = $page_id_cleaned;
       
   214     $this->namespace = $namespace;
       
   215     
       
   216     $this->perms = $session->fetch_page_acl( $page_id, $namespace );
       
   217     
       
   218     // Exception for Admin: pages
       
   219     if ( $this->namespace == 'Admin' )
       
   220     {
       
   221       $fname = "page_Admin_{$this->page_id}";
       
   222     }
       
   223     
       
   224     // Does the page "exist"?
       
   225     if ( $paths->cpage['urlname_nons'] == $page_id && $paths->namespace == $namespace && !$paths->page_exists && ( $this->namespace == 'Admin' && !function_exists($fname) ) )
       
   226     {
       
   227       $this->page_exists = false;
       
   228     }
       
   229     else if ( !isset( $paths->pages[ $paths->nslist[$namespace] . $page_id ] ) && ( $this->namespace == 'Admin' && !function_exists($fname) ) )
       
   230     {
       
   231       $this->page_exists = false;
       
   232     }
       
   233     else
       
   234     {
       
   235       $this->page_exists = true;
       
   236     }
       
   237   }
       
   238   
       
   239   /**
       
   240    * Renders it all in one go, and echoes it out. This assumes that the text is in the DB.
       
   241    * @access private
       
   242    */
       
   243   
       
   244   function render()
       
   245   {
       
   246     $text = $this->fetch_text();
       
   247     
       
   248     $this->header();
       
   249     echo RenderMan::render($text);
       
   250     $this->footer();
       
   251   }
       
   252   
       
   253   /**
       
   254    * Sends the page header, dependent on, of course, whether we're supposed to.
       
   255    */
       
   256   
       
   257   function header()
       
   258   {
       
   259     global $db, $session, $paths, $template, $plugins; // Common objects
       
   260     if ( $this->send_headers )
       
   261       $template->header();
       
   262   }
       
   263   
       
   264   /**
       
   265    * Sends the page footer, dependent on, of course, whether we're supposed to.
       
   266    */
       
   267   
       
   268   function footer()
       
   269   {
       
   270     global $db, $session, $paths, $template, $plugins; // Common objects
       
   271     if ( $this->send_headers )
       
   272       $template->footer();
       
   273   }
       
   274   
       
   275   /**
       
   276    * Fetches the raw, unfiltered page text.
       
   277    * @access public
       
   278    */
       
   279   
       
   280   function fetch_text()
       
   281   {
       
   282     global $db, $session, $paths, $template, $plugins; // Common objects
       
   283     
       
   284     if ( !empty($this->text_cache) )
       
   285     {
       
   286       return $this->text_cache;
       
   287     }
       
   288     
       
   289     $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\';');
       
   290     if ( !$q )
       
   291     {
       
   292       $this->send_error('Error during SQL query.', true);
       
   293     }
       
   294     if ( $db->numrows() < 1 )
       
   295     {
       
   296       $this->page_exists = false;
       
   297       return 'err_no_text_rows';
       
   298     }
       
   299     
       
   300     $row = $db->fetchrow();
       
   301     $db->free_result();
       
   302     
       
   303     if ( !empty($row['char_tag']) )
       
   304     {
       
   305       // This page text entry uses the old text-escaping format
       
   306       $from = array(
       
   307           "{APOS:{$row['char_tag']}}",
       
   308           "{QUOT:{$row['char_tag']}}",
       
   309           "{SLASH:{$row['char_tag']}}"
       
   310         );
       
   311       $to = array("'", '"',  '\\');
       
   312       $row['page_text'] = str_replace($from, $to, $row['page_text']);
       
   313     }
       
   314     
       
   315     $this->text_cache = $row['page_text'];
       
   316     
       
   317     return $row['page_text'];
       
   318     
       
   319   }
       
   320   
       
   321   /**
       
   322    * Send the error message to the user that the access to this page is denied.
       
   323    * @access private
       
   324    */
       
   325   
       
   326   function err_access_denied()
       
   327   {
       
   328     global $db, $session, $paths, $template, $plugins; // Common objects
       
   329     
       
   330     $ob = '';
       
   331     $template->tpl_strings['PAGE_NAME'] = 'Access denied';
       
   332       
       
   333     if ( $this->send_headers )
       
   334     {
       
   335       $ob .= $template->getHeader();
       
   336     }
       
   337     
       
   338     $ob .= '<div class="error-box"><b>Access to this page is denied.</b><br />This may be because you are not logged in or you have not met certain criteria for viewing this page.</div>';
       
   339     
       
   340     if ( $this->send_headers )
       
   341     {
       
   342       $ob .= $template->getFooter();
       
   343     }
       
   344     echo $ob;
       
   345   }
       
   346   
       
   347   /**
       
   348    * Send the error message to the user complaining that there weren't any rows.
       
   349    * @access private
       
   350    */
       
   351   
       
   352   function err_no_rows()
       
   353   {
       
   354     global $db, $session, $paths, $template, $plugins; // Common objects
       
   355     
       
   356     $title = 'No text rows';
       
   357     $message = 'While the page\'s existence was verified, there were no rows in the database that matched the query for the text. This may indicate a bug with the software; ask the webmaster for more information.';
       
   358     if ( $this->send_headers )
       
   359     {
       
   360       $template->tpl_strings['PAGE_NAME'] = $title;
       
   361       $template->header();
       
   362       echo "<p>$message</p>";
       
   363       $template->footer();
       
   364     }
       
   365     else
       
   366     {
       
   367       echo "<h2>$title</h2>
       
   368             <p>$message</p>";
       
   369     }
       
   370   }
       
   371   
       
   372   /**
       
   373    * Tell the user the page doesn't exist, and present them with their options.
       
   374    * @access private
       
   375    */
       
   376    
       
   377   function err_page_not_existent()
       
   378   {
       
   379     global $db, $session, $paths, $template, $plugins; // Common objects
       
   380     
       
   381     $this->header();
       
   382     header('HTTP/1.1 404 Not Found');
       
   383     echo '<h3>There is no page with this title yet.</h3>
       
   384            <p>You have requested a page that doesn\'t exist yet.';
       
   385     if ( $session->get_permissions('create_page') )
       
   386     {
       
   387       echo ' You can <a href="'.makeUrlNS($this->namespace, $this->page_id, 'do=edit', true).'" onclick="ajaxEditor(); return false;">create this page</a>, or return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.';
       
   388     }
       
   389     else
       
   390     {
       
   391       echo ' Return to the <a href="'.makeUrl(getConfig('main_page')).'">homepage</a>.</p>';
       
   392     }
       
   393     if ( $session->get_permissions('history_rollback') )
       
   394     {
       
   395       $e = $db->sql_query('SELECT * FROM ' . table_prefix . 'logs WHERE action=\'delete\' AND page_id=\'' . $this->page_id . '\' AND namespace=\'' . $this->namespace . '\' ORDER BY time_id DESC;');
       
   396       if ( !$e )
       
   397       {
       
   398         $db->_die('The deletion log could not be selected.');
       
   399       }
       
   400       if ( $db->numrows() > 0 )
       
   401       {
       
   402         $r = $db->fetchrow();
       
   403         echo '<p>This page also appears to have some log entries in the database - it seems that it was deleted on ' . $r['date_string'] . '. You can probably <a href="'.makeUrl($paths->page, 'do=rollback&amp;id='.$r['time_id']).'" onclick="ajaxRollback(\''.$r['time_id'].'\'); return false;">roll back</a> the deletion.</p>';
       
   404       }
       
   405       $db->free_result();
       
   406     }
       
   407     echo '<p>
       
   408             HTTP Error: 404 Not Found
       
   409           </p>';
       
   410     $this->footer();
       
   411   }
       
   412   
       
   413   /**
       
   414    * PHP 4 constructor.
       
   415    * @see PageProcessor::__construct()
       
   416    */
       
   417   
       
   418   function PageProcessor( $page_id, $namespace )
       
   419   {
       
   420     $this->__construct($page_id, $namespace);
       
   421   }
       
   422   
       
   423   /**
       
   424    * Send an error message and die
       
   425    * @var string Error message
       
   426    * @var bool If true, send DBAL's debugging information as well
       
   427    */
       
   428    
       
   429   function send_error($message, $sql = false)
       
   430   {
       
   431     global $db, $session, $paths, $template, $plugins; // Common objects
       
   432     
       
   433     $content = "<p>$message</p>";
       
   434     $template->tpl_strings['PAGE_NAME'] = 'General error in page fetcher';
       
   435     
       
   436     if ( $this->debug['works'] )
       
   437     {
       
   438       $content .= $this->debug['backtrace'];
       
   439     }
       
   440     
       
   441     header('HTTP/1.1 500 Internal Server Error');
       
   442     
       
   443     $template->header();
       
   444     echo $content;
       
   445     $template->footer();
       
   446     
       
   447     $db->close();
       
   448     
       
   449     exit;
       
   450     
       
   451   }
       
   452   
       
   453 } // class PageProcessor
       
   454 
       
   455 ?>