Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
2ab75571 | 3 | * Copyright (C) 2003-2010 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
bfb9093b | 25 | define('PL_WIKI', 500); |
46ca2746 FB |
26 | |
27 | abstract class PlHook | |
28 | { | |
29 | protected $auth; | |
30 | protected $perms; | |
31 | protected $type; | |
32 | ||
33 | protected function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
34 | { | |
35 | $this->auth = $auth; | |
36 | $this->perms = $perms; | |
37 | $this->type = $type; | |
38 | } | |
39 | ||
40 | public function needAuth() | |
41 | { | |
42 | return $this->auth > S::i('auth', AUTH_PUBLIC); | |
43 | } | |
44 | ||
45 | public function checkPerms() | |
46 | { | |
47 | if (!$this->perms || $this->auth == AUTH_PUBLIC) { // No perms, no check | |
48 | return true; | |
49 | } | |
50 | $s_perms = S::v('perms'); | |
51 | return $s_perms->hasFlagCombination($this->perms); | |
52 | } | |
53 | ||
54 | public function hasType($type) | |
55 | { | |
56 | return ($this->type & $type) == $type; | |
57 | } | |
58 | ||
59 | abstract protected function run(PlPage &$page, array $args); | |
60 | ||
61 | public function call(PlPage &$page, array $args) | |
62 | { | |
63 | global $globals, $session, $platal; | |
64 | if ($this->needAuth()) { | |
65 | if ($this->hasType(DO_AUTH)) { | |
66 | if (!$session->start($this->auth)) { | |
67 | $platal->force_login($page); | |
bbeb39f7 | 68 | return PL_FORBIDDEN; |
46ca2746 FB |
69 | } |
70 | } else { | |
71 | return PL_FORBIDDEN; | |
72 | } | |
73 | } | |
74 | if (!$this->checkPerms()) { | |
a86feb89 | 75 | if (Platal::notAllowed()) { |
46ca2746 FB |
76 | return PL_FORBIDDEN; |
77 | } | |
78 | } | |
79 | return $this->run($page, $args); | |
80 | } | |
81 | } | |
82 | ||
83 | class PlStdHook extends PlHook | |
84 | { | |
85 | private $hook; | |
86 | ||
87 | public function __construct($callback, $auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
88 | { | |
89 | parent::__construct($auth, $perms, $type); | |
90 | $this->hook = $callback; | |
91 | } | |
92 | ||
93 | protected function run(PlPage &$page, array $args) | |
94 | { | |
95 | global $session, $platal; | |
96 | ||
97 | $args[0] = $page; | |
98 | $val = call_user_func_array($this->hook, $args); | |
99 | if ($val == PL_DO_AUTH) { | |
100 | if (!$session->start($session->loggedLevel())) { | |
101 | $platal->force_login($page); | |
102 | } | |
103 | $val = call_user_func_array($this->hook, $args); | |
104 | } | |
105 | return $val; | |
106 | } | |
107 | } | |
108 | ||
109 | class PlWikiHook extends PlHook | |
110 | { | |
41e571e3 | 111 | public function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
46ca2746 FB |
112 | { |
113 | parent::__construct($auth, $perms, $type); | |
114 | } | |
115 | ||
116 | protected function run(PlPage &$page, array $args) | |
117 | { | |
118 | return PL_WIKI; | |
119 | } | |
120 | } | |
121 | ||
122 | class PlHookTree | |
123 | { | |
124 | public $hook = null; | |
125 | public $aliased = null; | |
126 | public $children = array(); | |
127 | ||
128 | public function addChild(array $path, PlHook $hook) | |
129 | { | |
130 | global $platal; | |
131 | $next = array_shift($path); | |
132 | $alias = null; | |
133 | if ($next && $next{0} == '%') { | |
134 | $alias = $next; | |
135 | $next = $platal->hook_map(substr($next, 1)); | |
136 | } | |
137 | if (!$next) { | |
138 | return; | |
139 | } | |
140 | @$child =& $this->children[$next]; | |
141 | if (!$child) { | |
142 | $child = new PlHookTree(); | |
143 | $this->children[$next] =& $child; | |
144 | $child->aliased = $alias; | |
145 | } | |
146 | if (empty($path)) { | |
147 | $child->hook = $hook; | |
148 | } else { | |
149 | $child->addChild($path, $hook); | |
150 | } | |
151 | } | |
152 | ||
153 | private function findChildAux(array $remain, array $matched, array $aliased) | |
154 | { | |
155 | $next = @$remain[0]; | |
156 | if ($this->aliased) { | |
157 | $aliased = $matched; | |
158 | } | |
159 | if (!empty($next)) { | |
160 | $child = @$this->children[$next]; | |
161 | if ($child) { | |
162 | array_shift($remain); | |
163 | $matched[] = $next; | |
164 | return $child->findChildAux($remain, $matched, $aliased); | |
165 | } | |
166 | } | |
167 | return array($this->hook, $matched, $remain, $aliased); | |
168 | } | |
169 | ||
170 | public function findChild(array $path) | |
171 | { | |
172 | return $this->findChildAux($path, array(), array()); | |
173 | } | |
174 | ||
175 | private function findNearestChildAux(array $remain, array $matched, array $aliased) | |
176 | { | |
177 | $next = @$remain[0]; | |
178 | if ($this->aliased) { | |
179 | $aliased = $matched; | |
180 | } | |
181 | if (!empty($next)) { | |
182 | $child = @$this->children[$next]; | |
183 | if (!$child) { | |
184 | $nearest_lev = 50; | |
185 | $nearest_sdx = 50; | |
186 | $match = null; | |
187 | foreach ($this->children as $path=>$hook) { | |
188 | $lev = levenshtein($next, $path); | |
189 | if ($lev <= $nearest_lev | |
190 | && ($lev < strlen($next) / 2 || strpos($next, $path) !== false | |
191 | || strpos($path, $next) !== false)) { | |
192 | $sdx = levenshtein(soundex($next), soundex($path)); | |
193 | if ($lev == $nearest_lev || $sdx < $nearest_sdx) { | |
194 | $child = $hook; | |
195 | $nearest_lev = $lev; | |
196 | $nearest_sdx = $sdx; | |
197 | $match = $path; | |
198 | } | |
199 | } | |
200 | } | |
201 | $next = $match; | |
202 | } | |
203 | if ($child) { | |
204 | array_shift($remain); | |
205 | $matched[] = $next; | |
206 | return $child->findNearestChildAux($remain, $matched, $aliased); | |
207 | } | |
208 | if (($pos = strpos($next, '.php')) !== false) { | |
209 | $remain[0] = substr($next, 0, $pos); | |
210 | return $this->findNearestChildAux($remain, $matched, $aliased); | |
211 | } | |
212 | } | |
213 | return array($this->hook, $matched, $remain, $aliased); | |
214 | } | |
215 | ||
216 | public function findNearestChild(array $path) | |
217 | { | |
218 | return $this->findNearestChildAux($path, array(), array()); | |
219 | } | |
220 | } | |
221 | ||
b62f8858 | 222 | |
c158b99a | 223 | abstract class Platal |
b62f8858 | 224 | { |
46ca2746 FB |
225 | private $mods; |
226 | private $hooks; | |
b62f8858 | 227 | |
8fc4efa3 | 228 | protected $https; |
229 | ||
2b1ee50b | 230 | public $ns; |
231 | public $path; | |
786bffb5 | 232 | public $argv = array(); |
b62f8858 | 233 | |
abde67b1 FB |
234 | static private $_page = null; |
235 | ||
2b1ee50b | 236 | public function __construct() |
b62f8858 | 237 | { |
c0799142 | 238 | global $platal, $session, $globals; |
faeb823b | 239 | $platal = $this; |
ca6384fb FB |
240 | |
241 | /* Assign globals first, then call init: init must be used for operations | |
242 | * that requires access to the content of $globals (e.g. XDB requires | |
243 | * $globals to be assigned. | |
244 | */ | |
245 | $globals = $this->buildGlobals(); | |
d95d46a7 | 246 | $globals->init(); |
ca6384fb FB |
247 | |
248 | /* Get the current session: assign first, then activate the session. | |
249 | */ | |
250 | $session = $this->buildSession(); | |
c0799142 | 251 | if (!$session->startAvailableAuth()) { |
2d08839a | 252 | Platal::page()->trigError("Données d'authentification invalides."); |
c0799142 | 253 | } |
abde67b1 | 254 | |
e77c7ea2 | 255 | $modules = func_get_args(); |
5640f093 | 256 | if (isset($modules[0]) && is_array($modules[0])) { |
2b1ee50b | 257 | $modules = $modules[0]; |
258 | } | |
27472b85 | 259 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 260 | |
46ca2746 FB |
261 | $this->mods = array(); |
262 | $this->hooks = new PlHookTree(); | |
b62f8858 | 263 | |
5de0b7e1 | 264 | array_unshift($modules, 'core'); |
e77c7ea2 | 265 | foreach ($modules as $module) { |
a18afbdc | 266 | $module = strtolower($module); |
46ca2746 FB |
267 | $this->mods[$module] = $m = PLModule::factory($module); |
268 | $hooks = $m->handlers(); | |
269 | foreach ($hooks as $path=>$hook) { | |
9e394323 | 270 | $this->hooks->addChild(explode('/', $path), $hook); |
46ca2746 | 271 | } |
b62f8858 | 272 | } |
fe556813 | 273 | |
fe556813 FB |
274 | if ($globals->mode == '') { |
275 | pl_redirect('index.html'); | |
276 | } | |
b62f8858 | 277 | } |
278 | ||
2b1ee50b | 279 | public function pl_self($n = null) |
d1ebc57a | 280 | { |
281 | if (is_null($n)) | |
282 | return $this->path; | |
283 | ||
284 | if ($n >= 0) | |
285 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
286 | ||
287 | if ($n <= -count($this->argv)) | |
288 | return $this->argv[0]; | |
289 | ||
290 | return join('/', array_slice($this->argv, 0, $n)); | |
291 | } | |
292 | ||
bfb9093b FB |
293 | public static function wiki_hook($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
294 | { | |
46ca2746 | 295 | return new PlWikiHook($auth, $perms, $type); |
bfb9093b FB |
296 | } |
297 | ||
46ca2746 | 298 | public function hook_map($name) |
b62f8858 | 299 | { |
46ca2746 | 300 | return null; |
7c6e0aff | 301 | } |
302 | ||
46ca2746 | 303 | protected function find_hook() |
409de7a7 | 304 | { |
9e394323 | 305 | $p = explode('/', $this->path); |
46ca2746 FB |
306 | list($hook, $matched, $remain, $aliased) = $this->hooks->findChild($p); |
307 | if (empty($hook)) { | |
308 | return null; | |
409de7a7 | 309 | } |
46ca2746 FB |
310 | $this->argv = $remain; |
311 | array_unshift($this->argv, implode('/', $matched)); | |
312 | if (!empty($aliased)) { | |
313 | $this->ns = implode('/', $aliased) . '/'; | |
409de7a7 | 314 | } |
46ca2746 FB |
315 | $this->https = !$hook->hasType(NO_HTTPS); |
316 | return $hook; | |
409de7a7 | 317 | } |
318 | ||
02838718 | 319 | public function near_hook() |
409de7a7 | 320 | { |
9e394323 | 321 | $p = explode('/', $this->path); |
46ca2746 FB |
322 | list($hook, $matched, $remain, $aliased) = $this->hooks->findNearestChild($p); |
323 | if (empty($hook)) { | |
324 | return null; | |
6d407683 | 325 | } |
46ca2746 FB |
326 | $url = implode('/', $matched); |
327 | if (!empty($remain)) { | |
328 | $url .= '/' . implode('/', $remain); | |
6d407683 | 329 | } |
46ca2746 FB |
330 | if ($url == $this->path || levenshtein($url, $this->path) > strlen($url) / 3 |
331 | || !$hook->checkPerms()) { | |
332 | return null; | |
bf517daf | 333 | } |
46ca2746 | 334 | return $url; |
bf517daf | 335 | } |
336 | ||
04334c61 | 337 | private function call_hook(PlPage &$page) |
7c6e0aff | 338 | { |
339 | $hook = $this->find_hook(); | |
409de7a7 | 340 | if (empty($hook)) { |
15a094c0 | 341 | return PL_NOT_FOUND; |
342 | } | |
abde67b1 | 343 | global $globals, $session; |
748b27d2 | 344 | if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
8fc4efa3 | 345 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); |
346 | } | |
15a094c0 | 347 | |
46ca2746 | 348 | return $hook->call($page, $this->argv); |
b62f8858 | 349 | } |
350 | ||
c158b99a FB |
351 | /** Show the authentication form. |
352 | */ | |
353 | abstract public function force_login(PlPage& $page); | |
63528107 | 354 | |
2b1ee50b | 355 | public function run() |
b62f8858 | 356 | { |
abde67b1 | 357 | $page =& self::page(); |
b62f8858 | 358 | |
359 | if (empty($this->path)) { | |
c9178c75 | 360 | $this->path = 'index'; |
361 | } | |
362 | ||
7f6d1063 FB |
363 | try { |
364 | $page->assign('platal', $this); | |
365 | switch ($this->call_hook($page)) { | |
366 | case PL_FORBIDDEN: | |
367 | $this->mods['core']->handler_403($page); | |
368 | break; | |
369 | ||
370 | case PL_NOT_FOUND: | |
371 | $this->mods['core']->handler_404($page); | |
372 | break; | |
373 | ||
374 | case PL_WIKI: | |
375 | return PL_WIKI; | |
376 | } | |
377 | } catch (Exception $e) { | |
378 | header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error'); | |
b62f8858 | 379 | |
7f6d1063 FB |
380 | $file = fopen(self::globals()->spoolroot . '/spool/tmp/site_errors', 'a'); |
381 | fwrite($file, '<pre>' . date('Y-m-d G:i:s') . '</pre>' | |
382 | . '<pre>' . pl_entities("" . $e) . '</pre>' | |
383 | . '------------------------------------------------------------------' . "\n"); | |
384 | fclose($file); | |
bfb9093b | 385 | |
7f6d1063 FB |
386 | if (self::globals()->debug) { |
387 | $page->kill(pl_entities($e->getMessage()) | |
388 | . '<pre>' . pl_entities("" . $e) . '</pre>'); | |
389 | } else { | |
390 | $page->kill(pl_entities($e->getMessage())); | |
391 | } | |
b62f8858 | 392 | } |
e979cd2b | 393 | |
394 | $page->assign('platal', $this); | |
b62f8858 | 395 | $page->run(); |
396 | } | |
8d8f7607 | 397 | |
b0a04fb2 FB |
398 | public function error403() |
399 | { | |
400 | $page =& self::page(); | |
401 | ||
46ca2746 | 402 | $this->mods['core']->handler_403($page); |
b0a04fb2 FB |
403 | $page->assign('platal', $this); |
404 | $page->run(); | |
405 | } | |
406 | ||
407 | public function error404() | |
408 | { | |
409 | $page =& self::page(); | |
410 | ||
46ca2746 | 411 | $this->mods['core']->handler_404($page); |
b0a04fb2 FB |
412 | $page->assign('platal', $this); |
413 | $page->run(); | |
414 | } | |
415 | ||
179658ec FB |
416 | public static function notAllowed() |
417 | { | |
418 | if (S::admin()) { | |
419 | self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); | |
420 | return false; | |
421 | } else { | |
422 | return true; | |
423 | } | |
424 | } | |
425 | ||
ac2f544d FB |
426 | public static function load($modname, $include = null) |
427 | { | |
428 | global $platal; | |
429 | $modname = strtolower($modname); | |
46ca2746 | 430 | if (isset($platal->mods[$modname])) { |
ac2f544d FB |
431 | if (is_null($include)) { |
432 | return; | |
433 | } | |
46ca2746 | 434 | $platal->mods[$modname]->load($include); |
ac2f544d FB |
435 | } else { |
436 | if (is_null($include)) { | |
437 | require_once PLModule::path($modname) . '.php'; | |
438 | } else { | |
439 | require_once PLModule::path($modname) . '/' . $include; | |
440 | } | |
441 | } | |
442 | } | |
443 | ||
84f658d2 | 444 | public static function assert($cond, $error, $userfriendly = null) |
ca6384fb | 445 | { |
ca6384fb | 446 | if ($cond === false) { |
84f658d2 RB |
447 | if ($userfriendly == null) { |
448 | $userfriendly = "Une erreur interne s'est produite. | |
449 | Merci de réessayer la manipulation qui a déclenché l'erreur ; | |
450 | si cela ne fonctionne toujours pas, merci de nous signaler le problème rencontré."; | |
451 | } | |
7f6d1063 | 452 | throw new PlException($userfriendly, $error); |
ca6384fb FB |
453 | } |
454 | } | |
455 | ||
faeb823b | 456 | public function &buildLogger($uid, $suid = 0) |
ca6384fb | 457 | { |
c7608455 | 458 | if (defined('PL_LOGGER_CLASS')) { |
ca6384fb | 459 | $class = PL_LOGGER_CLASS; |
7f8e81bb PC |
460 | $logger = new $class($uid, $suid); |
461 | return $logger; | |
ca6384fb | 462 | } else { |
faeb823b | 463 | return PlLogger::dummy($uid, $suid); |
ca6384fb FB |
464 | } |
465 | } | |
ec60dba7 | 466 | |
ca6384fb FB |
467 | protected function &buildPage() |
468 | { | |
469 | $pageclass = PL_PAGE_CLASS; | |
470 | $page = new $pageclass(); | |
471 | return $page; | |
472 | } | |
ec60dba7 | 473 | |
abde67b1 FB |
474 | static public function &page() |
475 | { | |
abde67b1 | 476 | if (is_null(self::$_page)) { |
ca6384fb FB |
477 | global $platal; |
478 | self::$_page = $platal->buildPage(); | |
abde67b1 FB |
479 | } |
480 | return self::$_page; | |
481 | } | |
47fa97fe | 482 | |
ca6384fb FB |
483 | protected function &buildSession() |
484 | { | |
485 | $sessionclass = PL_SESSION_CLASS; | |
486 | $session = new $sessionclass(); | |
487 | return $session; | |
488 | } | |
489 | ||
47fa97fe FB |
490 | static public function &session() |
491 | { | |
492 | global $session; | |
493 | return $session; | |
494 | } | |
495 | ||
ca6384fb FB |
496 | protected function &buildGlobals() |
497 | { | |
498 | $globalclass = PL_GLOBALS_CLASS; | |
499 | $globals = new $globalclass(); | |
500 | return $globals; | |
501 | } | |
502 | ||
47fa97fe FB |
503 | static public function &globals() |
504 | { | |
505 | global $globals; | |
506 | return $globals; | |
507 | } | |
b62f8858 | 508 | } |
509 | ||
a7de4ef7 | 510 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 511 | ?> |