Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
2ab75571 | 3 | * Copyright (C) 2003-2010 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
bfb9093b | 25 | define('PL_WIKI', 500); |
c67e49ea | 26 | define('PL_JSON', 501); |
46ca2746 FB |
27 | |
28 | abstract class PlHook | |
29 | { | |
30 | protected $auth; | |
31 | protected $perms; | |
32 | protected $type; | |
33 | ||
34 | protected function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
35 | { | |
36 | $this->auth = $auth; | |
37 | $this->perms = $perms; | |
38 | $this->type = $type; | |
39 | } | |
40 | ||
41 | public function needAuth() | |
42 | { | |
43 | return $this->auth > S::i('auth', AUTH_PUBLIC); | |
44 | } | |
45 | ||
46 | public function checkPerms() | |
47 | { | |
48 | if (!$this->perms || $this->auth == AUTH_PUBLIC) { // No perms, no check | |
49 | return true; | |
50 | } | |
51 | $s_perms = S::v('perms'); | |
52 | return $s_perms->hasFlagCombination($this->perms); | |
53 | } | |
54 | ||
55 | public function hasType($type) | |
56 | { | |
57 | return ($this->type & $type) == $type; | |
58 | } | |
59 | ||
60 | abstract protected function run(PlPage &$page, array $args); | |
61 | ||
62 | public function call(PlPage &$page, array $args) | |
63 | { | |
64 | global $globals, $session, $platal; | |
65 | if ($this->needAuth()) { | |
66 | if ($this->hasType(DO_AUTH)) { | |
67 | if (!$session->start($this->auth)) { | |
68 | $platal->force_login($page); | |
bbeb39f7 | 69 | return PL_FORBIDDEN; |
46ca2746 FB |
70 | } |
71 | } else { | |
72 | return PL_FORBIDDEN; | |
73 | } | |
74 | } | |
75 | if (!$this->checkPerms()) { | |
a86feb89 | 76 | if (Platal::notAllowed()) { |
46ca2746 FB |
77 | return PL_FORBIDDEN; |
78 | } | |
79 | } | |
80 | return $this->run($page, $args); | |
81 | } | |
82 | } | |
83 | ||
84 | class PlStdHook extends PlHook | |
85 | { | |
86 | private $hook; | |
87 | ||
88 | public function __construct($callback, $auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
89 | { | |
90 | parent::__construct($auth, $perms, $type); | |
91 | $this->hook = $callback; | |
92 | } | |
93 | ||
94 | protected function run(PlPage &$page, array $args) | |
95 | { | |
96 | global $session, $platal; | |
97 | ||
98 | $args[0] = $page; | |
99 | $val = call_user_func_array($this->hook, $args); | |
100 | if ($val == PL_DO_AUTH) { | |
101 | if (!$session->start($session->loggedLevel())) { | |
102 | $platal->force_login($page); | |
103 | } | |
104 | $val = call_user_func_array($this->hook, $args); | |
105 | } | |
106 | return $val; | |
107 | } | |
108 | } | |
109 | ||
110 | class PlWikiHook extends PlHook | |
111 | { | |
41e571e3 | 112 | public function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
46ca2746 FB |
113 | { |
114 | parent::__construct($auth, $perms, $type); | |
115 | } | |
116 | ||
117 | protected function run(PlPage &$page, array $args) | |
118 | { | |
119 | return PL_WIKI; | |
120 | } | |
121 | } | |
122 | ||
123 | class PlHookTree | |
124 | { | |
125 | public $hook = null; | |
126 | public $aliased = null; | |
127 | public $children = array(); | |
128 | ||
129 | public function addChild(array $path, PlHook $hook) | |
130 | { | |
131 | global $platal; | |
132 | $next = array_shift($path); | |
133 | $alias = null; | |
134 | if ($next && $next{0} == '%') { | |
135 | $alias = $next; | |
136 | $next = $platal->hook_map(substr($next, 1)); | |
137 | } | |
138 | if (!$next) { | |
139 | return; | |
140 | } | |
141 | @$child =& $this->children[$next]; | |
142 | if (!$child) { | |
143 | $child = new PlHookTree(); | |
144 | $this->children[$next] =& $child; | |
145 | $child->aliased = $alias; | |
146 | } | |
147 | if (empty($path)) { | |
148 | $child->hook = $hook; | |
149 | } else { | |
150 | $child->addChild($path, $hook); | |
151 | } | |
152 | } | |
153 | ||
154 | private function findChildAux(array $remain, array $matched, array $aliased) | |
155 | { | |
156 | $next = @$remain[0]; | |
157 | if ($this->aliased) { | |
158 | $aliased = $matched; | |
159 | } | |
160 | if (!empty($next)) { | |
161 | $child = @$this->children[$next]; | |
162 | if ($child) { | |
163 | array_shift($remain); | |
164 | $matched[] = $next; | |
165 | return $child->findChildAux($remain, $matched, $aliased); | |
166 | } | |
167 | } | |
168 | return array($this->hook, $matched, $remain, $aliased); | |
169 | } | |
170 | ||
171 | public function findChild(array $path) | |
172 | { | |
173 | return $this->findChildAux($path, array(), array()); | |
174 | } | |
175 | ||
176 | private function findNearestChildAux(array $remain, array $matched, array $aliased) | |
177 | { | |
178 | $next = @$remain[0]; | |
179 | if ($this->aliased) { | |
180 | $aliased = $matched; | |
181 | } | |
182 | if (!empty($next)) { | |
183 | $child = @$this->children[$next]; | |
184 | if (!$child) { | |
185 | $nearest_lev = 50; | |
186 | $nearest_sdx = 50; | |
187 | $match = null; | |
188 | foreach ($this->children as $path=>$hook) { | |
189 | $lev = levenshtein($next, $path); | |
190 | if ($lev <= $nearest_lev | |
191 | && ($lev < strlen($next) / 2 || strpos($next, $path) !== false | |
192 | || strpos($path, $next) !== false)) { | |
193 | $sdx = levenshtein(soundex($next), soundex($path)); | |
194 | if ($lev == $nearest_lev || $sdx < $nearest_sdx) { | |
195 | $child = $hook; | |
196 | $nearest_lev = $lev; | |
197 | $nearest_sdx = $sdx; | |
198 | $match = $path; | |
199 | } | |
200 | } | |
201 | } | |
202 | $next = $match; | |
203 | } | |
204 | if ($child) { | |
205 | array_shift($remain); | |
206 | $matched[] = $next; | |
207 | return $child->findNearestChildAux($remain, $matched, $aliased); | |
208 | } | |
209 | if (($pos = strpos($next, '.php')) !== false) { | |
210 | $remain[0] = substr($next, 0, $pos); | |
211 | return $this->findNearestChildAux($remain, $matched, $aliased); | |
212 | } | |
213 | } | |
214 | return array($this->hook, $matched, $remain, $aliased); | |
215 | } | |
216 | ||
217 | public function findNearestChild(array $path) | |
218 | { | |
219 | return $this->findNearestChildAux($path, array(), array()); | |
220 | } | |
221 | } | |
222 | ||
c158b99a | 223 | abstract class Platal |
b62f8858 | 224 | { |
46ca2746 FB |
225 | private $mods; |
226 | private $hooks; | |
b62f8858 | 227 | |
8fc4efa3 | 228 | protected $https; |
229 | ||
2b1ee50b | 230 | public $ns; |
231 | public $path; | |
786bffb5 | 232 | public $argv = array(); |
b62f8858 | 233 | |
abde67b1 FB |
234 | static private $_page = null; |
235 | ||
2b1ee50b | 236 | public function __construct() |
b62f8858 | 237 | { |
c0799142 | 238 | global $platal, $session, $globals; |
faeb823b | 239 | $platal = $this; |
ca6384fb FB |
240 | |
241 | /* Assign globals first, then call init: init must be used for operations | |
242 | * that requires access to the content of $globals (e.g. XDB requires | |
243 | * $globals to be assigned. | |
244 | */ | |
245 | $globals = $this->buildGlobals(); | |
d95d46a7 | 246 | $globals->init(); |
ca6384fb FB |
247 | |
248 | /* Get the current session: assign first, then activate the session. | |
249 | */ | |
250 | $session = $this->buildSession(); | |
c0799142 | 251 | if (!$session->startAvailableAuth()) { |
2d08839a | 252 | Platal::page()->trigError("Données d'authentification invalides."); |
c0799142 | 253 | } |
abde67b1 | 254 | |
e77c7ea2 | 255 | $modules = func_get_args(); |
5640f093 | 256 | if (isset($modules[0]) && is_array($modules[0])) { |
2b1ee50b | 257 | $modules = $modules[0]; |
258 | } | |
27472b85 | 259 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 260 | |
46ca2746 FB |
261 | $this->mods = array(); |
262 | $this->hooks = new PlHookTree(); | |
b62f8858 | 263 | |
5de0b7e1 | 264 | array_unshift($modules, 'core'); |
e77c7ea2 | 265 | foreach ($modules as $module) { |
a18afbdc | 266 | $module = strtolower($module); |
46ca2746 FB |
267 | $this->mods[$module] = $m = PLModule::factory($module); |
268 | $hooks = $m->handlers(); | |
269 | foreach ($hooks as $path=>$hook) { | |
9e394323 | 270 | $this->hooks->addChild(explode('/', $path), $hook); |
46ca2746 | 271 | } |
b62f8858 | 272 | } |
fe556813 | 273 | |
fe556813 FB |
274 | if ($globals->mode == '') { |
275 | pl_redirect('index.html'); | |
276 | } | |
b62f8858 | 277 | } |
278 | ||
2b1ee50b | 279 | public function pl_self($n = null) |
d1ebc57a | 280 | { |
281 | if (is_null($n)) | |
282 | return $this->path; | |
283 | ||
284 | if ($n >= 0) | |
285 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
286 | ||
287 | if ($n <= -count($this->argv)) | |
288 | return $this->argv[0]; | |
289 | ||
290 | return join('/', array_slice($this->argv, 0, $n)); | |
291 | } | |
292 | ||
bfb9093b FB |
293 | public static function wiki_hook($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
294 | { | |
46ca2746 | 295 | return new PlWikiHook($auth, $perms, $type); |
bfb9093b FB |
296 | } |
297 | ||
46ca2746 | 298 | public function hook_map($name) |
b62f8858 | 299 | { |
46ca2746 | 300 | return null; |
7c6e0aff | 301 | } |
302 | ||
46ca2746 | 303 | protected function find_hook() |
409de7a7 | 304 | { |
9e394323 | 305 | $p = explode('/', $this->path); |
46ca2746 FB |
306 | list($hook, $matched, $remain, $aliased) = $this->hooks->findChild($p); |
307 | if (empty($hook)) { | |
308 | return null; | |
409de7a7 | 309 | } |
46ca2746 FB |
310 | $this->argv = $remain; |
311 | array_unshift($this->argv, implode('/', $matched)); | |
312 | if (!empty($aliased)) { | |
313 | $this->ns = implode('/', $aliased) . '/'; | |
409de7a7 | 314 | } |
46ca2746 FB |
315 | $this->https = !$hook->hasType(NO_HTTPS); |
316 | return $hook; | |
409de7a7 | 317 | } |
318 | ||
02838718 | 319 | public function near_hook() |
409de7a7 | 320 | { |
9e394323 | 321 | $p = explode('/', $this->path); |
46ca2746 FB |
322 | list($hook, $matched, $remain, $aliased) = $this->hooks->findNearestChild($p); |
323 | if (empty($hook)) { | |
324 | return null; | |
6d407683 | 325 | } |
46ca2746 FB |
326 | $url = implode('/', $matched); |
327 | if (!empty($remain)) { | |
328 | $url .= '/' . implode('/', $remain); | |
6d407683 | 329 | } |
46ca2746 FB |
330 | if ($url == $this->path || levenshtein($url, $this->path) > strlen($url) / 3 |
331 | || !$hook->checkPerms()) { | |
332 | return null; | |
bf517daf | 333 | } |
46ca2746 | 334 | return $url; |
bf517daf | 335 | } |
336 | ||
04334c61 | 337 | private function call_hook(PlPage &$page) |
7c6e0aff | 338 | { |
339 | $hook = $this->find_hook(); | |
409de7a7 | 340 | if (empty($hook)) { |
15a094c0 | 341 | return PL_NOT_FOUND; |
342 | } | |
abde67b1 | 343 | global $globals, $session; |
748b27d2 | 344 | if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
8fc4efa3 | 345 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); |
346 | } | |
15a094c0 | 347 | |
46ca2746 | 348 | return $hook->call($page, $this->argv); |
b62f8858 | 349 | } |
350 | ||
c158b99a FB |
351 | /** Show the authentication form. |
352 | */ | |
353 | abstract public function force_login(PlPage& $page); | |
63528107 | 354 | |
2b1ee50b | 355 | public function run() |
b62f8858 | 356 | { |
abde67b1 | 357 | $page =& self::page(); |
b62f8858 | 358 | |
359 | if (empty($this->path)) { | |
c9178c75 | 360 | $this->path = 'index'; |
361 | } | |
362 | ||
7f6d1063 FB |
363 | try { |
364 | $page->assign('platal', $this); | |
c67e49ea FB |
365 | $res = $this->call_hook($page); |
366 | switch ($res) { | |
7f6d1063 FB |
367 | case PL_FORBIDDEN: |
368 | $this->mods['core']->handler_403($page); | |
369 | break; | |
370 | ||
371 | case PL_NOT_FOUND: | |
372 | $this->mods['core']->handler_404($page); | |
373 | break; | |
374 | ||
375 | case PL_WIKI: | |
376 | return PL_WIKI; | |
377 | } | |
378 | } catch (Exception $e) { | |
379 | header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error'); | |
40b79bfc | 380 | PlErrorReport::report($e); |
7f6d1063 FB |
381 | if (self::globals()->debug) { |
382 | $page->kill(pl_entities($e->getMessage()) | |
383 | . '<pre>' . pl_entities("" . $e) . '</pre>'); | |
384 | } else { | |
385 | $page->kill(pl_entities($e->getMessage())); | |
386 | } | |
b62f8858 | 387 | } |
e979cd2b | 388 | |
389 | $page->assign('platal', $this); | |
c67e49ea FB |
390 | if ($res == PL_JSON) { |
391 | $page->runJSon(); | |
392 | } else { | |
393 | $page->run(); | |
394 | } | |
b62f8858 | 395 | } |
8d8f7607 | 396 | |
b0a04fb2 FB |
397 | public function error403() |
398 | { | |
399 | $page =& self::page(); | |
400 | ||
46ca2746 | 401 | $this->mods['core']->handler_403($page); |
b0a04fb2 FB |
402 | $page->assign('platal', $this); |
403 | $page->run(); | |
404 | } | |
405 | ||
406 | public function error404() | |
407 | { | |
408 | $page =& self::page(); | |
409 | ||
46ca2746 | 410 | $this->mods['core']->handler_404($page); |
b0a04fb2 FB |
411 | $page->assign('platal', $this); |
412 | $page->run(); | |
413 | } | |
414 | ||
179658ec FB |
415 | public static function notAllowed() |
416 | { | |
417 | if (S::admin()) { | |
418 | self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); | |
419 | return false; | |
420 | } else { | |
421 | return true; | |
422 | } | |
423 | } | |
424 | ||
ac2f544d FB |
425 | public static function load($modname, $include = null) |
426 | { | |
427 | global $platal; | |
428 | $modname = strtolower($modname); | |
46ca2746 | 429 | if (isset($platal->mods[$modname])) { |
ac2f544d FB |
430 | if (is_null($include)) { |
431 | return; | |
432 | } | |
46ca2746 | 433 | $platal->mods[$modname]->load($include); |
ac2f544d FB |
434 | } else { |
435 | if (is_null($include)) { | |
436 | require_once PLModule::path($modname) . '.php'; | |
437 | } else { | |
438 | require_once PLModule::path($modname) . '/' . $include; | |
439 | } | |
440 | } | |
441 | } | |
442 | ||
84f658d2 | 443 | public static function assert($cond, $error, $userfriendly = null) |
ca6384fb | 444 | { |
ca6384fb | 445 | if ($cond === false) { |
84f658d2 RB |
446 | if ($userfriendly == null) { |
447 | $userfriendly = "Une erreur interne s'est produite. | |
448 | Merci de réessayer la manipulation qui a déclenché l'erreur ; | |
449 | si cela ne fonctionne toujours pas, merci de nous signaler le problème rencontré."; | |
450 | } | |
7f6d1063 | 451 | throw new PlException($userfriendly, $error); |
ca6384fb FB |
452 | } |
453 | } | |
454 | ||
faeb823b | 455 | public function &buildLogger($uid, $suid = 0) |
ca6384fb | 456 | { |
c7608455 | 457 | if (defined('PL_LOGGER_CLASS')) { |
ca6384fb | 458 | $class = PL_LOGGER_CLASS; |
7f8e81bb PC |
459 | $logger = new $class($uid, $suid); |
460 | return $logger; | |
ca6384fb | 461 | } else { |
faeb823b | 462 | return PlLogger::dummy($uid, $suid); |
ca6384fb FB |
463 | } |
464 | } | |
ec60dba7 | 465 | |
ca6384fb FB |
466 | protected function &buildPage() |
467 | { | |
468 | $pageclass = PL_PAGE_CLASS; | |
469 | $page = new $pageclass(); | |
470 | return $page; | |
471 | } | |
ec60dba7 | 472 | |
abde67b1 FB |
473 | static public function &page() |
474 | { | |
abde67b1 | 475 | if (is_null(self::$_page)) { |
ca6384fb FB |
476 | global $platal; |
477 | self::$_page = $platal->buildPage(); | |
abde67b1 FB |
478 | } |
479 | return self::$_page; | |
480 | } | |
47fa97fe | 481 | |
ca6384fb FB |
482 | protected function &buildSession() |
483 | { | |
484 | $sessionclass = PL_SESSION_CLASS; | |
485 | $session = new $sessionclass(); | |
486 | return $session; | |
487 | } | |
488 | ||
47fa97fe FB |
489 | static public function &session() |
490 | { | |
491 | global $session; | |
492 | return $session; | |
493 | } | |
494 | ||
ca6384fb FB |
495 | protected function &buildGlobals() |
496 | { | |
497 | $globalclass = PL_GLOBALS_CLASS; | |
498 | $globals = new $globalclass(); | |
499 | return $globals; | |
500 | } | |
501 | ||
47fa97fe FB |
502 | static public function &globals() |
503 | { | |
504 | global $globals; | |
505 | return $globals; | |
506 | } | |
b62f8858 | 507 | } |
508 | ||
a7de4ef7 | 509 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 510 | ?> |