Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
2ab75571 | 3 | * Copyright (C) 2003-2010 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
bfb9093b | 25 | define('PL_WIKI', 500); |
46ca2746 FB |
26 | |
27 | abstract class PlHook | |
28 | { | |
29 | protected $auth; | |
30 | protected $perms; | |
31 | protected $type; | |
32 | ||
33 | protected function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
34 | { | |
35 | $this->auth = $auth; | |
36 | $this->perms = $perms; | |
37 | $this->type = $type; | |
38 | } | |
39 | ||
40 | public function needAuth() | |
41 | { | |
42 | return $this->auth > S::i('auth', AUTH_PUBLIC); | |
43 | } | |
44 | ||
45 | public function checkPerms() | |
46 | { | |
47 | if (!$this->perms || $this->auth == AUTH_PUBLIC) { // No perms, no check | |
48 | return true; | |
49 | } | |
50 | $s_perms = S::v('perms'); | |
51 | return $s_perms->hasFlagCombination($this->perms); | |
52 | } | |
53 | ||
54 | public function hasType($type) | |
55 | { | |
56 | return ($this->type & $type) == $type; | |
57 | } | |
58 | ||
59 | abstract protected function run(PlPage &$page, array $args); | |
60 | ||
61 | public function call(PlPage &$page, array $args) | |
62 | { | |
63 | global $globals, $session, $platal; | |
64 | if ($this->needAuth()) { | |
65 | if ($this->hasType(DO_AUTH)) { | |
66 | if (!$session->start($this->auth)) { | |
67 | $platal->force_login($page); | |
68 | } | |
69 | } else { | |
70 | return PL_FORBIDDEN; | |
71 | } | |
72 | } | |
73 | if (!$this->checkPerms()) { | |
74 | if (!Platal::notAllowed()) { | |
75 | return PL_FORBIDDEN; | |
76 | } | |
77 | } | |
78 | return $this->run($page, $args); | |
79 | } | |
80 | } | |
81 | ||
82 | class PlStdHook extends PlHook | |
83 | { | |
84 | private $hook; | |
85 | ||
86 | public function __construct($callback, $auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
87 | { | |
88 | parent::__construct($auth, $perms, $type); | |
89 | $this->hook = $callback; | |
90 | } | |
91 | ||
92 | protected function run(PlPage &$page, array $args) | |
93 | { | |
94 | global $session, $platal; | |
95 | ||
96 | $args[0] = $page; | |
97 | $val = call_user_func_array($this->hook, $args); | |
98 | if ($val == PL_DO_AUTH) { | |
99 | if (!$session->start($session->loggedLevel())) { | |
100 | $platal->force_login($page); | |
101 | } | |
102 | $val = call_user_func_array($this->hook, $args); | |
103 | } | |
104 | return $val; | |
105 | } | |
106 | } | |
107 | ||
108 | class PlWikiHook extends PlHook | |
109 | { | |
41e571e3 | 110 | public function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
46ca2746 FB |
111 | { |
112 | parent::__construct($auth, $perms, $type); | |
113 | } | |
114 | ||
115 | protected function run(PlPage &$page, array $args) | |
116 | { | |
117 | return PL_WIKI; | |
118 | } | |
119 | } | |
120 | ||
121 | class PlHookTree | |
122 | { | |
123 | public $hook = null; | |
124 | public $aliased = null; | |
125 | public $children = array(); | |
126 | ||
127 | public function addChild(array $path, PlHook $hook) | |
128 | { | |
129 | global $platal; | |
130 | $next = array_shift($path); | |
131 | $alias = null; | |
132 | if ($next && $next{0} == '%') { | |
133 | $alias = $next; | |
134 | $next = $platal->hook_map(substr($next, 1)); | |
135 | } | |
136 | if (!$next) { | |
137 | return; | |
138 | } | |
139 | @$child =& $this->children[$next]; | |
140 | if (!$child) { | |
141 | $child = new PlHookTree(); | |
142 | $this->children[$next] =& $child; | |
143 | $child->aliased = $alias; | |
144 | } | |
145 | if (empty($path)) { | |
146 | $child->hook = $hook; | |
147 | } else { | |
148 | $child->addChild($path, $hook); | |
149 | } | |
150 | } | |
151 | ||
152 | private function findChildAux(array $remain, array $matched, array $aliased) | |
153 | { | |
154 | $next = @$remain[0]; | |
155 | if ($this->aliased) { | |
156 | $aliased = $matched; | |
157 | } | |
158 | if (!empty($next)) { | |
159 | $child = @$this->children[$next]; | |
160 | if ($child) { | |
161 | array_shift($remain); | |
162 | $matched[] = $next; | |
163 | return $child->findChildAux($remain, $matched, $aliased); | |
164 | } | |
165 | } | |
166 | return array($this->hook, $matched, $remain, $aliased); | |
167 | } | |
168 | ||
169 | public function findChild(array $path) | |
170 | { | |
171 | return $this->findChildAux($path, array(), array()); | |
172 | } | |
173 | ||
174 | private function findNearestChildAux(array $remain, array $matched, array $aliased) | |
175 | { | |
176 | $next = @$remain[0]; | |
177 | if ($this->aliased) { | |
178 | $aliased = $matched; | |
179 | } | |
180 | if (!empty($next)) { | |
181 | $child = @$this->children[$next]; | |
182 | if (!$child) { | |
183 | $nearest_lev = 50; | |
184 | $nearest_sdx = 50; | |
185 | $match = null; | |
186 | foreach ($this->children as $path=>$hook) { | |
187 | $lev = levenshtein($next, $path); | |
188 | if ($lev <= $nearest_lev | |
189 | && ($lev < strlen($next) / 2 || strpos($next, $path) !== false | |
190 | || strpos($path, $next) !== false)) { | |
191 | $sdx = levenshtein(soundex($next), soundex($path)); | |
192 | if ($lev == $nearest_lev || $sdx < $nearest_sdx) { | |
193 | $child = $hook; | |
194 | $nearest_lev = $lev; | |
195 | $nearest_sdx = $sdx; | |
196 | $match = $path; | |
197 | } | |
198 | } | |
199 | } | |
200 | $next = $match; | |
201 | } | |
202 | if ($child) { | |
203 | array_shift($remain); | |
204 | $matched[] = $next; | |
205 | return $child->findNearestChildAux($remain, $matched, $aliased); | |
206 | } | |
207 | if (($pos = strpos($next, '.php')) !== false) { | |
208 | $remain[0] = substr($next, 0, $pos); | |
209 | return $this->findNearestChildAux($remain, $matched, $aliased); | |
210 | } | |
211 | } | |
212 | return array($this->hook, $matched, $remain, $aliased); | |
213 | } | |
214 | ||
215 | public function findNearestChild(array $path) | |
216 | { | |
217 | return $this->findNearestChildAux($path, array(), array()); | |
218 | } | |
219 | } | |
220 | ||
b62f8858 | 221 | |
c158b99a | 222 | abstract class Platal |
b62f8858 | 223 | { |
46ca2746 FB |
224 | private $mods; |
225 | private $hooks; | |
b62f8858 | 226 | |
8fc4efa3 | 227 | protected $https; |
228 | ||
2b1ee50b | 229 | public $ns; |
230 | public $path; | |
231 | public $argv; | |
b62f8858 | 232 | |
abde67b1 FB |
233 | static private $_page = null; |
234 | ||
2b1ee50b | 235 | public function __construct() |
b62f8858 | 236 | { |
c0799142 | 237 | global $platal, $session, $globals; |
faeb823b | 238 | $platal = $this; |
ca6384fb FB |
239 | |
240 | /* Assign globals first, then call init: init must be used for operations | |
241 | * that requires access to the content of $globals (e.g. XDB requires | |
242 | * $globals to be assigned. | |
243 | */ | |
244 | $globals = $this->buildGlobals(); | |
d95d46a7 | 245 | $globals->init(); |
ca6384fb FB |
246 | |
247 | /* Get the current session: assign first, then activate the session. | |
248 | */ | |
249 | $session = $this->buildSession(); | |
c0799142 | 250 | if (!$session->startAvailableAuth()) { |
2d08839a | 251 | Platal::page()->trigError("Données d'authentification invalides."); |
c0799142 | 252 | } |
abde67b1 | 253 | |
e77c7ea2 | 254 | $modules = func_get_args(); |
5640f093 | 255 | if (isset($modules[0]) && is_array($modules[0])) { |
2b1ee50b | 256 | $modules = $modules[0]; |
257 | } | |
27472b85 | 258 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 259 | |
46ca2746 FB |
260 | $this->mods = array(); |
261 | $this->hooks = new PlHookTree(); | |
b62f8858 | 262 | |
5de0b7e1 | 263 | array_unshift($modules, 'core'); |
e77c7ea2 | 264 | foreach ($modules as $module) { |
a18afbdc | 265 | $module = strtolower($module); |
46ca2746 FB |
266 | $this->mods[$module] = $m = PLModule::factory($module); |
267 | $hooks = $m->handlers(); | |
268 | foreach ($hooks as $path=>$hook) { | |
269 | $this->hooks->addChild(split('/', $path), $hook); | |
270 | } | |
b62f8858 | 271 | } |
fe556813 | 272 | |
fe556813 FB |
273 | if ($globals->mode == '') { |
274 | pl_redirect('index.html'); | |
275 | } | |
b62f8858 | 276 | } |
277 | ||
2b1ee50b | 278 | public function pl_self($n = null) |
d1ebc57a | 279 | { |
280 | if (is_null($n)) | |
281 | return $this->path; | |
282 | ||
283 | if ($n >= 0) | |
284 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
285 | ||
286 | if ($n <= -count($this->argv)) | |
287 | return $this->argv[0]; | |
288 | ||
289 | return join('/', array_slice($this->argv, 0, $n)); | |
290 | } | |
291 | ||
bfb9093b FB |
292 | public static function wiki_hook($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
293 | { | |
46ca2746 | 294 | return new PlWikiHook($auth, $perms, $type); |
bfb9093b FB |
295 | } |
296 | ||
46ca2746 | 297 | public function hook_map($name) |
b62f8858 | 298 | { |
46ca2746 | 299 | return null; |
7c6e0aff | 300 | } |
301 | ||
46ca2746 | 302 | protected function find_hook() |
409de7a7 | 303 | { |
46ca2746 FB |
304 | $p = split('/', $this->path); |
305 | list($hook, $matched, $remain, $aliased) = $this->hooks->findChild($p); | |
306 | if (empty($hook)) { | |
307 | return null; | |
409de7a7 | 308 | } |
46ca2746 FB |
309 | $this->argv = $remain; |
310 | array_unshift($this->argv, implode('/', $matched)); | |
311 | if (!empty($aliased)) { | |
312 | $this->ns = implode('/', $aliased) . '/'; | |
409de7a7 | 313 | } |
46ca2746 FB |
314 | $this->https = !$hook->hasType(NO_HTTPS); |
315 | return $hook; | |
409de7a7 | 316 | } |
317 | ||
02838718 | 318 | public function near_hook() |
409de7a7 | 319 | { |
409de7a7 | 320 | $p = split('/', $this->path); |
46ca2746 FB |
321 | list($hook, $matched, $remain, $aliased) = $this->hooks->findNearestChild($p); |
322 | if (empty($hook)) { | |
323 | return null; | |
6d407683 | 324 | } |
46ca2746 FB |
325 | $url = implode('/', $matched); |
326 | if (!empty($remain)) { | |
327 | $url .= '/' . implode('/', $remain); | |
6d407683 | 328 | } |
46ca2746 FB |
329 | if ($url == $this->path || levenshtein($url, $this->path) > strlen($url) / 3 |
330 | || !$hook->checkPerms()) { | |
331 | return null; | |
bf517daf | 332 | } |
46ca2746 | 333 | return $url; |
bf517daf | 334 | } |
335 | ||
04334c61 | 336 | private function call_hook(PlPage &$page) |
7c6e0aff | 337 | { |
338 | $hook = $this->find_hook(); | |
409de7a7 | 339 | if (empty($hook)) { |
15a094c0 | 340 | return PL_NOT_FOUND; |
341 | } | |
abde67b1 | 342 | global $globals, $session; |
748b27d2 | 343 | if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
8fc4efa3 | 344 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); |
345 | } | |
15a094c0 | 346 | |
46ca2746 | 347 | return $hook->call($page, $this->argv); |
b62f8858 | 348 | } |
349 | ||
c158b99a FB |
350 | /** Show the authentication form. |
351 | */ | |
352 | abstract public function force_login(PlPage& $page); | |
63528107 | 353 | |
2b1ee50b | 354 | public function run() |
b62f8858 | 355 | { |
abde67b1 | 356 | $page =& self::page(); |
b62f8858 | 357 | |
358 | if (empty($this->path)) { | |
c9178c75 | 359 | $this->path = 'index'; |
360 | } | |
361 | ||
e979cd2b | 362 | $page->assign('platal', $this); |
b62f8858 | 363 | switch ($this->call_hook($page)) { |
364 | case PL_FORBIDDEN: | |
46ca2746 | 365 | $this->mods['core']->handler_403($page); |
b62f8858 | 366 | break; |
367 | ||
368 | case PL_NOT_FOUND: | |
46ca2746 | 369 | $this->mods['core']->handler_404($page); |
b62f8858 | 370 | break; |
bfb9093b FB |
371 | |
372 | case PL_WIKI: | |
373 | return PL_WIKI; | |
b62f8858 | 374 | } |
e979cd2b | 375 | |
376 | $page->assign('platal', $this); | |
b62f8858 | 377 | $page->run(); |
378 | } | |
8d8f7607 | 379 | |
b0a04fb2 FB |
380 | public function error403() |
381 | { | |
382 | $page =& self::page(); | |
383 | ||
46ca2746 | 384 | $this->mods['core']->handler_403($page); |
b0a04fb2 FB |
385 | $page->assign('platal', $this); |
386 | $page->run(); | |
387 | } | |
388 | ||
389 | public function error404() | |
390 | { | |
391 | $page =& self::page(); | |
392 | ||
46ca2746 | 393 | $this->mods['core']->handler_404($page); |
b0a04fb2 FB |
394 | $page->assign('platal', $this); |
395 | $page->run(); | |
396 | } | |
397 | ||
179658ec FB |
398 | public static function notAllowed() |
399 | { | |
400 | if (S::admin()) { | |
401 | self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); | |
402 | return false; | |
403 | } else { | |
404 | return true; | |
405 | } | |
406 | } | |
407 | ||
ac2f544d FB |
408 | public static function load($modname, $include = null) |
409 | { | |
410 | global $platal; | |
411 | $modname = strtolower($modname); | |
46ca2746 | 412 | if (isset($platal->mods[$modname])) { |
ac2f544d FB |
413 | if (is_null($include)) { |
414 | return; | |
415 | } | |
46ca2746 | 416 | $platal->mods[$modname]->load($include); |
ac2f544d FB |
417 | } else { |
418 | if (is_null($include)) { | |
419 | require_once PLModule::path($modname) . '.php'; | |
420 | } else { | |
421 | require_once PLModule::path($modname) . '/' . $include; | |
422 | } | |
423 | } | |
424 | } | |
425 | ||
ca6384fb FB |
426 | public static function assert($cond, $error, $userfriendly) |
427 | { | |
428 | global $globals; | |
429 | if ($cond === false) { | |
430 | header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error'); | |
431 | $file = fopen($globals->spoolroot . '/spool/tmp/assert_erros', 'a'); | |
432 | fwrite($file, '<pre>' . pl_entities($error) . '</pre>\n'); | |
433 | fclose($file); | |
ec60dba7 | 434 | |
ca6384fb FB |
435 | Platal::page()->kill($userfriendly); |
436 | } | |
437 | } | |
438 | ||
faeb823b | 439 | public function &buildLogger($uid, $suid = 0) |
ca6384fb | 440 | { |
c7608455 | 441 | if (defined('PL_LOGGER_CLASS')) { |
ca6384fb FB |
442 | $class = PL_LOGGER_CLASS; |
443 | return new $class($uid, $suid); | |
444 | } else { | |
faeb823b | 445 | return PlLogger::dummy($uid, $suid); |
ca6384fb FB |
446 | } |
447 | } | |
ec60dba7 | 448 | |
ca6384fb FB |
449 | protected function &buildPage() |
450 | { | |
451 | $pageclass = PL_PAGE_CLASS; | |
452 | $page = new $pageclass(); | |
453 | return $page; | |
454 | } | |
ec60dba7 | 455 | |
abde67b1 FB |
456 | static public function &page() |
457 | { | |
abde67b1 | 458 | if (is_null(self::$_page)) { |
ca6384fb FB |
459 | global $platal; |
460 | self::$_page = $platal->buildPage(); | |
abde67b1 FB |
461 | } |
462 | return self::$_page; | |
463 | } | |
47fa97fe | 464 | |
ca6384fb FB |
465 | protected function &buildSession() |
466 | { | |
467 | $sessionclass = PL_SESSION_CLASS; | |
468 | $session = new $sessionclass(); | |
469 | return $session; | |
470 | } | |
471 | ||
47fa97fe FB |
472 | static public function &session() |
473 | { | |
474 | global $session; | |
475 | return $session; | |
476 | } | |
477 | ||
ca6384fb FB |
478 | protected function &buildGlobals() |
479 | { | |
480 | $globalclass = PL_GLOBALS_CLASS; | |
481 | $globals = new $globalclass(); | |
482 | return $globals; | |
483 | } | |
484 | ||
47fa97fe FB |
485 | static public function &globals() |
486 | { | |
487 | global $globals; | |
488 | return $globals; | |
489 | } | |
b62f8858 | 490 | } |
491 | ||
a7de4ef7 | 492 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 493 | ?> |