Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
2ab75571 | 3 | * Copyright (C) 2003-2010 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
bfb9093b | 25 | define('PL_WIKI', 500); |
46ca2746 FB |
26 | |
27 | abstract class PlHook | |
28 | { | |
29 | protected $auth; | |
30 | protected $perms; | |
31 | protected $type; | |
32 | ||
33 | protected function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
34 | { | |
35 | $this->auth = $auth; | |
36 | $this->perms = $perms; | |
37 | $this->type = $type; | |
38 | } | |
39 | ||
40 | public function needAuth() | |
41 | { | |
42 | return $this->auth > S::i('auth', AUTH_PUBLIC); | |
43 | } | |
44 | ||
45 | public function checkPerms() | |
46 | { | |
47 | if (!$this->perms || $this->auth == AUTH_PUBLIC) { // No perms, no check | |
48 | return true; | |
49 | } | |
50 | $s_perms = S::v('perms'); | |
51 | return $s_perms->hasFlagCombination($this->perms); | |
52 | } | |
53 | ||
54 | public function hasType($type) | |
55 | { | |
56 | return ($this->type & $type) == $type; | |
57 | } | |
58 | ||
59 | abstract protected function run(PlPage &$page, array $args); | |
60 | ||
61 | public function call(PlPage &$page, array $args) | |
62 | { | |
63 | global $globals, $session, $platal; | |
64 | if ($this->needAuth()) { | |
65 | if ($this->hasType(DO_AUTH)) { | |
66 | if (!$session->start($this->auth)) { | |
67 | $platal->force_login($page); | |
bbeb39f7 | 68 | return PL_FORBIDDEN; |
46ca2746 FB |
69 | } |
70 | } else { | |
71 | return PL_FORBIDDEN; | |
72 | } | |
73 | } | |
74 | if (!$this->checkPerms()) { | |
75 | if (!Platal::notAllowed()) { | |
76 | return PL_FORBIDDEN; | |
77 | } | |
78 | } | |
79 | return $this->run($page, $args); | |
80 | } | |
81 | } | |
82 | ||
83 | class PlStdHook extends PlHook | |
84 | { | |
85 | private $hook; | |
86 | ||
87 | public function __construct($callback, $auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) | |
88 | { | |
89 | parent::__construct($auth, $perms, $type); | |
90 | $this->hook = $callback; | |
91 | } | |
92 | ||
93 | protected function run(PlPage &$page, array $args) | |
94 | { | |
95 | global $session, $platal; | |
96 | ||
97 | $args[0] = $page; | |
98 | $val = call_user_func_array($this->hook, $args); | |
99 | if ($val == PL_DO_AUTH) { | |
100 | if (!$session->start($session->loggedLevel())) { | |
101 | $platal->force_login($page); | |
102 | } | |
103 | $val = call_user_func_array($this->hook, $args); | |
104 | } | |
105 | return $val; | |
106 | } | |
107 | } | |
108 | ||
109 | class PlWikiHook extends PlHook | |
110 | { | |
41e571e3 | 111 | public function __construct($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
46ca2746 FB |
112 | { |
113 | parent::__construct($auth, $perms, $type); | |
114 | } | |
115 | ||
116 | protected function run(PlPage &$page, array $args) | |
117 | { | |
118 | return PL_WIKI; | |
119 | } | |
120 | } | |
121 | ||
122 | class PlHookTree | |
123 | { | |
124 | public $hook = null; | |
125 | public $aliased = null; | |
126 | public $children = array(); | |
127 | ||
128 | public function addChild(array $path, PlHook $hook) | |
129 | { | |
130 | global $platal; | |
131 | $next = array_shift($path); | |
132 | $alias = null; | |
133 | if ($next && $next{0} == '%') { | |
134 | $alias = $next; | |
135 | $next = $platal->hook_map(substr($next, 1)); | |
136 | } | |
137 | if (!$next) { | |
138 | return; | |
139 | } | |
140 | @$child =& $this->children[$next]; | |
141 | if (!$child) { | |
142 | $child = new PlHookTree(); | |
143 | $this->children[$next] =& $child; | |
144 | $child->aliased = $alias; | |
145 | } | |
146 | if (empty($path)) { | |
147 | $child->hook = $hook; | |
148 | } else { | |
149 | $child->addChild($path, $hook); | |
150 | } | |
151 | } | |
152 | ||
153 | private function findChildAux(array $remain, array $matched, array $aliased) | |
154 | { | |
155 | $next = @$remain[0]; | |
156 | if ($this->aliased) { | |
157 | $aliased = $matched; | |
158 | } | |
159 | if (!empty($next)) { | |
160 | $child = @$this->children[$next]; | |
161 | if ($child) { | |
162 | array_shift($remain); | |
163 | $matched[] = $next; | |
164 | return $child->findChildAux($remain, $matched, $aliased); | |
165 | } | |
166 | } | |
167 | return array($this->hook, $matched, $remain, $aliased); | |
168 | } | |
169 | ||
170 | public function findChild(array $path) | |
171 | { | |
172 | return $this->findChildAux($path, array(), array()); | |
173 | } | |
174 | ||
175 | private function findNearestChildAux(array $remain, array $matched, array $aliased) | |
176 | { | |
177 | $next = @$remain[0]; | |
178 | if ($this->aliased) { | |
179 | $aliased = $matched; | |
180 | } | |
181 | if (!empty($next)) { | |
182 | $child = @$this->children[$next]; | |
183 | if (!$child) { | |
184 | $nearest_lev = 50; | |
185 | $nearest_sdx = 50; | |
186 | $match = null; | |
187 | foreach ($this->children as $path=>$hook) { | |
188 | $lev = levenshtein($next, $path); | |
189 | if ($lev <= $nearest_lev | |
190 | && ($lev < strlen($next) / 2 || strpos($next, $path) !== false | |
191 | || strpos($path, $next) !== false)) { | |
192 | $sdx = levenshtein(soundex($next), soundex($path)); | |
193 | if ($lev == $nearest_lev || $sdx < $nearest_sdx) { | |
194 | $child = $hook; | |
195 | $nearest_lev = $lev; | |
196 | $nearest_sdx = $sdx; | |
197 | $match = $path; | |
198 | } | |
199 | } | |
200 | } | |
201 | $next = $match; | |
202 | } | |
203 | if ($child) { | |
204 | array_shift($remain); | |
205 | $matched[] = $next; | |
206 | return $child->findNearestChildAux($remain, $matched, $aliased); | |
207 | } | |
208 | if (($pos = strpos($next, '.php')) !== false) { | |
209 | $remain[0] = substr($next, 0, $pos); | |
210 | return $this->findNearestChildAux($remain, $matched, $aliased); | |
211 | } | |
212 | } | |
213 | return array($this->hook, $matched, $remain, $aliased); | |
214 | } | |
215 | ||
216 | public function findNearestChild(array $path) | |
217 | { | |
218 | return $this->findNearestChildAux($path, array(), array()); | |
219 | } | |
220 | } | |
221 | ||
b62f8858 | 222 | |
c158b99a | 223 | abstract class Platal |
b62f8858 | 224 | { |
46ca2746 FB |
225 | private $mods; |
226 | private $hooks; | |
b62f8858 | 227 | |
8fc4efa3 | 228 | protected $https; |
229 | ||
2b1ee50b | 230 | public $ns; |
231 | public $path; | |
786bffb5 | 232 | public $argv = array(); |
b62f8858 | 233 | |
abde67b1 FB |
234 | static private $_page = null; |
235 | ||
2b1ee50b | 236 | public function __construct() |
b62f8858 | 237 | { |
c0799142 | 238 | global $platal, $session, $globals; |
faeb823b | 239 | $platal = $this; |
ca6384fb FB |
240 | |
241 | /* Assign globals first, then call init: init must be used for operations | |
242 | * that requires access to the content of $globals (e.g. XDB requires | |
243 | * $globals to be assigned. | |
244 | */ | |
245 | $globals = $this->buildGlobals(); | |
d95d46a7 | 246 | $globals->init(); |
ca6384fb FB |
247 | |
248 | /* Get the current session: assign first, then activate the session. | |
249 | */ | |
250 | $session = $this->buildSession(); | |
c0799142 | 251 | if (!$session->startAvailableAuth()) { |
2d08839a | 252 | Platal::page()->trigError("Données d'authentification invalides."); |
c0799142 | 253 | } |
abde67b1 | 254 | |
e77c7ea2 | 255 | $modules = func_get_args(); |
5640f093 | 256 | if (isset($modules[0]) && is_array($modules[0])) { |
2b1ee50b | 257 | $modules = $modules[0]; |
258 | } | |
27472b85 | 259 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 260 | |
46ca2746 FB |
261 | $this->mods = array(); |
262 | $this->hooks = new PlHookTree(); | |
b62f8858 | 263 | |
5de0b7e1 | 264 | array_unshift($modules, 'core'); |
e77c7ea2 | 265 | foreach ($modules as $module) { |
a18afbdc | 266 | $module = strtolower($module); |
46ca2746 FB |
267 | $this->mods[$module] = $m = PLModule::factory($module); |
268 | $hooks = $m->handlers(); | |
269 | foreach ($hooks as $path=>$hook) { | |
270 | $this->hooks->addChild(split('/', $path), $hook); | |
271 | } | |
b62f8858 | 272 | } |
fe556813 | 273 | |
fe556813 FB |
274 | if ($globals->mode == '') { |
275 | pl_redirect('index.html'); | |
276 | } | |
b62f8858 | 277 | } |
278 | ||
2b1ee50b | 279 | public function pl_self($n = null) |
d1ebc57a | 280 | { |
281 | if (is_null($n)) | |
282 | return $this->path; | |
283 | ||
284 | if ($n >= 0) | |
285 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
286 | ||
287 | if ($n <= -count($this->argv)) | |
288 | return $this->argv[0]; | |
289 | ||
290 | return join('/', array_slice($this->argv, 0, $n)); | |
291 | } | |
292 | ||
bfb9093b FB |
293 | public static function wiki_hook($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
294 | { | |
46ca2746 | 295 | return new PlWikiHook($auth, $perms, $type); |
bfb9093b FB |
296 | } |
297 | ||
46ca2746 | 298 | public function hook_map($name) |
b62f8858 | 299 | { |
46ca2746 | 300 | return null; |
7c6e0aff | 301 | } |
302 | ||
46ca2746 | 303 | protected function find_hook() |
409de7a7 | 304 | { |
46ca2746 FB |
305 | $p = split('/', $this->path); |
306 | list($hook, $matched, $remain, $aliased) = $this->hooks->findChild($p); | |
307 | if (empty($hook)) { | |
308 | return null; | |
409de7a7 | 309 | } |
46ca2746 FB |
310 | $this->argv = $remain; |
311 | array_unshift($this->argv, implode('/', $matched)); | |
312 | if (!empty($aliased)) { | |
313 | $this->ns = implode('/', $aliased) . '/'; | |
409de7a7 | 314 | } |
46ca2746 FB |
315 | $this->https = !$hook->hasType(NO_HTTPS); |
316 | return $hook; | |
409de7a7 | 317 | } |
318 | ||
02838718 | 319 | public function near_hook() |
409de7a7 | 320 | { |
409de7a7 | 321 | $p = split('/', $this->path); |
46ca2746 FB |
322 | list($hook, $matched, $remain, $aliased) = $this->hooks->findNearestChild($p); |
323 | if (empty($hook)) { | |
324 | return null; | |
6d407683 | 325 | } |
46ca2746 FB |
326 | $url = implode('/', $matched); |
327 | if (!empty($remain)) { | |
328 | $url .= '/' . implode('/', $remain); | |
6d407683 | 329 | } |
46ca2746 FB |
330 | if ($url == $this->path || levenshtein($url, $this->path) > strlen($url) / 3 |
331 | || !$hook->checkPerms()) { | |
332 | return null; | |
bf517daf | 333 | } |
46ca2746 | 334 | return $url; |
bf517daf | 335 | } |
336 | ||
04334c61 | 337 | private function call_hook(PlPage &$page) |
7c6e0aff | 338 | { |
339 | $hook = $this->find_hook(); | |
409de7a7 | 340 | if (empty($hook)) { |
15a094c0 | 341 | return PL_NOT_FOUND; |
342 | } | |
abde67b1 | 343 | global $globals, $session; |
748b27d2 | 344 | if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
8fc4efa3 | 345 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); |
346 | } | |
15a094c0 | 347 | |
46ca2746 | 348 | return $hook->call($page, $this->argv); |
b62f8858 | 349 | } |
350 | ||
c158b99a FB |
351 | /** Show the authentication form. |
352 | */ | |
353 | abstract public function force_login(PlPage& $page); | |
63528107 | 354 | |
2b1ee50b | 355 | public function run() |
b62f8858 | 356 | { |
abde67b1 | 357 | $page =& self::page(); |
b62f8858 | 358 | |
359 | if (empty($this->path)) { | |
c9178c75 | 360 | $this->path = 'index'; |
361 | } | |
362 | ||
e979cd2b | 363 | $page->assign('platal', $this); |
b62f8858 | 364 | switch ($this->call_hook($page)) { |
365 | case PL_FORBIDDEN: | |
46ca2746 | 366 | $this->mods['core']->handler_403($page); |
b62f8858 | 367 | break; |
368 | ||
369 | case PL_NOT_FOUND: | |
46ca2746 | 370 | $this->mods['core']->handler_404($page); |
b62f8858 | 371 | break; |
bfb9093b FB |
372 | |
373 | case PL_WIKI: | |
374 | return PL_WIKI; | |
b62f8858 | 375 | } |
e979cd2b | 376 | |
377 | $page->assign('platal', $this); | |
b62f8858 | 378 | $page->run(); |
379 | } | |
8d8f7607 | 380 | |
b0a04fb2 FB |
381 | public function error403() |
382 | { | |
383 | $page =& self::page(); | |
384 | ||
46ca2746 | 385 | $this->mods['core']->handler_403($page); |
b0a04fb2 FB |
386 | $page->assign('platal', $this); |
387 | $page->run(); | |
388 | } | |
389 | ||
390 | public function error404() | |
391 | { | |
392 | $page =& self::page(); | |
393 | ||
46ca2746 | 394 | $this->mods['core']->handler_404($page); |
b0a04fb2 FB |
395 | $page->assign('platal', $this); |
396 | $page->run(); | |
397 | } | |
398 | ||
179658ec FB |
399 | public static function notAllowed() |
400 | { | |
401 | if (S::admin()) { | |
402 | self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); | |
403 | return false; | |
404 | } else { | |
405 | return true; | |
406 | } | |
407 | } | |
408 | ||
ac2f544d FB |
409 | public static function load($modname, $include = null) |
410 | { | |
411 | global $platal; | |
412 | $modname = strtolower($modname); | |
46ca2746 | 413 | if (isset($platal->mods[$modname])) { |
ac2f544d FB |
414 | if (is_null($include)) { |
415 | return; | |
416 | } | |
46ca2746 | 417 | $platal->mods[$modname]->load($include); |
ac2f544d FB |
418 | } else { |
419 | if (is_null($include)) { | |
420 | require_once PLModule::path($modname) . '.php'; | |
421 | } else { | |
422 | require_once PLModule::path($modname) . '/' . $include; | |
423 | } | |
424 | } | |
425 | } | |
426 | ||
84f658d2 | 427 | public static function assert($cond, $error, $userfriendly = null) |
ca6384fb FB |
428 | { |
429 | global $globals; | |
430 | if ($cond === false) { | |
431 | header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error'); | |
432 | $file = fopen($globals->spoolroot . '/spool/tmp/assert_erros', 'a'); | |
433 | fwrite($file, '<pre>' . pl_entities($error) . '</pre>\n'); | |
434 | fclose($file); | |
ec60dba7 | 435 | |
84f658d2 RB |
436 | if ($userfriendly == null) { |
437 | $userfriendly = "Une erreur interne s'est produite. | |
438 | Merci de réessayer la manipulation qui a déclenché l'erreur ; | |
439 | si cela ne fonctionne toujours pas, merci de nous signaler le problème rencontré."; | |
440 | } | |
ca6384fb FB |
441 | Platal::page()->kill($userfriendly); |
442 | } | |
443 | } | |
444 | ||
faeb823b | 445 | public function &buildLogger($uid, $suid = 0) |
ca6384fb | 446 | { |
c7608455 | 447 | if (defined('PL_LOGGER_CLASS')) { |
ca6384fb | 448 | $class = PL_LOGGER_CLASS; |
7f8e81bb PC |
449 | $logger = new $class($uid, $suid); |
450 | return $logger; | |
ca6384fb | 451 | } else { |
faeb823b | 452 | return PlLogger::dummy($uid, $suid); |
ca6384fb FB |
453 | } |
454 | } | |
ec60dba7 | 455 | |
ca6384fb FB |
456 | protected function &buildPage() |
457 | { | |
458 | $pageclass = PL_PAGE_CLASS; | |
459 | $page = new $pageclass(); | |
460 | return $page; | |
461 | } | |
ec60dba7 | 462 | |
abde67b1 FB |
463 | static public function &page() |
464 | { | |
abde67b1 | 465 | if (is_null(self::$_page)) { |
ca6384fb FB |
466 | global $platal; |
467 | self::$_page = $platal->buildPage(); | |
abde67b1 FB |
468 | } |
469 | return self::$_page; | |
470 | } | |
47fa97fe | 471 | |
ca6384fb FB |
472 | protected function &buildSession() |
473 | { | |
474 | $sessionclass = PL_SESSION_CLASS; | |
475 | $session = new $sessionclass(); | |
476 | return $session; | |
477 | } | |
478 | ||
47fa97fe FB |
479 | static public function &session() |
480 | { | |
481 | global $session; | |
482 | return $session; | |
483 | } | |
484 | ||
ca6384fb FB |
485 | protected function &buildGlobals() |
486 | { | |
487 | $globalclass = PL_GLOBALS_CLASS; | |
488 | $globals = new $globalclass(); | |
489 | return $globals; | |
490 | } | |
491 | ||
47fa97fe FB |
492 | static public function &globals() |
493 | { | |
494 | global $globals; | |
495 | return $globals; | |
496 | } | |
b62f8858 | 497 | } |
498 | ||
a7de4ef7 | 499 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 500 | ?> |