Commit | Line | Data |
---|---|---|
b62f8858 | 1 | <?php |
2 | /*************************************************************************** | |
2ab75571 | 3 | * Copyright (C) 2003-2010 Polytechnique.org * |
b62f8858 | 4 | * http://opensource.polytechnique.org/ * |
5 | * * | |
6 | * This program is free software; you can redistribute it and/or modify * | |
7 | * it under the terms of the GNU General Public License as published by * | |
8 | * the Free Software Foundation; either version 2 of the License, or * | |
9 | * (at your option) any later version. * | |
10 | * * | |
11 | * This program is distributed in the hope that it will be useful, * | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of * | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * | |
14 | * GNU General Public License for more details. * | |
15 | * * | |
16 | * You should have received a copy of the GNU General Public License * | |
17 | * along with this program; if not, write to the Free Software * | |
18 | * Foundation, Inc., * | |
19 | * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * | |
20 | ***************************************************************************/ | |
21 | ||
a0f05027 | 22 | define('PL_DO_AUTH', 300); |
b62f8858 | 23 | define('PL_FORBIDDEN', 403); |
24 | define('PL_NOT_FOUND', 404); | |
bfb9093b FB |
25 | define('PL_WIKI', 500); |
26 | define('PL_WIKI_HOOK', '@@WIKI@@'); | |
b62f8858 | 27 | |
c158b99a | 28 | abstract class Platal |
b62f8858 | 29 | { |
2b1ee50b | 30 | private $__mods; |
31 | private $__hooks; | |
b62f8858 | 32 | |
8fc4efa3 | 33 | protected $https; |
34 | ||
2b1ee50b | 35 | public $ns; |
36 | public $path; | |
37 | public $argv; | |
b62f8858 | 38 | |
abde67b1 FB |
39 | static private $_page = null; |
40 | ||
2b1ee50b | 41 | public function __construct() |
b62f8858 | 42 | { |
c0799142 | 43 | global $platal, $session, $globals; |
abde67b1 FB |
44 | $platal =& $this; |
45 | $globalclass = PL_GLOBALS_CLASS; | |
46 | $globals = new $globalclass(); | |
d95d46a7 | 47 | $globals->init(); |
abde67b1 FB |
48 | $sessionclass = PL_SESSION_CLASS; |
49 | $session = new $sessionclass(); | |
c0799142 | 50 | if (!$session->startAvailableAuth()) { |
2d08839a | 51 | Platal::page()->trigError("Données d'authentification invalides."); |
c0799142 | 52 | } |
abde67b1 | 53 | |
e77c7ea2 | 54 | $modules = func_get_args(); |
5640f093 | 55 | if (isset($modules[0]) && is_array($modules[0])) { |
2b1ee50b | 56 | $modules = $modules[0]; |
57 | } | |
27472b85 | 58 | $this->path = trim(Get::_get('n', null), '/'); |
b62f8858 | 59 | |
60 | $this->__mods = array(); | |
61 | $this->__hooks = array(); | |
b62f8858 | 62 | |
5de0b7e1 | 63 | array_unshift($modules, 'core'); |
e77c7ea2 | 64 | foreach ($modules as $module) { |
a18afbdc | 65 | $module = strtolower($module); |
c807f50d | 66 | $this->__mods[$module] = $m = PLModule::factory($module); |
0709dd7d | 67 | $this->__hooks = $m->handlers() + $this->__hooks; |
b62f8858 | 68 | } |
fe556813 | 69 | |
fe556813 FB |
70 | if ($globals->mode == '') { |
71 | pl_redirect('index.html'); | |
72 | } | |
b62f8858 | 73 | } |
74 | ||
2b1ee50b | 75 | public function pl_self($n = null) |
d1ebc57a | 76 | { |
77 | if (is_null($n)) | |
78 | return $this->path; | |
79 | ||
80 | if ($n >= 0) | |
81 | return join('/', array_slice($this->argv, 0, $n + 1)); | |
82 | ||
83 | if ($n <= -count($this->argv)) | |
84 | return $this->argv[0]; | |
85 | ||
86 | return join('/', array_slice($this->argv, 0, $n)); | |
87 | } | |
88 | ||
bfb9093b FB |
89 | public static function wiki_hook($auth = AUTH_PUBLIC, $perms = 'user', $type = DO_AUTH) |
90 | { | |
91 | return array('hook' => PL_WIKI_HOOK, | |
92 | 'auth' => $auth, | |
93 | 'perms' => $perms, | |
94 | 'type' => $type); | |
95 | } | |
96 | ||
2b1ee50b | 97 | protected function find_hook() |
b62f8858 | 98 | { |
99 | $p = $this->path; | |
100 | ||
4a5fb34b | 101 | while ($p) { |
b62f8858 | 102 | if (array_key_exists($p, $this->__hooks)) |
103 | break; | |
104 | ||
105 | $p = substr($p, 0, strrpos($p, '/')); | |
106 | } | |
7c6e0aff | 107 | |
b62f8858 | 108 | if (empty($this->__hooks[$p])) { |
7c6e0aff | 109 | return null; |
b62f8858 | 110 | } |
111 | ||
15a094c0 | 112 | $hook = $this->__hooks[$p]; |
113 | ||
114 | if (!is_callable($hook['hook'])) { | |
7c6e0aff | 115 | return null; |
116 | } | |
117 | ||
8fc4efa3 | 118 | $this->https = ($hook['type'] & NO_HTTPS) ? false : true; |
7c6e0aff | 119 | $this->argv = explode('/', substr($this->path, strlen($p))); |
120 | $this->argv[0] = $p; | |
121 | ||
122 | return $hook; | |
123 | } | |
124 | ||
2b1ee50b | 125 | protected function find_nearest_key($key, array &$array) |
409de7a7 | 126 | { |
0d602b8f | 127 | $keys = array_keys($array); |
409de7a7 | 128 | if (in_array($key, $keys)) { |
129 | return $key; | |
130 | } | |
0d602b8f | 131 | |
338a5934 | 132 | if (($pos = strpos($key, '.php')) !== false) { |
133 | $key = substr($key, 0, $pos); | |
134 | } | |
135 | ||
0d602b8f | 136 | $has_end = in_array("#final#", $keys); |
137 | if (strlen($key) > 24 && $has_end) { | |
138 | return "#final#"; | |
139 | } | |
140 | ||
409de7a7 | 141 | foreach ($keys as $k) { |
0d602b8f | 142 | if ($k == "#final#") { |
143 | continue; | |
144 | } | |
951db8e3 | 145 | $lev = levenshtein($key, $k); |
a1b4fd8a | 146 | |
6d407683 FB |
147 | if ((!isset($val) || $lev < $val) |
148 | && ($lev <= strlen($k)/2 || strpos($k, $key) !== false || strpos($key, $k) !== false)) { | |
951db8e3 | 149 | $val = $lev; |
150 | $best = $k; | |
409de7a7 | 151 | } |
152 | } | |
0d602b8f | 153 | if (!isset($best) && $has_end) { |
409de7a7 | 154 | return "#final#"; |
a1b4fd8a | 155 | } else if (isset($best)) { |
951db8e3 | 156 | return $best; |
409de7a7 | 157 | } |
158 | return null; | |
159 | } | |
160 | ||
02838718 | 161 | public function near_hook() |
409de7a7 | 162 | { |
163 | $hooks = array(); | |
6d407683 | 164 | $leafs = array(); |
409de7a7 | 165 | foreach ($this->__hooks as $hook=>$handler) { |
a1b4fd8a | 166 | if (!$this->check_perms($handler['perms'])) { |
0d602b8f | 167 | continue; |
168 | } | |
409de7a7 | 169 | $parts = split('/', $hook); |
170 | $place =& $hooks; | |
171 | foreach ($parts as $part) { | |
172 | if (!isset($place[$part])) { | |
173 | $place[$part] = array(); | |
174 | } | |
eaf30d86 | 175 | $place =& $place[$part]; |
409de7a7 | 176 | } |
6d407683 FB |
177 | $leaf = $parts[count($parts)-1]; |
178 | if (!isset($leafs[$leaf])) { | |
179 | $leafs[$leaf] = $hook; | |
180 | } else if (is_array($leafs[$leaf])) { | |
181 | $leafs[$leaf][] = $hook; | |
182 | } else { | |
183 | $leafs[$leaf] = array($hook, $leafs[$leaf]); | |
184 | } | |
409de7a7 | 185 | $place["#final#"] = array(); |
186 | } | |
187 | ||
6d407683 | 188 | // search for the nearest full path |
409de7a7 | 189 | $p = split('/', $this->path); |
190 | $place =& $hooks; | |
191 | $link = ''; | |
409de7a7 | 192 | foreach ($p as $k) { |
0d602b8f | 193 | if (!isset($ended)) { |
409de7a7 | 194 | $key = $this->find_nearest_key($k, $place); |
6b8d257b | 195 | } else { |
196 | $key = $k; | |
409de7a7 | 197 | } |
6b8d257b | 198 | if ($key == "#final#") { |
6b8d257b | 199 | if (!array_key_exists($link, $this->__hooks)) { |
6d407683 FB |
200 | $link = ''; |
201 | break; | |
6b8d257b | 202 | } |
0d602b8f | 203 | $key = $k; |
204 | $ended = true; | |
409de7a7 | 205 | } |
206 | if (!is_null($key)) { | |
207 | if (!empty($link)) { | |
208 | $link .= '/'; | |
209 | } | |
210 | $link .= $key; | |
211 | $place =& $place[$key]; | |
212 | } else { | |
6d407683 FB |
213 | $link = ''; |
214 | break; | |
409de7a7 | 215 | } |
216 | } | |
6d407683 FB |
217 | if ($link == $this->path) { |
218 | $link = ''; | |
219 | } | |
220 | if ($link && levenshtein($link, $this->path) < strlen($link)/3) { | |
338a5934 | 221 | return $link; |
222 | } | |
6d407683 FB |
223 | |
224 | // search for missing namespace (the given name is a leaf) | |
225 | $leaf = array_shift($p); | |
226 | $args = count($p) ? '/' . implode('/', $p) : ''; | |
227 | if (isset($leafs[$leaf]) && !is_array($leafs[$leaf]) && $leafs[$leaf] != $this->path) { | |
228 | return $leafs[$leaf] . $args; | |
229 | } | |
230 | unset($val); | |
231 | $best = null; | |
232 | foreach ($leafs as $k=>&$path) { | |
233 | if (is_array($path)) { | |
234 | continue; | |
235 | } | |
236 | $lev = levenshtein($leaf, $k); | |
237 | ||
238 | if ((!isset($val) || $lev < $val) | |
239 | && ($lev <= strlen($k)/2 || strpos($k, $leaf) !== false || strpos($leaf, $k) !== false)) { | |
240 | $val = $lev; | |
241 | $best = $path; | |
242 | } | |
243 | } | |
244 | return $best == null ? ( $link ? $link : null ) : $best . $args; | |
409de7a7 | 245 | } |
246 | ||
bf517daf | 247 | protected function check_perms($perms) |
248 | { | |
249 | if (!$perms) { // No perms, no check | |
250 | return true; | |
251 | } | |
252 | $s_perms = S::v('perms'); | |
aa5836d7 | 253 | return $s_perms->hasFlagCombination($perms); |
bf517daf | 254 | } |
255 | ||
04334c61 | 256 | private function call_hook(PlPage &$page) |
7c6e0aff | 257 | { |
258 | $hook = $this->find_hook(); | |
409de7a7 | 259 | if (empty($hook)) { |
15a094c0 | 260 | return PL_NOT_FOUND; |
261 | } | |
abde67b1 | 262 | global $globals, $session; |
748b27d2 | 263 | if ($this->https && !@$_SERVER['HTTPS'] && $globals->core->secure_domain) { |
8fc4efa3 | 264 | http_redirect('https://' . $globals->core->secure_domain . $_SERVER['REQUEST_URI']); |
265 | } | |
15a094c0 | 266 | |
ef42a9d6 | 267 | $args = $this->argv; |
268 | $args[0] =& $page; | |
b62f8858 | 269 | |
cab08090 | 270 | if ($hook['auth'] > S::v('auth', AUTH_PUBLIC)) { |
8fc4efa3 | 271 | if ($hook['type'] & DO_AUTH) { |
c0799142 | 272 | if (!$session->start($hook['auth'])) { |
94c63478 | 273 | $this->force_login($page); |
274 | } | |
275 | } else { | |
276 | return PL_FORBIDDEN; | |
63528107 | 277 | } |
b62f8858 | 278 | } |
bf517daf | 279 | if ($hook['auth'] != AUTH_PUBLIC && !$this->check_perms($hook['perms'])) { |
179658ec | 280 | if (self::notAllowed()) { |
db3659bb FB |
281 | return PL_FORBIDDEN; |
282 | } | |
5777e7fc | 283 | } |
284 | ||
bfb9093b FB |
285 | if ($hook['hook'] == PL_WIKI_HOOK) { |
286 | return PL_WIKI; | |
287 | } | |
a0f05027 | 288 | $val = call_user_func_array($hook['hook'], $args); |
a96c675c | 289 | if ($val == PL_DO_AUTH) { |
a0f05027 | 290 | // The handler need a better auth with the current args |
30b4d214 | 291 | if (!$session->start($session->loggedLevel())) { |
a0f05027 | 292 | $this->force_login($page); |
293 | } | |
294 | $val = call_user_func_array($hook['hook'], $args); | |
295 | } | |
296 | return $val; | |
b62f8858 | 297 | } |
298 | ||
c158b99a FB |
299 | /** Show the authentication form. |
300 | */ | |
301 | abstract public function force_login(PlPage& $page); | |
63528107 | 302 | |
2b1ee50b | 303 | public function run() |
b62f8858 | 304 | { |
abde67b1 | 305 | $page =& self::page(); |
b62f8858 | 306 | |
307 | if (empty($this->path)) { | |
c9178c75 | 308 | $this->path = 'index'; |
309 | } | |
310 | ||
e979cd2b | 311 | $page->assign('platal', $this); |
b62f8858 | 312 | switch ($this->call_hook($page)) { |
313 | case PL_FORBIDDEN: | |
314 | $this->__mods['core']->handler_403($page); | |
315 | break; | |
316 | ||
317 | case PL_NOT_FOUND: | |
318 | $this->__mods['core']->handler_404($page); | |
319 | break; | |
bfb9093b FB |
320 | |
321 | case PL_WIKI: | |
322 | return PL_WIKI; | |
b62f8858 | 323 | } |
e979cd2b | 324 | |
325 | $page->assign('platal', $this); | |
b62f8858 | 326 | $page->run(); |
327 | } | |
8d8f7607 | 328 | |
b0a04fb2 FB |
329 | public function error403() |
330 | { | |
331 | $page =& self::page(); | |
332 | ||
333 | $this->__mods['core']->handler_403($page); | |
334 | $page->assign('platal', $this); | |
335 | $page->run(); | |
336 | } | |
337 | ||
338 | public function error404() | |
339 | { | |
340 | $page =& self::page(); | |
341 | ||
342 | $this->__mods['core']->handler_404($page); | |
343 | $page->assign('platal', $this); | |
344 | $page->run(); | |
345 | } | |
346 | ||
179658ec FB |
347 | public static function notAllowed() |
348 | { | |
349 | if (S::admin()) { | |
350 | self::page()->trigWarning('Tu accèdes à cette page car tu es administrateur du site.'); | |
351 | return false; | |
352 | } else { | |
353 | return true; | |
354 | } | |
355 | } | |
356 | ||
ac2f544d FB |
357 | public static function load($modname, $include = null) |
358 | { | |
359 | global $platal; | |
360 | $modname = strtolower($modname); | |
361 | if (isset($platal->__mods[$modname])) { | |
362 | if (is_null($include)) { | |
363 | return; | |
364 | } | |
365 | $platal->__mods[$modname]->load($include); | |
366 | } else { | |
367 | if (is_null($include)) { | |
368 | require_once PLModule::path($modname) . '.php'; | |
369 | } else { | |
370 | require_once PLModule::path($modname) . '/' . $include; | |
371 | } | |
372 | } | |
373 | } | |
374 | ||
ec60dba7 RB |
375 | public static function assert($cond, $error, $userfriendly) |
376 | { | |
377 | global $globals; | |
378 | if ($cond === false) { | |
379 | header($_SERVER['SERVER_PROTOCOL'] . ' 500 Internal Server Error'); | |
380 | $file = fopen($globals->spoolroot . '/spool/tmp/assert_erros', 'a'); | |
381 | fwrite($file, '<pre>' . pl_entities($error) . '</pre>\n'); | |
382 | fclose($file); | |
383 | ||
384 | Platal::page()->kill($userfriendly); | |
385 | } | |
386 | } | |
387 | ||
388 | ||
abde67b1 FB |
389 | static public function &page() |
390 | { | |
d7610c35 | 391 | global $platal; |
abde67b1 FB |
392 | if (is_null(self::$_page)) { |
393 | $pageclass = PL_PAGE_CLASS; | |
4bbff48d | 394 | self::$_page = new $pageclass(); |
abde67b1 FB |
395 | } |
396 | return self::$_page; | |
397 | } | |
47fa97fe FB |
398 | |
399 | static public function &session() | |
400 | { | |
401 | global $session; | |
402 | return $session; | |
403 | } | |
404 | ||
405 | static public function &globals() | |
406 | { | |
407 | global $globals; | |
408 | return $globals; | |
409 | } | |
b62f8858 | 410 | } |
411 | ||
a7de4ef7 | 412 | // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8: |
b62f8858 | 413 | ?> |