projects / platal.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Adds support for disallowed URIs in plat/al's configuration, which are translated...
[platal.git] / modules / core.php
1 <?php
2 /***************************************************************************
3 * Copyright (C) 2003-2008 Polytechnique.org *
4 * http://opensource.polytechnique.org/ *
5 * *
6 * This program is free software; you can redistribute it and/or modify *
7 * it under the terms of the GNU General Public License as published by *
8 * the Free Software Foundation; either version 2 of the License, or *
9 * (at your option) any later version. *
10 * *
11 * This program is distributed in the hope that it will be useful, *
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
14 * GNU General Public License for more details. *
15 * *
16 * You should have received a copy of the GNU General Public License *
17 * along with this program; if not, write to the Free Software *
18 * Foundation, Inc., *
19 * 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA *
20 ***************************************************************************/
21
22 class CoreModule extends PLModule
23 {
24 function handlers()
25 {
26 return array(
27 '403' => $this->make_hook('403', AUTH_PUBLIC),
28 '404' => $this->make_hook('404', AUTH_PUBLIC),
29 'login' => $this->make_hook('login', AUTH_COOKIE),
30 'send_bug' => $this->make_hook('bug', AUTH_COOKIE),
31 'purge_cache' => $this->make_hook('purge_cache', AUTH_COOKIE, 'admin'),
32 'kill_sessions' => $this->make_hook('kill_sessions', AUTH_COOKIE, 'admin'),
33 'sql_errors' => $this->make_hook('sqlerror', AUTH_COOKIE, 'admin'),
34 'get_rights' => $this->make_hook('get_rights', AUTH_MDP, 'admin'),
35
36 'wiki_help' => $this->make_hook('wiki_help', AUTH_PUBLIC),
37 'wiki_preview' => $this->make_hook('wiki_preview', AUTH_COOKIE, 'user', NO_AUTH),
38
39 'valid.html' => $this->make_hook('valid', AUTH_PUBLIC),
40 'favicon.ico' => $this->make_hook('favicon', AUTH_PUBLIC),
41 'robots.txt' => $this->make_hook('robotstxt', AUTH_PUBLIC, 'user', NO_HTTPS),
42 );
43 }
44
45 function handler_valid(&$page)
46 {
47 readfile($page->compile_dir.'/valid.html');
48 exit;
49 }
50
51 function handler_403(&$page)
52 {
53 global $globals;
54 header($_SERVER['SERVER_PROTOCOL'] . ' 403 Forbidden');
55 $page->trigError('Tu n\'as pas les permissions nécessaires pour accéder à cette page.');
56 $page->coreTpl('403.tpl');
57 }
58
59 function handler_404(&$page)
60 {
61 global $globals, $platal;
62 header($_SERVER['SERVER_PROTOCOL'] . ' 404 Not Found');
63 $page->coreTpl('404.tpl');
64 $page->assign('near', $platal->near_hook());
65 $page->trigError('Cette page n\'existe pas !!!');
66 }
67
68 function handler_login(&$page)
69 {
70 $allkeys = func_get_args();
71 unset($allkeys[0]);
72 $url = join('/',$allkeys);
73 pl_redirect($url);
74 }
75
76 function handler_favicon(&$page)
77 {
78 $data = file_get_contents(dirname(__FILE__).'/../htdocs/images/favicon.ico');
79 header('Content-Type: image/x-icon');
80 echo $data;
81 exit;
82 }
83
84 function handler_robotstxt(&$page)
85 {
86 global $globals;
87
88 $disallowed_uris = array();
89 if ($globals->core->restricted_platal) {
90 $disallowed_uris[] = '/';
91 } else if (!empty($globals->core->robotstxt_disallowed_uris)) {
92 $disallowed_uris = preg_split('/[\s,]+/',
93 $globals->core->robotstxt_disallowed_uris,
94 -1, PREG_SPLIT_NO_EMPTY);
95 }
96
97 if (count($disallowed_uris) > 0) {
98 header('Content-Type: text/plain');
99 echo "User-agent: *\n";
100 foreach ($disallowed_uris as $uri) {
101 echo "Disallow: $uri\n";
102 }
103 exit;
104 }
105 return PL_NOT_FOUND;
106 }
107
108 function handler_purge_cache(&$page)
109 {
110 S::assert_xsrf_token();
111
112 $page->clear_compiled_tpl();
113 PlWikiPage::clearCache();
114
115 http_redirect(empty($_SERVER['HTTP_REFERER']) ? './' : $_SERVER['HTTP_REFERER']);
116 }
117
118 function handler_kill_sessions(&$page)
119 {
120 kill_sessions();
121 }
122
123 function handler_get_rights(&$page, $level)
124 {
125 if (S::has('suid')) {
126 $page->kill('Déjà en SUID');
127 }
128
129 if (isset($_SESSION['log'])) {
130 if (S::user()) {
131 S::logger()->log("suid_start", "login by " . S::user()->login());
132 } else {
133 // TODO(vzanotti): trash that code when support of forlife will be gone.
134 S::logger()->log("suid_start", "login by ".S::v('forlife'));
135 }
136 }
137 Platal::session()->startSUID(S::i('uid'));
138 Platal::session()->makePerms($level);
139
140 pl_redirect('/');
141 }
142
143 function handler_bug(&$page)
144 {
145 global $globals;
146
147 if (empty($_SERVER['HTTP_REFERER'])) {
148 // We don't have a valid referer, we need to use the url
149 list($currentPage, $location) = explode('//', $_SERVER['REQUEST_URI'], 2);
150
151 $location = 'http'.(empty($_SERVER['HTTPS']) ? '' : 's').'://'.$_SERVER['SERVER_NAME'].'/'.$location;
152 } else {
153 $location = $_SERVER['HTTP_REFERER'];
154 }
155
156 $page->coreTpl('bug.tpl', SIMPLE);
157 $page->assign('location', $location);
158 $page->addJsLink('close_on_esc.js');
159
160 if (Env::has('send') && trim(Env::v('detailed_desc'))) {
161 S::assert_xsrf_token();
162
163 // TODO(vzanotti): trash the 'forlife' bit when support of forlife will be gone.
164 $body = wordwrap(Env::v('detailed_desc'), 78) . "\n\n"
165 . "----------------------------\n"
166 . "Page : " . Env::v('page') . "\n\n"
167 . "Utilisateur : " . (S::user() ? S::user()->login() : S::v('forlife')) . "\n"
168 . "Navigateur : " . $_SERVER['HTTP_USER_AGENT'] . "\n"
169 . "Skin : " . S::v('skin') . "\n";
170 $page->assign('bug_sent', 1);
171 $page->trigSuccess('Ton message a bien été envoyé au support de ' . $globals->core->sitename
172 . ', tu devrais en recevoir une copie d\'ici quelques minutes. Nous allons '
173 . 'le traiter et y répondre dans les plus brefs délais.');
174 $mymail = new PlMailer();
175 // TODO(vzanotti): trash the 'bestalias' bits when support of bestalias will be gone.
176 if (S::user()) {
177 $mymail->setFrom(sprintf('"%s" <%s>', S::user()->fullName(), S::user()->bestEmail()));
178 $mymail->addCc(sprintf('"%s" <%s>', S::user()->fullName(), S::user()->bestEmail()));
179 } else {
180 $mymail->setFrom('"'.S::v('prenom').' '.S::v('nom').'" <'.S::v('bestalias').'@' . $globals->mail->domain . '>');
181 $mymail->addCc('"'.S::v('prenom').' '.S::v('nom').'" <'.S::v('bestalias').'@' . $globals->mail->domain . '>');
182 }
183 $mymail->addTo('support+platal@' . $globals->mail->domain);
184 $mymail->setSubject('Plat/al '.Env::v('task_type').' : '.Env::v('item_summary'));
185 $mymail->setTxtBody($body);
186 $mymail->send();
187 } elseif (Env::has('send')) {
188 $page->trigError("Merci de remplir une explication du problème rencontré.");
189 }
190 }
191
192 function handler_wiki_help(&$page, $action = 'title')
193 {
194 $page->coreTpl('wiki.help.tpl', SIMPLE);
195 $page->assign('wiki_help', MiniWiki::help($action == 'title'));
196 }
197
198 /// Shared handler for wiki syntax result preview
199 function handler_wiki_preview(&$page, $action = 'title')
200 {
201 header('Content-Type: text/html; charset=utf-8');
202 $text = Env::v('text');
203 echo MiniWiki::wikiToHtml($text, $action == 'title');
204 exit;
205 }
206
207 function handler_sqlerror(&$page, $clear = null) {
208 global $globals;
209 $file = @fopen($globals->spoolroot . '/spool/tmp/query_errors', 'r');
210 if ($file !== false) {
211 echo '<html><body>';
212 fpassthru($file);
213 fclose($file);
214 echo '</html></body>';
215 }
216 if ($clear == 'clear') {
217 @unlink($globals->spoolroot . '/spool/tmp/query_errors');
218 }
219 exit;
220 }
221 }
222
223 // vim:set et sw=4 sts=4 sws=4 foldmethod=marker enc=utf-8:
224 ?>
plat/al