common.php 60 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788899091929394959697989910010110210310410510610710810911011111211311411511611711811912012112212312412512612712812913013113213313413513613713813914014114214314414514614714814915015115215315415515615715815916016116216316416516616716816917017117217317417517617717817918018118218318418518618718818919019119219319419519619719819920020120220320420520620720820921021121221321421521621721821922022122222322422522622722822923023123223323423523623723823924024124224324424524624724824925025125225325425525625725825926026126226326426526626726826927027127227327427527627727827928028128228328428528628728828929029129229329429529629729829930030130230330430530630730830931031131231331431531631731831932032132232332432532632732832933033133233333433533633733833934034134234334434534634734834935035135235335435535635735835936036136236336436536636736836937037137237337437537637737837938038138238338438538638738838939039139239339439539639739839940040140240340440540640740840941041141241341441541641741841942042142242342442542642742842943043143243343443543643743843944044144244344444544644744844945045145245345445545645745845946046146246346446546646746846947047147247347447547647747847948048148248348448548648748848949049149249349449549649749849950050150250350450550650750850951051151251351451551651751851952052152252352452552652752852953053153253353453553653753853954054154254354454554654754854955055155255355455555655755855956056156256356456556656756856957057157257357457557657757857958058158258358458558658758858959059159259359459559659759859960060160260360460560660760860961061161261361461561661761861962062162262362462562662762862963063163263363463563663763863964064164264364464564664764864965065165265365465565665765865966066166266366466566666766866967067167267367467567667767867968068168268368468568668768868969069169269369469569669769869970070170270370470570670770870971071171271371471571671771871972072172272372472572672772872973073173273373473573673773873974074174274374474574674774874975075175275375475575675775875976076176276376476576676776876977077177277377477577677777877978078178278378478578678778878979079179279379479579679779879980080180280380480580680780880981081181281381481581681781881982082182282382482582682782882983083183283383483583683783883984084184284384484584684784884985085185285385485585685785885986086186286386486586686786886987087187287387487587687787887988088188288388488588688788888989089189289389489589689789889990090190290390490590690790890991091191291391491591691791891992092192292392492592692792892993093193293393493593693793893994094194294394494594694794894995095195295395495595695795895996096196296396496596696796896997097197297397497597697797897998098198298398498598698798898999099199299399499599699799899910001001100210031004100510061007100810091010101110121013101410151016101710181019102010211022102310241025102610271028102910301031103210331034103510361037103810391040104110421043104410451046104710481049105010511052105310541055105610571058105910601061106210631064106510661067106810691070107110721073107410751076107710781079108010811082108310841085108610871088108910901091109210931094109510961097109810991100110111021103110411051106110711081109111011111112111311141115111611171118111911201121112211231124112511261127112811291130113111321133113411351136113711381139114011411142114311441145114611471148114911501151115211531154115511561157115811591160116111621163116411651166116711681169117011711172117311741175117611771178117911801181118211831184118511861187118811891190119111921193119411951196119711981199120012011202120312041205120612071208120912101211121212131214121512161217121812191220122112221223122412251226122712281229123012311232123312341235123612371238123912401241124212431244124512461247124812491250125112521253125412551256125712581259126012611262126312641265126612671268126912701271127212731274127512761277127812791280128112821283128412851286128712881289129012911292129312941295129612971298129913001301130213031304130513061307130813091310131113121313131413151316131713181319132013211322132313241325132613271328132913301331133213331334133513361337133813391340134113421343134413451346134713481349135013511352135313541355135613571358135913601361136213631364136513661367136813691370137113721373137413751376137713781379138013811382138313841385138613871388138913901391139213931394139513961397139813991400140114021403140414051406140714081409141014111412141314141415141614171418141914201421142214231424142514261427142814291430143114321433143414351436143714381439144014411442144314441445144614471448144914501451145214531454145514561457145814591460146114621463146414651466146714681469147014711472147314741475147614771478147914801481148214831484148514861487148814891490149114921493149414951496149714981499150015011502150315041505150615071508150915101511151215131514151515161517151815191520152115221523152415251526152715281529153015311532153315341535153615371538153915401541154215431544154515461547154815491550155115521553155415551556155715581559156015611562156315641565156615671568156915701571157215731574157515761577157815791580158115821583158415851586158715881589159015911592159315941595159615971598159916001601160216031604160516061607160816091610161116121613161416151616161716181619162016211622162316241625162616271628162916301631163216331634163516361637163816391640164116421643164416451646164716481649165016511652165316541655165616571658165916601661166216631664166516661667166816691670167116721673167416751676167716781679168016811682168316841685168616871688168916901691169216931694169516961697169816991700170117021703170417051706170717081709171017111712171317141715171617171718171917201721172217231724172517261727172817291730173117321733173417351736173717381739174017411742174317441745174617471748174917501751175217531754175517561757175817591760176117621763176417651766176717681769177017711772177317741775177617771778177917801781178217831784178517861787178817891790179117921793179417951796179717981799180018011802180318041805180618071808180918101811181218131814181518161817181818191820182118221823182418251826182718281829183018311832183318341835183618371838183918401841184218431844184518461847184818491850185118521853185418551856185718581859186018611862186318641865186618671868186918701871187218731874187518761877187818791880188118821883188418851886188718881889189018911892189318941895189618971898189919001901190219031904190519061907190819091910191119121913191419151916191719181919192019211922192319241925192619271928192919301931193219331934193519361937193819391940194119421943194419451946194719481949195019511952195319541955195619571958195919601961196219631964196519661967196819691970197119721973197419751976197719781979198019811982198319841985198619871988198919901991199219931994199519961997
  1. <?php
  2. /**
  3. * Common DokuWiki functions
  4. *
  5. * @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
  6. * @author Andreas Gohr <andi@splitbrain.org>
  7. */
  8. use dokuwiki\Cache\CacheInstructions;
  9. use dokuwiki\Cache\CacheRenderer;
  10. use dokuwiki\ChangeLog\PageChangeLog;
  11. use dokuwiki\File\PageFile;
  12. use dokuwiki\Logger;
  13. use dokuwiki\Subscriptions\PageSubscriptionSender;
  14. use dokuwiki\Subscriptions\SubscriberManager;
  15. use dokuwiki\Extension\AuthPlugin;
  16. use dokuwiki\Extension\Event;
  17. /**
  18. * Wrapper around htmlspecialchars()
  19. *
  20. * @author Andreas Gohr <andi@splitbrain.org>
  21. * @see htmlspecialchars()
  22. *
  23. * @param string $string the string being converted
  24. * @return string converted string
  25. */
  26. function hsc($string) {
  27. return htmlspecialchars($string, ENT_QUOTES | ENT_SUBSTITUTE | ENT_HTML401, 'UTF-8');
  28. }
  29. /**
  30. * A safer explode for fixed length lists
  31. *
  32. * This works just like explode(), but will always return the wanted number of elements.
  33. * If the $input string does not contain enough elements, the missing elements will be
  34. * filled up with the $default value. If the input string contains more elements, the last
  35. * one will NOT be split up and will still contain $separator
  36. *
  37. * @param string $separator The boundary string
  38. * @param string $string The input string
  39. * @param int $limit The number of expected elements
  40. * @param mixed $default The value to use when filling up missing elements
  41. * @see explode
  42. * @return array
  43. */
  44. function sexplode($separator, $string, $limit, $default = null)
  45. {
  46. return array_pad(explode($separator, $string, $limit), $limit, $default);
  47. }
  48. /**
  49. * Checks if the given input is blank
  50. *
  51. * This is similar to empty() but will return false for "0".
  52. *
  53. * Please note: when you pass uninitialized variables, they will implicitly be created
  54. * with a NULL value without warning.
  55. *
  56. * To avoid this it's recommended to guard the call with isset like this:
  57. *
  58. * (isset($foo) && !blank($foo))
  59. * (!isset($foo) || blank($foo))
  60. *
  61. * @param $in
  62. * @param bool $trim Consider a string of whitespace to be blank
  63. * @return bool
  64. */
  65. function blank(&$in, $trim = false) {
  66. if(is_null($in)) return true;
  67. if(is_array($in)) return empty($in);
  68. if($in === "\0") return true;
  69. if($trim && trim($in) === '') return true;
  70. if(strlen($in) > 0) return false;
  71. return empty($in);
  72. }
  73. /**
  74. * print a newline terminated string
  75. *
  76. * You can give an indention as optional parameter
  77. *
  78. * @author Andreas Gohr <andi@splitbrain.org>
  79. *
  80. * @param string $string line of text
  81. * @param int $indent number of spaces indention
  82. */
  83. function ptln($string, $indent = 0) {
  84. echo str_repeat(' ', $indent)."$string\n";
  85. }
  86. /**
  87. * strips control characters (<32) from the given string
  88. *
  89. * @author Andreas Gohr <andi@splitbrain.org>
  90. *
  91. * @param string $string being stripped
  92. * @return string
  93. */
  94. function stripctl($string) {
  95. return preg_replace('/[\x00-\x1F]+/s', '', $string);
  96. }
  97. /**
  98. * Return a secret token to be used for CSRF attack prevention
  99. *
  100. * @author Andreas Gohr <andi@splitbrain.org>
  101. * @link http://en.wikipedia.org/wiki/Cross-site_request_forgery
  102. * @link http://christ1an.blogspot.com/2007/04/preventing-csrf-efficiently.html
  103. *
  104. * @return string
  105. */
  106. function getSecurityToken() {
  107. /** @var Input $INPUT */
  108. global $INPUT;
  109. $user = $INPUT->server->str('REMOTE_USER');
  110. $session = session_id();
  111. // CSRF checks are only for logged in users - do not generate for anonymous
  112. if(trim($user) == '' || trim($session) == '') return '';
  113. return \dokuwiki\PassHash::hmac('md5', $session.$user, auth_cookiesalt());
  114. }
  115. /**
  116. * Check the secret CSRF token
  117. *
  118. * @param null|string $token security token or null to read it from request variable
  119. * @return bool success if the token matched
  120. */
  121. function checkSecurityToken($token = null) {
  122. /** @var Input $INPUT */
  123. global $INPUT;
  124. if(!$INPUT->server->str('REMOTE_USER')) return true; // no logged in user, no need for a check
  125. if(is_null($token)) $token = $INPUT->str('sectok');
  126. if(getSecurityToken() != $token) {
  127. msg('Security Token did not match. Possible CSRF attack.', -1);
  128. return false;
  129. }
  130. return true;
  131. }
  132. /**
  133. * Print a hidden form field with a secret CSRF token
  134. *
  135. * @author Andreas Gohr <andi@splitbrain.org>
  136. *
  137. * @param bool $print if true print the field, otherwise html of the field is returned
  138. * @return string html of hidden form field
  139. */
  140. function formSecurityToken($print = true) {
  141. $ret = '<div class="no"><input type="hidden" name="sectok" value="'.getSecurityToken().'" /></div>'."\n";
  142. if($print) echo $ret;
  143. return $ret;
  144. }
  145. /**
  146. * Determine basic information for a request of $id
  147. *
  148. * @author Andreas Gohr <andi@splitbrain.org>
  149. * @author Chris Smith <chris@jalakai.co.uk>
  150. *
  151. * @param string $id pageid
  152. * @param bool $htmlClient add info about whether is mobile browser
  153. * @return array with info for a request of $id
  154. *
  155. */
  156. function basicinfo($id, $htmlClient=true){
  157. global $USERINFO;
  158. /* @var Input $INPUT */
  159. global $INPUT;
  160. // set info about manager/admin status.
  161. $info = array();
  162. $info['isadmin'] = false;
  163. $info['ismanager'] = false;
  164. if($INPUT->server->has('REMOTE_USER')) {
  165. $info['userinfo'] = $USERINFO;
  166. $info['perm'] = auth_quickaclcheck($id);
  167. $info['client'] = $INPUT->server->str('REMOTE_USER');
  168. if($info['perm'] == AUTH_ADMIN) {
  169. $info['isadmin'] = true;
  170. $info['ismanager'] = true;
  171. } elseif(auth_ismanager()) {
  172. $info['ismanager'] = true;
  173. }
  174. // if some outside auth were used only REMOTE_USER is set
  175. if(empty($info['userinfo']['name'])) {
  176. $info['userinfo']['name'] = $INPUT->server->str('REMOTE_USER');
  177. }
  178. } else {
  179. $info['perm'] = auth_aclcheck($id, '', null);
  180. $info['client'] = clientIP(true);
  181. }
  182. $info['namespace'] = getNS($id);
  183. // mobile detection
  184. if ($htmlClient) {
  185. $info['ismobile'] = clientismobile();
  186. }
  187. return $info;
  188. }
  189. /**
  190. * Return info about the current document as associative
  191. * array.
  192. *
  193. * @author Andreas Gohr <andi@splitbrain.org>
  194. *
  195. * @return array with info about current document
  196. */
  197. function pageinfo() {
  198. global $ID;
  199. global $REV;
  200. global $RANGE;
  201. global $lang;
  202. /* @var Input $INPUT */
  203. global $INPUT;
  204. $info = basicinfo($ID);
  205. // include ID & REV not redundant, as some parts of DokuWiki may temporarily change $ID, e.g. p_wiki_xhtml
  206. // FIXME ... perhaps it would be better to ensure the temporary changes weren't necessary
  207. $info['id'] = $ID;
  208. $info['rev'] = $REV;
  209. $subManager = new SubscriberManager();
  210. $info['subscribed'] = $subManager->userSubscription();
  211. $info['locked'] = checklock($ID);
  212. $info['filepath'] = wikiFN($ID);
  213. $info['exists'] = file_exists($info['filepath']);
  214. $info['currentrev'] = @filemtime($info['filepath']);
  215. if ($REV) {
  216. //check if current revision was meant
  217. if ($info['exists'] && ($info['currentrev'] == $REV)) {
  218. $REV = '';
  219. } elseif ($RANGE) {
  220. //section editing does not work with old revisions!
  221. $REV = '';
  222. $RANGE = '';
  223. msg($lang['nosecedit'], 0);
  224. } else {
  225. //really use old revision
  226. $info['filepath'] = wikiFN($ID, $REV);
  227. $info['exists'] = file_exists($info['filepath']);
  228. }
  229. }
  230. $info['rev'] = $REV;
  231. if ($info['exists']) {
  232. $info['writable'] = (is_writable($info['filepath']) && $info['perm'] >= AUTH_EDIT);
  233. } else {
  234. $info['writable'] = ($info['perm'] >= AUTH_CREATE);
  235. }
  236. $info['editable'] = ($info['writable'] && empty($info['locked']));
  237. $info['lastmod'] = @filemtime($info['filepath']);
  238. //load page meta data
  239. $info['meta'] = p_get_metadata($ID);
  240. //who's the editor
  241. $pagelog = new PageChangeLog($ID, 1024);
  242. if ($REV) {
  243. $revinfo = $pagelog->getRevisionInfo($REV);
  244. } else {
  245. if (!empty($info['meta']['last_change']) && is_array($info['meta']['last_change'])) {
  246. $revinfo = $info['meta']['last_change'];
  247. } else {
  248. $revinfo = $pagelog->getRevisionInfo($info['lastmod']);
  249. // cache most recent changelog line in metadata if missing and still valid
  250. if ($revinfo !== false) {
  251. $info['meta']['last_change'] = $revinfo;
  252. p_set_metadata($ID, array('last_change' => $revinfo));
  253. }
  254. }
  255. }
  256. //and check for an external edit
  257. if ($revinfo !== false && $revinfo['date'] != $info['lastmod']) {
  258. // cached changelog line no longer valid
  259. $revinfo = false;
  260. $info['meta']['last_change'] = $revinfo;
  261. p_set_metadata($ID, array('last_change' => $revinfo));
  262. }
  263. if ($revinfo !== false) {
  264. $info['ip'] = $revinfo['ip'];
  265. $info['user'] = $revinfo['user'];
  266. $info['sum'] = $revinfo['sum'];
  267. // See also $INFO['meta']['last_change'] which is the most recent log line for page $ID.
  268. // Use $INFO['meta']['last_change']['type']===DOKU_CHANGE_TYPE_MINOR_EDIT in place of $info['minor'].
  269. $info['editor'] = $revinfo['user'] ?: $revinfo['ip'];
  270. } else {
  271. $info['ip'] = null;
  272. $info['user'] = null;
  273. $info['sum'] = null;
  274. $info['editor'] = null;
  275. }
  276. // draft
  277. $draft = new \dokuwiki\Draft($ID, $info['client']);
  278. if ($draft->isDraftAvailable()) {
  279. $info['draft'] = $draft->getDraftFilename();
  280. }
  281. return $info;
  282. }
  283. /**
  284. * Initialize and/or fill global $JSINFO with some basic info to be given to javascript
  285. */
  286. function jsinfo() {
  287. global $JSINFO, $ID, $INFO, $ACT;
  288. if (!is_array($JSINFO)) {
  289. $JSINFO = [];
  290. }
  291. //export minimal info to JS, plugins can add more
  292. $JSINFO['id'] = $ID;
  293. $JSINFO['namespace'] = isset($INFO) ? (string) $INFO['namespace'] : '';
  294. $JSINFO['ACT'] = act_clean($ACT);
  295. $JSINFO['useHeadingNavigation'] = (int) useHeading('navigation');
  296. $JSINFO['useHeadingContent'] = (int) useHeading('content');
  297. }
  298. /**
  299. * Return information about the current media item as an associative array.
  300. *
  301. * @return array with info about current media item
  302. */
  303. function mediainfo() {
  304. global $NS;
  305. global $IMG;
  306. $info = basicinfo("$NS:*");
  307. $info['image'] = $IMG;
  308. return $info;
  309. }
  310. /**
  311. * Build an string of URL parameters
  312. *
  313. * @author Andreas Gohr
  314. *
  315. * @param array $params array with key-value pairs
  316. * @param string $sep series of pairs are separated by this character
  317. * @return string query string
  318. */
  319. function buildURLparams($params, $sep = '&amp;') {
  320. $url = '';
  321. $amp = false;
  322. foreach($params as $key => $val) {
  323. if($amp) $url .= $sep;
  324. $url .= rawurlencode($key).'=';
  325. $url .= rawurlencode((string) $val);
  326. $amp = true;
  327. }
  328. return $url;
  329. }
  330. /**
  331. * Build an string of html tag attributes
  332. *
  333. * Skips keys starting with '_', values get HTML encoded
  334. *
  335. * @author Andreas Gohr
  336. *
  337. * @param array $params array with (attribute name-attribute value) pairs
  338. * @param bool $skipEmptyStrings skip empty string values?
  339. * @return string
  340. */
  341. function buildAttributes($params, $skipEmptyStrings = false) {
  342. $url = '';
  343. $white = false;
  344. foreach($params as $key => $val) {
  345. if($key[0] == '_') continue;
  346. if($val === '' && $skipEmptyStrings) continue;
  347. if($white) $url .= ' ';
  348. $url .= $key.'="';
  349. $url .= hsc($val);
  350. $url .= '"';
  351. $white = true;
  352. }
  353. return $url;
  354. }
  355. /**
  356. * This builds the breadcrumb trail and returns it as array
  357. *
  358. * @author Andreas Gohr <andi@splitbrain.org>
  359. *
  360. * @return string[] with the data: array(pageid=>name, ... )
  361. */
  362. function breadcrumbs() {
  363. // we prepare the breadcrumbs early for quick session closing
  364. static $crumbs = null;
  365. if($crumbs != null) return $crumbs;
  366. global $ID;
  367. global $ACT;
  368. global $conf;
  369. global $INFO;
  370. //first visit?
  371. $crumbs = isset($_SESSION[DOKU_COOKIE]['bc']) ? $_SESSION[DOKU_COOKIE]['bc'] : array();
  372. //we only save on show and existing visible readable wiki documents
  373. $file = wikiFN($ID);
  374. if($ACT != 'show' || $INFO['perm'] < AUTH_READ || isHiddenPage($ID) || !file_exists($file)) {
  375. $_SESSION[DOKU_COOKIE]['bc'] = $crumbs;
  376. return $crumbs;
  377. }
  378. // page names
  379. $name = noNSorNS($ID);
  380. if(useHeading('navigation')) {
  381. // get page title
  382. $title = p_get_first_heading($ID, METADATA_RENDER_USING_SIMPLE_CACHE);
  383. if($title) {
  384. $name = $title;
  385. }
  386. }
  387. //remove ID from array
  388. if(isset($crumbs[$ID])) {
  389. unset($crumbs[$ID]);
  390. }
  391. //add to array
  392. $crumbs[$ID] = $name;
  393. //reduce size
  394. while(count($crumbs) > $conf['breadcrumbs']) {
  395. array_shift($crumbs);
  396. }
  397. //save to session
  398. $_SESSION[DOKU_COOKIE]['bc'] = $crumbs;
  399. return $crumbs;
  400. }
  401. /**
  402. * Filter for page IDs
  403. *
  404. * This is run on a ID before it is outputted somewhere
  405. * currently used to replace the colon with something else
  406. * on Windows (non-IIS) systems and to have proper URL encoding
  407. *
  408. * See discussions at https://github.com/dokuwiki/dokuwiki/pull/84 and
  409. * https://github.com/dokuwiki/dokuwiki/pull/173 why we use a whitelist of
  410. * unaffected servers instead of blacklisting affected servers here.
  411. *
  412. * Urlencoding is ommitted when the second parameter is false
  413. *
  414. * @author Andreas Gohr <andi@splitbrain.org>
  415. *
  416. * @param string $id pageid being filtered
  417. * @param bool $ue apply urlencoding?
  418. * @return string
  419. */
  420. function idfilter($id, $ue = true) {
  421. global $conf;
  422. /* @var Input $INPUT */
  423. global $INPUT;
  424. $id = (string) $id;
  425. if($conf['useslash'] && $conf['userewrite']) {
  426. $id = strtr($id, ':', '/');
  427. } elseif(strtoupper(substr(PHP_OS, 0, 3)) === 'WIN' &&
  428. $conf['userewrite'] &&
  429. strpos($INPUT->server->str('SERVER_SOFTWARE'), 'Microsoft-IIS') === false
  430. ) {
  431. $id = strtr($id, ':', ';');
  432. }
  433. if($ue) {
  434. $id = rawurlencode($id);
  435. $id = str_replace('%3A', ':', $id); //keep as colon
  436. $id = str_replace('%3B', ';', $id); //keep as semicolon
  437. $id = str_replace('%2F', '/', $id); //keep as slash
  438. }
  439. return $id;
  440. }
  441. /**
  442. * This builds a link to a wikipage
  443. *
  444. * It handles URL rewriting and adds additional parameters
  445. *
  446. * @author Andreas Gohr <andi@splitbrain.org>
  447. *
  448. * @param string $id page id, defaults to start page
  449. * @param string|array $urlParameters URL parameters, associative array recommended
  450. * @param bool $absolute request an absolute URL instead of relative
  451. * @param string $separator parameter separator
  452. * @return string
  453. */
  454. function wl($id = '', $urlParameters = '', $absolute = false, $separator = '&amp;') {
  455. global $conf;
  456. if(is_array($urlParameters)) {
  457. if(isset($urlParameters['rev']) && !$urlParameters['rev']) unset($urlParameters['rev']);
  458. if(isset($urlParameters['at']) && $conf['date_at_format']) {
  459. $urlParameters['at'] = date($conf['date_at_format'], $urlParameters['at']);
  460. }
  461. $urlParameters = buildURLparams($urlParameters, $separator);
  462. } else {
  463. $urlParameters = str_replace(',', $separator, $urlParameters);
  464. }
  465. if($id === '') {
  466. $id = $conf['start'];
  467. }
  468. $id = idfilter($id);
  469. if($absolute) {
  470. $xlink = DOKU_URL;
  471. } else {
  472. $xlink = DOKU_BASE;
  473. }
  474. if($conf['userewrite'] == 2) {
  475. $xlink .= DOKU_SCRIPT.'/'.$id;
  476. if($urlParameters) $xlink .= '?'.$urlParameters;
  477. } elseif($conf['userewrite']) {
  478. $xlink .= $id;
  479. if($urlParameters) $xlink .= '?'.$urlParameters;
  480. } elseif($id !== '') {
  481. $xlink .= DOKU_SCRIPT.'?id='.$id;
  482. if($urlParameters) $xlink .= $separator.$urlParameters;
  483. } else {
  484. $xlink .= DOKU_SCRIPT;
  485. if($urlParameters) $xlink .= '?'.$urlParameters;
  486. }
  487. return $xlink;
  488. }
  489. /**
  490. * This builds a link to an alternate page format
  491. *
  492. * Handles URL rewriting if enabled. Follows the style of wl().
  493. *
  494. * @author Ben Coburn <btcoburn@silicodon.net>
  495. * @param string $id page id, defaults to start page
  496. * @param string $format the export renderer to use
  497. * @param string|array $urlParameters URL parameters, associative array recommended
  498. * @param bool $abs request an absolute URL instead of relative
  499. * @param string $sep parameter separator
  500. * @return string
  501. */
  502. function exportlink($id = '', $format = 'raw', $urlParameters = '', $abs = false, $sep = '&amp;') {
  503. global $conf;
  504. if(is_array($urlParameters)) {
  505. $urlParameters = buildURLparams($urlParameters, $sep);
  506. } else {
  507. $urlParameters = str_replace(',', $sep, $urlParameters);
  508. }
  509. $format = rawurlencode($format);
  510. $id = idfilter($id);
  511. if($abs) {
  512. $xlink = DOKU_URL;
  513. } else {
  514. $xlink = DOKU_BASE;
  515. }
  516. if($conf['userewrite'] == 2) {
  517. $xlink .= DOKU_SCRIPT.'/'.$id.'?do=export_'.$format;
  518. if($urlParameters) $xlink .= $sep.$urlParameters;
  519. } elseif($conf['userewrite'] == 1) {
  520. $xlink .= '_export/'.$format.'/'.$id;
  521. if($urlParameters) $xlink .= '?'.$urlParameters;
  522. } else {
  523. $xlink .= DOKU_SCRIPT.'?do=export_'.$format.$sep.'id='.$id;
  524. if($urlParameters) $xlink .= $sep.$urlParameters;
  525. }
  526. return $xlink;
  527. }
  528. /**
  529. * Build a link to a media file
  530. *
  531. * Will return a link to the detail page if $direct is false
  532. *
  533. * The $more parameter should always be given as array, the function then
  534. * will strip default parameters to produce even cleaner URLs
  535. *
  536. * @param string $id the media file id or URL
  537. * @param mixed $more string or array with additional parameters
  538. * @param bool $direct link to detail page if false
  539. * @param string $sep URL parameter separator
  540. * @param bool $abs Create an absolute URL
  541. * @return string
  542. */
  543. function ml($id = '', $more = '', $direct = true, $sep = '&amp;', $abs = false) {
  544. global $conf;
  545. $isexternalimage = media_isexternal($id);
  546. if(!$isexternalimage) {
  547. $id = cleanID($id);
  548. }
  549. if(is_array($more)) {
  550. // add token for resized images
  551. $w = isset($more['w']) ? $more['w'] : null;
  552. $h = isset($more['h']) ? $more['h'] : null;
  553. if($w || $h || $isexternalimage){
  554. $more['tok'] = media_get_token($id, $w, $h);
  555. }
  556. // strip defaults for shorter URLs
  557. if(isset($more['cache']) && $more['cache'] == 'cache') unset($more['cache']);
  558. if(empty($more['w'])) unset($more['w']);
  559. if(empty($more['h'])) unset($more['h']);
  560. if(isset($more['id']) && $direct) unset($more['id']);
  561. if(isset($more['rev']) && !$more['rev']) unset($more['rev']);
  562. $more = buildURLparams($more, $sep);
  563. } else {
  564. $matches = array();
  565. if (preg_match_all('/\b(w|h)=(\d*)\b/',$more,$matches,PREG_SET_ORDER) || $isexternalimage){
  566. $resize = array('w'=>0, 'h'=>0);
  567. foreach ($matches as $match){
  568. $resize[$match[1]] = $match[2];
  569. }
  570. $more .= $more === '' ? '' : $sep;
  571. $more .= 'tok='.media_get_token($id,$resize['w'],$resize['h']);
  572. }
  573. $more = str_replace('cache=cache', '', $more); //skip default
  574. $more = str_replace(',,', ',', $more);
  575. $more = str_replace(',', $sep, $more);
  576. }
  577. if($abs) {
  578. $xlink = DOKU_URL;
  579. } else {
  580. $xlink = DOKU_BASE;
  581. }
  582. // external URLs are always direct without rewriting
  583. if($isexternalimage) {
  584. $xlink .= 'lib/exe/fetch.php';
  585. $xlink .= '?'.$more;
  586. $xlink .= $sep.'media='.rawurlencode($id);
  587. return $xlink;
  588. }
  589. $id = idfilter($id);
  590. // decide on scriptname
  591. if($direct) {
  592. if($conf['userewrite'] == 1) {
  593. $script = '_media';
  594. } else {
  595. $script = 'lib/exe/fetch.php';
  596. }
  597. } else {
  598. if($conf['userewrite'] == 1) {
  599. $script = '_detail';
  600. } else {
  601. $script = 'lib/exe/detail.php';
  602. }
  603. }
  604. // build URL based on rewrite mode
  605. if($conf['userewrite']) {
  606. $xlink .= $script.'/'.$id;
  607. if($more) $xlink .= '?'.$more;
  608. } else {
  609. if($more) {
  610. $xlink .= $script.'?'.$more;
  611. $xlink .= $sep.'media='.$id;
  612. } else {
  613. $xlink .= $script.'?media='.$id;
  614. }
  615. }
  616. return $xlink;
  617. }
  618. /**
  619. * Returns the URL to the DokuWiki base script
  620. *
  621. * Consider using wl() instead, unless you absoutely need the doku.php endpoint
  622. *
  623. * @author Andreas Gohr <andi@splitbrain.org>
  624. *
  625. * @return string
  626. */
  627. function script() {
  628. return DOKU_BASE.DOKU_SCRIPT;
  629. }
  630. /**
  631. * Spamcheck against wordlist
  632. *
  633. * Checks the wikitext against a list of blocked expressions
  634. * returns true if the text contains any bad words
  635. *
  636. * Triggers COMMON_WORDBLOCK_BLOCKED
  637. *
  638. * Action Plugins can use this event to inspect the blocked data
  639. * and gain information about the user who was blocked.
  640. *
  641. * Event data:
  642. * data['matches'] - array of matches
  643. * data['userinfo'] - information about the blocked user
  644. * [ip] - ip address
  645. * [user] - username (if logged in)
  646. * [mail] - mail address (if logged in)
  647. * [name] - real name (if logged in)
  648. *
  649. * @author Andreas Gohr <andi@splitbrain.org>
  650. * @author Michael Klier <chi@chimeric.de>
  651. *
  652. * @param string $text - optional text to check, if not given the globals are used
  653. * @return bool - true if a spam word was found
  654. */
  655. function checkwordblock($text = '') {
  656. global $TEXT;
  657. global $PRE;
  658. global $SUF;
  659. global $SUM;
  660. global $conf;
  661. global $INFO;
  662. /* @var Input $INPUT */
  663. global $INPUT;
  664. if(!$conf['usewordblock']) return false;
  665. if(!$text) $text = "$PRE $TEXT $SUF $SUM";
  666. // we prepare the text a tiny bit to prevent spammers circumventing URL checks
  667. // phpcs:disable Generic.Files.LineLength.TooLong
  668. $text = preg_replace(
  669. '!(\b)(www\.[\w.:?\-;,]+?\.[\w.:?\-;,]+?[\w/\#~:.?+=&%@\!\-.:?\-;,]+?)([.:?\-;,]*[^\w/\#~:.?+=&%@\!\-.:?\-;,])!i',
  670. '\1http://\2 \2\3',
  671. $text
  672. );
  673. // phpcs:enable
  674. $wordblocks = getWordblocks();
  675. // how many lines to read at once (to work around some PCRE limits)
  676. if(version_compare(phpversion(), '4.3.0', '<')) {
  677. // old versions of PCRE define a maximum of parenthesises even if no
  678. // backreferences are used - the maximum is 99
  679. // this is very bad performancewise and may even be too high still
  680. $chunksize = 40;
  681. } else {
  682. // read file in chunks of 200 - this should work around the
  683. // MAX_PATTERN_SIZE in modern PCRE
  684. $chunksize = 200;
  685. }
  686. while($blocks = array_splice($wordblocks, 0, $chunksize)) {
  687. $re = array();
  688. // build regexp from blocks
  689. foreach($blocks as $block) {
  690. $block = preg_replace('/#.*$/', '', $block);
  691. $block = trim($block);
  692. if(empty($block)) continue;
  693. $re[] = $block;
  694. }
  695. if(count($re) && preg_match('#('.join('|', $re).')#si', $text, $matches)) {
  696. // prepare event data
  697. $data = array();
  698. $data['matches'] = $matches;
  699. $data['userinfo']['ip'] = $INPUT->server->str('REMOTE_ADDR');
  700. if($INPUT->server->str('REMOTE_USER')) {
  701. $data['userinfo']['user'] = $INPUT->server->str('REMOTE_USER');
  702. $data['userinfo']['name'] = $INFO['userinfo']['name'];
  703. $data['userinfo']['mail'] = $INFO['userinfo']['mail'];
  704. }
  705. $callback = function () {
  706. return true;
  707. };
  708. return Event::createAndTrigger('COMMON_WORDBLOCK_BLOCKED', $data, $callback, true);
  709. }
  710. }
  711. return false;
  712. }
  713. /**
  714. * Return the IP of the client
  715. *
  716. * Honours X-Forwarded-For and X-Real-IP Proxy Headers
  717. *
  718. * It returns a comma separated list of IPs if the above mentioned
  719. * headers are set. If the single parameter is set, it tries to return
  720. * a routable public address, prefering the ones suplied in the X
  721. * headers
  722. *
  723. * @author Andreas Gohr <andi@splitbrain.org>
  724. *
  725. * @param boolean $single If set only a single IP is returned
  726. * @return string
  727. */
  728. function clientIP($single = false) {
  729. /* @var Input $INPUT */
  730. global $INPUT, $conf;
  731. $ip = array();
  732. $ip[] = $INPUT->server->str('REMOTE_ADDR');
  733. if($INPUT->server->str('HTTP_X_FORWARDED_FOR')) {
  734. $ip = array_merge($ip, explode(',', str_replace(' ', '', $INPUT->server->str('HTTP_X_FORWARDED_FOR'))));
  735. }
  736. if($INPUT->server->str('HTTP_X_REAL_IP')) {
  737. $ip = array_merge($ip, explode(',', str_replace(' ', '', $INPUT->server->str('HTTP_X_REAL_IP'))));
  738. }
  739. // remove any non-IP stuff
  740. $cnt = count($ip);
  741. for($i = 0; $i < $cnt; $i++) {
  742. if(filter_var($ip[$i], FILTER_VALIDATE_IP) === false) {
  743. unset($ip[$i]);
  744. }
  745. }
  746. $ip = array_values(array_unique($ip));
  747. if(empty($ip) || !$ip[0]) $ip[0] = '0.0.0.0'; // for some strange reason we don't have a IP
  748. if(!$single) return join(',', $ip);
  749. // skip trusted local addresses
  750. foreach($ip as $i) {
  751. if(!empty($conf['trustedproxy']) && preg_match('/'.$conf['trustedproxy'].'/', $i)) {
  752. continue;
  753. } else {
  754. return $i;
  755. }
  756. }
  757. // still here? just use the last address
  758. // this case all ips in the list are trusted
  759. return $ip[count($ip)-1];
  760. }
  761. /**
  762. * Check if the browser is on a mobile device
  763. *
  764. * Adapted from the example code at url below
  765. *
  766. * @link http://www.brainhandles.com/2007/10/15/detecting-mobile-browsers/#code
  767. *
  768. * @deprecated 2018-04-27 you probably want media queries instead anyway
  769. * @return bool if true, client is mobile browser; otherwise false
  770. */
  771. function clientismobile() {
  772. /* @var Input $INPUT */
  773. global $INPUT;
  774. if($INPUT->server->has('HTTP_X_WAP_PROFILE')) return true;
  775. if(preg_match('/wap\.|\.wap/i', $INPUT->server->str('HTTP_ACCEPT'))) return true;
  776. if(!$INPUT->server->has('HTTP_USER_AGENT')) return false;
  777. $uamatches = join(
  778. '|',
  779. [
  780. 'midp', 'j2me', 'avantg', 'docomo', 'novarra', 'palmos', 'palmsource', '240x320', 'opwv',
  781. 'chtml', 'pda', 'windows ce', 'mmp\/', 'blackberry', 'mib\/', 'symbian', 'wireless', 'nokia',
  782. 'hand', 'mobi', 'phone', 'cdm', 'up\.b', 'audio', 'SIE\-', 'SEC\-', 'samsung', 'HTC', 'mot\-',
  783. 'mitsu', 'sagem', 'sony', 'alcatel', 'lg', 'erics', 'vx', 'NEC', 'philips', 'mmm', 'xx',
  784. 'panasonic', 'sharp', 'wap', 'sch', 'rover', 'pocket', 'benq', 'java', 'pt', 'pg', 'vox',
  785. 'amoi', 'bird', 'compal', 'kg', 'voda', 'sany', 'kdd', 'dbt', 'sendo', 'sgh', 'gradi', 'jb',
  786. '\d\d\di', 'moto'
  787. ]
  788. );
  789. if(preg_match("/$uamatches/i", $INPUT->server->str('HTTP_USER_AGENT'))) return true;
  790. return false;
  791. }
  792. /**
  793. * check if a given link is interwiki link
  794. *
  795. * @param string $link the link, e.g. "wiki>page"
  796. * @return bool
  797. */
  798. function link_isinterwiki($link){
  799. if (preg_match('/^[a-zA-Z0-9\.]+>/u',$link)) return true;
  800. return false;
  801. }
  802. /**
  803. * Convert one or more comma separated IPs to hostnames
  804. *
  805. * If $conf['dnslookups'] is disabled it simply returns the input string
  806. *
  807. * @author Glen Harris <astfgl@iamnota.org>
  808. *
  809. * @param string $ips comma separated list of IP addresses
  810. * @return string a comma separated list of hostnames
  811. */
  812. function gethostsbyaddrs($ips) {
  813. global $conf;
  814. if(!$conf['dnslookups']) return $ips;
  815. $hosts = array();
  816. $ips = explode(',', $ips);
  817. if(is_array($ips)) {
  818. foreach($ips as $ip) {
  819. $hosts[] = gethostbyaddr(trim($ip));
  820. }
  821. return join(',', $hosts);
  822. } else {
  823. return gethostbyaddr(trim($ips));
  824. }
  825. }
  826. /**
  827. * Checks if a given page is currently locked.
  828. *
  829. * removes stale lockfiles
  830. *
  831. * @author Andreas Gohr <andi@splitbrain.org>
  832. *
  833. * @param string $id page id
  834. * @return bool page is locked?
  835. */
  836. function checklock($id) {
  837. global $conf;
  838. /* @var Input $INPUT */
  839. global $INPUT;
  840. $lock = wikiLockFN($id);
  841. //no lockfile
  842. if(!file_exists($lock)) return false;
  843. //lockfile expired
  844. if((time() - filemtime($lock)) > $conf['locktime']) {
  845. @unlink($lock);
  846. return false;
  847. }
  848. //my own lock
  849. @list($ip, $session) = explode("\n", io_readFile($lock));
  850. if($ip == $INPUT->server->str('REMOTE_USER') || (session_id() && $session == session_id())) {
  851. return false;
  852. }
  853. return $ip;
  854. }
  855. /**
  856. * Lock a page for editing
  857. *
  858. * @author Andreas Gohr <andi@splitbrain.org>
  859. *
  860. * @param string $id page id to lock
  861. */
  862. function lock($id) {
  863. global $conf;
  864. /* @var Input $INPUT */
  865. global $INPUT;
  866. if($conf['locktime'] == 0) {
  867. return;
  868. }
  869. $lock = wikiLockFN($id);
  870. if($INPUT->server->str('REMOTE_USER')) {
  871. io_saveFile($lock, $INPUT->server->str('REMOTE_USER'));
  872. } else {
  873. io_saveFile($lock, clientIP()."\n".session_id());
  874. }
  875. }
  876. /**
  877. * Unlock a page if it was locked by the user
  878. *
  879. * @author Andreas Gohr <andi@splitbrain.org>
  880. *
  881. * @param string $id page id to unlock
  882. * @return bool true if a lock was removed
  883. */
  884. function unlock($id) {
  885. /* @var Input $INPUT */
  886. global $INPUT;
  887. $lock = wikiLockFN($id);
  888. if(file_exists($lock)) {
  889. @list($ip, $session) = explode("\n", io_readFile($lock));
  890. if($ip == $INPUT->server->str('REMOTE_USER') || $session == session_id()) {
  891. @unlink($lock);
  892. return true;
  893. }
  894. }
  895. return false;
  896. }
  897. /**
  898. * convert line ending to unix format
  899. *
  900. * also makes sure the given text is valid UTF-8
  901. *
  902. * @see formText() for 2crlf conversion
  903. * @author Andreas Gohr <andi@splitbrain.org>
  904. *
  905. * @param string $text
  906. * @return string
  907. */
  908. function cleanText($text) {
  909. $text = preg_replace("/(\015\012)|(\015)/", "\012", $text);
  910. // if the text is not valid UTF-8 we simply assume latin1
  911. // this won't break any worse than it breaks with the wrong encoding
  912. // but might actually fix the problem in many cases
  913. if(!\dokuwiki\Utf8\Clean::isUtf8($text)) $text = utf8_encode($text);
  914. return $text;
  915. }
  916. /**
  917. * Prepares text for print in Webforms by encoding special chars.
  918. * It also converts line endings to Windows format which is
  919. * pseudo standard for webforms.
  920. *
  921. * @see cleanText() for 2unix conversion
  922. * @author Andreas Gohr <andi@splitbrain.org>
  923. *
  924. * @param string $text
  925. * @return string
  926. */
  927. function formText($text) {
  928. $text = str_replace("\012", "\015\012", $text ?? '');
  929. return htmlspecialchars($text);
  930. }
  931. /**
  932. * Returns the specified local text in raw format
  933. *
  934. * @author Andreas Gohr <andi@splitbrain.org>
  935. *
  936. * @param string $id page id
  937. * @param string $ext extension of file being read, default 'txt'
  938. * @return string
  939. */
  940. function rawLocale($id, $ext = 'txt') {
  941. return io_readFile(localeFN($id, $ext));
  942. }
  943. /**
  944. * Returns the raw WikiText
  945. *
  946. * @author Andreas Gohr <andi@splitbrain.org>
  947. *
  948. * @param string $id page id
  949. * @param string|int $rev timestamp when a revision of wikitext is desired
  950. * @return string
  951. */
  952. function rawWiki($id, $rev = '') {
  953. return io_readWikiPage(wikiFN($id, $rev), $id, $rev);
  954. }
  955. /**
  956. * Returns the pagetemplate contents for the ID's namespace
  957. *
  958. * @triggers COMMON_PAGETPL_LOAD
  959. * @author Andreas Gohr <andi@splitbrain.org>
  960. *
  961. * @param string $id the id of the page to be created
  962. * @return string parsed pagetemplate content
  963. */
  964. function pageTemplate($id) {
  965. global $conf;
  966. if(is_array($id)) $id = $id[0];
  967. // prepare initial event data
  968. $data = array(
  969. 'id' => $id, // the id of the page to be created
  970. 'tpl' => '', // the text used as template
  971. 'tplfile' => '', // the file above text was/should be loaded from
  972. 'doreplace' => true // should wildcard replacements be done on the text?
  973. );
  974. $evt = new Event('COMMON_PAGETPL_LOAD', $data);
  975. if($evt->advise_before(true)) {
  976. // the before event might have loaded the content already
  977. if(empty($data['tpl'])) {
  978. // if the before event did not set a template file, try to find one
  979. if(empty($data['tplfile'])) {
  980. $path = dirname(wikiFN($id));
  981. if(file_exists($path.'/_template.txt')) {
  982. $data['tplfile'] = $path.'/_template.txt';
  983. } else {
  984. // search upper namespaces for templates
  985. $len = strlen(rtrim($conf['datadir'], '/'));
  986. while(strlen($path) >= $len) {
  987. if(file_exists($path.'/__template.txt')) {
  988. $data['tplfile'] = $path.'/__template.txt';
  989. break;
  990. }
  991. $path = substr($path, 0, strrpos($path, '/'));
  992. }
  993. }
  994. }
  995. // load the content
  996. $data['tpl'] = io_readFile($data['tplfile']);
  997. }
  998. if($data['doreplace']) parsePageTemplate($data);
  999. }
  1000. $evt->advise_after();
  1001. unset($evt);
  1002. return $data['tpl'];
  1003. }
  1004. /**
  1005. * Performs common page template replacements
  1006. * This works on data from COMMON_PAGETPL_LOAD
  1007. *
  1008. * @author Andreas Gohr <andi@splitbrain.org>
  1009. *
  1010. * @param array $data array with event data
  1011. * @return string
  1012. */
  1013. function parsePageTemplate(&$data) {
  1014. /**
  1015. * @var string $id the id of the page to be created
  1016. * @var string $tpl the text used as template
  1017. * @var string $tplfile the file above text was/should be loaded from
  1018. * @var bool $doreplace should wildcard replacements be done on the text?
  1019. */
  1020. extract($data);
  1021. global $USERINFO;
  1022. global $conf;
  1023. /* @var Input $INPUT */
  1024. global $INPUT;
  1025. // replace placeholders
  1026. $file = noNS($id);
  1027. $page = strtr($file, $conf['sepchar'], ' ');
  1028. $tpl = str_replace(
  1029. array(
  1030. '@ID@',
  1031. '@NS@',
  1032. '@CURNS@',
  1033. '@!CURNS@',
  1034. '@!!CURNS@',
  1035. '@!CURNS!@',
  1036. '@FILE@',
  1037. '@!FILE@',
  1038. '@!FILE!@',
  1039. '@PAGE@',
  1040. '@!PAGE@',
  1041. '@!!PAGE@',
  1042. '@!PAGE!@',
  1043. '@USER@',
  1044. '@NAME@',
  1045. '@MAIL@',
  1046. '@DATE@',
  1047. ),
  1048. array(
  1049. $id,
  1050. getNS($id),
  1051. curNS($id),
  1052. \dokuwiki\Utf8\PhpString::ucfirst(curNS($id)),
  1053. \dokuwiki\Utf8\PhpString::ucwords(curNS($id)),
  1054. \dokuwiki\Utf8\PhpString::strtoupper(curNS($id)),
  1055. $file,
  1056. \dokuwiki\Utf8\PhpString::ucfirst($file),
  1057. \dokuwiki\Utf8\PhpString::strtoupper($file),
  1058. $page,
  1059. \dokuwiki\Utf8\PhpString::ucfirst($page),
  1060. \dokuwiki\Utf8\PhpString::ucwords($page),
  1061. \dokuwiki\Utf8\PhpString::strtoupper($page),
  1062. $INPUT->server->str('REMOTE_USER'),
  1063. $USERINFO ? $USERINFO['name'] : '',
  1064. $USERINFO ? $USERINFO['mail'] : '',
  1065. $conf['dformat'],
  1066. ), $tpl
  1067. );
  1068. // we need the callback to work around strftime's char limit
  1069. $tpl = preg_replace_callback(
  1070. '/%./',
  1071. function ($m) {
  1072. return dformat(null, $m[0]);
  1073. },
  1074. $tpl
  1075. );
  1076. $data['tpl'] = $tpl;
  1077. return $tpl;
  1078. }
  1079. /**
  1080. * Returns the raw Wiki Text in three slices.
  1081. *
  1082. * The range parameter needs to have the form "from-to"
  1083. * and gives the range of the section in bytes - no
  1084. * UTF-8 awareness is needed.
  1085. * The returned order is prefix, section and suffix.
  1086. *
  1087. * @author Andreas Gohr <andi@splitbrain.org>
  1088. *
  1089. * @param string $range in form "from-to"
  1090. * @param string $id page id
  1091. * @param string $rev optional, the revision timestamp
  1092. * @return string[] with three slices
  1093. */
  1094. function rawWikiSlices($range, $id, $rev = '') {
  1095. $text = io_readWikiPage(wikiFN($id, $rev), $id, $rev);
  1096. // Parse range
  1097. list($from, $to) = sexplode('-', $range, 2);
  1098. // Make range zero-based, use defaults if marker is missing
  1099. $from = !$from ? 0 : ($from - 1);
  1100. $to = !$to ? strlen($text) : ($to - 1);
  1101. $slices = array();
  1102. $slices[0] = substr($text, 0, $from);
  1103. $slices[1] = substr($text, $from, $to - $from);
  1104. $slices[2] = substr($text, $to);
  1105. return $slices;
  1106. }
  1107. /**
  1108. * Joins wiki text slices
  1109. *
  1110. * function to join the text slices.
  1111. * When the pretty parameter is set to true it adds additional empty
  1112. * lines between sections if needed (used on saving).
  1113. *
  1114. * @author Andreas Gohr <andi@splitbrain.org>
  1115. *
  1116. * @param string $pre prefix
  1117. * @param string $text text in the middle
  1118. * @param string $suf suffix
  1119. * @param bool $pretty add additional empty lines between sections
  1120. * @return string
  1121. */
  1122. function con($pre, $text, $suf, $pretty = false) {
  1123. if($pretty) {
  1124. if($pre !== '' && substr($pre, -1) !== "\n" &&
  1125. substr($text, 0, 1) !== "\n"
  1126. ) {
  1127. $pre .= "\n";
  1128. }
  1129. if($suf !== '' && substr($text, -1) !== "\n" &&
  1130. substr($suf, 0, 1) !== "\n"
  1131. ) {
  1132. $text .= "\n";
  1133. }
  1134. }
  1135. return $pre.$text.$suf;
  1136. }
  1137. /**
  1138. * Checks if the current page version is newer than the last entry in the page's
  1139. * changelog. If so, we assume it has been an external edit and we create an
  1140. * attic copy and add a proper changelog line.
  1141. *
  1142. * This check is only executed when the page is about to be saved again from the
  1143. * wiki, triggered in @see saveWikiText()
  1144. *
  1145. * @param string $id the page ID
  1146. * @deprecated 2021-11-28
  1147. */
  1148. function detectExternalEdit($id) {
  1149. dbg_deprecated(PageFile::class .'::detectExternalEdit()');
  1150. (new PageFile($id))->detectExternalEdit();
  1151. }
  1152. /**
  1153. * Saves a wikitext by calling io_writeWikiPage.
  1154. * Also directs changelog and attic updates.
  1155. *
  1156. * @author Andreas Gohr <andi@splitbrain.org>
  1157. * @author Ben Coburn <btcoburn@silicodon.net>
  1158. *
  1159. * @param string $id page id
  1160. * @param string $text wikitext being saved
  1161. * @param string $summary summary of text update
  1162. * @param bool $minor mark this saved version as minor update
  1163. */
  1164. function saveWikiText($id, $text, $summary, $minor = false) {
  1165. // get COMMON_WIKIPAGE_SAVE event data
  1166. $data = (new PageFile($id))->saveWikiText($text, $summary, $minor);
  1167. if(!$data) return; // save was cancelled (for no changes or by a plugin)
  1168. // send notify mails
  1169. list('oldRevision' => $rev, 'newRevision' => $new_rev, 'summary' => $summary) = $data;
  1170. notify($id, 'admin', $rev, $summary, $minor, $new_rev);
  1171. notify($id, 'subscribers', $rev, $summary, $minor, $new_rev);
  1172. // if useheading is enabled, purge the cache of all linking pages
  1173. if (useHeading('content')) {
  1174. $pages = ft_backlinks($id, true);
  1175. foreach ($pages as $page) {
  1176. $cache = new CacheRenderer($page, wikiFN($page), 'xhtml');
  1177. $cache->removeCache();
  1178. }
  1179. }
  1180. }
  1181. /**
  1182. * moves the current version to the attic and returns its revision date
  1183. *
  1184. * @author Andreas Gohr <andi@splitbrain.org>
  1185. *
  1186. * @param string $id page id
  1187. * @return int|string revision timestamp
  1188. * @deprecated 2021-11-28
  1189. */
  1190. function saveOldRevision($id) {
  1191. dbg_deprecated(PageFile::class .'::saveOldRevision()');
  1192. return (new PageFile($id))->saveOldRevision();
  1193. }
  1194. /**
  1195. * Sends a notify mail on page change or registration
  1196. *
  1197. * @param string $id The changed page
  1198. * @param string $who Who to notify (admin|subscribers|register)
  1199. * @param int|string $rev Old page revision
  1200. * @param string $summary What changed
  1201. * @param boolean $minor Is this a minor edit?
  1202. * @param string[] $replace Additional string substitutions, @KEY@ to be replaced by value
  1203. * @param int|string $current_rev New page revision
  1204. * @return bool
  1205. *
  1206. * @author Andreas Gohr <andi@splitbrain.org>
  1207. */
  1208. function notify($id, $who, $rev = '', $summary = '', $minor = false, $replace = array(), $current_rev = false) {
  1209. global $conf;
  1210. /* @var Input $INPUT */
  1211. global $INPUT;
  1212. // decide if there is something to do, eg. whom to mail
  1213. if ($who == 'admin') {
  1214. if (empty($conf['notify'])) return false; //notify enabled?
  1215. $tpl = 'mailtext';
  1216. $to = $conf['notify'];
  1217. } elseif ($who == 'subscribers') {
  1218. if (!actionOK('subscribe')) return false; //subscribers enabled?
  1219. if ($conf['useacl'] && $INPUT->server->str('REMOTE_USER') && $minor) return false; //skip minors
  1220. $data = array('id' => $id, 'addresslist' => '', 'self' => false, 'replacements' => $replace);
  1221. Event::createAndTrigger(
  1222. 'COMMON_NOTIFY_ADDRESSLIST', $data,
  1223. array(new SubscriberManager(), 'notifyAddresses')
  1224. );
  1225. $to = $data['addresslist'];
  1226. if (empty($to)) return false;
  1227. $tpl = 'subscr_single';
  1228. } else {
  1229. return false; //just to be safe
  1230. }
  1231. // prepare content
  1232. $subscription = new PageSubscriptionSender();
  1233. return $subscription->sendPageDiff($to, $tpl, $id, $rev, $summary, $current_rev);
  1234. }
  1235. /**
  1236. * extracts the query from a search engine referrer
  1237. *
  1238. * @author Andreas Gohr <andi@splitbrain.org>
  1239. * @author Todd Augsburger <todd@rollerorgans.com>
  1240. *
  1241. * @return array|string
  1242. */
  1243. function getGoogleQuery() {
  1244. /* @var Input $INPUT */
  1245. global $INPUT;
  1246. if(!$INPUT->server->has('HTTP_REFERER')) {
  1247. return '';
  1248. }
  1249. $url = parse_url($INPUT->server->str('HTTP_REFERER'));
  1250. // only handle common SEs
  1251. if(!array_key_exists('host', $url)) return '';
  1252. if(!preg_match('/(google|bing|yahoo|ask|duckduckgo|babylon|aol|yandex)/',$url['host'])) return '';
  1253. $query = array();
  1254. if(!array_key_exists('query', $url)) return '';
  1255. parse_str($url['query'], $query);
  1256. $q = '';
  1257. if(isset($query['q'])){
  1258. $q = $query['q'];
  1259. }elseif(isset($query['p'])){
  1260. $q = $query['p'];
  1261. }elseif(isset($query['query'])){
  1262. $q = $query['query'];
  1263. }
  1264. $q = trim($q);
  1265. if(!$q) return '';
  1266. // ignore if query includes a full URL
  1267. if(strpos($q, '//') !== false) return '';
  1268. $q = preg_split('/[\s\'"\\\\`()\]\[?:!\.{};,#+*<>\\/]+/', $q, -1, PREG_SPLIT_NO_EMPTY);
  1269. return $q;
  1270. }
  1271. /**
  1272. * Return the human readable size of a file
  1273. *
  1274. * @param int $size A file size
  1275. * @param int $dec A number of decimal places
  1276. * @return string human readable size
  1277. *
  1278. * @author Martin Benjamin <b.martin@cybernet.ch>
  1279. * @author Aidan Lister <aidan@php.net>
  1280. * @version 1.0.0
  1281. */
  1282. function filesize_h($size, $dec = 1) {
  1283. $sizes = array('B', 'KB', 'MB', 'GB');
  1284. $count = count($sizes);
  1285. $i = 0;
  1286. while($size >= 1024 && ($i < $count - 1)) {
  1287. $size /= 1024;
  1288. $i++;
  1289. }
  1290. return round($size, $dec)."\xC2\xA0".$sizes[$i]; //non-breaking space
  1291. }
  1292. /**
  1293. * Return the given timestamp as human readable, fuzzy age
  1294. *
  1295. * @author Andreas Gohr <gohr@cosmocode.de>
  1296. *
  1297. * @param int $dt timestamp
  1298. * @return string
  1299. */
  1300. function datetime_h($dt) {
  1301. global $lang;
  1302. $ago = time() - $dt;
  1303. if($ago > 24 * 60 * 60 * 30 * 12 * 2) {
  1304. return sprintf($lang['years'], round($ago / (24 * 60 * 60 * 30 * 12)));
  1305. }
  1306. if($ago > 24 * 60 * 60 * 30 * 2) {
  1307. return sprintf($lang['months'], round($ago / (24 * 60 * 60 * 30)));
  1308. }
  1309. if($ago > 24 * 60 * 60 * 7 * 2) {
  1310. return sprintf($lang['weeks'], round($ago / (24 * 60 * 60 * 7)));
  1311. }
  1312. if($ago > 24 * 60 * 60 * 2) {
  1313. return sprintf($lang['days'], round($ago / (24 * 60 * 60)));
  1314. }
  1315. if($ago > 60 * 60 * 2) {
  1316. return sprintf($lang['hours'], round($ago / (60 * 60)));
  1317. }
  1318. if($ago > 60 * 2) {
  1319. return sprintf($lang['minutes'], round($ago / (60)));
  1320. }
  1321. return sprintf($lang['seconds'], $ago);
  1322. }
  1323. /**
  1324. * Wraps around strftime but provides support for fuzzy dates
  1325. *
  1326. * The format default to $conf['dformat']. It is passed to
  1327. * strftime - %f can be used to get the value from datetime_h()
  1328. *
  1329. * @see datetime_h
  1330. * @author Andreas Gohr <gohr@cosmocode.de>
  1331. *
  1332. * @param int|null $dt timestamp when given, null will take current timestamp
  1333. * @param string $format empty default to $conf['dformat'], or provide format as recognized by strftime()
  1334. * @return string
  1335. */
  1336. function dformat($dt = null, $format = '') {
  1337. global $conf;
  1338. if(is_null($dt)) $dt = time();
  1339. $dt = (int) $dt;
  1340. if(!$format) $format = $conf['dformat'];
  1341. $format = str_replace('%f', datetime_h($dt), $format);
  1342. return strftime($format, $dt);
  1343. }
  1344. /**
  1345. * Formats a timestamp as ISO 8601 date
  1346. *
  1347. * @author <ungu at terong dot com>
  1348. * @link http://php.net/manual/en/function.date.php#54072
  1349. *
  1350. * @param int $int_date current date in UNIX timestamp
  1351. * @return string
  1352. */
  1353. function date_iso8601($int_date) {
  1354. $date_mod = date('Y-m-d\TH:i:s', $int_date);
  1355. $pre_timezone = date('O', $int_date);
  1356. $time_zone = substr($pre_timezone, 0, 3).":".substr($pre_timezone, 3, 2);
  1357. $date_mod .= $time_zone;
  1358. return $date_mod;
  1359. }
  1360. /**
  1361. * return an obfuscated email address in line with $conf['mailguard'] setting
  1362. *
  1363. * @author Harry Fuecks <hfuecks@gmail.com>
  1364. * @author Christopher Smith <chris@jalakai.co.uk>
  1365. *
  1366. * @param string $email email address
  1367. * @return string
  1368. */
  1369. function obfuscate($email) {
  1370. global $conf;
  1371. switch($conf['mailguard']) {
  1372. case 'visible' :
  1373. $obfuscate = array('@' => ' [at] ', '.' => ' [dot] ', '-' => ' [dash] ');
  1374. return strtr($email, $obfuscate);
  1375. case 'hex' :
  1376. return \dokuwiki\Utf8\Conversion::toHtml($email, true);
  1377. case 'none' :
  1378. default :
  1379. return $email;
  1380. }
  1381. }
  1382. /**
  1383. * Removes quoting backslashes
  1384. *
  1385. * @author Andreas Gohr <andi@splitbrain.org>
  1386. *
  1387. * @param string $string
  1388. * @param string $char backslashed character
  1389. * @return string
  1390. */
  1391. function unslash($string, $char = "'") {
  1392. return str_replace('\\'.$char, $char, $string);
  1393. }
  1394. /**
  1395. * Convert php.ini shorthands to byte
  1396. *
  1397. * On 32 bit systems values >= 2GB will fail!
  1398. *
  1399. * -1 (infinite size) will be reported as -1
  1400. *
  1401. * @link https://www.php.net/manual/en/faq.using.php#faq.using.shorthandbytes
  1402. * @param string $value PHP size shorthand
  1403. * @return int
  1404. */
  1405. function php_to_byte($value) {
  1406. switch (strtoupper(substr($value,-1))) {
  1407. case 'G':
  1408. $ret = intval(substr($value, 0, -1)) * 1024 * 1024 * 1024;
  1409. break;
  1410. case 'M':
  1411. $ret = intval(substr($value, 0, -1)) * 1024 * 1024;
  1412. break;
  1413. case 'K':
  1414. $ret = intval(substr($value, 0, -1)) * 1024;
  1415. break;
  1416. default:
  1417. $ret = intval($value);
  1418. break;
  1419. }
  1420. return $ret;
  1421. }
  1422. /**
  1423. * Wrapper around preg_quote adding the default delimiter
  1424. *
  1425. * @param string $string
  1426. * @return string
  1427. */
  1428. function preg_quote_cb($string) {
  1429. return preg_quote($string, '/');
  1430. }
  1431. /**
  1432. * Shorten a given string by removing data from the middle
  1433. *
  1434. * You can give the string in two parts, the first part $keep
  1435. * will never be shortened. The second part $short will be cut
  1436. * in the middle to shorten but only if at least $min chars are
  1437. * left to display it. Otherwise it will be left off.
  1438. *
  1439. * @param string $keep the part to keep
  1440. * @param string $short the part to shorten
  1441. * @param int $max maximum chars you want for the whole string
  1442. * @param int $min minimum number of chars to have left for middle shortening
  1443. * @param string $char the shortening character to use
  1444. * @return string
  1445. */
  1446. function shorten($keep, $short, $max, $min = 9, $char = '…') {
  1447. $max = $max - \dokuwiki\Utf8\PhpString::strlen($keep);
  1448. if($max < $min) return $keep;
  1449. $len = \dokuwiki\Utf8\PhpString::strlen($short);
  1450. if($len <= $max) return $keep.$short;
  1451. $half = floor($max / 2);
  1452. return $keep .
  1453. \dokuwiki\Utf8\PhpString::substr($short, 0, $half - 1) .
  1454. $char .
  1455. \dokuwiki\Utf8\PhpString::substr($short, $len - $half);
  1456. }
  1457. /**
  1458. * Return the users real name or e-mail address for use
  1459. * in page footer and recent changes pages
  1460. *
  1461. * @param string|null $username or null when currently logged-in user should be used
  1462. * @param bool $textonly true returns only plain text, true allows returning html
  1463. * @return string html or plain text(not escaped) of formatted user name
  1464. *
  1465. * @author Andy Webber <dokuwiki AT andywebber DOT com>
  1466. */
  1467. function editorinfo($username, $textonly = false) {
  1468. return userlink($username, $textonly);
  1469. }
  1470. /**
  1471. * Returns users realname w/o link
  1472. *
  1473. * @param string|null $username or null when currently logged-in user should be used
  1474. * @param bool $textonly true returns only plain text, true allows returning html
  1475. * @return string html or plain text(not escaped) of formatted user name
  1476. *
  1477. * @triggers COMMON_USER_LINK
  1478. */
  1479. function userlink($username = null, $textonly = false) {
  1480. global $conf, $INFO;
  1481. /** @var AuthPlugin $auth */
  1482. global $auth;
  1483. /** @var Input $INPUT */
  1484. global $INPUT;
  1485. // prepare initial event data
  1486. $data = array(
  1487. 'username' => $username, // the unique user name
  1488. 'name' => '',
  1489. 'link' => array( //setting 'link' to false disables linking
  1490. 'target' => '',
  1491. 'pre' => '',
  1492. 'suf' => '',
  1493. 'style' => '',
  1494. 'more' => '',
  1495. 'url' => '',
  1496. 'title' => '',
  1497. 'class' => ''
  1498. ),
  1499. 'userlink' => '', // formatted user name as will be returned
  1500. 'textonly' => $textonly
  1501. );
  1502. if($username === null) {
  1503. $data['username'] = $username = $INPUT->server->str('REMOTE_USER');
  1504. if($textonly){
  1505. $data['name'] = $INFO['userinfo']['name']. ' (' . $INPUT->server->str('REMOTE_USER') . ')';
  1506. }else {
  1507. $data['name'] = '<bdi>' . hsc($INFO['userinfo']['name']) . '</bdi> '.
  1508. '(<bdi>' . hsc($INPUT->server->str('REMOTE_USER')) . '</bdi>)';
  1509. }
  1510. }
  1511. $evt = new Event('COMMON_USER_LINK', $data);
  1512. if($evt->advise_before(true)) {
  1513. if(empty($data['name'])) {
  1514. if($auth) $info = $auth->getUserData($username);
  1515. if($conf['showuseras'] != 'loginname' && isset($info) && $info) {
  1516. switch($conf['showuseras']) {
  1517. case 'username':
  1518. case 'username_link':
  1519. $data['name'] = $textonly ? $info['name'] : hsc($info['name']);
  1520. break;
  1521. case 'email':
  1522. case 'email_link':
  1523. $data['name'] = obfuscate($info['mail']);
  1524. break;
  1525. }
  1526. } else {
  1527. $data['name'] = $textonly ? $data['username'] : hsc($data['username']);
  1528. }
  1529. }
  1530. /** @var Doku_Renderer_xhtml $xhtml_renderer */
  1531. static $xhtml_renderer = null;
  1532. if(!$data['textonly'] && empty($data['link']['url'])) {
  1533. if(in_array($conf['showuseras'], array('email_link', 'username_link'))) {
  1534. if(!isset($info)) {
  1535. if($auth) $info = $auth->getUserData($username);
  1536. }
  1537. if(isset($info) && $info) {
  1538. if($conf['showuseras'] == 'email_link') {
  1539. $data['link']['url'] = 'mailto:' . obfuscate($info['mail']);
  1540. } else {
  1541. if(is_null($xhtml_renderer)) {
  1542. $xhtml_renderer = p_get_renderer('xhtml');
  1543. }
  1544. if(empty($xhtml_renderer->interwiki)) {
  1545. $xhtml_renderer->interwiki = getInterwiki();
  1546. }
  1547. $shortcut = 'user';
  1548. $exists = null;
  1549. $data['link']['url'] = $xhtml_renderer->_resolveInterWiki($shortcut, $username, $exists);
  1550. $data['link']['class'] .= ' interwiki iw_user';
  1551. if($exists !== null) {
  1552. if($exists) {
  1553. $data['link']['class'] .= ' wikilink1';
  1554. } else {
  1555. $data['link']['class'] .= ' wikilink2';
  1556. $data['link']['rel'] = 'nofollow';
  1557. }
  1558. }
  1559. }
  1560. } else {
  1561. $data['textonly'] = true;
  1562. }
  1563. } else {
  1564. $data['textonly'] = true;
  1565. }
  1566. }
  1567. if($data['textonly']) {
  1568. $data['userlink'] = $data['name'];
  1569. } else {
  1570. $data['link']['name'] = $data['name'];
  1571. if(is_null($xhtml_renderer)) {
  1572. $xhtml_renderer = p_get_renderer('xhtml');
  1573. }
  1574. $data['userlink'] = $xhtml_renderer->_formatLink($data['link']);
  1575. }
  1576. }
  1577. $evt->advise_after();
  1578. unset($evt);
  1579. return $data['userlink'];
  1580. }
  1581. /**
  1582. * Returns the path to a image file for the currently chosen license.
  1583. * When no image exists, returns an empty string
  1584. *
  1585. * @author Andreas Gohr <andi@splitbrain.org>
  1586. *
  1587. * @param string $type - type of image 'badge' or 'button'
  1588. * @return string
  1589. */
  1590. function license_img($type) {
  1591. global $license;
  1592. global $conf;
  1593. if(!$conf['license']) return '';
  1594. if(!is_array($license[$conf['license']])) return '';
  1595. $try = array();
  1596. $try[] = 'lib/images/license/'.$type.'/'.$conf['license'].'.png';
  1597. $try[] = 'lib/images/license/'.$type.'/'.$conf['license'].'.gif';
  1598. if(substr($conf['license'], 0, 3) == 'cc-') {
  1599. $try[] = 'lib/images/license/'.$type.'/cc.png';
  1600. }
  1601. foreach($try as $src) {
  1602. if(file_exists(DOKU_INC.$src)) return $src;
  1603. }
  1604. return '';
  1605. }
  1606. /**
  1607. * Checks if the given amount of memory is available
  1608. *
  1609. * If the memory_get_usage() function is not available the
  1610. * function just assumes $bytes of already allocated memory
  1611. *
  1612. * @author Filip Oscadal <webmaster@illusionsoftworks.cz>
  1613. * @author Andreas Gohr <andi@splitbrain.org>
  1614. *
  1615. * @param int $mem Size of memory you want to allocate in bytes
  1616. * @param int $bytes already allocated memory (see above)
  1617. * @return bool
  1618. */
  1619. function is_mem_available($mem, $bytes = 1048576) {
  1620. $limit = trim(ini_get('memory_limit'));
  1621. if(empty($limit)) return true; // no limit set!
  1622. if($limit == -1) return true; // unlimited
  1623. // parse limit to bytes
  1624. $limit = php_to_byte($limit);
  1625. // get used memory if possible
  1626. if(function_exists('memory_get_usage')) {
  1627. $used = memory_get_usage();
  1628. } else {
  1629. $used = $bytes;
  1630. }
  1631. if($used + $mem > $limit) {
  1632. return false;
  1633. }
  1634. return true;
  1635. }
  1636. /**
  1637. * Send a HTTP redirect to the browser
  1638. *
  1639. * Works arround Microsoft IIS cookie sending bug. Exits the script.
  1640. *
  1641. * @link http://support.microsoft.com/kb/q176113/
  1642. * @author Andreas Gohr <andi@splitbrain.org>
  1643. *
  1644. * @param string $url url being directed to
  1645. */
  1646. function send_redirect($url) {
  1647. $url = stripctl($url); // defend against HTTP Response Splitting
  1648. /* @var Input $INPUT */
  1649. global $INPUT;
  1650. //are there any undisplayed messages? keep them in session for display
  1651. global $MSG;
  1652. if(isset($MSG) && count($MSG) && !defined('NOSESSION')) {
  1653. //reopen session, store data and close session again
  1654. @session_start();
  1655. $_SESSION[DOKU_COOKIE]['msg'] = $MSG;
  1656. }
  1657. // always close the session
  1658. session_write_close();
  1659. // check if running on IIS < 6 with CGI-PHP
  1660. if($INPUT->server->has('SERVER_SOFTWARE') && $INPUT->server->has('GATEWAY_INTERFACE') &&
  1661. (strpos($INPUT->server->str('GATEWAY_INTERFACE'), 'CGI') !== false) &&
  1662. (preg_match('|^Microsoft-IIS/(\d)\.\d$|', trim($INPUT->server->str('SERVER_SOFTWARE')), $matches)) &&
  1663. $matches[1] < 6
  1664. ) {
  1665. header('Refresh: 0;url='.$url);
  1666. } else {
  1667. header('Location: '.$url);
  1668. }
  1669. // no exits during unit tests
  1670. if(defined('DOKU_UNITTEST')) {
  1671. // pass info about the redirect back to the test suite
  1672. $testRequest = TestRequest::getRunning();
  1673. if($testRequest !== null) {
  1674. $testRequest->addData('send_redirect', $url);
  1675. }
  1676. return;
  1677. }
  1678. exit;
  1679. }
  1680. /**
  1681. * Validate a value using a set of valid values
  1682. *
  1683. * This function checks whether a specified value is set and in the array
  1684. * $valid_values. If not, the function returns a default value or, if no
  1685. * default is specified, throws an exception.
  1686. *
  1687. * @param string $param The name of the parameter
  1688. * @param array $valid_values A set of valid values; Optionally a default may
  1689. * be marked by the key “default”.
  1690. * @param array $array The array containing the value (typically $_POST
  1691. * or $_GET)
  1692. * @param string $exc The text of the raised exception
  1693. *
  1694. * @throws Exception
  1695. * @return mixed
  1696. * @author Adrian Lang <lang@cosmocode.de>
  1697. */
  1698. function valid_input_set($param, $valid_values, $array, $exc = '') {
  1699. if(isset($array[$param]) && in_array($array[$param], $valid_values)) {
  1700. return $array[$param];
  1701. } elseif(isset($valid_values['default'])) {
  1702. return $valid_values['default'];
  1703. } else {
  1704. throw new Exception($exc);
  1705. }
  1706. }
  1707. /**
  1708. * Read a preference from the DokuWiki cookie
  1709. * (remembering both keys & values are urlencoded)
  1710. *
  1711. * @param string $pref preference key
  1712. * @param mixed $default value returned when preference not found
  1713. * @return string preference value
  1714. */
  1715. function get_doku_pref($pref, $default) {
  1716. $enc_pref = urlencode($pref);
  1717. if(isset($_COOKIE['DOKU_PREFS']) && strpos($_COOKIE['DOKU_PREFS'], $enc_pref) !== false) {
  1718. $parts = explode('#', $_COOKIE['DOKU_PREFS']);
  1719. $cnt = count($parts);
  1720. // due to #2721 there might be duplicate entries,
  1721. // so we read from the end
  1722. for($i = $cnt-2; $i >= 0; $i -= 2) {
  1723. if($parts[$i] == $enc_pref) {
  1724. return urldecode($parts[$i + 1]);
  1725. }
  1726. }
  1727. }
  1728. return $default;
  1729. }
  1730. /**
  1731. * Add a preference to the DokuWiki cookie
  1732. * (remembering $_COOKIE['DOKU_PREFS'] is urlencoded)
  1733. * Remove it by setting $val to false
  1734. *
  1735. * @param string $pref preference key
  1736. * @param string $val preference value
  1737. */
  1738. function set_doku_pref($pref, $val) {
  1739. global $conf;
  1740. $orig = get_doku_pref($pref, false);
  1741. $cookieVal = '';
  1742. if($orig !== false && ($orig !== $val)) {
  1743. $parts = explode('#', $_COOKIE['DOKU_PREFS']);
  1744. $cnt = count($parts);
  1745. // urlencode $pref for the comparison
  1746. $enc_pref = rawurlencode($pref);
  1747. $seen = false;
  1748. for ($i = 0; $i < $cnt; $i += 2) {
  1749. if ($parts[$i] == $enc_pref) {
  1750. if (!$seen){
  1751. if ($val !== false) {
  1752. $parts[$i + 1] = rawurlencode($val ?? '');
  1753. } else {
  1754. unset($parts[$i]);
  1755. unset($parts[$i + 1]);
  1756. }
  1757. $seen = true;
  1758. } else {
  1759. // no break because we want to remove duplicate entries
  1760. unset($parts[$i]);
  1761. unset($parts[$i + 1]);
  1762. }
  1763. }
  1764. }
  1765. $cookieVal = implode('#', $parts);
  1766. } else if ($orig === false && $val !== false) {
  1767. $cookieVal = (isset($_COOKIE['DOKU_PREFS']) ? $_COOKIE['DOKU_PREFS'] . '#' : '') .
  1768. rawurlencode($pref) . '#' . rawurlencode($val);
  1769. }
  1770. $cookieDir = empty($conf['cookiedir']) ? DOKU_REL : $conf['cookiedir'];
  1771. if(defined('DOKU_UNITTEST')) {
  1772. $_COOKIE['DOKU_PREFS'] = $cookieVal;
  1773. }else{
  1774. setcookie('DOKU_PREFS', $cookieVal, time()+365*24*3600, $cookieDir, '', ($conf['securecookie'] && is_ssl()));
  1775. }
  1776. }
  1777. /**
  1778. * Strips source mapping declarations from given text #601
  1779. *
  1780. * @param string &$text reference to the CSS or JavaScript code to clean
  1781. */
  1782. function stripsourcemaps(&$text){
  1783. $text = preg_replace('/^(\/\/|\/\*)[@#]\s+sourceMappingURL=.*?(\*\/)?$/im', '\\1\\2', $text);
  1784. }
  1785. /**
  1786. * Returns the contents of a given SVG file for embedding
  1787. *
  1788. * Inlining SVGs saves on HTTP requests and more importantly allows for styling them through
  1789. * CSS. However it should used with small SVGs only. The $maxsize setting ensures only small
  1790. * files are embedded.
  1791. *
  1792. * This strips unneeded headers, comments and newline. The result is not a vaild standalone SVG!
  1793. *
  1794. * @param string $file full path to the SVG file
  1795. * @param int $maxsize maximum allowed size for the SVG to be embedded
  1796. * @return string|false the SVG content, false if the file couldn't be loaded
  1797. */
  1798. function inlineSVG($file, $maxsize = 2048) {
  1799. $file = trim($file);
  1800. if($file === '') return false;
  1801. if(!file_exists($file)) return false;
  1802. if(filesize($file) > $maxsize) return false;
  1803. if(!is_readable($file)) return false;
  1804. $content = file_get_contents($file);
  1805. $content = preg_replace('/<!--.*?(-->)/s','', $content); // comments
  1806. $content = preg_replace('/<\?xml .*?\?>/i', '', $content); // xml header
  1807. $content = preg_replace('/<!DOCTYPE .*?>/i', '', $content); // doc type
  1808. $content = preg_replace('/>\s+</s', '><', $content); // newlines between tags
  1809. $content = trim($content);
  1810. if(substr($content, 0, 5) !== '<svg ') return false;
  1811. return $content;
  1812. }
  1813. //Setup VIM: ex: et ts=2 :