1<?php
2/**
3 * @package tikiwiki
4 */
5// (c) Copyright by authors of the Tiki Wiki CMS Groupware Project
6//
7// All Rights Reserved. See copyright.txt for details and a complete list of authors.
8// Licensed under the GNU LESSER GENERAL PUBLIC LICENSE. See license.txt for details.
9// $Id$
10
11require_once('tiki-setup.php');
12$structlib = TikiLib::lib('struct');
13$categlib = TikiLib::lib('categ');
14include_once("lib/ziplib.php");
15$access->check_feature(['feature_wiki', 'feature_wiki_structure']);
16$access->check_permission('tiki_p_view');
17
18// start security hardened section
19if ($tiki_p_edit_structures == 'y') {
20	if (isset($_REQUEST['rremove'])) {
21		$structure_info = $structlib->s_get_structure_info($_REQUEST['rremove']);
22		if (! $tikilib->user_has_perm_on_object($user, $structure_info["pageName"], 'wiki page', 'tiki_p_edit')) {
23			$smarty->assign('errortype', 401);
24			$smarty->assign('msg', tra("You do not have permission to edit this page."));
25			$smarty->display("error.tpl");
26			die;
27		}
28		$access->check_authenticity();
29		$structlib->s_remove_page($_REQUEST["rremove"], false, empty($_REQUEST['page']) ? '' : $_REQUEST['page']);
30	}
31	if (isset($_REQUEST['rremovex'])) {
32		$structure_info = $structlib->s_get_structure_info($_REQUEST['rremovex']);
33		if (! $tikilib->user_has_perm_on_object($user, $structure_info["pageName"], 'wiki page', 'tiki_p_edit')) {
34			$smarty->assign('errortype', 401);
35			$smarty->assign('msg', tra("You do not have permission to edit this page."));
36			$smarty->display("error.tpl");
37			die;
38		}
39		$access->check_authenticity();
40		$structlib->s_remove_page($_REQUEST["rremovex"], true, empty($_REQUEST['page']) ? '' : $_REQUEST['page']);
41	}
42	if (isset($_REQUEST['export'])) {
43		check_ticket('admin-structures');
44		$structure_info = $structlib->s_get_structure_info($_REQUEST['export']);
45		if ($prefs['feature_wiki_export'] != 'y' || $tiki_p_admin_wiki != 'y' || ! $tikilib->user_has_perm_on_object($user, $structure_info["pageName"], 'wiki page', 'tiki_p_view')) {
46			$smarty->assign('errortype', 401);
47			$smarty->assign('msg', tra('You do not have permission to view this page.'));
48			$smarty->display("error.tpl");
49			die;
50		}
51		$structlib->s_export_structure($_REQUEST['export']);
52	}
53	if (isset($_REQUEST['zip']) && $tiki_p_admin == 'y') {
54		check_ticket('admin-structures');
55		include_once('lib/wiki/xmllib.php');
56		$xmllib = new XmlLib;
57		$zipFile = 'dump/xml.zip';
58		$config['debug'] = false;
59		if ($xmllib->export_pages(null, $_REQUEST['zip'], $zipFile, $config)) {
60			if (! $config['debug']) {
61				header("location: $zipFile");
62				die;
63			}
64		} else {
65			$smarty->assign('error', $xmllib->get_error());
66		}
67	}
68	if (isset($_REQUEST['export_tree'])) {
69		check_ticket('admin-structures');
70		$structure_info = $structlib->s_get_structure_info($_REQUEST['export_tree']);
71		if (! $tikilib->user_has_perm_on_object($user, $structure_info["pageName"], 'wiki page', 'tiki_p_view')) {
72			$smarty->assign('errortype', 401);
73			$smarty->assign('msg', tra('You do not have permission to view this page.'));
74			$smarty->display("error.tpl");
75			die;
76		}
77		header("content-type: text/plain");
78		$structlib->s_export_structure_tree($_REQUEST['export_tree']);
79		die;
80	}
81	if (isset($_REQUEST['batchaction'])) {
82		check_ticket('admin-structures');
83		foreach ($_REQUEST['action'] as $batchid) {
84			$structure_info = $structlib->s_get_structure_info($batchid);
85			if (! $tikilib->user_has_perm_on_object($user, $structure_info['pageName'], 'wiki page', 'tiki_p_edit')) {
86				continue;
87			}
88			if ($_REQUEST['batchaction'] == 'delete') {
89				$structlib->s_remove_page($batchid, false, $structure_info['pageName']);
90			} elseif ($_REQUEST['batchaction'] == 'delete_with_page') {
91				$structlib->s_remove_page($batchid, true, $structure_info['pageName']);
92			}
93		}
94	}
95	$smarty->assign('askremove', 'n');
96	if (isset($_REQUEST['remove'])) {
97		check_ticket('admin-structures');
98		$structure_info = $structlib->s_get_structure_info($_REQUEST['remove']);
99		if (! $tikilib->user_has_perm_on_object($user, $structure_info["pageName"], 'wiki page', 'tiki_p_edit')) {
100			$smarty->assign('errortype', 401);
101			$smarty->assign('msg', tra("You do not have permission to edit this page."));
102			$smarty->display("error.tpl");
103			die;
104		}
105		$smarty->assign('askremove', 'y');
106		$smarty->assign('removename', $structure_info["pageName"]);
107		$smarty->assign('remove', $_REQUEST['remove']);
108	}
109	$alert_in_st = [];
110	$alert_categorized = [];
111	$alert_to_remove_cats = [];
112	$alert_to_remove_extra_cats = [];
113	$cat_type = 'wiki page';
114	$cat_objid = '';
115	$smarty->assign('just_created', 'n');
116	if (isset($_REQUEST["create"])) {
117		check_ticket('admin-structures');
118		if ((empty($_REQUEST['name']))) {
119			$smarty->assign('msg', tra("You must specify a page name, it will be created if it doesn't exist."));
120			$smarty->display("error.tpl");
121			die;
122		}
123		//try to add a new structure
124		$structure_id = $structlib->s_create_page(null, null, $_REQUEST['name'], $_REQUEST['alias'], null);
125		//Cannot create a structure if a structure already exists
126		if (! isset($structure_id)) {
127			$smarty->assign('msg', $_REQUEST['name'] . " " . tra("page not added (Exists)"));
128			$smarty->display("error.tpl");
129			die;
130		}
131		$cat_name = $_REQUEST['name'];
132		$cat_objid = $cat_name;
133		$cat_href = "tiki-index.php?page=" . urlencode($cat_name);
134		$cat_desc = '';
135		$cat_type = 'wiki page';
136		include_once("categorize.php");
137		$categories = []; // needed to prevent double entering (the first time when page is being categorized in categorize.php)
138		include_once("categorize_list.php"); // needs to be up here to avoid picking up selection of cats from other existing sub-pages
139		$smarty->assign('just_created', $structure_id);
140		$smarty->assign('just_created_name', $_REQUEST['name']);
141
142		// Locking: only needed on new structures, ajax locks existing ones
143		if ($prefs['lock_wiki_structures'] === 'y') {
144			if (! empty($_REQUEST['locked'])) {
145				TikiLib::lib('attribute')->set_attribute('wiki structure', $_REQUEST['name'], 'tiki.object.lock', $_REQUEST['locked']);
146			}
147		}
148
149		$parents[0] = $structure_id;
150		$last_pages[0] = null;
151		$tree_lines = explode("\n", $_REQUEST["tree"]);
152		foreach ($tree_lines as $full_line) {
153			$names = explode("->", $full_line);
154			$line = $names[0];
155			$line = rtrim($line);
156			// count the depth level (leading spaces indicate it)
157			$tabs = strlen($line) - strlen(ltrim($line));
158			// Is there smth else 'cept spaces?
159			if (strlen($line = trim($line))) {
160				$parent_id = $parents[$tabs];
161				if (isset($last_pages[$tabs])) {
162					$last_page = $last_pages[$tabs];
163				} else {
164					$last_page = null;
165				}
166				$alias = '';
167				if (! empty($names[1])) {
168					$alias = $names[1];
169				}
170				if ($tikilib->page_exists(trim($line))) {
171					$strucs = $structlib->get_page_structures(trim($line));
172					if (count($strucs) > 0) {
173						$alert_in_st[] = trim($line);
174					}
175				}
176				$new_page_ref_id = $structlib->s_create_page($parent_id, $last_page, trim($line), trim($alias), $structure_id);
177				if (isset($new_page_ref_id)) {
178					$parents[$tabs + 1] = $new_page_ref_id;
179					$last_pages[$tabs] = $new_page_ref_id;
180					$cat_name = trim($line);
181					$cat_objid = $cat_name;
182					$cat_href = "tiki-index.php?page=" . urlencode($cat_name);
183					$catObjectId = $categlib->is_categorized($cat_type, $cat_objid);
184					if ($prefs['feature_wiki_categorize_structure'] == 'y' && ! $catObjectId) {
185						// page that is added is not categorized -> categorize it if necessary
186						if (isset($_REQUEST["cat_categorize"]) && $_REQUEST["cat_categorize"] == 'on' && isset($_REQUEST["cat_categories"])) {
187							$catObjectId = $categlib->add_categorized_object($cat_type, $cat_objid, $cat_desc, $cat_name, $cat_href);
188							$alert_categorized[] = $cat_name;
189							foreach ($_REQUEST["cat_categories"] as $cat_acat) {
190								$categlib->categorize($catObjectId, $cat_acat);
191							}
192						}
193					} elseif ($prefs['feature_wiki_categorize_structure'] == 'y') {
194						// page that is added is categorized
195						if (! isset($_REQUEST["cat_categories"]) || ! isset($_REQUEST["cat_categorize"]) || isset($_REQUEST["cat_categorize"]) && $_REQUEST["cat_categorize"] != 'on') {
196							// alert that current pages are categorized
197							$alert_to_remove_cats[] = $cat_name;
198						} else {
199							// add categories and alert that current pages have different categories
200							$cats = $categlib->get_object_categories($cat_type, $cat_objid);
201							$numberofcats = count($cats);
202							$alert_categorized[] = $cat_name;
203							foreach ($_REQUEST["cat_categories"] as $cat_acat) {
204								if (! in_array($cat_acat, $cats, true)) {
205									$categlib->categorize($catObjectId, $cat_acat);
206									$numberofcats += 1;
207								}
208							}
209							if ($numberofcats > count($_REQUEST["cat_categories"])) {
210								$alert_to_remove_extra_cats[] = $cat_name;
211							}
212						}
213					}
214				}
215			}
216		}
217	}
218	$smarty->assign('alert_in_st', $alert_in_st);
219	$smarty->assign('alert_categorized', $alert_categorized);
220	$smarty->assign('alert_to_remove_cats', $alert_to_remove_cats);
221	$smarty->assign('alert_to_remove_extra_cats', $alert_to_remove_extra_cats);
222} // end of security hardening
223if ($prefs['feature_categories'] == 'y') {
224	include_once("categorize_list.php");
225}
226if (! isset($_REQUEST["sort_mode"])) {
227	$sort_mode = 'pageName_asc';
228} else {
229	$sort_mode = $_REQUEST["sort_mode"];
230}
231if (! isset($_REQUEST["offset"])) {
232	$offset = 0;
233} else {
234	$offset = $_REQUEST["offset"];
235}
236$smarty->assign_by_ref('offset', $offset);
237if (isset($_REQUEST["find"])) {
238	$find = $_REQUEST["find"];
239} else {
240	$find = '';
241}
242$smarty->assign('find', $find);
243$smarty->assign_by_ref('sort_mode', $sort_mode);
244// default $maxRecords defined in tiki-setup.php
245if (isset($_REQUEST['maxRecords'])) {
246	$maxRecords = $_REQUEST['maxRecords'];
247}
248$filter = '';
249if (! empty($_REQUEST['lang'])) {
250	$filter['lang'] = $_REQUEST['lang'];
251	$smarty->assign_by_ref('find_lang', $_REQUEST['lang']);
252}
253if (! empty($_REQUEST['categId'])) {
254	$filter['categId'] = $_REQUEST['categId'];
255	$smarty->assign_by_ref('find_categId', $_REQUEST['categId']);
256}
257if (isset($_REQUEST["exact_match"])) {
258	$exact_match = true;
259	$smarty->assign('exact_match', 'y');
260} else {
261	$exact_match = false;
262	$smarty->assign('exact_match', 'n');
263}
264if ($prefs['feature_multilingual'] == 'y') {
265	$languages = [];
266	$langLib = TikiLib::lib('language');
267	$languages = $langLib->list_languages(false, 'y');
268	$smarty->assign_by_ref('languages', $languages);
269}
270$channels = $structlib->list_structures($offset, $maxRecords, $sort_mode, $find, $exact_match, $filter);
271$smarty->assign('cant', $channels["cant"]);
272$smarty->assign_by_ref('channels', $channels["data"]);
273ask_ticket('admin-structures');
274include_once('tiki-section_options.php');
275// disallow robots to index page:
276$smarty->assign('metatag_robots', 'NOINDEX, NOFOLLOW');
277$smarty->assign('pdf_export', ($prefs['print_pdf_from_url'] != 'none') ? 'y' : 'n');
278// Display the template
279$smarty->assign('mid', 'tiki-admin_structures.tpl');
280$smarty->display("tiki.tpl");
281