<?php

/**

 * Enano - an open-source CMS capable of wiki functions, Drupal-like sidebar blocks, and everything in between

 * Copyright (C) 2006-2007 Dan Fuhry

 * paths.php - The part of Enano that actually manages content. Everything related to page handling and namespaces is in here.

 *

 * This program is Free Software; you can redistribute and/or modify it under the terms of the GNU General Public License

 * as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

 *

 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied

 * warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for details.

 *

 * @package Enano

 * @subpackage PathManager

 * @see http://enano.homelinux.org/Help:API_Documentation

 */

class pathManager {

  var $pages, $custom_page, $cpage, $page, $fullpage, $page_exists, $namespace, $nslist, $admin_tree, $wiki_mode, $page_protected, $template_cache;

  function __construct()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    $GLOBALS['paths'] =& $this;

    $this->pages = Array();

    dc_here('paths: setting up namespaces, admin nodes');

    // DEFINE NAMESPACES HERE

    // The key names should NOT EVER be changed, or Enano will be very broken

    $this->nslist = Array(

      'Article' =>'',

      'User'    =>'User:',

      'File'    =>'File:',

      'Help'    =>'Help:',

      'Admin'   =>'Admin:',

      'Special' =>'Special:',

      'System'  =>'Enano:',

      'Template'=>'Template:',

      'Category'=>'Category:',

      'Project' =>str_replace(' ', '_', getConfig('site_name')).':',

      );

    // ACL types

    // These can also be added from within plugins

    $session->register_acl_type('read',                   AUTH_ALLOW,    'Read page(s)');

    $session->register_acl_type('post_comments',          AUTH_ALLOW,    'Post comments',                                                                                            Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('edit_comments',          AUTH_ALLOW,    'Edit own comments',                                                                                        Array('post_comments'),                                   'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('edit_page',              AUTH_WIKIMODE, 'Edit page',                                                                                                Array('view_source'),                                     'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('view_source',            AUTH_WIKIMODE, 'View source',                                                                                              Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category'); // Only used if the page is protected

    $session->register_acl_type('mod_comments',           AUTH_DISALLOW, 'Moderate comments',                                                                                        Array('edit_comments'),                                   'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('history_view',           AUTH_WIKIMODE, 'View history/diffs',                                                                                       Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('history_rollback',       AUTH_DISALLOW, 'Rollback history',                                                                                         Array('history_view'),                                    'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('history_rollback_extra', AUTH_DISALLOW, 'Undelete page(s)',                                                                                         Array('history_rollback'),                                'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('protect',                AUTH_DISALLOW, 'Protect page(s)',                                                                                          Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('rename',                 AUTH_WIKIMODE, 'Rename page(s)',                                                                                           Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('clear_logs',             AUTH_DISALLOW, 'Clear page logs (dangerous)',                                                                              Array('read', 'protect', 'even_when_protected'),          'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('vote_delete',            AUTH_ALLOW,    'Vote to delete',                                                                                           Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('vote_reset',             AUTH_DISALLOW, 'Reset delete votes',                                                                                       Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('delete_page',            AUTH_DISALLOW, 'Delete page(s)',                                                                                           Array(),                                                  'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('set_wiki_mode',          AUTH_DISALLOW, 'Set per-page wiki mode',                                                                                   Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('password_set',           AUTH_DISALLOW, 'Set password',                                                                                             Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('password_reset',         AUTH_DISALLOW, 'Disable/reset password',                                                                                   Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('mod_misc',               AUTH_DISALLOW, 'Super moderator (generate SQL backtraces, view IP addresses, and send large numbers of private messages)', Array(),                                                  'All');

    $session->register_acl_type('edit_cat',               AUTH_WIKIMODE, 'Edit categorization',                                                                                      Array('read'),                                            'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('even_when_protected',    AUTH_DISALLOW, 'Allow editing, renaming, and categorization even when protected',                                          Array('edit_page', 'rename', 'mod_comments', 'edit_cat'), 'Article|User|Project|Template|File|Help|System|Category');

    $session->register_acl_type('upload_files',           AUTH_DISALLOW, 'Upload files',                                                                                             Array('create_page'),                                     'Article|User|Project|Template|File|Help|System|Category|Special');

    $session->register_acl_type('upload_new_version',     AUTH_WIKIMODE, 'Upload new versions of files',                                                                             Array('upload_files'),                                    'Article|User|Project|Template|File|Help|System|Category|Special');

    $session->register_acl_type('create_page',            AUTH_WIKIMODE, 'Create pages',                                                                                             Array(),                                                  'Article|User|Project|Template|File|Help|System|Category|Special');

    $session->register_acl_type('php_in_pages',           AUTH_DISALLOW, 'Embed PHP code in pages',                                                                                  Array('edit_page'),                                       'Article|User|Project|Template|File|Help|System|Category|Admin');

    $session->register_acl_type('edit_acl',               AUTH_DISALLOW, 'Edit access control lists', Array('read', 'post_comments', 'edit_comments', 'edit_page', 'view_source', 'mod_comments', 'history_view', 'history_rollback', 'history_rollback_extra', 'protect', 'rename', 'clear_logs', 'vote_delete', 'vote_reset', 'delete_page', 'set_wiki_mode', 'password_set', 'password_reset', 'mod_misc', 'edit_cat', 'even_when_protected', 'upload_files', 'upload_new_version', 'create_page', 'php_in_pages'));

    // DO NOT add new admin pages here! Use a plugin to call $paths->addAdminNode();

    $this->addAdminNode('General', 'General Configuration', 'GeneralConfig');

    $this->addAdminNode('General', 'File uploads', 'UploadConfig');

    $this->addAdminNode('General', 'Allowed file types', 'UploadAllowedMimeTypes');

    $this->addAdminNode('General', 'Manage Plugins', 'PluginManager');

    $this->addAdminNode('General', 'Backup database', 'DBBackup');

    $this->addAdminNode('Content', 'Manage Pages', 'PageManager');

    $this->addAdminNode('Content', 'Edit page content', 'PageEditor');

    $this->addAdminNode('Appearance', 'Manage themes', 'ThemeManager');

    $this->addAdminNode('Users', 'Manage users', 'UserManager');

    $this->addAdminNode('Users', 'Edit groups', 'GroupManager');

    $this->addAdminNode('Users', 'Ban control', 'BanControl');

    $this->addAdminNode('Users', 'Mass e-mail', 'MassEmail');

    $code = $plugins->setHook('acl_rule_init');

    foreach ( $code as $cmd )

    {

      eval($cmd);

    }

    $this->wiki_mode = (int)getConfig('wiki_mode')=='1';

    $this->template_cache = Array();

  }

  function pathManager()

  {

    $this->__construct();

  }

  function init()

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    dc_here('paths: selecting master page data');

    $code = $plugins->setHook('paths_init_before');

    foreach ( $code as $cmd )

    {

      eval($cmd);

    }

    $e = $db->sql_query('SELECT name,urlname,namespace,special,visible,comments_on,protected,delvotes,delvote_ips,wiki_mode,password FROM '.table_prefix.'pages ORDER BY name;');

    if( !$e )

    {

      $db->_die('The error seems to have occured while selecting the page information. File: includes/paths.php; line: '.__LINE__);

    }

    while($r = $db->fetchrow())

    {

      $r['urlname_nons'] = $r['urlname'];

      $r['urlname'] = $this->nslist[$r['namespace']] . $r['urlname']; // Applies the User:/File:/etc prefixes to the URL names

      if ( $r['delvotes'] == null)

      {

        $r['delvotes'] = 0;

      }

      if ( $r['protected'] == 0 || $r['protected'] == 1 )

      {

        $r['really_protected'] = (int)$r['protected'];

      }

      else if ( $r['protected'] == 2 && getConfig('wiki_mode') == '1')

      {

        $r['really_protected'] = 1;

      }

      else if ( $r['protected'] == 2 && getConfig('wiki_mode') == '0' )

      {

        $r['really_protected'] = 0;

      }

      $this->pages[$r['urlname']] = $r;

      $this->pages[] =& $this->pages[$r['urlname']];

    }

    $db->free_result();

    dc_here('paths: determining page ID');

    if( isset($_GET['title']) )

    {

      if ( $_GET['title'] == '' && getConfig('main_page') != '' )

      {

        $this->main_page();

      }

      if(strstr($_GET['title'], ' '))

      {

        $loc = urldecode(rawurldecode($_SERVER['REQUEST_URI']));

        $loc = str_replace(' ', '_', $loc);

        $loc = str_replace('+', '_', $loc);

        $loc = str_replace('%20', '_', $loc);

        redirect($loc, 'Redirecting...', 'Space detected in the URL, please wait whilst you are redirected', 0);

        exit;

      }

      $url_namespace_special = substr($_GET['title'], 0, strlen($this->nslist['Special']) );

      $url_namespace_template = substr($_GET['title'], 0, strlen($this->nslist['Template']) );

      if($url_namespace_special == $this->nslist['Special'] || $url_namespace_template == $this->nslist['Template'] )

      {

        $ex = explode('/', $_GET['title']);

        $this->page = $ex[0];

      }

      else

      {

        $this->page = $_GET['title'];

      }

      $this->fullpage = $_GET['title'];

    }

    elseif( isset($_SERVER['PATH_INFO']) )

    {

      $pi = explode('/', $_SERVER['PATH_INFO']);

      if( !isset($pi[1]) || (isset($pi[1]) && $pi[1] == '' && getConfig('main_page') != '') )

      {

        $this->main_page();

      }

      if( strstr($pi[1], ' ') )

      {

        $loc = str_replace(' ', '_', urldecode(rawurldecode($_SERVER['REQUEST_URI'])));

        $loc = str_replace('+', '_', $loc);

        $loc = str_replace('%20', '_', $loc);

        redirect($loc, 'Redirecting...', 'Please wait whilst you are redirected', 3);

        exit;

      }

      unset($pi[0]);

      if( substr($pi[1], 0, strlen($this->nslist['Special'])) == $this->nslist['Special'] || substr($pi[1], 0, strlen($this->nslist['Template'])) == $this->nslist['Template'] )

      {

        $pi2 = $pi[1];

      }

      else

      {

        $pi2 = implode('/', $pi);

      }

      $this->page = $pi2;

      $this->fullpage = implode('/', $pi);

    }

    else

    {

      $k = array_keys($_GET);

      foreach($k as $c)

      {

        if(substr($c, 0, 1) == '/')

        {

          $this->page = substr($c, 1, strlen($c));

          // Bugfix for apache somehow passing dots as underscores

          global $mime_types;

          $exts = array_keys($mime_types);

          $exts = '(' . implode('|', $exts) . ')';

          if ( preg_match( '#_'.$exts.'#i', $this->page ) )

          {

            $this->page = preg_replace( '#_'.$exts.'#i', '.\\1', $this->page );

          }

          $this->fullpage = $this->page;

          if(substr($this->page, 0, strlen($this->nslist['Special']))==$this->nslist['Special'] || substr($this->page, 0, strlen($this->nslist['Template']))==$this->nslist['Template'])

          {

            $ex = explode('/', $this->page);

            $this->page = $ex[0];

          }

          if(strstr($this->page, ' '))

          {

            $loc = str_replace(' ', '_', urldecode(rawurldecode($_SERVER['REQUEST_URI'])));

            $loc = str_replace('+', '_', $loc);

            $loc = str_replace('%20', '_', $loc);

            redirect($loc, 'Redirecting...', 'Space in the URL detected, please wait whilst you are redirected', 0);

            exit;

          }

          break;

        }

      }

      if(!$this->page && !($this->page == '' && getConfig('main_page') == ''))

      {

        $this->main_page();

      }

    }

    $this->page = sanitize_page_id($this->page);

    $this->fullpage = sanitize_page_id($this->fullpage);

    dc_here('paths: setting $paths->cpage');

    if(isset($this->pages[$this->page]))

    {

      dc_here('paths: page existence verified, our page ID is: '.$this->page);

      $this->page_exists = true;

      $this->cpage = $this->pages[$this->page];

      $this->namespace = $this->cpage['namespace'];

      if(!isset($this->cpage['wiki_mode'])) $this->cpage['wiki_mode'] = 2;

      // Determine the wiki mode for this page, now that we have this->cpage established

      if($this->cpage['wiki_mode'] == 2)

      {

        $this->wiki_mode = (int)getConfig('wiki_mode');

      }

      else

      {

        $this->wiki_mode = $this->cpage['wiki_mode'];

      }

      // Allow the user to create/modify his user page uncondtionally (admins can still protect the page)

      if($this->page == $this->nslist['User'].str_replace(' ', '_', $session->username))

      {

        $this->wiki_mode = true;

      }

      // And above all, if the site requires wiki mode to be off for non-logged-in users, disable it now

      if(getConfig('wiki_mode_require_login')=='1' && !$session->user_logged_in)

      {

        $this->wiki_mode = false;

      }

      if($this->cpage['protected'] == 2)

      {

        // The page is semi-protected, determine permissions

        if($session->user_logged_in && $session->reg_time + 60*60*24*4 < time()) 

        {

          $this->page_protected = 0;

        }

        else

        {

          $this->page_protected = 1;

        }

      }

      else

      {

        $this->page_protected = $this->cpage['protected'];

      }

    }

    else

    {

      dc_here('paths: page doesn\'t exist, creating new page in memory<br />our page ID is: '.$this->page);

      $this->page_exists = false;

      $page_name = dirtify_page_id($this->page);

      $page_name = str_replace('_', ' ', $page_name);

      $pid_cleaned = sanitize_page_id($this->page);

      if ( $pid_cleaned != $this->page )

      {

        redirect($pid_cleaned, 'Sanitizer message', 'page id sanitized', 0);

      }

      $this->cpage = Array(

        'name'=>$page_name,

        'urlname'=>$this->page,

        'namespace'=>'Article',

        'special'=>0,

        'visible'=>0,

        'comments_on'=>1,

        'protected'=>0,

        'delvotes'=>0,

        'delvote_ips'=>'',

        'wiki_mode'=>2,

        );

      // Look for a namespace prefix in the urlname, and assign a different namespace, if necessary

      $k = array_keys($this->nslist);

      for($i=0;$i<sizeof($this->nslist);$i++)

      {

        $ln = strlen($this->nslist[$k[$i]]);

        if( substr($this->page, 0, $ln) == $this->nslist[$k[$i]] )

        {

          $this->cpage['namespace'] = $k[$i];

          $this->cpage['urlname_nons'] = substr($this->page, strlen($this->nslist[$this->cpage['namespace']]), strlen($this->page));

          if(!isset($this->cpage['wiki_mode'])) 

          {

            $this->cpage['wiki_mode'] = 2;

          }

        }

      }

      $this->namespace = $this->cpage['namespace'];

      if($this->namespace=='System') 

      {

        $this->cpage['protected'] = 1;

      }

      if($this->namespace=='Special')

      {

        // Can't load nonexistent pages

        $this->main_page();

      }

      // Allow the user to create/modify his user page uncondtionally (admins can still protect the page)

      if($this->page == $this->nslist['User'].str_replace(' ', '_', $session->username)) 

      {

        $this->wiki_mode = true;

      }

    }

    // This is used in the admin panel to keep track of form submission targets

    $this->cpage['module'] = $this->cpage['urlname'];

    // Page is set up, call any hooks

    $code = $plugins->setHook('page_set');

    foreach ( $code as $cmd )

    {

      eval($cmd);

    }

    $session->init_permissions();

  }

  function add_page($flags)

  {

    //dc_dump($flags, 'paths: page added by plugin:');

    $flags['urlname_nons'] = $flags['urlname'];

    $flags['urlname'] = $this->nslist[$flags['namespace']] . $flags['urlname']; // Applies the User:/File:/etc prefixes to the URL names

    $pages_len = sizeof($this->pages)/2;

    $this->pages[$pages_len] = $flags;

    $this->pages[$flags['urlname']] =& $this->pages[$pages_len];

  }

  function main_page()

  {

    if( is_string(getConfig('main_page')) )

    {

      header('Location: '.makeUrl(getConfig('main_page')));

      die('If you aren\'t redirected, <a href="' . makeUrl(getConfig('main_page')) . '">click here</a>.');

    }

    else

    {

      header('Location: '.makeUrl($this->pages[0]['urlname']));

      die('If you aren\'t redirected, <a href="' . makeUrl($this->pages[0]['urlname']) . '">click here</a>.');

    }

    exit;

  }

  function sysmsg($n)

  {

    global $db, $session, $paths, $template, $plugins; // Common objects

    dc_here('paths: system message requested: '.$n);

    $q = $db->sql_query('SELECT page_text, char_tag FROM '.table_prefix.'page_text WHERE page_id=\''.$db->escape($n).'\' AND namespace=\'System\'');

    if( !$q )

    {

      $db->_die('Error during generic selection of system page data.');

    }

    if($db->numrows() < 1)

    {

      return false;

      //$db->_die('Error during generic selection of system page data: there were no rows in the text table that matched the page text query.');

    }

    $r = $db->fetchrow();

    $db->free_result();

    $message = $r['page_text'];

    $message = preg_replace('/<noinclude>(.*?)<\/noinclude>/is', '', $message);

    return $message;

  }

  function get_pageid_from_url()

  {

    if(isset($_GET['title']))

    {

      if( $_GET['title'] == '' && getConfig('main_page') != '' )

      {

        $this->main_page();

      }

      if(strstr($_GET['title'], ' '))

      {

        $loc = urldecode(rawurldecode($_SERVER['REQUEST_URI']));

        $loc = str_replace(' ', '_', $loc);

        $loc = str_replace('+', '_', $loc);

        header('Location: '.$loc);

        exit;

      }

      $ret = $_GET['title'];

    }

    elseif(isset($_SERVER['PATH_INFO']))

    {

      $pi = explode('/', $_SERVER['PATH_INFO']);

      if(!isset($pi[1]) || (isset($pi[1]) && $pi[1] == ''))

      {

        return false;

      }

      if(strstr($pi[1], ' '))

      {

        $loc = urldecode(rawurldecode($_SERVER['REQUEST_URI']));

        $loc = str_replace(' ', '_', $loc);

        $loc = str_replace('+', '_', $loc);

        header('Location: '.$loc);

        exit;

      }

      if( !( substr($pi[1], 0, strlen($this->nslist['Special'])) == $this->nslist['Special'] ) )

      {

        unset($pi[0]);

        $pi[1] = implode('/', $pi);

      }

      $ret = $pi[1];

    }

    else

    {

      $k = array_keys($_GET);

      foreach($k as $c)

      {

        if(substr($c, 0, 1) == '/')

        {

          $ret = substr($c, 1, strlen($c));

          if(substr($ret, 0, strlen($this->nslist['Special'])) == $this->nslist['Special'] ||

             substr($ret, 0, strlen($this->nslist['Admin'])) == $this->nslist['Admin'])

          {

            $ret = explode('/', $ret);

            $ret = $ret[0];

          }

          break;

        }

      }

    }

    return ( isset($ret) ) ? $ret : false;

  }

  // Parses a (very carefully formed) array into Javascript code compatible with the Tigra Tree Menu used in the admin menu

  function parseAdminTree() 

  {

    $k = array_keys($this->admin_tree);

    $i = 0;

    $ret = '';

    $ret .= "var TREE_ITEMS = [\n  ['Administration panel home', 'javascript:ajaxPage(\'".$this->nslist['Admin']."Home\');',\n    ";

    foreach($k as $key)

    {

      $i++;

      $ret .= "['".$key."', 'javascript:trees[0].toggle($i)', \n";

      foreach($this->admin_tree[$key] as $c)

      {

        $i++;

        $ret .= "        ['".$c['name']."', 'javascript:ajaxPage(\\'".$this->nslist['Admin'].$c['pageid']."\\');'],\n";

      }

      $ret .= "      ],\n";

    }

    $ret .= "    ['Log out of admin panel', 'javascript:ajaxPage(\\'".$this->nslist['Admin']."AdminLogout\\');'],\n";

    // I used this while I painstakingly wrote the Runt code that auto-expands certain nodes based on the value of a bitfield stored in a cookie. *shudders*

    // $ret .= "    ['(debug) Clear menu bitfield', 'javascript:createCookie(\\'admin_menu_state\\', \\'1\\', 365);'],\n";

    $ret .= "]\n];";

    return $ret;

  }

  function addAdminNode($section, $page_title, $url)

  {

    if(!isset($this->admin_tree[$section]))

    {

      $this->admin_tree[$section] = Array();

    }

    $this->admin_tree[$section][] = Array(

        'name'=>$page_title,

        'pageid'=>$url

      );

  }

  function getParam($id = 0)

  {

    if(isset($_SERVER['PATH_INFO']))

    {

      $pi = explode('/', $_SERVER['PATH_INFO']);

      $id = $id + 2;

      return isset($pi[$id]) ? $pi[$id] : false;

    }

    else if( isset($_GET['title']) )

    {

      $pi = explode('/', $_GET['title']);

      $id = $id + 1;

      return isset($pi[$id]) ? $pi[$id] : false;

    }

    else