search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Fix a possible race condition in the PaintWeb DML code.
[moodle/mihaisucan.git] / mod / wiki / admin.php
blob05a4cb38f20e79113b9bfa055bf71fa23c131cba
1 <?PHP // $Id$
2 /// Extended by Michael Schneider
3
4 require_once("../../config.php");
5 require_once("lib.php");
6
7 $id = optional_param('id', '', PARAM_INT); // Course Module ID, or
8 $a = optional_param('a', '', PARAM_INT); // wiki ID
9 $page = optional_param('page', false, PARAM_CLEAN); // Pagename
10 $confirm = optional_param('confirm', '', PARAM_RAW);
11 $action = optional_param('action', '', PARAM_ACTION); // Admin Action
12 $userid = optional_param('userid', 0, PARAM_INT); // User wiki.
13 $groupid = optional_param('groupid', 0, PARAM_INT); // Group wiki.
14
15 if ($id) {
16 if (! $cm = get_coursemodule_from_id('wiki', $id)) {
17 error("Course Module ID was incorrect");
18 }
19
20 if (! $course = get_record("course", "id", $cm->course)) {
21 error("Course is misconfigured");
22 }
23
24 if (! $wiki = get_record("wiki", "id", $cm->instance)) {
25 error("Course module is incorrect");
26 }
27
28 } else {
29 if (! $wiki = get_record("wiki", "id", $a)) {
30 error("Course module is incorrect");
31 }
32 if (! $course = get_record("course", "id", $wiki->course)) {
33 error("Course is misconfigured");
34 }
35 if (! $cm = get_coursemodule_from_instance("wiki", $wiki->id, $course->id)) {
36 error("Course Module ID was incorrect");
37 }
38 }
39
40 require_login($course->id, false, $cm);
41 $context = get_context_instance(CONTEXT_MODULE, $cm->id);
42 require_capability('mod/wiki:manage', $context);
43
44 /// Build the ewsiki script constant
45 $ewbase = 'view.php?id='.$id;
46 if (isset($userid) && $userid!=0) $ewbase .= '&amp;userid='.$userid;
47 if (isset($groupid) && $groupid!=0) $ewbase .= '&amp;groupid='.$groupid;
48 $ewscript = $ewbase.'&amp;page=';
49 define("EWIKI_SCRIPT", $ewscript);
50 if($wiki->ewikiacceptbinary) {
51 define("EWIKI_UPLOAD_MAXSIZE", get_max_upload_file_size());
52 define("EWIKI_SCRIPT_BINARY", $ewbase."&binary=");
53 }
54
55
56 /// Add the course module 'groupmode' to the wiki object, for easy access.
57 $wiki->groupmode = $cm->groupmode;
58
59 /// Is an Action given ?
60 if(!$action) {
61 print_error("noadministrationaction","wiki");
62 }
63
64 /// Correct Action ?
65 if(!in_array($action, array("setpageflags", "removepages", "strippages", "checklinks", "revertpages"))) {
66 error("Unknown action '$action'","wiki");
67 }
68
69
70 /// May the User administrate it ?
71 if (($wiki_entry = wiki_get_entry($wiki, $course, $userid, $groupid)) === false || wiki_can_edit_entry($wiki_entry, $wiki, $USER, $course) === false) {
72 print_error("notadministratewiki","wiki");
73 }
74
75 $canedit = wiki_can_edit_entry($wiki_entry, $wiki, $USER, $course);
76 # Check for dangerous events (hacking) !
77 if(in_array($action,array("removepages","strippages","revertpages"))) {
78 if(!($wiki->wtype=="student" || ($wiki->wtype=="group" and $canedit) || wiki_is_teacher($wiki))) {
79 add_to_log($course->id, "wiki", "hack", "", $wiki->name.": Tried to trick admin.php with action=$action.");
80 error("Hack attack detected !");
81 }
82 }
83
84 # Database and Binary Handler
85 include_once($CFG->dirroot."/mod/wiki/ewikimoodlelib.php");
86 include_once($CFG->dirroot."/mod/wiki/ewiki/plugins/moodle/moodle_binary_store.php");
87
88 /// The wiki_entry->pagename is set to the specified value of the wiki,
89 /// or the default value in the 'lang' file if the specified value was empty.
90 define("EWIKI_PAGE_INDEX",$wiki_entry->pagename);
91 # The mighty Wiki itself
92 include_once($CFG->dirroot."/mod/wiki/ewiki/ewiki.php");
93
94 $strwikis = get_string("modulenameplural", "wiki");
95 $strwiki = get_string("modulename", "wiki");
96
97 /// Validate Form
98 if ($form = data_submitted()) {
99 switch($action) {
100 case "revertpages":
101 if(!$form->deleteversions || 0 > $form->deleteversions || $form->deleteversions > 1000) {
102 $focus="form.deleteversions";
103 $err->deleteversions=get_string("deleteversionserror","wiki");
104 }
105 if(!$form->changesfield || 0 > $form->changesfield || $form->changesfield > 100000) {
106 $focus="form.changesfield";
107 $err->changesfield=get_string("changesfielderror","wiki");
108 }
109 if($form->authorfieldpattern=="") {
110 $focus="form.authorfieldpattern";
111 $err->authorfieldpattern=get_string("authorfieldpatternerror","wiki");
112 }
113 break;
114 default: break;
115 }
116 }
117
118 $navigation = build_navigation(get_string("administration","wiki"), $cm);
119 print_header_simple("$wiki_entry->pagename", "", $navigation,
120 $focus, "", true, update_module_button($cm->id, $course->id, $strwiki),
121 navmenu($course, $cm));
122
123
124 ////////////////////////////////////////////////////////////
125 /// Check if the Form has been submitted and display confirmation
126 ////////////////////////////////////////////////////////////
127 if ($form = data_submitted()) {
128 /// Moodle Log
129 /// Get additional info
130 $addloginfo="";
131 switch($action) {
132 case "removepages":
133 $addloginfo=@join(", ", $form->pagestodelete);
134 break;
135 case "strippages":
136 $addloginfo=@join(", ", $form->pagestostrip);
137 break;
138 case "checklinks":
139 $addloginfo=$form->pagetocheck;
140 break;
141 case "setpageflags":
142 // No additional info
143 break;
144 case "revertpages":
145 // No additional info
146 break;
147 }
148 add_to_log($course->id, "wiki", $action, "admin.php?action=$action&amp;userid=$userid&amp;groupid=$groupid&amp;id=$id", $wiki->name.($addloginfo?": ".$addloginfo:""));
149 $link="admin.php?action=$action".($userid?"&amp;userid=".$userid:"").($groupid?"&amp;groupid=".$groupid:"")."&amp;id=$id&amp;page=$page";
150 switch($action) {
151 case "removepages":
152 if($form->proceed) {
153 if(!$confirm && $form->pagestodelete) {
154 notice_yesno(get_string("removepagecheck", "wiki")."<br />".join(", ", $form->pagestodelete),
155 $link."&amp;confirm=".urlencode(join(" ",$form->pagestodelete)), $link);
156 print_footer($course);
157 exit;
158 }
159 }
160 break;
161 case "strippages":
162 if($form->proceed) {
163 if(!$confirm && $form->pagestostrip) {
164 $err=array();
165 $strippages=wiki_admin_strip_versions($form->pagestostrip,$form->version, $err);
166 $confirm="";
167 foreach($strippages as $cnfid => $cnfver) {
168 $confirm.="&confirm[$cnfid]=".urlencode(join(" ",$cnfver));
169 }
170 if(count($err)==0) {
171 $pagestostrip=array();
172 foreach($form->pagestostrip as $pagetostrip) {
173 $pagestostrip[]=htmlspecialchars(urldecode($pagetostrip));
174 }
175 notice_yesno(get_string("strippagecheck", "wiki")."<br />".join(", ", $pagestostrip),
176 $link.$confirm, $link);
177 print_footer($course);
178 exit;
179 }
180 }
181 }
182 break;
183 case "checklinks":
184 if($form->proceed) {
185 if(!$confirm && $form->pagetocheck) {
186 $confirm="&amp;confirm=".$form->pagetocheck;
187 notice_yesno(get_string("checklinkscheck", "wiki").$form->pagetocheck,
188 $link.$confirm, $link);
189 print_footer($course);
190 exit;
191 }
192 }
193 break;
194 case "setpageflags":
195 // pageflagstatus is used in setpageflags.html
196 $pageflagstatus=wiki_admin_setpageflags($form->flags);
197 break;
198 case "revertpages":
199 if(!$err) {
200 if(!$confirm) {
201 $confirm="&confirm[changesfield]=".urlencode($form->changesfield).
202 "&confirm[authorfieldpattern]=".urlencode($form->authorfieldpattern).
203 "&confirm[howtooperate]=".urlencode($form->howtooperate).
204 "&confirm[deleteversions]=".urlencode($form->deleteversions);
205 $revertedpages=wiki_admin_revert("", $form->authorfieldpattern, $form->changesfield, $form->howtooperate, $form->deleteversions);
206 if($revertedpages) {
207 notice_yesno(get_string("revertpagescheck", "wiki")."<br />".$revertedpages,
208 $link.$confirm, $link);
209 print_footer($course);
210 exit;
211 } else {
212 $err->remark=get_string("nochangestorevert","wiki");
213 }
214 }
215 }
216 break;
217 default: error("No such Wiki-Admin action: $action");
218 break;
219 }
220 }
221
222 /// Actions which need a confirmation. If confirmed, do the action
223 $redirect="view.php?".($groupid?"&amp;groupid=".$groupid:"").($userid?"&amp;userid=".$userid:"")."&amp;id=$id&amp;page=$page";
224 if($confirm && !$err) {
225 switch($action) {
226 case "removepages":
227 $ret=wiki_admin_remove(split(" ",$confirm), $course, $wiki, $userid, $groupid);
228 if(!$ret) {
229 redirect($redirect, get_string("pagesremoved","wiki"), 1);
230 } else {
231 error($ret);
232 }
233 exit;
234 case "strippages":
235 $strippages=array();
236 foreach($confirm as $pageid => $versions) {
237 $strippages[$pageid]=split(" ",$versions);
238 }
239 $ret=wiki_admin_strip($strippages);
240 if(!$ret) {
241 redirect($redirect, get_string("pagesstripped","wiki"), 1);
242 } else {
243 error($ret);
244 }
245 exit;
246 case "checklinks":
247 $ret=wiki_admin_checklinks($confirm);
248 redirect($redirect, get_string("linkschecked","wiki")."<br />".$ret, 5);
249 exit;
250 case "revertpages":
251 $revertedpages=wiki_admin_revert(1, $confirm["authorfieldpattern"], $confirm["changesfield"], $confirm["howtooperate"], $confirm["deleteversions"]);
252 redirect($redirect, get_string("pagesreverted","wiki"), 1);
253 exit;
254 case "setpageflags":
255 # No confirmation needed
256 break;
257 default: error("No such action '$action' with confirmation");
258 }
259 }
260
261
262 /// The top row contains links to other wikis, if applicable.
263 if ($wiki_list = wiki_get_other_wikis($wiki, $USER, $course, $wiki_entry->id)) {
264 if (isset($wiki_list['selected'])) {
265 $selected = $wiki_list['selected'];
266 unset($wiki_list['selected']);
267 }
268 echo '<tr><td colspan="2">';
269
270 echo '<form id="otherwikis" action="'.$CFG->wwwroot.'/mod/wiki/admin.php">';
271 echo '<fieldset class="invisiblefieldset">';
272 echo '<table border="0" cellpadding="0" cellspacing="0" width="100%"><tr>';
273 echo '<td class="sideblockheading">&nbsp;'
274 .$WIKI_TYPES[$wiki->wtype].' '
275 .get_string('modulename', 'wiki').' for '
276 .wiki_get_owner($wiki_entry).':</td>';
277
278 echo '<td class="sideblockheading" align="right">'
279 .get_string('otherwikis', 'wiki').':&nbsp;&nbsp;';
280 $script = 'self.location=getElementById(\'otherwikis\').wikiselect.options[getElementById(\'otherwikis\').wikiselect.selectedIndex].value';
281
282 /// Add Admin-Action
283 reset($wiki_list);
284 $wiki_admin_list=array();
285 while(list($key,$val)=each($wiki_list)) {
286 $wiki_admin_list[$key."&amp;action=$action"]=$val;
287 }
288 choose_from_menu($wiki_admin_list, "wikiselect", $selected, "choose", $script);
289 echo '</td>';
290 echo '</tr></table>';
291 echo '</fieldset></form>';
292
293 echo '</td>';
294 echo '</tr>';
295 }
296
297 if ($wiki_entry) {
298
299
300 /// Page Actions
301 echo '<table border="0" width="100%">';
302 echo '<tr>';
303 # echo '<tr><td align="center">';
304 # $specialpages=array("SearchPages", "PageIndex","NewestPages","MostVisitedPages","MostOftenChangedPages","UpdatedPages","FileDownload","FileUpload","OrphanedPages","WantedPages");
305 # wiki_print_page_actions($cm->id, $specialpages, $ewiki_id, $ewiki_action, $wiki->ewikiacceptbinary, $canedit);
306 # echo '</td>';
307
308 /// Searchform
309 echo '<td align="center">';
310 wiki_print_search_form($cm->id, $q, $userid, $groupid, false);
311 echo '</td>';
312
313 /// Internal Wikilinks
314
315 /// TODO: DOES NOT WORK !!!!
316 echo '<td align="center">';
317 wiki_print_wikilinks_block($cm->id, $wiki->ewikiacceptbinary);
318 echo '</td>';
319
320 /// Administrative Links
321 echo '<td align="center">';
322 wiki_print_administration_actions($wiki, $cm->id, $userid, $groupid, $page, $wiki->htmlmode!=2, $course);
323 echo '</td>';
324
325 # if($wiki->htmlmode!=2) {
326 # echo '<td align="center">';
327 # helpbutton('formattingrules', get_string('formattingrules', 'wiki'), 'wiki');
328 # echo get_string("formattingrules","wiki");
329 # echo '</td>';
330 # }
331
332 echo '</tr></table>';
333 }
334
335 // The wiki Contents
336 print_simple_box_start( 'center', '100%', '', '20');
337 // Do the Action
338 # "setpageflags", "removepages", "strippages", "checklinks", "revertpages"
339 print_heading_with_help(get_string($action,"wiki"), $action, "wiki");
340 include $action.".html";
341 print_simple_box_end();
342
343 /// Finish the page
344 print_footer($course);
345 exit;
346
347 ?>
Mihai Sucan's work on Moodle