* Rendering: MathJax (https://www.mathjax.org/)
* Bug reports:
* #2 - Incorrect closing tag - nibreh
* #8 - Rogue tag - nibreh
*/
$guiConfig = <<<'GUICONFIG'
{
"sitename": {"type": "text", "description": "Your wiki's name.", "default": "Pepperminty Wiki"},
"defaultpage": {"type": "text", "description": "The name of the page that will act as the home page for the wiki. This page will be served if you don't specify a page.", "default": "Main Page"},
"admindetails_name": {"type": "text", "description": "Your name as the wiki administrator.", "default": "Administrator"},
"admindetails_email": {"type": "email", "description": "Your email address as the wiki administrator. Will be displayed as a support contact address.", "default": "admin@localhost"},
"favicon": {"type": "url", "description": "A url that points to the favicon you want to use for your wiki. This image By default this is set to a data: url of a Peppermint (Credit: by bluefrog23, source: https://openclipart.org/detail/19571/peppermint-candy-by-bluefrog23)", "default": "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAMAAAAoLQ9TAAAB3VBMVEXhERHbKCjeVVXjb2/kR0fhKirdHBziDg6qAADaHh7qLy/pdXXUNzfMAADYPj7ZPDzUNzfbHx/fERHpamrqMTHgExPdHx/bLCzhLS3fVFTjT0/ibm7kRkbiLi7aKirdISHeFBTqNDTpeHjgERHYJCTVODjYQkLaPj6/AADVOTnpbW3cIyPdFRXcJCThMjLiTU3ibW3fVVXaKyvcERH4ODj+8fH/////fHz+Fxf4KSn0UFD/CAj/AAD/Xl7/wMD/EhL//v70xMT/+Pj/iYn/HBz/g4P/IyP/Kyv/7Oz0QUH/9PT/+vr/ior/Dg7/vr7/aGj/QED/bGz/AQH/ERH/Jib/R0f/goL/0dH/qan/YWH/7e3/Cwv4R0f/MTH/enr/vLz/u7v/cHD/oKD/n5//aWn+9/f/k5P/0tL/trb/QUH/cXH/dHT/wsL/DQ3/p6f/DAz/1dX/XV3/kpL/i4v/Vlb/2Nj/9/f/pKT+7Oz/V1f/iIj/jIz/r6//Zmb/lZX/j4//T0//Dw/4MzP/GBj/+fn/o6P/TEz/xMT/b2//Tk7/OTn/HR3/hIT/ODj/Y2P/CQn/ZGT/6Oj0UlL/Gxv//f3/Bwf/YmL/6+v0w8P/Cgr/tbX0QkL+9fX4Pz/qNzd0dFHLAAAAAXRSTlMAQObYZgAAAAFiS0dEAIgFHUgAAAAJcEhZcwAACxMAAAsTAQCanBgAAAAHdElNRQfeCxINNSdmw510AAAA5ElEQVQYGQXBzSuDAQCA8eexKXOwmSZepa1JiPJxsJOrCwcnuchBjg4O/gr7D9zk4uAgJzvuMgcTpYxaUZvSm5mUj7TX7ycAqvoLIJBwStVbP0Hom1Z/ejoxrbaR1Jz6nWinbKWttGRgMSSjanPktRY6mB9WtRNTn7Ilh7LxnNpKq2/x5LnBitfz+hx0qxUaxhZ6vwqq9bx6f2XXvuUl9SVQS38NR7cvln3v15tZ9bQpuWDtZN3Lgh5DWJex3Y+z1KrVhw21+CiM74WZo83DiXq0dVBDYNJkFEU7WrwDAZhRtQrwDzwKQbT6GboLAAAAAElFTkSuQmCC"},
"logo_url": {"type": "url", "description": "A url that points to the site's logo. Leave blank to disable. When enabled the logo will be inserted next to the site name on every page.", "default": "//starbeamrainbowlabs.com/images/logos/peppermint.png"},
"logo_position": {"type": "text", "description": "The side of the site name at which the logo should be placed.", "default": "left"},
"show_subpages": {"type": "text", "description": "Whether to show a list of subpages at the bottom of the page.", "default": true},
"subpages_display_depth": {"type": "text", "description": "The depth to which we should display when listing subpages at the bottom the page.", "default": 3},
"footer_message": {"type": "text", "description": "A message that will appear at the bottom of every page. May contain HTML.", "default": "All content is under this license. Please make sure that you read and understand the license, especially if you are thinking about copying some (or all) of this site's content, as it may restrict you from doing so."},
"editing_message": {"type": "text", "description": "A message that will appear just before the submit button on the editing page. May contain HTML.", "default": "Formatting help (Markdown Cheatsheet) \nBy submitting your edit or uploading your file, you are agreeing to release your changes under this license. Also note that if you don't want your work to be edited by other users of this site, please don't submit it here!"},
"admindisplaychar": {"type": "text", "description": "The string that is prepended before an admin's name on the nav bar. Defaults to a diamond shape (◆).", "default": "◆"},
"protectedpagechar": {"type": "text", "description": "The string that is prepended a page's name in the page title if it is protected. Defaults to a lock symbol. (🔒)", "default": "🔒"},
"editing": {"type": "checkbox", "description": "Whether editing is enabled.", "default": true},
"anonedits": {"type": "checkbox", "description": "Whether users who aren't logged in are allowed to edit your wiki.", "default": false},
"maxpagesize": {"type": "number", "description": "The maximum page size in characters.", "default": 135000},
"parser": {"type": "text", "description": "The parser to use when rendering pages. Defaults to an extended version of parsedown (http://parsedown.org/)", "default": "parsedown"},
"clean_raw_html": {"type": "checkbox", "description": "Whether page sources should be cleaned of HTML before rendering. It is STRONGLY recommended that you keep this option turned on.", "default": true},
"enable_math_rendering": {"type": "checkbox", "description": "Whether to enable client side rendering of mathematical expressions with MathJax (https://www.mathjax.org/). Math expressions should be enclosed inside of dollar signs ($). Turn off if you don't use it.", "default": true},
"users": {"type": "map", "description": "An array of usernames and passwords - passwords should be hashed with sha256 (or sha3 if you have that option turned on)", "default": {
"admin": "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8",
"user": "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34"
}},
"admins": {"type": "array", "description": "An array of usernames that are administrators. Administrators can delete and move pages.", "default": [ "admin" ]},
"use_sha3": {"type": "checkbox", "description": "Whether to use the new sha3 hashing algorithm for passwords etc.", "default": false},
"require_login_view": {"type": "checkbox", "description": "Whether to require that users login before they do anything else. Best used with the data_storage_dir option.", "default": false},
"data_storage_dir": {"type": "text", "description": "The directory in which to store all files, except the main index.php.", "default": "."},
"delayed_indexing_time": {"type": "number", "description": "The amount of time, in seconds, that pages should be blocked from being indexed by search engines after their last edit. Aka delayed indexing.", "default": 0},
"nav_links": {"type": "array", "description": "
An array of links and display text to display at the top of the site. Format: \"Display Text\": \"Link\"
You can also use strings here and they will be printed as-is, except the following special strings:
user-status - Expands to the user's login information. e.g. \"Logged in as {name}. | Logout\", or e.g. \"Browsing as Anonymous. | Login\".
search - Expands to a search box.
divider - Expands to a divider to separate stuff.
more - Expands to the \"More...\" submenu.
", "default": [
"user-status",
[
"Home",
"index.php"
],
"search",
[
"Read",
"index.php?page={page}"
],
[
"Edit",
"index.php?action=edit&page={page}"
],
[
"All Pages",
"index.php?action=list"
],
"menu"
]},
"nav_links_extra": {"type": "array", "description": "An array of additional links in the above format that will be shown under \"More\" subsection.", "default": [
[
"🕓 Page History",
"?action=history&page={page}"
],
[
"🎫 All Tags",
"index.php?action=list-tags"
],
[
"Recent changes",
"?action=recent-changes"
],
[
"🡅 Upload",
"index.php?action=upload"
],
[
"⌧ ◆Delete",
"index.php?action=delete&page={page}"
],
[
"⎘ ◆Move",
"index.php?action=move&page={page}"
],
[
"🔐 ◆Toggle Protection",
"index.php?action=protect&page={page}"
]
]},
"nav_links_bottom": {"type": "text", "description": "An array of links in the above format that will be shown at the bottom of the page.", "default": [
[
"🖶 Printable version",
"index.php?action=view&mode=printable&page={page}"
],
[
"Credits",
"index.php?action=credits"
],
[
"Help",
"index.php?action=help"
]
]},
"upload_enabled": {"type": "checkbox", "description": "Whether to allow uploads to the server.", "default": true},
"upload_allowed_file_types": {"type": "array", "description": "An array of mime types that are allowed to be uploaded.", "default": [
"image/jpeg",
"image/png",
"image/gif",
"image/webp",
"image/svg+xml",
"video/mp4",
"video/webm",
"audio/mp4",
"audio/mpeg"
]},
"preview_file_type": {"type": "text", "description": "The default file type for previews.", "default": "image/png"},
"default_preview_size": {"type": "number", "description": "The default size of preview images in pixels.", "default": 640},
"mime_extension_mappings_location": {"type": "text", "description": "The location of a file that maps mime types onto file extensions and vice versa. Used to generate the file extension for an uploaded file. See the configuration guide for windows instructions.", "default": "/etc/mime.types"},
"mime_mappings_overrides": {"type": "map", "description": "Override mappings to convert mime types into the appropriate file extension. Used to override the above file if it assigns weird extensions to any mime types.", "default": {
"text/plain": "txt",
"audio/mpeg": "mp3"
}},
"min_preview_size": {"type": "number", "description": "The minimum allowed size of generated preview images in pixels.", "default": 1},
"max_preview_size": {"type": "number", "description": "The maximum allowed size of generated preview images in pixels.", "default": 2048},
"search_characters_context": {"type": "number", "description": "The number of characters that should be displayed either side of a matching term in the context below each search result.", "default": 200},
"search_title_matches_weighting": {"type": "number", "description": "The weighting to give to search term matches found in a page's title.", "default": 10},
"search_tags_matches_weighting": {"type": "number", "description": "The weighting to give to search term matches found in a page's tags.", "default": 3},
"defaultaction": {"type": "text", "description": "The default action. This action will be performed if no other action is specified. It is recommended you set this to \"view\" - that way the user automatically views the default page (see above).", "default": "view"},
"updateurl": {"type": "url", "description": "The url from which to fetch updates. Defaults to the master (development) branch. MAKE SURE THAT THIS POINTS TO A *HTTPS* URL, OTHERWISE SOMEONE COULD INJECT A VIRUS INTO YOUR WIKI!", "default": "https://raw.githubusercontent.com/sbrl/pepperminty-wiki/master/index.php"},
"optimize_pages": {"type": "checkbox", "description": "Whether to optimise all webpages generated.", "default": true},
"max_recent_changes": {"type": "number", "description": "The maximum number of recent changes to display on the recent changes page.", "default": 512},
"export_allow_only_admins": {"type": "checkbox", "description": "Whether to only allow adminstrators to export the your wiki as a zip using the page-export module.", "default": false},
"sessionprefix": {"type": "text", "description": "You shouldn't need to change this. The prefix that should be used in the names of the session variables. Defaults to \"auto\", which automatically generates this field. See the readme for more information.", "default": "auto"},
"sessionlifetime": { "type": "number", "description": "Again, you shouldn't need to change this under normal circumstances. This setting controls the lifetime of a login session. Defaults to 24 hours, but it may get cut off sooner depending on the underlying PHP session lifetime.", "default": 86400 },
"css": {"type": "textarea", "description": "A string of css to include. Will be included in the <head> of every page inside a <style> tag. This may also be an absolute url - urls will be referenced via a <link rel='stylesheet' /> tag.", "default": "auto"}
}
GUICONFIG;
$guiConfig = json_decode($guiConfig);
$settings = new stdClass();
if(!file_exists("peppermint.json"))
{
// Copy the default settings over to the main settings array
foreach ($guiConfig as $key => $value)
$settings->$key = $value->default;
// Generate a random secret
$settings->secret = bin2hex(openssl_random_pseudo_bytes(16));
file_put_contents("peppermint.json", json_encode($settings, JSON_PRETTY_PRINT));
}
else
$settings = json_decode(file_get_contents("peppermint.json"));
if($settings === null)
{
header("content-type: text/plain");
exit("Error: Failed to decode the settings file! Does it contain a syntax error?");
}
if($settings->css === "auto")
{
$settings->css = << span { flex: 1; text-align: center; line-height: 2; display: inline-block; margin: 0; padding: 0.3rem 0.5rem; border-left: 3px solid #442772; border-right: 3px solid #442772; }
nav:not(.nav-more-menu) a { text-decoration: none; font-weight: bolder; color: inherit; }
.nav-divider { color: transparent; }
.nav-more { position: relative; background-color: #442772; }
.nav-more label { cursor: pointer; }
.nav-more-menu { display: none; position: absolute; flex-direction: column; top: 2.6rem; right: -0.2rem; background-color: #8a62a7; border-top: 3px solid #442772; border-bottom: 3px solid #442772;}
input[type=checkbox]:checked ~ .nav-more-menu { display: block; box-shadow: 0.4rem 0.4rem 1rem 0 rgba(50, 50, 50, 0.5); }
.nav-more-menu span { min-width: 10rem; }
.inflexible { flex: none; }
.off-screen { position: absolute; top: -1000px; left: -1000px;}
input[type=search] { width: 14rem; padding: 0.3rem 0.4rem; font-size: 1rem; color: white; background: rgba(255, 255, 255, 0.4); border: 0; border-radius: 0.3rem; }
input[type=search]::-webkit-input-placeholder { color : rgba(255, 255, 255, 0.75); }
input[type=button], input[type=submit] { cursor: pointer; }
.sidebar { position: relative; z-index: 100; margin-top: 0.6rem; padding: 1rem 3rem 2rem 0.4rem; background: #9e7eb4; box-shadow: inset -0.6rem 0 0.8rem -0.5rem rgba(50, 50, 50, 0.5); }
.sidebar a { color: #ffa74d; }
.sidebar ul { position: relative; margin: 0.3rem 0.3rem 0.3rem 1rem; padding: 0.3rem 0.3rem 0.3rem 1rem; list-style-type: none; }
.sidebar li { position: relative; margin: 0.3rem; padding: 0.3rem; }
.sidebar ul:before { content: ""; position: absolute; top: 0; left: 0; height: 100%; border-left: 2px dashed rgba(50, 50, 50, 0.4); }
.sidebar li:before { content: ""; position: absolute; width: 1rem; top: 0.8rem; left: -1.2rem; border-bottom: 2px dashed rgba(50, 50, 50, 0.4); }
.preview { text-align: center; }
.preview:hover img, .preview:hover video, .preview:hover audio { --checkerboard-bg: rgba(200, 200, 200, 0.2); max-width: 100%; background-color: #eee; background-image: linear-gradient(45deg, var(--checkerboard-bg) 25%, transparent 25%, transparent 75%, var(--checkerboard-bg) 75%, var(--checkerboard-bg)), linear-gradient(45deg, var(--checkerboard-bg) 25%, transparent 25%, transparent 75%, var(--checkerboard-bg) 75%, var(--checkerboard-bg)); background-size:2em 2em; background-position:0 0, 1em 1em; }
.image-controls ul { list-style-type: none; margin: 5px; padding: 5px; }
.image-controls li { display: inline-block; margin: 5px; padding: 5px; }
.link-display { margin-left: 0.5rem; }
figure:not(.preview) { display: inline-block; }
figure:not(.preview) > :first-child { display: block; }
figcaption { text-align: center; }
.printable { padding: 2rem; }
h1 { text-align: center; }
.sitename { margin-top: 5rem; margin-bottom: 3rem; font-size: 2.5rem; }
.logo { max-width: 4rem; max-height: 4rem; vertical-align: middle; }
.logo.small { max-width: 2rem; max-height: 2rem; }
main:not(.printable) { padding: 2rem 2rem 0.5rem 2rem; background: #faf8fb; box-shadow: 0 0.1rem 1rem 0.3rem rgba(50, 50, 50, 0.5); }
blockquote { padding-left: 1em; border-left: 0.2em solid #442772; border-radius: 0.2rem; }
a.redlink:link { color: rgb(230, 7, 7); }
a.redlink:visited { color: rgb(130, 15, 15); /*#8b1a1a*/ }
.search-result { position: relative; }
.search-result::before { content: attr(data-result-number); position: relative; top: 3rem; color: rgba(33, 33, 33, 0.3); font-size: 2rem; }
.search-result::after { content: "Rank: " attr(data-rank); position: absolute; top: 3.8rem; right: 0.7rem; color: rgba(50, 50, 50, 0.3); }
.search-result > h2 { margin-left: 3rem; }
.search-context { max-height: 20em; overflow: hidden; }
.search-context::after { content: ""; position: absolute; bottom: 0; width: 100%; height: 3em; display: block; background: linear-gradient(to bottom, transparent, #faf8fb); pointer-events: none; }
label:not(.link-display-label) { display: inline-block; min-width: 7rem; }
input[type=text]:not(.link-display), input[type=password], textarea { margin: 0.5rem 0; }
input[type=text], input[type=password], textarea, #search-box { padding: 0.5rem 0.8rem; background: #d5cbf9; border: 0; border-radius: 0.3rem; font-size: 1rem; color: #442772; }
textarea { min-height: 35rem; line-height: 1.3em; font-size: 1.25rem; }
textarea, textarea ~ input[type=submit], #search-box { width: calc(100% - 0.3rem); box-sizing: border-box; }
textarea ~ input[type=submit] { margin: 0.5rem 0; padding: 0.5rem; font-weight: bolder; }
.editform input[type=text] { width: calc(100% - 0.3rem); box-sizing: border-box; }
.file-gallery { margin: 0.5em; padding: 0.5em; list-style-type: none; }
.file-gallery > li { display: inline-block; min-width: attr(data-gallery-width); padding: 1em; text-align: center; }
.file-gallery > li img, .file-gallery > li video, .file-gallery > li audio { display: block; margin: 0 auto; background-color: white; }
.page-tags-display { margin: 0.5rem 0 0 0; padding: 0; list-style-type: none; }
.page-tags-display li { display: inline-block; margin: 0.5rem; padding: 0.5rem; background: #e2d5eb; white-space: nowrap; }
.page-tags-display li a { color: #fb701a; text-decoration: none; }
.page-tags-display li::before { content: "\\A"; position: relative; top: 0.03rem; left: -0.9rem; width: 0; height: 0; border-top: 0.6rem solid transparent; border-bottom: 0.6rem solid transparent; border-right: 0.5rem solid #e2d5eb; }
.page-list { list-style-type: none; margin: 0.3rem; padding: 0.3rem; }
.page-list li:not(.header) { margin: 0.3rem; padding: 0.3rem; }
.page-list li .size { margin-left: 0.7rem; color: rgba(30, 30, 30, 0.5); }
.page-list li .editor { display: inline-block; margin: 0 0.5rem; }
.page-list li .tags { margin: 0 1rem; }
.tag-list { list-style-type: none; margin: 0.5rem; padding: 0.5rem; }
.tag-list li { display: inline-block; margin: 1rem; }
.mini-tag { background: #e2d5eb; padding: 0.2rem 0.4rem; color: #fb701a; text-decoration: none; }
.help-section-header::after { content: "#" attr(id); float: right; color: rgba(0, 0, 0, 0.4); font-size: 0.8rem; font-weight: normal; }
.cursor-query { cursor: help; }
summary { cursor: pointer; }
.larger { color: rgb(9, 180, 0); }
.smaller, .deletion { color: rgb(207, 28, 17); }
.nochange { color: rgb(132, 123, 199); font-style: italic; }
.significant { font-weight: bolder; font-size: 1.1rem; }
.deletion, .deletion > .editor { text-decoration: line-through; }
.highlighted-diff { white-space: pre-wrap; }
.diff-added { background-color: rgba(31, 171, 36, 0.6); color: rgba(23, 125, 27, 1); }
.diff-removed { background-color: rgba(255, 96, 96, 0.6); color: rgba(191, 38, 38, 1); }
.newpage::before { content: "N"; margin: 0 0.3em 0 -1em; font-weight: bolder; text-decoration: underline dotted; }
.upload::before { content: "\\1f845"; margin: 0 0.1em 0 -1.1em; }
footer { padding: 2rem; }
/* #ffdb6d #36962c */
THEMECSS;
}
/*** Notes ***
Actions:
view - view a page
page - page name
printable=[yes/no] - make output printable
edit - open editor for page
page - page name
save - save edits to page
page - page name
list - list pages
category - the category to list [optional] [unimplemented]
login - login to the site
logout - logout
checklogin - check login credentials and set cookie
hash - hash a string with sha256
string - string to hash
help - get help
update - update the wiki
do - set to `true` to actually update the wiki
secret - set to the value of the site's secret
credits - view the credits
delete - delete a page
page - page name
delete=yes - actually do the deletion (otherwise we display a prompt)
*************/
///////////////////////////////////////////////////////////////////////////////////////////////
/////////////// Do not edit below this line unless you know what you are doing! ///////////////
///////////////////////////////////////////////////////////////////////////////////////////////
$version = "v0.13-dev";
/// Environment ///
$env = new stdClass();
$env->action = $settings->defaultaction;
$env->page = "";
$env->page_filename = "";
$env->is_history_revision = false;
$env->history = new stdClass();
$env->history->revision_number = -1;
$env->history->revision_data = false;
$env->user = "Anonymous";
$env->is_logged_in = false;
$env->is_admin = false;
$env->storage_prefix = $settings->data_storage_dir . DIRECTORY_SEPARATOR;
$env->perfdata = new stdClass();
/// Paths ///
$paths = new stdClass();
$paths->pageindex = "pageindex.json"; // The pageindex
$paths->searchindex = "invindex.json"; // The inverted index used for searching
$paths->idindex = "idindex.json"; // The index that converts ids to page names
// Prepend the storage data directory to all the defined paths.
foreach ($paths as &$path) {
$path = $env->storage_prefix . $path;
}
$paths->upload_file_prefix = "Files/"; // The prefix to add to uploaded files
session_start();
// Make sure that the login cookie lasts beyond the end of the user's session
setcookie(session_name(), session_id(), time() + $settings->sessionlifetime);
///////// Login System /////////
// Clear expired sessions
if(isset($_SESSION[$settings->sessionprefix . "-expiretime"]) and
$_SESSION[$settings->sessionprefix . "-expiretime"] < time())
{
// Clear the session variables
$_SESSION = [];
session_destroy();
$env->is_logged_in = false;
$env->user = "Anonymous";
}
if(!isset($_SESSION[$settings->sessionprefix . "-user"]) and
!isset($_SESSION[$settings->sessionprefix . "-pass"]))
{
// The user is not logged in
$env->is_logged_in = false;
}
else
{
$env->user = $_SESSION[$settings->sessionprefix . "-user"];
$env->pass = $_SESSION[$settings->sessionprefix . "-pass"];
if($settings->users->{$env->user} == $env->pass)
{
// The user is logged in
$env->is_logged_in = true;
}
else
{
// The user's login details are invalid (what is going on here?)
// Unset the session variables, treat them as an anonymous user,
// and get out of here
$env->is_logged_in = false;
$env->user = "Anonymous";
$env->pass = "";
// Clear the session data
$_SESSION = []; //delete all the variables
session_destroy(); //destroy the session
}
}
//check to see if the currently logged in user is an admin
$env->is_admin = false;
if($env->is_logged_in)
{
foreach($settings->admins as $admin_username)
{
if($admin_username == $env->user)
{
$env->is_admin = true;
break;
}
}
}
/////// Login System End ///////
////////////////////
// APIDoc strings //
////////////////////
/**
* @apiDefine Moderator Only users loggged with a moderator account may use this call.
*/
/**
* @apiDefine User Only users loggged in may use this call.
*/
/**
* @apiDefine Anonymous Anybody may use this call.
*/
/**
* @apiDefine UserNotLoggedInError
* @apiError UserNotLoggedInError You didn't log in before sending this request.
*/
/**
* @apiDefine UserNotModeratorError
* @apiError UserNotModeratorError You weren't loggged in as a moderator before sending this request.
*/
/**
* @apiDefine PageParameter
* @apiParam {string} page The page to operate on.
*/
////////////////////
///////////////////////////////////////////////////////////////////////////////
////////////////////////////////// Functions //////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
/**
* Get the actual absolute origin of the request sent by the user.
* @param array $s The $_SERVER variable contents. Defaults to $_SERVER.
* @param bool $use_forwarded_host Whether to utilise the X-Forwarded-Host header when calculating the actual origin.
* @return string The actual origin of the user's request.
*/
function url_origin( $s = false, $use_forwarded_host = false )
{
if($s === false) $s = $_SERVER;
$ssl = ( ! empty( $s['HTTPS'] ) && $s['HTTPS'] == 'on' );
$sp = strtolower( $s['SERVER_PROTOCOL'] );
$protocol = substr( $sp, 0, strpos( $sp, '/' ) ) . ( ( $ssl ) ? 's' : '' );
$port = $s['SERVER_PORT'];
$port = ( ( ! $ssl && $port=='80' ) || ( $ssl && $port=='443' ) ) ? '' : ':'.$port;
$host = ( $use_forwarded_host && isset( $s['HTTP_X_FORWARDED_HOST'] ) ) ? $s['HTTP_X_FORWARDED_HOST'] : ( isset( $s['HTTP_HOST'] ) ? $s['HTTP_HOST'] : null );
$host = isset( $host ) ? $host : $s['SERVER_NAME'] . $port;
return $protocol . '://' . $host;
}
/**
* Get the full url, as requested by the client.
* @see http://stackoverflow.com/a/8891890/1460422 This Stackoverflow answer.
* @param array $s The $_SERVER variable. Defaults to $_SERVER.
* @param bool $use_forwarded_host Whether to take the X-Forwarded-Host header into account.
* @return string The full url, as requested by the client.
*/
function full_url( $s = false, $use_forwarded_host = false )
{
return url_origin( $s, $use_forwarded_host ) . $s['REQUEST_URI'];
}
/**
* Converts a filesize into a human-readable string.
* From http://php.net/manual/en/function.filesize.php#106569
* Edited by Starbeamrainbowlabs.
* @param number $bytes The number of bytes to convert.
* @param number $decimals The number of decimal places to preserve.
* @return string A human-readable filesize.
*/
function human_filesize($bytes, $decimals = 2)
{
$sz = ["b", "kb", "mb", "gb", "tb", "pb", "eb", "yb", "zb"];
$factor = floor((strlen($bytes) - 1) / 3);
$result = round($bytes / pow(1024, $factor), $decimals);
return $result . @$sz[$factor];
}
/**
* Calculates the time since a particular timestamp and returns a
* human-readable result.
* From http://goo.gl/zpgLgq.
* @param integer $time The timestamp to convert.
* @return string The time since the given timestamp as
* a human-readable string.
*/
function human_time_since($time)
{
$timediff = time() - $time;
$tokens = array (
31536000 => 'year',
2592000 => 'month',
604800 => 'week',
86400 => 'day',
3600 => 'hour',
60 => 'minute',
1 => 'second'
);
foreach ($tokens as $unit => $text) {
if ($timediff < $unit) continue;
$numberOfUnits = floor($timediff / $unit);
return $numberOfUnits.' '.$text.(($numberOfUnits>1)?'s':'').' ago';
}
}
/**
* A recursive glob() function.
* From http://in.php.net/manual/en/function.glob.php#106595
* @param string $pattern The glob pattern to use to find filenames.
* @param integer $flags The glob flags to use when finding filenames.
* @return array An array of the filepaths that match the given glob.
*/
function glob_recursive($pattern, $flags = 0)
{
$files = glob($pattern, $flags);
foreach (glob(dirname($pattern).'/*', GLOB_ONLYDIR|GLOB_NOSORT) as $dir)
{
$prefix = "$dir/";
// Remove the "./" from the beginning if it exists
if(substr($prefix, 0, 2) == "./") $prefix = substr($prefix, 2);
$files = array_merge($files, glob_recursive($prefix . basename($pattern), $flags));
}
return $files;
}
/**
* Gets a list of all the sub pages of the current page.
* @param object $pageindex The pageindex to use to search.
* @param string $pagename The name of the page to list the sub pages of.
* @return object An object containing all the subpages and their
* respective distances from the given page name in the pageindex tree.
*/
function get_subpages($pageindex, $pagename)
{
$pagenames = get_object_vars($pageindex);
$result = new stdClass();
$stem = "$pagename/";
$stem_length = strlen($stem);
foreach($pagenames as $entry => $value)
{
if(substr($entry, 0, $stem_length) == $stem)
{
// We found a subpage
// Extract the subpage's key relative to the page that we are searching for
$subpage_relative_key = substr($entry, $stem_length, -3);
// Calculate how many times removed the current subpage is from the current page. 0 = direct descendant.
$times_removed = substr_count($subpage_relative_key, "/");
// Store the name of the subpage we found
$result->$entry = $times_removed;
}
}
unset($pagenames);
return $result;
}
/**
* Makes sure that a subpage's parents exist.
* Note this doesn't check the pagename itself.
* @param The pagename to check.
*/
function check_subpage_parents($pagename)
{
global $pageindex, $paths, $env;
// Save the new pageindex and return if there aren't any more parent pages to check
if(strpos($pagename, "/") === false)
{
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
return;
}
$parent_pagename = substr($pagename, 0, strrpos($pagename, "/"));
$parent_page_filename = "$parent_pagename.md";
if(!file_exists($env->storage_prefix . $parent_page_filename))
{
// This parent page doesn't exist! Create it and add it to the page index.
touch($env->storage_prefix . $parent_page_filename, 0);
$newentry = new stdClass();
$newentry->filename = $parent_page_filename;
$newentry->size = 0;
$newentry->lastmodified = 0;
$newentry->lasteditor = "none";
$pageindex->$parent_pagename = $newentry;
}
check_subpage_parents($parent_pagename);
}
/**
* Makes a path safe.
* Paths may only contain alphanumeric characters, spaces, underscores, and
* dashes.
* @param string $string The string to make safe.
* @return string A safe version of the given string.
*/
function makepathsafe($string)
{
// Old restrictive system
//$string = preg_replace("/[^0-9a-zA-Z\_\-\ \/\.]/i", "", $string);
// Remove reserved characters
$string = preg_replace("/[?%*:|\"><()\\[\\]]/i", "", $string);
// Collapse multiple dots into a single dot
$string = preg_replace("/\.+/", ".", $string);
return $string;
}
/**
* Hides an email address from bots by adding random html entities.
* @param string $str The original email address
* @return string The mangled email address.
*/
function hide_email($str)
{
$hidden_email = "";
for($i = 0; $i < strlen($str); $i++)
{
if($str[$i] == "@")
{
$hidden_email .= "" . ord("@") . ";";
continue;
}
if(rand(0, 1) == 0)
$hidden_email .= $str[$i];
else
$hidden_email .= "" . ord($str[$i]) . ";";
}
return $hidden_email;
}
/**
* Checks to see if $haystack starts with $needle.
* @param string $haystack The string to search.
* @param string $needle The string to search for at the beginning
* of $haystack.
* @return boolean Whether $needle can be found at the beginning
* of $haystack.
*/
function starts_with($haystack, $needle)
{
$length = strlen($needle);
return (substr($haystack, 0, $length) === $needle);
}
/**
* Case-insensitively finds all occurrences of $needle in $haystack. Handles
* UTF-8 characters correctly.
* From http://www.pontikis.net/tip/?id=16, and
* based on http://www.php.net/manual/en/function.strpos.php#87061
* @param string $haystack The string to search.
* @param string $needle The string to find.
* @return array || false An array of match indices, or false if
* nothing was found.
*/
function mb_stripos_all($haystack, $needle) {
$s = 0; $i = 0;
while(is_integer($i)) {
$i = function_exists("mb_stripos") ? mb_stripos($haystack, $needle, $s) : stripos($haystack, $needle, $s);
if(is_integer($i)) {
$aStrPos[] = $i;
$s = $i + (function_exists("mb_strlen") ? mb_strlen($needle) : strlen($needle));
}
}
if(isset($aStrPos))
return $aStrPos;
else
return false;
}
/**
* Tests whether a string ends with a given substring.
* @param string $whole The string to test against.
* @param string $end The substring test for.
* @return bool Whether $whole ends in $end.
*/
function endsWith($whole, $end)
{
return (strpos($whole, $end, strlen($whole) - strlen($end)) !== false);
}
/**
* Returns the system's mime type mappings, considering the first extension
* listed to be cacnonical.
* From http://stackoverflow.com/a/1147952/1460422 by chaos.
* Edited by Starbeamrainbowlabs.
* @return array An array of mime type mappings.
*/
function system_mime_type_extensions()
{
global $settings;
$out = array();
$file = fopen($settings->mime_extension_mappings_location, 'r');
while(($line = fgets($file)) !== false) {
$line = trim(preg_replace('/#.*/', '', $line));
if(!$line)
continue;
$parts = preg_split('/\s+/', $line);
if(count($parts) == 1)
continue;
$type = array_shift($parts);
if(!isset($out[$type]))
$out[$type] = array_shift($parts);
}
fclose($file);
return $out;
}
/**
* Converts a given mime type to it's associated file extension.
* From http://stackoverflow.com/a/1147952/1460422 by chaos.
* Edited by Starbeamrainbowlabs.
* @param string $type The mime type to convert.
* @return string The extension for the given mime type.
*/
function system_mime_type_extension($type)
{
static $exts;
if(!isset($exts))
$exts = system_mime_type_extensions();
return isset($exts[$type]) ? $exts[$type] : null;
}
/**
* Returns the system MIME type mapping of extensions to MIME types.
* From http://stackoverflow.com/a/1147952/1460422 by chaos.
* Edited by Starbeamrainbowlabs.
* @return array An array mapping file extensions to their associated mime types.
*/
function system_extension_mime_types()
{
global $settings;
$out = array();
$file = fopen($settings->mime_extension_mappings_location, 'r');
while(($line = fgets($file)) !== false) {
$line = trim(preg_replace('/#.*/', '', $line));
if(!$line)
continue;
$parts = preg_split('/\s+/', $line);
if(count($parts) == 1)
continue;
$type = array_shift($parts);
foreach($parts as $part)
$out[$part] = $type;
}
fclose($file);
return $out;
}
/**
* Converts a given file extension to it's associated mime type.
* From http://stackoverflow.com/a/1147952/1460422 by chaos.
* Edited by Starbeamrainbowlabs.
* @param string $ext The extension to convert.
* @return string The mime type associated with the given extension.
*/
function system_extension_mime_type($ext) {
static $types;
if(!isset($types))
$types = system_extension_mime_types();
$ext = strtolower($ext);
return isset($types[$ext]) ? $types[$ext] : null;
}
/**
* Generates a stack trace.
* @param bool $log_trace Whether to send the stack trace to the error log in addition to returning it.
* @return string A string prepresentation of a stack trace.
*/
function stack_trace($log_trace = true)
{
$result = "";
$stackTrace = debug_backtrace();
$stackHeight = count($stackTrace);
foreach ($stackTrace as $i => $stackEntry)
{
$result .= "#" . ($stackHeight - $i) . " - " . $stackEntry["file"] . ":" . $stackEntry["line"] . " (" . $stackEntry["function"] . ":" . count($stackEntry["args"]) . ")\n";
}
if($log_trace)
error_log($result);
return $result;
}
/**
* Polyfill getallheaders()
*/
if (!function_exists('getallheaders')) {
function getallheaders()
{
if (!is_array($_SERVER))
return [];
$headers = array();
foreach ($_SERVER as $name => $value) {
if (substr($name, 0, 5) == 'HTTP_') {
$headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value;
}
}
return $headers;
}
}
/**
* Renders a timestamp in HTML.
* @param int $timestamp The timestamp to render.
* @return string HTML representing the given timestamp.
*/
function render_timestamp($timestamp)
{
return "";
}
/**
* Renders a page name in HTML.
* @param object $rchange The recent change to render as a page name
* @return string HTML representing the name of the given page.
*/
function render_pagename($rchange)
{
global $pageindex;
$pageDisplayName = $rchange->page;
if(isset($pageindex->$pageDisplayName) and !empty($pageindex->$pageDisplayName->redirect))
$pageDisplayName = "$pageDisplayName";
$pageDisplayLink = "$pageDisplayName";
return $pageDisplayName;
}
/**
* Renders an editor's name in HTML.
* @param string $editorName The name of the editor to render.
* @return string HTML representing the given editor's name.
*/
function render_editor($editorName)
{
return "✎ $editorName";
}
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
////////////////////// Security and Consistency Measures //////////////////////
///////////////////////////////////////////////////////////////////////////////
/*
* Sort out the pageindex. Create it if it doesn't exist, and load + parse it
* if it does.
*/
if(!file_exists($paths->pageindex))
{
$glob_str = $env->storage_prefix . "*.md";
$existingpages = glob_recursive($glob_str);
// Debug statements. Uncomment when debugging the pageindex regenerator.
// var_dump($env->storage_prefix);
// var_dump($glob_str);
// var_dump($existingpages);
$pageindex = new stdClass();
// We use a for loop here because foreach doesn't loop over new values inserted
// while we were looping
for($i = 0; $i < count($existingpages); $i++)
{
$pagefilename = $existingpages[$i];
// Create a new entry
$newentry = new stdClass();
$newentry->filename = utf8_encode(substr( // Store the filename, whilst trimming the storage prefix
$pagefilename,
strlen(preg_replace("/^\.\//i", "", $env->storage_prefix)) // glob_recursive trim the ./ from returned filenames , so we need to as well
));
// Remove the `./` from the beginning if it's still hanging around
if(substr($newentry->filename, 0, 2) == "./")
$newentry->filename = substr($newentry->filename, 2);
$newentry->size = filesize($pagefilename); // Store the page size
$newentry->lastmodified = filemtime($pagefilename); // Store the date last modified
// Todo find a way to keep the last editor independent of the page index
$newentry->lasteditor = utf8_encode("unknown"); // Set the editor to "unknown"
// Extract the name of the (sub)page without the ".md"
$pagekey = utf8_encode(substr($newentry->filename, 0, -3));
if(file_exists($env->storage_prefix . $pagekey) && // If it exists...
!is_dir($env->storage_prefix . $pagekey)) // ...and isn't a directory
{
// This page (potentially) has an associated file!
// Let's investigate.
// Blindly add the file to the pageindex for now.
// Future We might want to do a security check on the file later on.
// File a bug if you think we should do this.
$newentry->uploadedfile = true; // Yes this page does have an uploaded file associated with it
$newentry->uploadedfilepath = $pagekey; // It's stored here
// Work out what kind of file it really is
$mimechecker = finfo_open(FILEINFO_MIME_TYPE);
$newentry->uploadedfilemime = finfo_file($mimechecker, $env->storage_prefix . $pagekey);
}
// Debug statements. Uncomment when debugging the pageindex regenerator.
// echo("pagekey: ");
// var_dump($pagekey);
// echo("newentry: ");
// var_dump($newentry);
// Subpage parent checker
if(strpos($pagekey, "/") !== false)
{
// We have a sub page people
// Work out what our direct parent's key must be in order to check to
// make sure that it actually exists. If it doesn't, then we need to
// create it.
$subpage_parent_key = substr($pagekey, 0, strrpos($pagekey, "/"));
$subpage_parent_filename = "$env->storage_prefix$subpage_parent_key.md";
if(array_search($subpage_parent_filename, $existingpages) === false)
{
// Our parent page doesn't actually exist - create it
touch($subpage_parent_filename, 0);
// Furthermore, we should add this page to the list of existing pages
// in order for it to be indexed
$existingpages[] = $subpage_parent_filename;
}
}
// Store the new entry in the new page index
$pageindex->$pagekey = $newentry;
}
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
unset($existingpages);
}
else
{
$pageindex_read_start = microtime(true);
$pageindex = json_decode(file_get_contents($paths->pageindex));
$env->perfdata->pageindex_decode_time = round((microtime(true) - $pageindex_read_start)*1000, 3);
header("x-pageindex-decode-time: " . $env->perfdata->pageindex_decode_time . "ms");
}
//////////////////////////
///// Page id system /////
//////////////////////////
if(!file_exists($paths->idindex))
file_put_contents($paths->idindex, "{}");
$idindex_decode_start = microtime(true);
$idindex = json_decode(file_get_contents($paths->idindex));
$env->perfdata->idindex_decode_time = round((microtime(true) - $idindex_decode_start)*1000, 3);
class ids
{
/*
* @summary Gets the page id associated with the given pagename.
*/
public static function getid($pagename)
{
global $idindex;
foreach ($idindex as $id => $entry)
{
if($entry == $pagename)
return $id;
}
// This pagename doesn't have an id - assign it one quick!
return self::assign($pagename);
}
/*
* @summary Gets the page name associated with the given page id.
*/
public static function getpagename($id)
{
global $idindex;
if(!isset($idindex->$id))
return false;
else
return $idindex->$id;
}
/*
* @summary Moves a page in the id index from $oldpagename to $newpagename.
* Note that this function doesn't perform any special checks to
* make sure that the destination name doesn't already exist.
*/
public static function movepagename($oldpagename, $newpagename)
{
global $idindex, $paths;
$pageid = self::getid($oldpagename);
$idindex->$pageid = $newpagename;
file_put_contents($paths->idindex, json_encode($idindex));
}
/*
* @summary Removes the given page name from the id index. Note that this
* function doesn't handle multiple entries with the same name.
*/
public static function deletepagename($pagename)
{
global $idindex, $paths;
// Get the id of the specified page
$pageid = self::getid($pagename);
// Remove it from the pageindex
unset($idindex->$pageid);
// Save the id index
file_put_contents($paths->idindex, json_encode($idindex));
}
/*
* @summary Assigns an id to a pagename. Doesn't check to make sure that
* pagename doesn't exist in the pageindex.
*/
protected static function assign($pagename)
{
global $idindex, $paths;
$nextid = count(array_keys(get_object_vars($idindex)));
// Increment the generated id until it's unique
while(isset($idindex->nextid))
$nextid++;
// Update the id index
$idindex->$nextid = utf8_encode($pagename);
// Save the id index
file_put_contents($paths->idindex, json_encode($idindex));
return $nextid;
}
}
//////////////////////////
//////////////////////////
// Work around an Opera + Syntaxtic bug where there is no margin at the left
// hand side if there isn't a query string when accessing a .php file.
if(!isset($_GET["action"]) and !isset($_GET["page"]))
{
http_response_code(302);
header("location: index.php?action=$settings->defaultaction&page=$settings->defaultpage");
exit();
}
// Make sure that the action is set
if(!isset($_GET["action"]))
$_GET["action"] = $settings->defaultaction;
// Make sure that the page is set
if(!isset($_GET["page"]) or strlen($_GET["page"]) === 0)
$_GET["page"] = $settings->defaultpage;
// Redirect the user to the safe version of the path if they entered an unsafe character
if(makepathsafe($_GET["page"]) !== $_GET["page"])
{
http_response_code(301);
header("location: index.php?action=" . rawurlencode($_GET["action"]) . "&page=" . makepathsafe($_GET["page"]));
header("x-requested-page: " . $_GET["page"]);
header("x-actual-page: " . makepathsafe($_GET["page"]));
exit();
}
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
//////////////////////////////// HTML fragments ////////////////////////////////
////////////////////////////////////////////////////////////////////////////////
class page_renderer
{
public static $html_template = "
{title}
{header-html}
{body}
";
public static $main_content_template = "{navigation-bar}
{sitename}
{content}
{navigation-bar-bottom}
{all-pages-datalist}";
public static $minimal_content_template = "{content}
";
// An array of functions that have been registered to process the
// find / replace array before the page is rendered. Note that the function
// should take a *reference* to an array as its only argument.
protected static $part_processors = [];
// Registers a function as a part post processor.
public static function register_part_preprocessor($function)
{
global $settings;
// Make sure that the function we are about to register is valid
if(!is_callable($function))
{
http_response_code(500);
$admin_name = $settings->admindetails_name;
$admin_email = hide_email($settings->admindetails_email);
exit(page_renderer::render("$settings->sitename - Module Error", "
$settings->sitename has got a misbehaving module installed that tried to register an invalid HTML handler with the page renderer. Please contact $settings->sitename's administrator $admin_name at $admin_email."));
}
self::$part_processors[] = $function;
return true;
}
public static function render($title, $content, $body_template = false)
{
global $settings, $start_time, $version;
if($body_template === false)
$body_template = self::$main_content_template;
if(strlen($settings->logo_url) > 0)
{
// A logo url has been specified
$logo_html = "";
switch($settings->logo_position)
{
case "left":
$logo_html = "$logo_html $settings->sitename";
break;
case "right":
$logo_html .= " $settings->sitename";
break;
default:
throw new Exception("Invalid logo_position '$settings->logo_position'. Valid values are either \"left\" or \"right\" and are case sensitive.");
}
}
$parts = [
"{body}" => $body_template,
"{sitename}" => $logo_html,
"v0.13-dev" => $version,
"{favicon-url}" => $settings->favicon,
"{header-html}" => self::get_header_html(),
"{navigation-bar}" => self::render_navigation_bar($settings->nav_links, $settings->nav_links_extra, "top"),
"{navigation-bar-bottom}" => self::render_navigation_bar($settings->nav_links_bottom, [], "bottom"),
"{admin-details-name}" => $settings->admindetails_name,
"{admin-details-email}" => $settings->admindetails_email,
"{admins-name-list}" => implode(", ", $settings->admins),
"{generation-date}" => date("l jS \of F Y \a\\t h:ia T"),
"{all-pages-datalist}" => self::generate_all_pages_datalist(),
"{footer-message}" => $settings->footer_message,
/// Secondary Parts ///
"{content}" => $content,
"{title}" => $title,
];
// Pass the parts through the part processors
foreach(self::$part_processors as $function)
{
$function($parts);
}
$result = self::$html_template;
$result = str_replace(array_keys($parts), array_values($parts), $result);
$result = str_replace("{generation-time-taken}", round((microtime(true) - $start_time)*1000, 2), $result);
return $result;
}
public static function render_main($title, $content)
{
return self::render($title, $content, self::$main_content_template);
}
public static function render_minimal($title, $content)
{
return self::render($title, $content, self::$minimal_content_template);
}
public static function get_header_html()
{
global $settings;
$result = self::get_css_as_html();
if(module_exists("feature-search"))
$result .= "\t\t";
if(!empty($settings->enable_math_rendering))
$result .= "
";
return $result;
}
public static function get_css_as_html()
{
global $settings;
if(preg_match("/^[^\/]*\/\/|^\//", $settings->css))
return "\n";
else
{
$css = $settings->css;
if(!empty($settings->optimize_pages))
{
// CSS Minification ideas by Jean from catswhocode.com
// Link: http://www.catswhocode.com/blog/3-ways-to-compress-css-files-using-php
// Remove comments
$css = preg_replace('!/\*[^*]*\*+([^/][^*]*\*+)*/!', "", $css);
// Cut down whitespace
$css = preg_replace('/\s+/', " ", $css);
// Remove whitespace after colons and semicolons
$css = str_replace([
" :",
": ",
"; ",
" { ",
" } "
], [
":",
":",
";",
"{",
"}"
], $css);
}
return "\n";
}
}
public static $nav_divider = " | ";
/**
* Renders a navigation bar from an array of links. See
* $settings->nav_links for format information.
* @param array $nav_links The links to add to the navigation bar.
* @param array $nav_links_extra The extra nav links to add to
* the "More..." menu.
*/
public static function render_navigation_bar($nav_links, $nav_links_extra, $class = "")
{
global $settings, $env;
$result = "";
return $result;
}
public static function render_username($name)
{
global $settings;
$result = "";
if(in_array($name, $settings->admins))
$result .= $settings->admindisplaychar;
$result .= $name;
return $result;
}
public static function generate_all_pages_datalist()
{
global $pageindex;
$arrayPageIndex = get_object_vars($pageindex);
ksort($arrayPageIndex);
$result = "";
return $result;
}
}
/// Finish setting up the environment object ///
$env->page = $_GET["page"];
if(isset($_GET["revision"]) and is_numeric($_GET["revision"]))
{
// We have a revision number!
$env->is_history_revision = true;
$env->history->revision_number = intval($_GET["revision"]);
// Make sure that the revision exists for later on
if(!isset($pageindex->{$env->page}->history[$env->history->revision_number]))
{
http_response_code(404);
exit(page_renderer::render_main("404: Revision Not Found - $env->page - $settings->sitename", "
"));
}
// Redirect the user to the login page if:
// - A login is required to view this wiki
// - The user isn't already requesting the login page
// Note we use $_GET here because $env->action isn't populated at this point
if($settings->require_login_view === true && // If this site requires a login in order to view pages
!$env->is_logged_in && // And the user isn't logged in
!in_array($_GET["action"], [ "login", "checklogin" ])) // And the user isn't trying to login
{
// Redirect the user to the login page
http_response_code(307);
$url = "?action=login&returnto=" . rawurlencode($_SERVER["REQUEST_URI"]) . "&required=true";
header("location: $url");
exit(page_renderer::render("Login required - $settings->sitename", "
$settings->sitename requires that you login before you are able to access it.
"));
}
//////////////////////////////////////
//////////////////////////////////////
//////////////////////////
/// Module functions ///
//////////////////////////
// These functions are //
// used by modules to //
// register themselves //
// or new pages. //
//////////////////////////
$modules = []; // List that contains all the loaded modules
// Function to register a module
function register_module($moduledata)
{
global $modules;
//echo("registering module\n");
//var_dump($moduledata);
$modules[] = $moduledata;
}
/**
* Checks to see whether a module with the given id exists.
* @param string $id The id to search for.
* @return bool Whether a module is currently loaded with the given id.
*/
function module_exists($id)
{
global $modules;
foreach($modules as $module)
{
if($module["id"] == $id)
return true;
}
return false;
}
// Function to register an action handler
$actions = new stdClass();
function add_action($action_name, $func)
{
global $actions;
$actions->$action_name = $func;
}
$parsers = [
"none" => function() {
throw new Exception("No parser registered!");
}
];
/**
* Registers a new parser.
* @param string $name The name of the new parser to register.
* @param function $parser_code The function to register as a new parser.
*/
function add_parser($name, $parser_code)
{
global $parsers;
if(isset($parsers[$name]))
throw new Exception("Can't register parser with name '$name' because a parser with that name already exists.");
$parsers[$name] = $parser_code;
}
function parse_page_source($source)
{
global $settings, $parsers;
if(!isset($parsers[$settings->parser]))
exit(page_renderer::render_main("Parsing error - $settings->sitename", "
Parsing some page source data failed. This is most likely because $settings->sitename has the parser setting set incorrectly. Please contact " . $settings->admindetails_name . ", your $settings->sitename Administrator."));
/* Not needed atm because escaping happens when saving, not when rendering *
if($settings->clean_raw_html)
$source = htmlentities($source, ENT_QUOTES | ENT_HTML5);
*/
return $parsers[$settings->parser]($source);
}
// Function to
$save_preprocessors = [];
/**
* Register a new proprocessor that will be executed just before
* an edit is saved.
* @param function $func The function to register.
*/
function register_save_preprocessor($func)
{
global $save_preprocessors;
$save_preprocessors[] = $func;
}
$help_sections = [];
/**
* Adds a new help section to the help page.
* @param string $index The string to index the new section under.
* @param string $title The title to display above the section.
* @param string $content The content to display.
*/
function add_help_section($index, $title, $content)
{
global $help_sections;
$help_sections[$index] = [
"title" => $title,
"content" => $content
];
}
if(!empty($settings->enable_math_rendering))
add_help_section("22-Mathematical-Expressions", "Methematical Expressions", "
$settings->sitename supports rendering of mathematical expressions. Mathematical expressions can be included practically anywhere in your page. Expressions should be written in LaTeX and enclosed in dollar signs like this: $x^2$.
Note that expression parsing is done on the viewer's computer with javascript (specifically MathJax) and not by $settings->sitename directly (also called client side rendering).
");
//////////////////////////////////////////////////////////////////
register_module([
"name" => "Password hashing action",
"version" => "0.6",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a utility action (that anyone can use) called hash that hashes a given string. Useful when changing a user's password.",
"id" => "action-hash",
"code" => function() {
/**
* @api {get} ?action=hash&string={text} Hash a password
* @apiName Hash
* @apiGroup Utility
* @apiPermission Anonymous
*
* @apiParam {string} string The string to hash.
* @apiParam {boolean} raw Whether to return the hashed password as a raw string instead of as part of an HTML page.
*
* @apiError ParamNotFound The string parameter was not specified.
*/
/*
* ██ ██ █████ ███████ ██ ██
* ██ ██ ██ ██ ██ ██ ██
* ███████ ███████ ███████ ███████
* ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ███████ ██ ██
*/
add_action("hash", function() {
global $settings;
if(!isset($_GET["string"]))
{
http_response_code(422);
exit(page_renderer::render_main("Missing parameter", "
The GET parameter string must be specified.
It is strongly recommended that you utilise this page via a private or incognito window in order to prevent your password from appearing in your browser history.
"));
}
});
}
]);
register_module([
"name" => "Page protection",
"version" => "0.2",
"author" => "Starbeamrainbowlabs",
"description" => "Exposes Pepperminty Wiki's new page protection mechanism and makes the protect button in the 'More...' menu on the top bar work.",
"id" => "action-protect",
"code" => function() {
/**
* @api {get} ?action=protect&page={pageName} Toggle the protection of a page.
* @apiName Protect
* @apiGroup Page
* @apiPermission Moderator
*
* @apiParam {string} page The page name to toggle the protection of.
*/
/*
* ██████ ██████ ██████ ████████ ███████ ██████ ████████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██████ ██ ██ ██ █████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██████ ██ ███████ ██████ ██
*/
add_action("protect", function() {
global $env, $pageindex, $paths, $settings;
// Make sure that the user is logged in as an admin / mod.
if($env->is_admin)
{
// They check out ok, toggle the page's protection.
$page = $env->page;
if(!isset($pageindex->$page->protect))
{
$pageindex->$page->protect = true;
}
else if($pageindex->$page->protect === true)
{
$pageindex->$page->protect = false;
}
else if($pageindex->$page->protect === false)
{
$pageindex->$page->protect = true;
}
// Save the pageindex
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
$state = ($pageindex->$page->protect ? "enabled" : "disabled");
$title = "Page protection $state.";
exit(page_renderer::render_main($title, "
Page protection for $env->page has been $state.
Go back."));
}
else
{
exit(page_renderer::render_main("Error protecting page", "
You are not allowed to protect pages because you are not logged in as a mod or admin. Please try logging out if you are logged in and then try logging in as an administrator.
"));
}
});
}
]);
register_module([
"name" => "Raw page source",
"version" => "0.7",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a 'raw' action that shows you the raw source of a page.",
"id" => "action-raw",
"code" => function() {
global $settings;
/**
* @api {get} ?action=raw&page={pageName} Get the raw source code of a page
* @apiName RawSource
* @apiGroup Page
* @apiPermission Anonymous
*
* @apiParam {string} page The page to return the source of.
*/
/*
* ██████ █████ ██ ██
* ██ ██ ██ ██ ██ ██
* ██████ ███████ ██ █ ██
* ██ ██ ██ ██ ██ ███ ██
* ██ ██ ██ ██ ███ ███
*/
add_action("raw", function() {
global $env;
header("content-type: text/markdown");
exit(file_get_contents($env->page_filename));
});
add_help_section("800-raw-page-content", "Viewing Raw Page Content", "
Although you can use the edit page to view a page's source, you can also ask $settings->sitename to send you the raw page source and nothing else. This feature is intented for those who want to automate their interaction with $settings->sitename.
To use this feature, navigate to the page for which you want to see the source, and then alter the action parameter in the url's query string to be raw. If the action parameter doesn't exist, add it. Note that when used on an file's page this action will return the source of the description and not the file itself.
");
}
]);
register_module([
"name" => "Sidebar",
"version" => "0.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a sidebar to the left hand side of every page. Add '\$settings->sidebar_show = true;' to your configuration, or append '&sidebar=yes' to the url to enable. Adding to the url sets a cookie to remember your setting.",
"id" => "extra-sidebar",
"code" => function() {
global $settings;
$show_sidebar = false;
// Show the sidebar if it is enabled in the settings
if(isset($settings->sidebar_show) && $settings->sidebar_show === true)
$show_sidebar = true;
// Also show and persist the sidebar if the special GET parameter
// sidebar is seet
if(!$show_sidebar && isset($_GET["sidebar"]))
{
$show_sidebar = true;
// Set a cookie to persist the display of the sidebar
setcookie("sidebar_show", "true", time() + (60 * 60 * 24 * 30));
}
// Show the sidebar if the cookie is set
if(!$show_sidebar && isset($_COOKIE["sidebar_show"]))
$show_sidebar = true;
// Delete the cookie and hide the sidebar if the special GET paramter
// nosidebar is set
if(isset($_GET["nosidebar"]))
{
$show_sidebar = false;
unset($_COOKIE["sidebar_show"]);
setcookie("sidebar_show", null, time() - 3600);
}
page_renderer::register_part_preprocessor(function(&$parts) use ($show_sidebar) {
global $settings, $pageindex, $env;
// Don't render a sidebar if the user is logging in and a login is
// required in order to view pages.
if($settings->require_login_view && in_array($env->action, [ "login", "checklogin" ]))
return false;
if($show_sidebar && !isset($_GET["printable"]))
{
// Show the sidebar
$exec_start = microtime(true);
// Sort the pageindex
$sorted_pageindex = get_object_vars($pageindex);
ksort($sorted_pageindex, SORT_NATURAL);
$sidebar_contents = "";
$sidebar_contents .= render_sidebar($sorted_pageindex);
$parts["{body}"] = "
$settings->sitename has an optional sidebar which displays a list of all the current pages (but not subpages) that it is currently hosting. It may or may not be enabled.
If it isn't enabled, it can be enabled for your current browser only by appending sidebar=yes to the current page's query string.
");
}
]);
/*
* @summary Renders the sidebar for a given pageindex.
*
* @param $pageindex {array} - The pageindex to render the sidebar for
* @param $root_pagename {string} - The pagename that should be considered the root of the rendering. You don't usually need to use this, it is used by the algorithm itself since it is recursive.
*
* @returns {string} A HTML rendering of the sidebar for the given pageindex
*/
function render_sidebar($pageindex, $root_pagename = "")
{
global $settings;
$result = "
$details)
{
// If we have a valid root pagename, and it isn't present at the
// beginning of the current pagename, skip it
if($root_pagename !== "" && strpos($pagename, $root_pagename) !== 0)
continue;
// The current page is the same as the root page, skip it
if($pagename == $root_pagename)
continue;
// If the part of the current pagename that comes after the root
// pagename has a slash in it, skip it as it is a sub-sub page.
if(strpos(substr($pagename, strlen($root_pagename)), "/") !== false)
continue;
$result .= "
Although you can use the edit page to view a page's source, you can also ask $settings->sitename to send you the raw page source and nothing else. This feature is intented for those who want to automate their interaction with $settings->sitename.
To use this feature, navigate to the page for which you want to see the source, and then alter the action parameter in the url's query string to be raw. If the action parameter doesn't exist, add it. Note that when used on an file's page this action will return the source of the description and not the file itself.
");
}
]);
register_module([
"name" => "Page History",
"version" => "0.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds the ability to keep unlimited page history, limited only by your disk space. Note that this doesn't store file history (yet). Currently depends on feature-recent-changes for rendering of the history page.",
"id" => "feature-history",
"code" => function() {
/**
* @api {get} ?action=history&page={pageName} Get a list of revisions for a page
* @apiName History
* @apiGroup Page
* @apiPermission Anonymous
*
* @apiParam {string} page The page name to return a revision list for.
*/
/*
* ██ ██ ██ ███████ ████████ ██████ ██████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ██ ███████ ██ ██ ██ ██████ ████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ███████ ██ ██████ ██ ██ ██
*/
add_action("history", function() {
global $settings, $env, $pageindex;
$content = "
(None yet! Try editing this page and then coming back here.)
\n";
}
exit(page_renderer::render_main("$env->page - History - $settings->sitename", $content));
});
register_save_preprocessor("history_add_revision");
}
]);
function history_add_revision(&$pageinfo, &$newsource, &$oldsource, $save_pageindex = true) {
global $pageindex, $paths, $env;
if(!isset($pageinfo->history))
$pageinfo->history = [];
// Save the *new source* as a revision
// This results in 2 copies of the current source, but this is ok
// since any time someone changes something, it create a new
// revision
// Note that we can't save the old source here because we'd have no
// clue who edited it since $pageinfo has already been updated by
// this point
// TODO Store tag changes here
$nextRid = count($pageinfo->history); // The next revision id
$ridFilename = "$pageinfo->filename.r$nextRid";
// Insert a new entry into the history
$pageinfo->history[] = [
"type" => "edit", // We might want to store other types later (e.g. page moves)
"rid" => $nextRid,
"timestamp" => time(),
"filename" => $ridFilename,
"newsize" => strlen($newsource),
"sizediff" => strlen($newsource) - strlen($oldsource),
"editor" => $pageinfo->lasteditor
];
// Save the new source as a revision
file_put_contents("$env->storage_prefix$ridFilename", $newsource);
// Save the edited pageindex
if($save_pageindex)
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
}
register_module([
"name" => "Recent Changes",
"version" => "0.3.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds recent changes. Access through the 'recent-changes' action.",
"id" => "feature-recent-changes",
"code" => function() {
global $settings, $env, $paths;
/**
* @api {get} ?action=recentchanges Get a list of recent changes
* @apiName RecentChanges
* @apiGroup Stats
* @apiPermission Anonymous
*/
// Add the recent changes json file to $paths for convenience.
$paths->recentchanges = $env->storage_prefix . "recent-changes.json";
// Create the recent changes json file if it doesn't exist
if(!file_exists($paths->recentchanges))
file_put_contents($paths->recentchanges, "[]");
/*
* ██████ ███████ ██████ ███████ ███ ██ ████████
* ██ ██ ██ ██ ██ ████ ██ ██
* ██████ █████ ██ █████ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ███████ ██████ ███████ ██ ████ ██
*
* ██████ ██ ██ █████ ███ ██ ██████ ███████ ███████
* ██ ██ ██ ██ ██ ████ ██ ██ ██ ██
* ██ ███████ ███████ ██ ██ ██ ██ ███ █████ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ██ ██ ██ ██ ████ ██████ ███████ ███████
*/
add_action("recent-changes", function() {
global $settings, $paths, $pageindex;
$content = "\t\t
None yet! Try making a few changes and then check back here.
\n";
}
exit(page_renderer::render("Recent Changes - $settings->sitename", $content));
});
register_save_preprocessor(function(&$pageinfo, &$newsource, &$oldsource) {
global $env, $settings, $paths;
// Work out the old and new page lengths
$oldsize = strlen($oldsource);
$newsize = strlen($newsource);
// Calculate the page length difference
$size_diff = $newsize - $oldsize;
$newchange = [
"type" => "edit",
"timestamp" => time(),
"page" => $env->page,
"user" => $env->user,
"newsize" => $newsize,
"sizediff" => $size_diff
];
if($oldsize == 0)
$newchange["newpage"] = true;
add_recent_change($newchange);
});
add_help_section("800-raw-page-content", "Recent Changes", "
The recent changes page displays a list of all the most recent changes that have happened around $settings->sitename, arranged in chronological order. It can be found in the \"More...\" menu in the top right by default.
Each entry displays the name of the page in question, who edited it, how long ago they did so, and the number of characters added or removed. Pages that currently redirect to another page are shown in italics, and hovering over the time since the edit wil show the exact time that the edit was made.
");
}
]);
/**
* Adds a new recent change to the recent changes file.
* @param array $rchange The new change to add.
*/
function add_recent_change($rchange)
{
global $settings, $paths;
$recentchanges = json_decode(file_get_contents($paths->recentchanges), true);
array_unshift($recentchanges, $rchange);
// Limit the number of entries in the recent changes file if we've
// been asked to.
if(isset($settings->max_recent_changes))
$recentchanges = array_slice($recentchanges, 0, $settings->max_recent_changes);
// Save the recent changes file back to disk
file_put_contents($paths->recentchanges, json_encode($recentchanges, JSON_PRETTY_PRINT));
}
function render_recent_changes($recent_changes)
{
global $pageindex;
// Cache the number of recent changes we are dealing with
$rchange_count = count($recent_changes);
// Group changes made on the same page and the same day together
for($i = 0; $i < $rchange_count; $i++)
{
for($s = $i + 1; $s < $rchange_count; $s++)
{
// Break out if we have reached the end of the day we are scanning
if(date("dmY", $recent_changes[$i]->timestamp) !== date("dmY", $recent_changes[$s]->timestamp))
break;
// If we have found a change that has been made on the same page and
// on the same day as the one that we are scanning for, move it up
// next to the change we are scanning for.
if($recent_changes[$i]->page == $recent_changes[$s]->page &&
date("j", $recent_changes[$i]->timestamp) === date("j", $recent_changes[$s]->timestamp))
{
// FUTURE: We may need to remove and insert instead of swapping changes around if this causes some changes to appear out of order.
$temp = $recent_changes[$i + 1];
$recent_changes[$i + 1] = $recent_changes[$s];
$recent_changes[$s] = $temp;
$i++;
}
}
}
$content = "
\n";
$rchange_results = [];
for($s = $i; $s < $rchange_count; $s++)
{
if($recent_changes[$s]->page !== $rchange->page)
break;
$rchange_results[$s] = render_recent_change($recent_changes[$s]);
$i++;
}
// Take one from i to account for when we tick over to the next
// iteration of the main loop
$i -= 1;
$next_entry = implode("\n", $rchange_results);
// If the change count is greater than 1, then we should enclose it
// in a tag.
if(count($rchange_results) > 1)
{
reset($rchange_results);
$rchange_first = $recent_changes[key($rchange_results)];
end($rchange_results);
$rchange_last = $recent_changes[key($rchange_results)];
$pageDisplayHtml = render_pagename($rchange_first);
$timeDisplayHtml = render_timestamp($rchange_first->timestamp);
$users = [];
foreach($rchange_results as $key => $rchange_result)
{
if(!in_array($recent_changes[$key]->user, $users))
$users[] = $recent_changes[$key]->user;
}
$userDisplayHtml = render_editor(implode(", ", $users));
// TODO: Collect up and render a list of participating users
$next_entry = "
\n";
return $result;
}
register_module([
"name" => "Redirect pages",
"version" => "0.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds support for redirect pages. Uses the same syntax that Mediawiki does.",
"id" => "feature-redirect",
"code" => function() {
global $settings;
register_save_preprocessor(function(&$index_entry, &$pagedata) {
$matches = [];
if(preg_match("/^# ?REDIRECT ?\[\[([^\]]+)\]\]/i", $pagedata, $matches) === 1)
{
//error_log("matches: " . var_export($matches, true));
// We have found a redirect page!
// Update the metadata to reflect this.
$index_entry->redirect = true;
$index_entry->redirect_target = $matches[1];
}
else
{
// This page isn't a redirect. Unset the metadata just in case.
if(isset($index_entry->redirect))
unset($index_entry->redirect);
if(isset($index_entry->redirect_target))
unset($index_entry->redirect_target);
}
});
// Register a help section
add_help_section("25-redirect", "Redirect Pages", "
$settings->sitename supports redirect pages. To create a redirect page, enter something like # REDIRECT [[pagename]] on the first line of the redirect page's content. This must appear as the first line of the page, with no whitespace before it. You can include content beneath the redirect if you want, too (such as a reason for redirecting the page).
");
}
]);
register_module([
"name" => "Search",
"version" => "0.3.4",
"author" => "Starbeamrainbowlabs",
"description" => "Adds proper search functionality to Pepperminty Wiki using an inverted index to provide a full text search engine. If pages don't show up, then you might have hit a stop word. If not, try requesting the `invindex-rebuild` action to rebuild the inverted index from scratch.",
"id" => "feature-search",
"code" => function() {
/**
* @api {get} ?action=index&page={pageName} Get an index of words for a given page
* @apiName SearchIndex
* @apiGroup Search
* @apiPermission Anonymous
*
* @apiParam {string} page The page to generate a word index page.
*/
/*
* ██ ███ ██ ██████ ███████ ██ ██
* ██ ████ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ █████ ███
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ████ ██████ ███████ ██ ██
*/
add_action("index", function() {
global $settings, $env;
$breakable_chars = "\r\n\t .,\\/!\"£$%^&*[]()+`_~#";
header("content-type: text/plain");
$source = file_get_contents("$env->storage_prefix$env->page.md");
$index = search::index($source);
var_dump($env->page);
var_dump($source);
var_dump($index);
});
/**
* @api {get} ?action=invindex-rebuild Rebuild the inverted search index from scratch
* @apiDescription Causes the inverted search index to be completely rebuilt from scratch. Can take a while for large wikis!
* @apiName SearchInvindexRebuild
* @apiGroup Search
* @apiPermission Anonymous
*/
/*
* ██ ███ ██ ██ ██ ██ ███ ██ ██████ ███████ ██ ██
* ██ ████ ██ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ █████ ███ █████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ████ ████ ██ ██ ████ ██████ ███████ ██ ██
*
* ██████ ███████ ██████ ██ ██ ██ ██ ██████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ █████ ██████ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ███████ ██████ ██████ ██ ███████ ██████
*/
add_action("invindex-rebuild", function() {
search::rebuild_invindex();
});
/**
* @api {get} ?action=idindex-show Show the id index
* @apiDescription Outputs the id index. Useful if you need to verify that it's working as expected.
* @apiName SearchShowIdIndex
* @apiGroup Search
* @apiPermission Anonymous
*/
add_action("idindex-show", function() {
global $idindex;
header("content-type: application/json; charset=UTF-8");
exit(json_encode($idindex, JSON_PRETTY_PRINT));
});
/**
* @api {get} ?action=search&query={text} Search the wiki for a given query string
* @apiName Search
* @apiGroup Search
* @apiPermission Anonymous
*
* @apiParam {string} query The query string to search for.
*/
/*
* ███████ ███████ █████ ██████ ██████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ █████ ███████ ██████ ██ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ███████ ██ ██ ██ ██ ██████ ██ ██
*/
add_action("search", function() {
global $settings, $env, $pageindex, $paths;
// Create the inverted index if it doesn't exist.
// todo In the future perhaps a CLI for this would be good?
if(!file_exists($paths->searchindex))
search::rebuild_invindex();
if(!isset($_GET["query"]))
exit(page_renderer::render("No Search Terms - Error - $settings->sitename", "
You didn't specify any search terms. Try typing some into the box above.
Found $resultCount " . ($resultCount === 1 ? "result" : "results") . " in " . $env->perfdata->search_time . "ms. ";
$query = $_GET["query"];
if(isset($pageindex->$query))
{
$content .= "There's a page on $settings->sitename called $query.";
}
else
{
$content .= "There isn't a page called $query on $settings->sitename, but you ";
if((!$settings->anonedits && !$env->is_logged_in) || !$settings->editing)
{
$content .= "do not have permission to create it.";
if(!$env->is_logged_in)
{
$content .= " You could try logging in.";
}
}
else
{
$content .= "can create it.";
}
}
$content .= "
";
$i = 0; // todo use $_GET["offset"] and $_GET["result-count"] or something
foreach($results as $result)
{
$link = "?page=" . rawurlencode($result["pagename"]);
$pagesource = file_get_contents($env->storage_prefix . $result["pagename"] . ".md");
//echo("Extracting context for result " . $result["pagename"] . ".\n");
$context = search::extract_context($_GET["query"], $pagesource);
//echo("'Generated search context for " . $result["pagename"] . ": $context'\n");
$context = search::highlight_context($_GET["query"], $context);
/*if(strlen($context) == 0)
{
$context = search::strip_markup(file_get_contents("$env->page.md", null, null, null, $settings->search_characters_context * 2));
if($pageindex->{$env->page}->size > $settings->search_characters_context * 2)
$context .= "...";
}*/
// We add 1 to $i here to convert it from an index to a result
// number as people expect it to start from 1
$content .= "
\n";
$i++;
}
$content .= "\n";
header("content-type: text/html; charset=UTF-8");
exit(page_renderer::render($title, $content));
//header("content-type: text/plain");
//var_dump($results);
});
/*
* ██████ ██████ ███████ ███ ██ ███████ ███████ █████ ██████ ██████ ██ ██
* ██ ██ ██ ██ ██ ████ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██████ █████ ██ ██ ██ ███████ █████ ███████ ██████ ██ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ███████ ██ ████ ███████ ███████ ██ ██ ██ ██ ██████ ██ ██
*/
add_action("opensearch-description", function () {
global $settings;
$siteRoot = full_url() . "/index.php";
if(!isset($_GET["debug"]))
header("content-type: application/opensearchdescription+xml");
else
header("content-type: text/plain");
exit(utf8_encode("
Search $settings->sitenameSearch $settings->sitename, which is powered by Pepperminty Wiki.$settings->sitename Wiki$settings->faviconSearch content available under the license linked to at the bottom of the search results page.Starbeamrainbowlabs (https://github.com/sbrl/Pepperminty-Wiki/graphs/contributors)UTF-8UTF-8
"));
});
}
]);
class search
{
// Words that we should exclude from the inverted index.
public static $stop_words = [
"a", "about", "above", "above", "across", "after", "afterwards", "again",
"against", "all", "almost", "alone", "along", "already", "also",
"although", "always", "am", "among", "amongst", "amoungst", "amount",
"an", "and", "another", "any", "anyhow", "anyone", "anything", "anyway",
"anywhere", "are", "around", "as", "at", "back", "be", "became",
"because", "become", "becomes", "becoming", "been", "before",
"beforehand", "behind", "being", "below", "beside", "besides",
"between", "beyond", "bill", "both", "bottom", "but", "by", "call",
"can", "cannot", "cant", "co", "con", "could", "couldnt", "cry", "de",
"describe", "detail", "do", "done", "down", "due", "during", "each",
"eg", "eight", "either", "eleven", "else", "elsewhere", "empty",
"enough", "etc", "even", "ever", "every", "everyone", "everything",
"everywhere", "except", "few", "fifteen", "fify", "fill", "find",
"fire", "first", "five", "for", "former", "formerly", "forty", "found",
"four", "from", "front", "full", "further", "get", "give", "go", "had",
"has", "hasnt", "have", "he", "hence", "her", "here", "hereafter",
"hereby", "herein", "hereupon", "hers", "herself", "him", "himself",
"his", "how", "however", "hundred", "ie", "if", "in", "inc", "indeed",
"interest", "into", "is", "it", "its", "itself", "keep", "last",
"latter", "latterly", "least", "less", "ltd", "made", "many", "may",
"me", "meanwhile", "might", "mine", "more", "moreover", "most",
"mostly", "move", "much", "must", "my", "myself", "name", "namely",
"neither", "never", "nevertheless", "next", "nine", "no", "none",
"nor", "not", "nothing", "now", "nowhere", "of", "off", "often", "on",
"once", "one", "only", "onto", "or", "other", "others", "otherwise",
"our", "ours", "ourselves", "out", "over", "own", "part", "per",
"perhaps", "please", "put", "rather", "re", "same", "see", "seem",
"seemed", "seeming", "seems", "serious", "several", "she", "should",
"show", "side", "since", "sincere", "six", "sixty", "so", "some",
"somehow", "someone", "something", "sometime", "sometimes",
"somewhere", "still", "such", "system", "take", "ten", "than", "that",
"the", "their", "them", "themselves", "then", "thence", "there",
"thereafter", "thereby", "therefore", "therein", "thereupon", "these",
"they", "thickv", "thin", "third", "this", "those", "though", "three",
"through", "throughout", "thru", "thus", "to", "together", "too", "top",
"toward", "towards", "twelve", "twenty", "two", "un", "under", "until",
"up", "upon", "us", "very", "via", "was", "we", "well", "were", "what",
"whatever", "when", "whence", "whenever", "where", "whereafter",
"whereas", "whereby", "wherein", "whereupon", "wherever", "whether",
"which", "while", "whither", "who", "whoever", "whole", "whom", "whose",
"why", "will", "with", "within", "without", "would", "yet", "you",
"your", "yours", "yourself", "yourselves"
];
public static function index($source)
{
$source = html_entity_decode($source, ENT_QUOTES);
$source_length = strlen($source);
$index = [];
$terms = self::tokenize($source);
$i = 0;
foreach($terms as $term)
{
$nterm = $term;
// Skip over stop words (see https://en.wikipedia.org/wiki/Stop_words)
if(in_array($nterm, self::$stop_words)) continue;
if(!isset($index[$nterm]))
{
$index[$nterm] = [ "freq" => 0, "offsets" => [] ];
}
$index[$nterm]["freq"]++;
$index[$nterm]["offsets"][] = $i;
$i++;
}
return $index;
}
public static function tokenize($source)
{
$source = strtolower($source);
return preg_split("/((^\p{P}+)|(\p{P}*\s+\p{P}*)|(\p{P}+$))|\|/u", $source, -1, PREG_SPLIT_NO_EMPTY);
}
public static function strip_markup($source)
{
return str_replace([ "[", "]", "\"", "*", "_", " - ", "`" ], "", $source);
}
public static function rebuild_invindex()
{
global $pageindex, $env, $paths;
header("content-type: text/event-stream");
$invindex = [];
foreach($pageindex as $pagename => $pagedetails)
{
echo("Adding $pagename to the new search index.\n\n");
$pagesource = utf8_encode(file_get_contents("$env->storage_prefix$pagename.md"));
$index = self::index($pagesource);
self::merge_into_invindex($invindex, ids::getid($pagename), $index);
}
echo("Search index rebuilding complete.\n\n");
echo("Saving new search index to '$paths->searchindex'.\n\n");
self::save_invindex($paths->searchindex, $invindex);
}
/*
* @summary Sorts an index alphabetically. Will also sort an inverted index.
* This allows us to do a binary search instead of a regular
* sequential search.
*/
public static function sort_index(&$index)
{
ksort($index, SORT_NATURAL);
}
/*
* @summary Compares two *regular* indexes to find the differences between them.
*
* @param {array} $indexa - The old index.
* @param {array} $indexb - The new index.
* @param {array} $changed - An array to be filled with the nterms of all
* the changed entries.
* @param {array} $removed - An array to be filled with the nterms of all
* the removed entries.
*/
public static function compare_indexes($oldindex, $newindex, &$changed, &$removed)
{
foreach($oldindex as $nterm => $entry)
{
if(!isset($newindex[$nterm]))
$removed[] = $nterm;
}
foreach($newindex as $nterm => $entry)
{
if(!isset($oldindex[$nterm]) or // If this world is new
$newindex[$nterm] !== $oldindex[$nterm]) // If this word has changed
$changed[$nterm] = $newindex[$nterm];
}
}
/*
* @summary Reads in and parses an inverted index.
*/
// Todo remove this function and make everything streamable
public static function load_invindex($invindex_filename) {
$invindex = json_decode(file_get_contents($invindex_filename), true);
return $invindex;
}
public static function measure_invindex_load_time($invindex_filename) {
global $env;
$searchindex_decode_start = microtime(true);
search::load_invindex($invindex_filename);
$env->perfdata->searchindex_decode_time = round((microtime(true) - $searchindex_decode_start)*1000, 3);
}
/*
* @summary Merge an index into an inverted index.
*/
public static function merge_into_invindex(&$invindex, $pageid, &$index, &$removals = [])
{
// Remove all the subentries that were removed since last time
foreach($removals as $nterm)
{
unset($invindex[$nterm][$pageid]);
}
// Merge all the new / changed index entries into the inverted index
foreach($index as $nterm => $newentry)
{
// If the nterm isn't in the inverted index, then create a space for it
if(!isset($invindex[$nterm])) $invindex[$nterm] = [];
$invindex[$nterm][$pageid] = $newentry;
// Sort the page entries for this word by frequency
uasort($invindex[$nterm], function($a, $b) {
if($a["freq"] == $b["freq"]) return 0;
return ($a["freq"] < $b["freq"]) ? +1 : -1;
});
}
// Sort the inverted index by rank
uasort($invindex, function($a, $b) {
$ac = count($a); $bc = count($b);
if($ac == $bc) return 0;
return ($ac < $bc) ? +1 : -1;
});
}
/**
* Deletes the given pageid from the given pageindex.
* @param inverted_index &$invindex The inverted index.
* @param number $pageid The pageid to remove.
*/
public static function delete_entry(&$invindex, $pageid)
{
$str_pageid = (string)$pageid;
foreach($invindex as $nterm => &$entry)
{
if(isset($entry[$pageid]))
unset($entry[$pageid]);
if(isset($entry[$str_pageid]))
unset($entry[$str_pageid]);
if(count($entry) === 0)
unset($invindex[$nterm]);
}
}
public static function save_invindex($filename, &$invindex)
{
file_put_contents($filename, json_encode($invindex));
}
public static function query_invindex($query, &$invindex)
{
global $settings, $pageindex;
$query_terms = self::tokenize($query);
$matching_pages = [];
// Loop over each term in the query and find the matching page entries
$count = count($query_terms);
for($i = 0; $i < $count; $i++)
{
$qterm = $query_terms[$i];
// Only search the inverted index if it actually exists there
if(isset($invindex[$qterm]))
{
// Loop over each page in the inverted index entry
foreach($invindex[$qterm] as $pageid => $page_entry)
{
// Create an entry in the matching pages array if it doesn't exist
if(!isset($matching_pages[$pageid]))
$matching_pages[$pageid] = [ "nterms" => [] ];
$matching_pages[$pageid]["nterms"][$qterm] = $page_entry;
}
}
// Loop over the pageindex and search the titles / tags
foreach ($pageindex as $pagename => $pagedata)
{
// Get the current page's id
$pageid = ids::getid($pagename);
// Consider matches in the page title
if(stripos($pagename, $qterm) !== false)
{
// We found the qterm in the title
if(!isset($matching_pages[$pageid]))
$matching_pages[$pageid] = [ "nterms" => [] ];
// Set up a counter for page title matches if it doesn't exist already
if(!isset($matching_pages[$pageid]["title-matches"]))
$matching_pages[$pageid]["title-matches"] = 0;
$matching_pages[$pageid]["title-matches"] += count(mb_stripos_all($pagename, $qterm));
}
// Consider matches in the page's tags
if(isset($pagedata->tags) and // If this page has tags
stripos(implode(" ", $pagedata->tags), $qterm) !== false) // And we found the qterm in the tags
{
if(!isset($matching_pages[$pageid]))
$matching_pages[$pageid] = [ "nterms" => [] ];
// Set up a counter for tag match if there isn't one already
if(!isset($matching_pages[$pageid]["tag-matches"]))
$matching_pages[$pageid]["tag-matches"] = 0;
$matching_pages[$pageid]["tag-matches"] += count(mb_stripos_all(implode(" ", $pagedata->tags), $qterm));
}
}
}
foreach($matching_pages as $pageid => &$pagedata)
{
$pagedata["pagename"] = ids::getpagename($pageid);
$pagedata["rank"] = 0;
foreach($pagedata["nterms"] as $pterm => $entry)
{
$pagedata["rank"] += $entry["freq"];
// todo rank by context here
}
// Consider matches in the title / tags
if(isset($pagedata["title-matches"]))
$pagedata["rank"] += $pagedata["title-matches"] * $settings->search_title_matches_weighting;
if(isset($pagedata["tag-matches"]))
$pagedata["rank"] += $pagedata["tag-matches"] * $settings->search_tags_matches_weighting;
// todo remove items if the rank is below a threshold
}
// todo sort by rank here
uasort($matching_pages, function($a, $b) {
if($a["rank"] == $b["rank"]) return 0;
return ($a["rank"] < $b["rank"]) ? +1 : -1;
});
return $matching_pages;
}
public static function extract_context($query, $source)
{
global $settings;
$nterms = self::tokenize($query);
$matches = [];
// Loop over each nterm and find it in the source
foreach($nterms as $nterm)
{
$all_offsets = mb_stripos_all($source, $nterm);
// Skip over adding matches if there aren't any
if($all_offsets === false)
continue;
foreach($all_offsets as $offset)
{
$matches[] = [ $nterm, $offset ];
}
}
// Sort the matches by offset
usort($matches, function($a, $b) {
if($a[1] == $b[1]) return 0;
return ($a[1] > $b[1]) ? +1 : -1;
});
$sourceLength = strlen($source);
$contexts = [];
$basepos = 0;
$matches_count = count($matches);
while($basepos < $matches_count)
{
// Store the next match along - all others will be relative to that one
$group = [$matches[$basepos]];
// Start scanning at the next one along - we always store the first match
$scanpos = $basepos + 1;
$distance = 0;
while(true)
{
// Break out if we reach the end
if($scanpos >= $matches_count) break;
// Find the distance between the current one and the last one
$distance = $matches[$scanpos][1] - $matches[$scanpos - 1][1];
// Store it if the distance is below the threshold
if($distance < $settings->search_characters_context)
$group[] = $matches[$scanpos];
else
break;
$scanpos++;
}
$context_start = $group[0][1] - $settings->search_characters_context;
$context_end = $group[count($group) - 1][1] + $settings->search_characters_context;
if($context_start < 0) $context_start = 0;
if($context_end > $sourceLength) $context_end = $sourceLength;
//echo("Got context. Start: $context_start, End: $context_end\n");
//echo("Group:"); var_dump($group);
$context = substr($source, $context_start, $context_end - $context_start);
// Strip the markdown from the context - it's most likely going to
// be broken anyway.
//$context = self::strip_markup($context);
// Escape special characters to protect against attacks
$context = htmlentities($context);
$contexts[] = $context;
$basepos = $scanpos + 1;
}
return implode(" ... ", $contexts);
}
public static function highlight_context($query, $context)
{
$qterms = self::tokenize($query);
foreach($qterms as $qterm)
{
// From http://stackoverflow.com/a/2483859/1460422
$context = preg_replace("/" . str_replace("/", "\/", preg_quote($qterm)) . "/i", "$0", $context);
}
return $context;
}
}
register_module([
"name" => "Uploader",
"version" => "0.5.7",
"author" => "Starbeamrainbowlabs",
"description" => "Adds the ability to upload files to Pepperminty Wiki. Uploaded files act as pages and have the special 'File/' prefix.",
"id" => "feature-upload",
"code" => function() {
global $settings;
/**
* @api {get} ?action=upload Get a page to let you upload a file.
* @apiName UploadFilePage
* @apiGroup Upload
* @apiPermission User
*/
/**
* @api {post} ?action=upload Upload a file
* @apiName UploadFile
* @apiGroup Upload
* @apiPermission User
*
* @apiParam {string} name The name of the file to upload.
* @apiParam {string} description A description of the file.
* @apiParam {file} file The file to upload.
*
* @apiUse UserNotLoggedInError
* @apiError UploadsDisabledError Uploads are currently disabled in the wiki's settings.
* @apiError UnknownFileTypeError The type of the file you uploaded is not currently allowed in the wiki's settings.
* @apiError ImageDimensionsFiledError PeppermintyWiki couldn't obtain the dimensions of the image you uploaded.
* @apiError DangerousFileError The file uploaded appears to be dangerous.
* @apiError DuplicateFileError The filename specified is a duplicate of a file that already exists.
* @apiError FileTamperedError Pepperminty Wiki couldn't verify that the file wasn't tampered with during theupload process.
*/
/*
* ██ ██ ██████ ██ ██████ █████ ██████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██████ ██ ██ ██ ███████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ███████ ██████ ██ ██ ██████
*/
add_action("upload", function() {
global $settings, $env, $pageindex, $paths;
switch($_SERVER["REQUEST_METHOD"])
{
case "GET":
// Send upload page
if(!$settings->upload_enabled)
exit(page_renderer::render("Upload Disabled - $setting->sitename", "
You can't upload anything at the moment because $settings->sitename has uploads disabled. Try contacting $settings->admindetails_name, your site Administrator. Go back.
Select an image below, and then type a name for it in the box. This server currently supports uploads up to " . human_filesize(get_max_upload_size()) . " in size.
$settings->sitename currently supports uploading of the following file types: " . implode(", ", $settings->upload_allowed_file_types) . ".
"));
break;
case "POST":
// Recieve file
// Make sure uploads are enabled
if(!$settings->upload_enabled)
{
unlink($_FILES["file"]["tmp_name"]);
http_response_code(412);
exit(page_renderer::render("Upload failed - $settings->sitename", "
Your upload couldn't be processed because uploads are currently disabled on $settings->sitename. Go back to the main page.
"));
}
// Make sure that the user is logged in
if(!$env->is_logged_in)
{
unlink($_FILES["file"]["tmp_name"]);
http_response_code(401);
exit(page_renderer::render("Upload failed - $settings->sitename", "
Your upload couldn't be processed because you are not logged in.
Try logging in first."));
}
// Calculate the target name, removing any characters we
// are unsure about.
$target_name = makepathsafe($_POST["name"]);
$temp_filename = $_FILES["file"]["tmp_name"];
$mimechecker = finfo_open(FILEINFO_MIME_TYPE);
$mime_type = finfo_file($mimechecker, $temp_filename);
finfo_close($mimechecker);
if(!in_array($mime_type, $settings->upload_allowed_file_types))
{
http_response_code(415);
exit(page_renderer::render("Unknown file type - Upload error - $settings->sitename", "
$settings->sitename recieved the file you tried to upload successfully, but detected that the type of file you uploaded is not in the allowed file types list. The file has been discarded.
The file you tried to upload appeared to be of type $mime_type, but $settings->sitename currently only allows the uploading of the following file types: " . implode(", ", $settings->upload_allowed_file_types) . ".
"));
}
// Perform appropriate checks based on the *real* filetype
switch(substr($mime_type, 0, strpos($mime_type, "/")))
{
case "image":
$extra_data = [];
// Check SVG uploads with a special function
$imagesize = $mime_type !== "image/svg+xml" ? getimagesize($temp_filename, $extra_data) : upload_check_svg($temp_filename);
// Make sure that the image size is defined
if(!is_int($imagesize[0]) or !is_int($imagesize[1]))
{
http_response_code(415);
exit(page_renderer::render("Upload Error - $settings->sitename", "
Although the file that you uploaded appears to be an image, $settings->sitename has been unable to determine it's dimensions. The uploaded file has been discarded. Go back to try again.
You may wish to consider opening an issue against Pepperminty Wiki (the software that powers $settings->sitename) if this isn't the first time that you have seen this message.
"));
}
break;
}
$file_extension = system_mime_type_extension($mime_type);
// Override the detected file extension if a file extension
// is explicitly specified in the settings
if(isset($settings->mime_mappings_overrides->$mime_type))
$file_extension = $settings->mime_mappings_overrides->$mime_type;
if(in_array($file_extension, [ "php", ".htaccess", "asp" ]))
{
http_response_code(415);
exit(page_renderer::render("Upload Error - $settings->sitename", "
The file you uploaded appears to be dangerous and has been discarded. Please contact $settings->sitename's administrator for assistance.
Additional information: The file uploaded appeared to be of type $mime_type, which mapped onto the extension $file_extension. This file extension has the potential to be executed accidentally by the web server.
A page or file has already been uploaded with the name '$new_filename'. Try deleting it first. If you do not have permission to delete things, try contacting one of the moderators.
The file you uploaded was valid, but $settings->sitename couldn't verify that it was tampered with during the upload process. This probably means that either is a configuration error, or $settings->sitename has been attacked. Please contact " . $settings->admindetails_name . ", your $settings->sitename Administrator.
"));
}
$description = $_POST["description"];
// Escape the raw html in the provided description if the setting is enabled
if($settings->clean_raw_html)
$description = htmlentities($description, ENT_QUOTES);
file_put_contents($env->storage_prefix . $new_description_filename, $description);
// Construct a new entry for the pageindex
$entry = new stdClass();
// Point to the description's filepath since this property
// should point to a markdown file
$entry->filename = $new_description_filename;
$entry->size = strlen($description);
$entry->lastmodified = time();
$entry->lasteditor = $env->user;
$entry->uploadedfile = true;
$entry->uploadedfilepath = $new_filename;
$entry->uploadedfilemime = $mime_type;
// Add the new entry to the pageindex
// Assign the new entry to the image's filepath as that
// should be the page name.
$pageindex->$new_filename = $entry;
// Generate a revision to keep the page history up to date
if(module_exists("feature-history"))
{
$oldsource = ""; // Only variables can be passed by reference, not literals
history_add_revision($entry, $description, $oldsource, false);
}
// Save the pageindex
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
if(module_exists("feature-recent-changes"))
{
add_recent_change([
"type" => "upload",
"timestamp" => time(),
"page" => $new_filename,
"user" => $env->user,
"filesize" => filesize($env->storage_prefix . $entry->uploadedfilepath)
]);
}
header("location: ?action=view&page=$new_filename&upload=success");
break;
}
});
/**
* @api {get} ?action=preview&page={pageName}[&size={someSize}] Get a preview of a file
* @apiName PreviewFile
* @apiGroup Upload
* @apiPermission Anonymous
*
* @apiParam {string} page The name of the file to preview.
* @apiParam {number} size Optional. The size fo the resulting preview. Will be clamped to fit within the bounds specified in the wiki's settings. May also be set to the keyword 'original', which will cause the original file to be returned with it's appropriate mime type instead.
*
* @apiError PreviewNoFileError No file was found associated with the specified page.
* @apiError PreviewUnknownFileTypeError Pepperminty Wiki was unable to generate a preview for the requested file's type.
*/
/*
* ██████ ██████ ███████ ██ ██ ██ ███████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██████ █████ ██ ██ ██ █████ ██ █ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ███ ██
* ██ ██ ██ ███████ ████ ██ ███████ ███ ███
*/
add_action("preview", function() {
global $settings, $env, $pageindex, $start_time;
if(empty($pageindex->{$env->page}->uploadedfilepath))
{
$im = errorimage("The page '$env->page' doesn't have an associated file.");
header("content-type: image/png");
imagepng($im);
exit();
}
$filepath = $env->storage_prefix . $pageindex->{$env->page}->uploadedfilepath;
$mime_type = $pageindex->{$env->page}->uploadedfilemime;
$shortFilename = substr($filepath, 1 + (strrpos($filepath, '/') !== false ? strrpos($filepath, '/') : -1));
header("content-disposition: inline; filename=\"$shortFilename\"");
// If the size is set or original, then send (or redirect to) the original image
// Also do the same for SVGs if svg rendering is disabled.
if(isset($_GET["size"]) and $_GET["size"] == "original" or
(empty($settings->render_svg_previews) && $mime_type == "image/svg+xml"))
{
// Get the file size
$filesize = filesize($filepath);
// Send some headers
header("content-length: $filesize");
header("content-type: $mime_type");
// Open the file and send it to the user
$handle = fopen($filepath, "rb");
fpassthru($handle);
fclose($handle);
exit();
}
// Determine the target size of the image
$target_size = 512;
if(isset($_GET["size"]))
$target_size = intval($_GET["size"]);
if($target_size < $settings->min_preview_size)
$target_size = $settings->min_preview_size;
if($target_size > $settings->max_preview_size)
$target_size = $settings->max_preview_size;
// Determine the output file type
$output_mime = $settings->preview_file_type;
if(isset($_GET["type"]) and in_array($_GET["type"], [ "image/png", "image/jpeg", "image/webp" ]))
$output_mime = $_GET["type"];
/// ETag handling ///
// Generate the etag and send it to the client
$preview_etag = sha1("$output_mime|$target_size|$filepath|$mime_type");
$allheaders = getallheaders();
$allheaders = array_change_key_case($allheaders, CASE_LOWER);
if(!isset($allheaders["if-none-match"]))
{
header("etag: $preview_etag");
}
else
{
if($allheaders["if-none-match"] === $preview_etag)
{
http_response_code(304);
header("x-generation-time: " . (microtime(true) - $start_time));
exit();
}
}
/// ETag handling end ///
/* Disabled until we work out what to do about caching previews *
$previewFilename = "$filepath.preview.$outputFormat";
if($target_size === $settings->default_preview_size)
{
// The request is for the default preview size
// Check to see if we have a preview pre-rendered
}
*/
$preview = new Imagick();
switch(substr($mime_type, 0, strpos($mime_type, "/")))
{
case "image":
$preview->readImage($filepath);
break;
case "application":
if($mime_type == "application/pdf")
{
$preview = new imagick();
$preview->readImage("{$filepath}[0]");
$preview->setResolution(300,300);
$preview->setImageColorspace(255);
break;
}
case "video":
case "audio":
if($settings->data_storage_dir == ".")
{
// The data storage directory is the current directory
// Redirect to the file isntead
http_response_code(307);
header("location: " . $pageindex->{$env->page}->uploadedfilepath);
exit();
}
// TODO: Add support for ranges here.
// Get the file size
$filesize = filesize($filepath);
// Send some headers
header("content-length: $filesize");
header("content-type: $mime_type");
// Open the file and send it to the user
$handle = fopen($filepath, "rb");
fpassthru($handle);
fclose($handle);
exit();
break;
default:
http_response_code(501);
$preview = errorimage("Unrecognised file type '$mime_type'.", $target_size);
header("content-type: image/png");
imagepng($preview);
exit();
}
// Scale the image down to the target size
$preview->resizeImage($target_size, $target_size, imagick::FILTER_LANCZOS, 1, true);
// Send the completed preview image to the user
header("content-type: $output_mime");
header("x-generation-time: " . (microtime(true) - $start_time) . "s");
$outputFormat = substr($output_mime, strpos($output_mime, "/") + 1);
$preview->setImageFormat($outputFormat);
echo($preview->getImageBlob());
/* Disabled while we work out what to do about caching previews *
// Save a preview file if there isn't one alreaddy
if(!file_exists($previewFilename))
file_put_contents($previewFilename, $preview->getImageBlob());
*/
});
/*
* ██████ ██████ ███████ ██ ██ ██ ███████ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██████ █████ ██ ██ ██ █████ ██ █ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ███ ██
* ██ ██ ██ ███████ ████ ██ ███████ ███ ███
*
* ██████ ██ ███████ ██████ ██ █████ ██ ██ ███████ ██████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ███████ ██████ ██ ███████ ████ █████ ██████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ███████ ██ ███████ ██ ██ ██ ███████ ██ ██
*/
page_renderer::register_part_preprocessor(function(&$parts) {
global $pageindex, $env, $settings;
// Don't do anything if the action isn't view
if($env->action !== "view")
return;
if(isset($pageindex->{$env->page}->uploadedfile) and $pageindex->{$env->page}->uploadedfile == true)
{
// We are looking at a page that is paired with an uploaded file
$filepath = $pageindex->{$env->page}->uploadedfilepath;
$mime_type = $pageindex->{$env->page}->uploadedfilemime;
$dimensions = $mime_type !== "image/svg+xml" ? getimagesize($env->storage_prefix . $filepath) : getsvgsize($env->storage_prefix . $filepath);
$fileTypeDisplay = substr($mime_type, 0, strpos($mime_type, "/"));
$previewUrl = "?action=preview&size=$settings->default_preview_size&page=" . rawurlencode($env->page);
$preview_html = "";
switch($fileTypeDisplay)
{
case "application":
case "image":
if($mime_type == "application/pdf")
$fileTypeDisplay = "file";
$preview_sizes = [ 256, 512, 768, 1024, 1440 ];
$preview_html .= "\t\t\t";
break;
case "video":
$preview_html .= "\t\t\t";
break;
case "audio":
$preview_html .= "\t\t\t";
}
$fileInfo = [];
$fileInfo["Name"] = str_replace("File/", "", $filepath);
$fileInfo["Type"] = $mime_type;
$fileInfo["Size"] = human_filesize(filesize($env->storage_prefix . $filepath));
switch($fileTypeDisplay)
{
case "image":
$dimensionsKey = $mime_type !== "image/svg+xml" ? "Original dimensions" : "Native size";
$fileInfo[$dimensionsKey] = "$dimensions[0] x $dimensions[1]";
break;
}
$fileInfo["Uploaded by"] = $pageindex->{$env->page}->lasteditor;
$preview_html .= "\t\t\t
";
$parts["{content}"] = str_replace("", "\n$preview_html", $parts["{content}"]);
}
});
// Register a section on the help page on uploading files
add_help_section("28-uploading-files", "Uploading Files", "
$settings->sitename supports the uploading of files, though it is up to " . $settings->admindetails_name . ", $settings->sitename's administrator as to whether it is enabled or not (uploads are currently " . (($settings->upload_enabled) ? "enabled" : "disabled") . ").
Currently Pepperminty Wiki (the software that $settings->sitename uses) only supports the uploading of images, although more file types should be supported in the future (open an issue on GitHub if you are interested in support for more file types).
Uploading a file is actually quite simple. Click the "Upload" option in the "More..." menu to go to the upload page. The upload page will tell you what types of file $settings->sitename allows, and the maximum supported filesize for files that you upload (this is usually set by the web server that the wiki is running on).
Use the file chooser to select the file that you want to upload, and then decide on a name for it. Note that the name that you choose should not include the file extension, as this will be determined automatically. Enter a description that will appear on the file's page, and then click upload.
");
}
]);
//// Pair of functions to calculate the actual maximum upload size supported by the server
//// Lifted from Drupal by @meustrus from Stackoverflow. Link to answer:
//// http://stackoverflow.com/a/25370978/1460422
// Returns a file size limit in bytes based on the PHP upload_max_filesize
// and post_max_size
function get_max_upload_size()
{
static $max_size = -1;
if ($max_size < 0) {
// Start with post_max_size.
$max_size = parse_size(ini_get('post_max_size'));
// If upload_max_size is less, then reduce. Except if upload_max_size is
// zero, which indicates no limit.
$upload_max = parse_size(ini_get('upload_max_filesize'));
if ($upload_max > 0 && $upload_max < $max_size) {
$max_size = $upload_max;
}
}
return $max_size;
}
function parse_size($size) {
$unit = preg_replace('/[^bkmgtpezy]/i', '', $size); // Remove the non-unit characters from the size.
$size = preg_replace('/[^0-9\.]/', '', $size); // Remove the non-numeric characters from the size.
if ($unit) {
// Find the position of the unit in the ordered string which is the power of magnitude to multiply a kilobyte by.
return round($size * pow(1024, stripos('bkmgtpezy', $unit[0])));
} else {
return round($size);
}
}
function upload_check_svg($temp_filename)
{
global $settings;
// Check for script tags
if(strpos(file_get_contents($temp_filename), "
";
// ~
/// ~~~ Smart saving ~~~ ///
$content .= <<
SMARTSAVE;
exit(page_renderer::render_main("$title - $settings->sitename", $content));
});
/**
* @api {post} ?action=save&page={pageName} Save an edit to a page.
* @apiDescription Saves an edit to a page. If an edit conflict is encountered, then a conflict resolution page is returned instead.
* @apiName EditPage
* @apiGroup Page
* @apiPermission Anonymous
*
* @apiUse PageParameter
* @apiParam {string} newpage GET only. Set to 'yes' to indicate that this is a new page that is being saved. Only affects the HTTP response code you recieve upon success.
* @apiParam {string} content POST only. The new content to save to the given filename.
* @apiParam {string} tags POST only. A comma-separated list of tags to assign to the current page. Will replace the existing list of tags, if any are present.
* @apiParam {string} prev-content-hash POST only. The hash of the original content before editing. If this hash is found to be different to a hash computed of the currentl saved content, a conflict resolution page will be returned instead of saving the provided content.
*
* @apiError UnsufficientPermissionError You don't currently have sufficient permissions to save an edit.
*/
/*
*
* ___ __ ___ _____
* / __|/ _` \ \ / / _ \
* \__ \ (_| |\ V / __/
* |___/\__,_| \_/ \___|
* %save%
*/
add_action("save", function() {
global $pageindex, $settings, $env, $save_preprocessors, $paths;
if(!$settings->editing)
{
header("location: index.php?page=$env->page");
exit(page_renderer::render_main("Error saving edit", "
Editing is currently disabled on this wiki.
"));
}
if(!$env->is_logged_in and !$settings->anonedits)
{
http_response_code(403);
header("refresh: 5; url=index.php?page=$env->page");
exit("You are not logged in, so you are not allowed to save pages on $settings->sitename. Redirecting in 5 seconds....");
}
$page = $env->page;
if((
isset($pageindex->$page) and
isset($pageindex->page->protect) and
$pageindex->$page->protect
) and !$env->is_admin)
{
http_response_code(403);
header("refresh: 5; url=index.php?page=$env->page");
exit("$env->page is protected, and you aren't logged in as an administrator or moderator. Your edit was not saved. Redirecting in 5 seconds...");
}
if(!isset($_POST["content"]))
{
http_response_code(400);
header("refresh: 5; url=index.php?page=$env->page");
exit("Bad request: No content specified.");
}
// Make sure that the directory in which the page needs to be saved exists
if(!is_dir(dirname("$env->storage_prefix$env->page.md")))
{
// Recursively create the directory if needed
mkdir(dirname("$env->storage_prefix$env->page.md"), 0775, true);
}
// Read in the new page content
$pagedata = $_POST["content"];
// We don't need to santise the input here as Parsedown has an
// option that does this for us, and is _way_ more intelligent about
// it.
// Read in the new page tags, so long as there are actually some
// tags to read in
$page_tags = [];
if(strlen(trim($_POST["tags"])) > 0)
{
$page_tags = explode(",", $_POST["tags"]);
// Trim off all the whitespace
foreach($page_tags as &$tag)
$tag = trim($tag);
}
// Check for edit conflicts
if(!empty($pageindex->{$env->page}) && file_exists($env->storage_prefix . $pageindex->{$env->page}->filename))
{
$existing_content_hash = sha1_file($env->storage_prefix . $pageindex->{$env->page}->filename);
if(isset($_POST["prev-content-hash"]) and
$existing_content_hash != $_POST["prev-content-hash"])
{
$existingPageData = htmlentities(file_get_contents($env->storage_prefix . $env->storage_prefix . $pageindex->{$env->page}->filename));
// An edit conflict has occurred! We should get the user to fix it.
$content = "
Resolving edit conflict - $env->page
";
if(!$env->is_logged_in and $settings->anonedits)
{
$content .= "
Warning: You are not logged in! Your IP address may be recorded.
";
}
$content .= "
An edit conflict has arisen because someone else has saved an edit to $env->page since you started editing it. Both texts are shown below, along the differences between the 2 conflicting revisions. To continue, please merge your changes with the existing content. Note that only the text in the existing content box will be kept when you press the \"Resolve Conflict\" button at the bottom of the page.
";
// Insert a reference to jsdiff to generate the diffs
$diffScript = <<<'DIFFSCRIPT'
window.addEventListener("load", function(event) {
var destination = document.getElementById("highlighted-diff"),
diff = JsDiff.diffWords(document.getElementById("original-content").value, document.getElementById("new-content").value),
output = "";
diff.forEach(function(change) {
var classes = "token";
if(change.added) classes += " diff-added";
if(change.removed) classes += " diff-removed";
output += `${change.value}`;
});
destination.innerHTML = output;
});
DIFFSCRIPT;
$content .= "\n
\n";
exit(page_renderer::render_main("Edit Conflict - $env->page - $settings->sitename", $content));
}
}
// -----~~~==~~~-----
// Update the inverted search index
// Construct an index for the old and new page content
$oldindex = [];
$oldpagedata = ""; // We need the old page data in order to pass it to the preprocessor
if(file_exists("$env->storage_prefix$env->page.md"))
{
$oldpagedata = file_get_contents("$env->storage_prefix$env->page.md");
$oldindex = search::index($oldpagedata);
}
$newindex = search::index($pagedata);
// Compare the indexes of the old and new content
$additions = [];
$removals = [];
search::compare_indexes($oldindex, $newindex, $additions, $removals);
// Load in the inverted index
$invindex = search::load_invindex($env->storage_prefix . "invindex.json");
// Merge the changes into the inverted index
search::merge_into_invindex($invindex, ids::getid($env->page), $additions, $removals);
// Save the inverted index back to disk
search::save_invindex($env->storage_prefix . "invindex.json", $invindex);
// -----~~~==~~~-----
if(file_put_contents("$env->storage_prefix$env->page.md", $pagedata) !== false)
{
$page = $env->page;
// Make sure that this page's parents exist
check_subpage_parents($page);
// Update the page index
if(!isset($pageindex->$page))
{
$pageindex->$page = new stdClass();
$pageindex->$page->filename = "$env->page.md";
}
$pageindex->$page->size = strlen($_POST["content"]);
$pageindex->$page->lastmodified = time();
if($env->is_logged_in)
$pageindex->$page->lasteditor = utf8_encode($env->user);
else // TODO: Add an option to record the user's IP here instead
$pageindex->$page->lasteditor = utf8_encode("anonymous");
$pageindex->$page->tags = $page_tags;
// A hack to resave the pagedata if the preprocessors have
// changed it. We need this because the preprocessors *must*
// run _after_ the pageindex has been updated.
$pagedata_orig = $pagedata;
// Execute all the preprocessors
foreach($save_preprocessors as $func)
{
$func($pageindex->$page, $pagedata, $oldpagedata);
}
if($pagedata !== $pagedata_orig)
file_put_contents("$env->storage_prefix$env->page.md", $pagedata);
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
if(isset($_GET["newpage"]))
http_response_code(201);
else
http_response_code(200);
// header("content-type: text/plain");
header("location: index.php?page=$env->page&edit_status=success&redirect=no");
exit();
}
else
{
http_response_code(507);
exit(page_renderer::render_main("Error saving page - $settings->sitename", "
$settings->sitename failed to write your changes to the server's disk. Your changes have not been saved, but you might be able to recover your edit by pressing the back button in your browser.
Please tell the administrator of this wiki (" . $settings->admindetails_name . ") about this problem.
To edit a page on $settings->sitename, click the edit button on the top bar. Note that you will probably need to be logged in. If you do not already have an account you will need to ask $settings->sitename's administrator for an account since there is no registration form. Note that the $settings->sitename's administrator may have changed these settings to allow anonymous edits.
Editing is simple. The edit page has a sizeable box that contains a page's current contents. Once you are done altering it, add or change the comma separated list of tags in the field below the editor and then click save page.
A reference to the syntax that $settings->sitename supports can be found below.
");
}
]);
register_module([
"name" => "Export",
"version" => "0.4",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a page that you can use to export your wiki as a .zip file. Uses \$settings->export_only_allow_admins, which controls whether only admins are allowed to export the wiki.",
"id" => "page-export",
"code" => function() {
global $settings;
/**
* @api {get} ?action=export Export the all the wiki's content
* @apiDescription Export all the wiki's content. Please ask for permission before making a request to this URI. Note that some wikis may only allow moderators to export content.
* @apiName Export
* @apiGroup Utility
* @apiPermission Anonymous
*
* @apiError InsufficientExportPermissionsError The wiki has the export_allow_only_admins option turned on, and you aren't logged into a moderator account.
* @apiError CouldntOpenTempFileError Pepperminty Wiki couldn't open a temporary file to send the compressed archive to.
* @apiError CouldntCloseTempFileError Pepperminty Wiki couldn't close the temporary file to finish creating the zip archive ready for downloading.
*/
/*
* ███████ ██ ██ ██████ ██████ ██████ ████████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* █████ ███ ██████ ██ ██ ██████ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ██ ██ ██ ██████ ██ ██ ██
*/
add_action("export", function() {
global $settings, $pageindex, $env;
if($settings->export_allow_only_admins && !$env->is_admin)
{
http_response_code(401);
exit(page_renderer::render("Export error - $settings->sitename", "Only administrators of $settings->sitename are allowed to export the wiki as a zip. Return to the $settings->defaultpage."));
}
$tmpfilename = tempnam(sys_get_temp_dir(), "pepperminty-wiki-");
$zip = new ZipArchive();
if($zip->open($tmpfilename, ZipArchive::CREATE) !== true)
{
http_response_code(507);
exit(page_renderer::render("Export error - $settings->sitename", "Pepperminty Wiki was unable to open a temporary file to store the exported data in. Please contact $settings->sitename's administrator (" . $settings->admindetails_name . " at " . hide_email($settings->admindetails_email) . ") for assistance."));
}
foreach($pageindex as $entry)
{
$zip->addFile("$env->storage_prefix$entry->filename", $entry->filename);
}
if($zip->close() !== true)
{
http_response_code(500);
exit(page_renderer::render("Export error - $settings->sitename", "Pepperminty wiki was unable to close the temporary zip file after creating it. Please contact $settings->sitename's administrator (" . $settings->admindetails_name . " at " . hide_email($settings->admindetails_email) . ") for assistance."));
}
header("content-type: application/zip");
header("content-disposition: attachment; filename=$settings->sitename-export.zip");
header("content-length: " . filesize($tmpfilename));
$zip_handle = fopen($tmpfilename, "rb");
fpassthru($zip_handle);
fclose($zip_handle);
unlink($tmpfilename);
});
// Add a section to the help page
add_help_section("50-export", "Exporting", "
$settings->sitename supports exporting the entire wiki's content as a zip. Note that you may need to be a moderator in order to do this. Also note that you should check for permission before doing so, even if you are able to export without asking.
To perform an export, go to the credits page and click "Export as zip - Check for permission first".
");
}
]);
register_module([
"name" => "Help page",
"version" => "0.9.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a rather useful help page. Access through the 'help' action. This module also exposes help content added to Pepperminty Wiki's inbuilt invisible help section system.",
"id" => "page-help",
"code" => function() {
global $settings;
/**
* @api {get} ?action=help[&dev=yes] Get a help page
* @apiDescription Get a customised help page. This page will be slightly different for every wiki, depending on their name, settings, and installed modules.
* @apiName Help
* @apiGroup Utility
* @apiPermission Anonymous
*
* @apiParam {string} dev Set to 'yes' to get a developer help page instead. The developer help page gives some general information about which modules and help page sections are registered, and other various (non-sensitive) settings.
*/
/*
* ██ ██ ███████ ██ ██████
* ██ ██ ██ ██ ██ ██
* ███████ █████ ██ ██████
* ██ ██ ██ ██ ██
* ██ ██ ███████ ███████ ██
*/
add_action("help", function() {
global $env, $paths, $settings, $version, $help_sections, $actions;
// Sort the help sections by key
ksort($help_sections, SORT_NATURAL);
if(isset($_GET["dev"]) and $_GET["dev"] == "yes")
{
$title = "Developers Help - $settings->sitename";
$content = "
$settings->sitename runs on Pepperminty Wiki, an entire wiki packed into a single file. This page contains some information that developers may find useful.
A full guide to developing a Pepperminty Wiki module can be found on GitHub.
Registered Help Sections
The following help sections are currently registered:
The page index is currently " . human_filesize(filesize($paths->pageindex)) . " in size, and took " . $env->perfdata->pageindex_decode_time . "ms to decode.
The search index is currently " . human_filesize(filesize($paths->searchindex)) . " in size, and took " . $env->perfdata->searchindex_decode_time . "ms to decode.
";
}
$content .= "
The id index is currently " . human_filesize(filesize($paths->idindex)) . " in size, and took " . $env->perfdata->idindex_decode_time . "ms to decode.
$settings->sitename is powered by Pepperminty Wiki, a complete wiki in a box you can drop into your server and expect it to just work.
";
// Todo Insert a table of contents here?
foreach($help_sections as $index => $section)
{
// Todo add a button that you can click to get a permanent link
// to this section.
$content .= "
" . $section["title"] . "
\n";
$content .= $section["content"] . "\n";
}
}
exit(page_renderer::render_main($title, $content));
});
// Register a help section on general navigation
add_help_section("5-navigation", "Navigating", "
All the navigation links can be found on the top bar, along with a search box (if your site administrator has enabled it). There is also a "More..." menu in the top right that contains some additional links that you may fine useful.
This page, along with the credits page, can be found on the bar at the bottom of every page.
You can find out whch version of Pepperminty Wiki $settings->sitename is using by visiting the credits page.
Information for developers can be found on this page.
");
}
]);
register_module([
"name" => "Page list",
"version" => "0.10.2",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a page that lists all the pages in the index along with their metadata.",
"id" => "page-list",
"code" => function() {
global $settings;
/**
* @api {get} ?action=list List all pages
* @apiDescription Gets a list of all the pages currently stored on the wiki.
* @apiName ListPages
* @apiGroup Page
* @apiPermission Anonymous
*/
/*
* ██ ██ ███████ ████████
* ██ ██ ██ ██
* ██ ██ ███████ ██
* ██ ██ ██ ██
* ███████ ██ ███████ ██
*/
add_action("list", function() {
global $pageindex, $settings;
$title = "All Pages";
$content = "
$title on $settings->sitename
";
$sorted_pageindex = get_object_vars($pageindex);
ksort($sorted_pageindex, SORT_NATURAL);
$content .= generate_page_list(array_keys($sorted_pageindex));
exit(page_renderer::render_main("$title - $settings->sitename", $content));
});
/**
* @api {get} ?action=list-tags[&tag=] Get a list of tags or pages with a certain tag
* @apiDescription Gets a list of all tags on the wiki. Adding the `tag` parameter causes a list of pages with the given tag to be returned instead.
* @apiName ListTags
* @apiGroup Utility
* @apiPermission Anonymous
*
* @apiParam {string} tag Optional. If provided a list of all the pages with that tag is returned instead.
*/
/*
* ██ ██ ███████ ████████ ████████ █████ ██████ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ███████ ██ █████ ██ ███████ ██ ███ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ██ ███████ ██ ██ ██ ██ ██████ ███████
*/
add_action("list-tags", function() {
global $pageindex, $settings;
if(!isset($_GET["tag"]))
{
// Render a list of all tags
$all_tags = [];
foreach($pageindex as $entry)
{
if(!isset($entry->tags)) continue;
foreach($entry->tags as $tag)
{
if(!in_array($tag, $all_tags)) $all_tags[] = $tag;
}
}
sort($all_tags, SORT_NATURAL);
$content = "
\n";
exit(page_renderer::render("$tag - Tag List - $settings->sitename", $content));
});
add_help_section("30-all-pages-tags", "Listing pages and tags", "
All the pages and tags on $settings->sitename are listed on a pair of pages to aid navigation. The list of all pages on $settings->sitename can be found by clicking "All Pages" on the top bar. The list of all the tags currently in use can be found by clicking "All Tags" in the "More..." menu in the top right.
Each tag on either page can be clicked, and leads to a list of all pages that possess that particular tag.
Redirect pages are shown in italics. A page's last known editor is also shown next to each entry on a list of pages, along with the last known size (which should correct, unless it was changed outside of $settings->sitename) and the time since the last modification (hovering over this will show the exact time that the last modification was made in a tooltip).
");
}
]);
function generate_page_list($pagelist)
{
global $pageindex;
// ✎ ✎ 🕒 🕒
$result = "
\n";
foreach($pagelist as $pagename)
{
// Construct a list of tags that are attached to this page ready for display
$tags = "";
// Make sure that this page does actually have some tags first
if(isset($pageindex->$pagename->tags))
{
foreach($pageindex->$pagename->tags as $tag)
{
$tags .= "$tag, ";
}
$tags = substr($tags, 0, -2); // Remove the last ", " from the tag list
}
$pageDisplayName = $pagename;
if(isset($pageindex->$pagename) and
!empty($pageindex->$pagename->redirect))
$pageDisplayName = "$pageDisplayName";
$result .= "
$settings->sitename requires that you login before continuing.
\n";
$content .= "\t\t\n";
exit(page_renderer::render_main($title, $content));
});
/**
* @api {post} ?action=checklogin Perform a login
* @apiName CheckLogin
* @apiGroup Authorisation
* @apiPermission Anonymous
*
* @apiParam {string} user The user name to login with.
* @apiParam {string} password The password to login with.
* @apiParam {string} returnto The URL to redirect to upon a successful login.
*
* @apiError InvalidCredentialsError The supplied credentials were invalid. Note that this error is actually a redirect to ?action=login&failed=yes (with the returnto parameter appended if you supplied one)
*/
/*
* ██████ ██ ██ ███████ ██████ ██ ██
* ██ ██ ██ ██ ██ ██ ██
* ██ ███████ █████ ██ █████
* ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ██ ███████ ██████ ██ ██
*
* ██ ██████ ██████ ██ ███ ██
* ██ ██ ██ ██ ██ ████ ██
* ██ ██ ██ ██ ███ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ██████ ██████ ██ ██ ████
*/
add_action("checklogin", function() {
global $settings, $env;
//actually do the login
if(isset($_POST["user"]) and isset($_POST["pass"]))
{
//the user wants to log in
$user = $_POST["user"];
$pass = $_POST["pass"];
if($settings->users->$user == hash_password($pass))
{
$env->is_logged_in = true;
$expiretime = time() + 60*60*24*30; //30 days from now
$_SESSION["$settings->sessionprefix-user"] = $user;
$_SESSION["$settings->sessionprefix-pass"] = hash_password($pass);
$_SESSION["$settings->sessionprefix-expiretime"] = $expiretime;
//redirect to wherever the user was going
http_response_code(302);
if(isset($_GET["returnto"]))
header("location: " . $_GET["returnto"]);
else
header("location: index.php");
exit();
}
else
{
http_response_code(302);
$nextUrl = "index.php?action=login&failed=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
}
else
{
http_response_code(302);
$nextUrl = "index.php?action=login&failed=yes&badrequest=yes";
if(!empty($_GET["returnto"]))
$nextUrl .= "&returnto=" . rawurlencode($_GET["returnto"]);
header("location: $nextUrl");
exit();
}
});
// Register a section on logging in on the help page.
add_help_section("30-login", "Logging in", "
In order to edit $settings->sitename and have your edit attributed to you, you need to be logged in. Depending on the settings, logging in may be a required step if you want to edit at all. Thankfully, loggging in is not hard. Simply click the "Login" link in the top left, type your username and password, and then click login.
If you do not have an account yet and would like one, try contacting $settings->admindetails_name, $settings->sitename's administrator and ask them nicely to see if they can create you an account.
");
}
]);
/*
* @summary Hashes the given password according to the current settings defined
* in $settings.
*
* @param $pass {string} The password to hash.
*
* @returns {string} The hashed password. Uses sha3 if $settings->use_sha3 is
* enabled, or sha256 otherwise.
*/
function hash_password($pass)
{
global $settings;
if($settings->use_sha3)
{
return sha3($pass, 256);
}
else
{
return hash("sha256", $pass);
}
}
register_module([
"name" => "Logout",
"version" => "0.6",
"author" => "Starbeamrainbowlabs",
"description" => "Adds an action to let users user out. For security reasons it is wise to add this module since logging in automatically opens a session that is valid for 30 days.",
"id" => "page-logout",
"code" => function() {
/**
* @api {post} ?action=logout Logout
* @apiDescription Logout. Make sure that your bot requests this URL when it is finished - this call not only clears your cookies but also clears the server's session file as well. Note that you can request this when you are already logged out and it will completely wipe your session on the server.
* @apiName Logout
* @apiGroup Authorisation
* @apiPermission Anonymous
*/
/*
* ██ ██████ ██████ ██████ ██ ██ ████████
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ███ ██ ██ ██ ██ ██
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ███████ ██████ ██████ ██████ ██████ ██
*/
add_action("logout", function() {
global $env;
$env->is_logged_in = false;
unset($env->user);
unset($env->pass);
//clear the session variables
$_SESSION = [];
session_destroy();
exit(page_renderer::render_main("Logout Successful", "
"));
});
}
]);
register_module([
"name" => "Page mover",
"version" => "0.9.2",
"author" => "Starbeamrainbowlabs",
"description" => "Adds an action to allow administrators to move pages.",
"id" => "page-move",
"code" => function() {
global $settings;
/**
* @api {get} ?action=move[&new_name={newPageName}] Move a page
* @apiName Move
* @apiGroup Page
* @apiPermission Moderator
*
* @apiParam {string} new_name The new name to move the page to. If not set a page will be returned containing a move page form.
*
* @apiUse UserNotModeratorError
* @apiError EditingDisabledError Editing is disabled on this wiki, so pages can't be moved.
* @apiError PageExistsAtDestinationError A page already exists with the specified new name.
* @apiError NonExistentPageError The page you're trying to move doesn't exist in the first place.
* @apiError PreExistingFileError A pre-existing file on the server's file system was detected.
*/
/*
* ███ ███ ██████ ██ ██ ███████
* ████ ████ ██ ██ ██ ██ ██
* ██ ████ ██ ██ ██ ██ ██ █████
* ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██████ ████ ███████
*/
add_action("move", function() {
global $pageindex, $settings, $env, $paths;
if(!$settings->editing)
{
exit(page_renderer::render_main("Moving $env->page - error", "
You tried to move $env->page, but editing is disabled on this wiki.
If you wish to move this page, please re-enable editing on this wiki first.
Whilst moving the file associated with $env->page, $settings->sitename detected a pre-existing file on the server's file system. Because $settings->sitename can't determine whether the existing file is important to another component of $settings->sitename or it's host web server, the move have been aborted - just in case.
If you know that this move is actually safe, please get your site administrator (" . $settings->admindetails_name . ") to perform the move manually. Their contact address can be found at the bottom of every page (including this one).
"));
// Move the page in the page index
$pageindex->$new_name = new stdClass();
foreach($pageindex->$page as $key => $value)
{
$pageindex->$new_name->$key = $value;
}
unset($pageindex->$page);
$pageindex->$new_name->filename = "$new_name.md";
// If this page has an associated file, then we should move that too
if(!empty($pageindex->$new_name->uploadedfile))
{
// Update the filepath to point to the description and not the image
$pageindex->$new_name->filename = $pageindex->$new_name->filename . ".md";
// Move the file in the pageindex
$pageindex->$new_name->uploadedfilepath = $new_name;
// Move the file on disk
rename($env->storage_prefix . $env->page, $env->storage_prefix . $new_name);
}
// Come to think about it, we should probably move the history while we're at it
foreach($pageindex->$new_name->history as &$revisionData)
{
// We're only interested in edits
if($revisionData->type !== "edit") continue;
$newRevisionName = $pageindex->$new_name->filename . ".r$revisionData->rid";
// Move the revision to it's new name
rename(
$env->storage_prefix . $revisionData->filename,
$env->storage_prefix . $newRevisionName
);
// Update the pageindex entry
$revisionData->filename = $newRevisionName;
}
// Save the updated pageindex
file_put_contents($paths->pageindex, json_encode($pageindex, JSON_PRETTY_PRINT));
// Move the page on the disk
rename("$env->storage_prefix$env->page.md", "$env->storage_prefix$new_name.md");
// Move the page in the id index
ids::movepagename($page, $new_name);
// Exit with a nice message
exit(page_renderer::render_main("Moving $env->page", "
"));
});
// Register a help section
add_help_section("60-move", "Moving Pages", "
If you are logged in as an administrator, then you have the power to move pages. To do this, click "Delete" in the "More..." menu when browsing the pge you wish to move. Type in the new name of the page, and then click "Move Page".
");
}
]);
register_module([
"name" => "Update",
"version" => "0.6.2",
"author" => "Starbeamrainbowlabs",
"description" => "Adds an update page that downloads the latest stable version of Pepperminty Wiki. This module is currently outdated as it doesn't save your module preferences.",
"id" => "page-update",
"code" => function() {
/**
* @api {get} ?action=update[do=yes] Update the wiki
* @apiDescription Update the wiki by downloading a new version of Pepperminty Wiki from the URL specified in the settings. Note that unless you change the url from it's default, all custom modules installed will be removed. **Note also that this plugin is currently out of date. Use with extreme caution!**
* @apiName Update
* @apiGroup Utility
* @apiPermission Moderator
*
* @apiParam {string} do Set to 'yes' to actually do the upgrade. Omission causes a page asking whether an update is desired instead.
* @apiParam {string} secret The wiki's secret string that's stored in the settings.
*
* @apiUse UserNotModeratorError
* @apiParam InvalidSecretError The supplied secret doesn't match up with the secret stored in the wiki's settings.
*/
/*
* ██ ██ ██████ ██████ █████ ████████ ███████
* ██ ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██ ██ ██████ ██ ██ ███████ ██ █████
* ██ ██ ██ ██ ██ ██ ██ ██ ██
* ██████ ██ ██████ ██ ██ ██ ███████
*/
add_action("update", function() {
global $settings, $env;
if(!$env->is_admin)
{
http_response_code(401);
exit(page_renderer::render_main("Update - Error", "
You must be an administrator to do that.
"));
}
if(!isset($_GET["do"]) or $_GET["do"] !== "true" or $_GET["do"] !== "yes")
{
exit(page_renderer::render_main("Update $settings->sitename", "
This page allows you to update $settings->sitename.
Currently, $settings->sitename is using $settings->version of Pepperminty Wiki.
This script will automatically download and install the latest version of Pepperminty Wiki from the url of your choice (see settings), regardless of whether an update is actually needed (version checking isn't implemented yet).
To update $settings->sitename, fill out the form below and click click the update button.
Note that a backup system has not been implemented yet! If this script fails you will loose your wiki's code and have to re-build it.
You forgot to enter $settings->sitename's secret code or entered it incorrectly. $settings->sitename's secret can be found in the settings portion of index.php.
"));
}
$settings_separator = "/////////////// Do not edit below this line unless you know what you are doing! ///////////////";
$log = "Beginning update...\n";
$log .= "I am " . __FILE__ . ".\n";
$oldcode = file_get_contents(__FILE__);
$log .= "Fetching new code...";
$newcode = file_get_contents($settings->updateurl);
$log .= "done.\n";
$log .= "Rewriting " . __FILE__ . "...";
$settings = substr($oldcode, 0, strpos($oldcode, $settings_separator));
$code = substr($newcode, strpos($newcode, $settings_separator));
$result = $settings . $code;
$log .= "done.\n";
$log .= "Saving...";
file_put_contents(__FILE__, $result);
$log .= "done.\n";
$log .= "Update complete. I am now running on the latest version of Pepperminty Wiki.";
$log .= "The version number that I have updated to can be found on the credits or help ages.";
exit(page_renderer::render_main("Update - Success", "
" . implode("
", explode("\n", $log)) . "
"));
});
}
]);
register_module([
"name" => "Page viewer",
"version" => "0.16.4",
"author" => "Starbeamrainbowlabs",
"description" => "Allows you to view pages. You really should include this one.",
"id" => "page-view",
"code" => function() {
/**
* @api {get} ?action=view[&page={pageName}][&revision=rid][&printable=yes] View a page
* @apiName View
* @apiGroup Page
* @apiPermission Anonymous
*
* @apiUse PageParameter
* @apiParam {number} revision The revision number to display.
* @apiParam {string} mode Optional. The display mode to use. Can hld the following values: 'normal' - The default. Sends a normal page. 'printable' - Sends a printable version of the page. 'contentonly' - Sends only the content of the page, not the extra stuff around it. 'parsedsourceonly' - Sends only the raw rendered source of the page, as it appears just after it has come out of the page parser. Useful for writing external tools (see also the `raw` action).
*
* @apiError NonExistentPageError The page doesn't exist and editing is disabled in the wiki's settings. If editing isn't disabled, you will be redirected to the edit page instead.
* @apiError NonExistentRevisionError The specified revision was not found.
*/
/*
* ██ ██ ██ ███████ ██ ██
* ██ ██ ██ ██ ██ ██
* ██ ██ ██ █████ ██ █ ██
* ██ ██ ██ ██ ██ ███ ██
* ████ ██ ███████ ███ ███
*/
add_action("view", function() {
global $pageindex, $settings, $env;
// Check to make sure that the page exists
$page = $env->page;
if(!isset($pageindex->$page))
{
// todo make this intelligent so we only redirect if the user is acutally able to create the page
if($settings->editing)
{
// Editing is enabled, redirect to the editing page
http_response_code(307); // Temporary redirect
header("location: index.php?action=edit&newpage=yes&page=" . rawurlencode($env->page));
exit();
}
else
{
// Editing is disabled, show an error message
http_response_code(404);
exit(page_renderer::render_main("404: Page not found - $env->page - $settings->sitename", "
$env->page does not exist.
Since editing is currently disabled on this wiki, you may not create this page. If you feel that this page should exist, try contacting this wiki's Administrator.
"));
}
}
// Perform a redirect if the requested page is a redirect page
if(isset($pageindex->$page->redirect) &&
$pageindex->$page->redirect === true)
{
$send_redirect = true;
if(isset($_GET["redirect"]) && $_GET["redirect"] == "no")
$send_redirect = false;
if($send_redirect)
{
// Todo send an explanatory page along with the redirect
http_response_code(307);
$redirectUrl = "?action=$env->action&redirected_from=$env->page";
$hashCode = "";
$newPage = $pageindex->$page->redirect_target;
if(strpos($newPage, "#") !== false)
{
// Extract the part after the hash symbol
$hashCode = substr($newPage, strpos($newPage, "#") + 1);
// Remove the hash from the new page name
$newPage = substr($newPage, 0, strpos($newPage, "#"));
}
$redirectUrl .= "&page=$newPage";
if(!empty($pageindex->$newPage->redirect))
$redirectUrl .= "&redirect=no";
if(strlen($hashCode) > 0)
$redirectUrl .= "#$hashCode";
header("location: $redirectUrl");
exit();
}
}
$title = "$env->page - $settings->sitename";
if(isset($pageindex->$page->protect) && $pageindex->$page->protect === true)
$title = $settings->protectedpagechar . $title;
$content = "";
if(!$env->is_history_revision)
$content .= "
$env->page
\n";
else
{
$content .= "
Revision #{$env->history->revision_number} of $env->page
\n";
$content .= "
(Revision saved by {$env->history->revision_data->editor} " . render_timestamp($env->history->revision_data->timestamp) . ". Jump to the current revision or see a list of all revisions for this page.)
\n";
}
// Add an extra message if the requester was redirected from another page
if(isset($_GET["redirected_from"]))
$content .= "
\n";
}
/*else
{
$content .= "\n";
}*/
if($settings->show_subpages)
{
$subpages = get_object_vars(get_subpages($pageindex, $env->page));
if(count($subpages) > 0)
{
$content .= "";
$content .= "Subpages: ";
foreach($subpages as $subpage => $times_removed)
{
if($times_removed <= $settings->subpages_display_depth)
{
$content .= "$subpage, ";
}
}
// Remove the last comma from the content
$content = substr($content, 0, -2);
}
}
$content .= "\n\t\t\n";
// Prevent indexing of this page if it's still within the noindex
// time period
if(isset($settings->delayed_indexing_time) and
time() - $pageindex->{$env->page}->lastmodified < $settings->delayed_indexing_time)
header("x-robots-tag: noindex");
$settings->footer_message = "Last edited at " . date('h:ia T \o\n j F Y', $pageindex->{$env->page}->lastmodified) . ".\n
" . $settings->footer_message; // Add the last edited time to the footer
$mode = isset($_GET["mode"]) ? strtolower(trim($_GET["mode"])) : "normal";
switch($mode)
{
case "contentonly":
// Content only mode: Send only the content of the page
exit($content);
case "parsedsourceonly":
// Parsed source only mode: Send only the raw rendered source
exit($rawRenderedSource);
case "printable":
// Printable mode: Sends a printable version of the page
exit(page_renderer::render_minimal($title, $content));
case "normal":
default:
// Normal mode: Send a normal page
exit(page_renderer::render_main($title, $content));
}
});
}
]);
register_module([
"name" => "Parsedown",
"version" => "0.9.7",
"author" => "Emanuil Rusev & Starbeamrainbowlabs",
"description" => "An upgraded (now default!) parser based on Emanuil Rusev's Parsedown Extra PHP library (https://github.com/erusev/parsedown-extra), which is licensed MIT. Please be careful, as this module adds some weight to your installation, and also *requires* write access to the disk on first load.",
"id" => "parser-parsedown",
"code" => function() {
global $settings;
$parser = new PeppermintParsedown();
$parser->setInternalLinkBase("?page=%s");
add_parser("parsedown", function($source) use ($parser) {
global $settings;
if($settings->clean_raw_html)
$parser->setMarkupEscaped(true);
else
$parser->setMarkupEscaped(false);
$result = $parser->text($source);
return $result;
});
add_help_section("20-parser-default", "Editor Syntax",
"
$settings->sitename's editor uses an extended version of Parsedown to render pages, which is a fantastic open source Github flavoured markdown parser. You can find a quick reference guide on Github flavoured markdown here by adam-p, or if you prefer a book Mastering Markdown by KB is a good read, and free too!
Tips
Put 2 spaces at the end of a line to add a soft line break. Leave a blank line to add a head line break (i.e. a new paragraph).
You can add an id to a header that you can link to. Put it in curly braces after the heading name like this: # Heading Name {#HeadingId}. Then you can link to like like this: [[Page name#HeadingId}]]. You can also link to a heading id on the current page by omitting the page name: [[#HeadingId]].
Extra Syntax
$settings->sitename's editor also supports some extra custom syntax, some of which is inspired by Mediawiki.
An image with a caption that fits inside a 256px x 256px box, preserving aspect ratio. The caption is taken from the alt text.
![Alt text](Files/Cheese.png)
An example of the short url syntax for images. Simply enter the page name of an image (or video / audio file), and Pepperminty Wiki will sort out the url for you.
Note that the all image image syntax above can be mixed and matched to your liking. The caption option in particular must come last or next to last.
Templating
$settings->sitename also supports including one page in another page as a template. The syntax is very similar to that of Mediawiki. For example, {{Announcement banner}} will include the contents of the \"Announcement banner\" page, assuming it exists.
You can also use variables. Again, the syntax here is very similar to that of Mediawiki - they can be referenced in the included page by surrrounding the variable name in triple curly braces (e.g. {{{Announcement text}}}), and set when including a page with the bar syntax (e.g. {{Announcement banner | importance = high | text = Maintenance has been planned for tonight.}}). Currently the only restriction in templates and variables is that you may not include a closing curly brace (}) in the page name, variable name, or value.
Special Variables
$settings->sitename also supports a number of special built-in variables. Their syntax and function are described below:
Type this
To get this
{{{@}}}
Lists all variables and their values in a table.
{{{#}}}
Shows a 'stack trace', outlining all the parent includes of the current page being parsed.
{{{~}}}
Outputs the requested pagee's name.
{{{*}}}
Outputs a comma separated list of all the subpages of the current page.
{{{+}}}
Shows a gallery containing all the files that are sub pages of the current page.