* #8 - Rogue tag - nibreh
*/
// Initialises a new object to store your wiki's settings in. Please don't touch this.
$settings = new stdClass();
// The site's name. Used all over the place.
// Note that by default the session cookie is perfixed with a variant of the sitename so changing this will log everyone out!
$settings->sitename = "Pepperminty Wiki";
// The url from which to fetch updates. Defaults to the master (development)
// branch If there is sufficient demand, a separate stable branch will be
// created. Note that if you use the automatic updater currently it won't save
// your module choices.
// MAKE SURE THAT THIS POINTS TO A *HTTPS* URL, OTHERWISE SOMEONE COULD INJECT A VIRUS INTO YOUR WIKI
$settings->updateurl = "https://raw.githubusercontent.com/sbrl/pepperminty-wiki/master/index.php";
// The secret key used to perform 'dangerous' actions, like updating the wiki,
// and deleting pages. It is strongly advised that you change this!
$settings->sitesecret = "ed420502615bac9037f8f12abd4c9f02";
// Determined whether edit is enabled. Set to false to disable disting for all
// users (anonymous or otherwise).
$settings->editing = true;
// The maximum number of characters allowed in a single page. The default is
// 135,000 characters, which is about 50 pages.
$settings->maxpagesize = 135000;
// Determined whether users who aren't logged in are allowed to edit your wiki.
// Set to true to allow anonymous users to log in.
$settings->anonedits = false;
// The name of the page that will act as the home page for the wiki. This page
// will be served if the user didn't specify a page.
$settings->defaultpage = "Main Page";
// The default action. This action will be performed if no other action is
// specified. It is recommended you set this to "view" - that way the user
// automatically views the default page (see above).
$settings->defaultaction = "view";
// Whether to show a list of subpages at the bottom of the page.
$settings->show_subpages = true;
// The depth to which we should display when listing subpages at the bottom of
// the page.
$settings->subpages_display_depth = 3;
// An array of usernames and passwords - passwords should be hashed with
// sha256. Put one user / password on each line, remembering the comma at the
// end. The last user in the list doesn't need a comma after their details though.
$settings->users = [
"admin" => "5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8", //password
"user" => "873ac9ffea4dd04fa719e8920cd6938f0c23cd678af330939cff53c3d2855f34" //cheese
];
// An array of usernames that are administrators. Administrators can delete and
// move pages.
$settings->admins = [ "admin" ];
// The string that is prepended before an admin's name on the nav bar. Defaults
// to a diamond shape (◆).
$settings->admindisplaychar = "◆";
// Contact details for the site administrator. Since users can only be added by
// editing this file, people will need a contact address to use to ask for an
// account. Displayed at the bottom of the page, and will be appropriately
// obfusticated to deter spammers.
$settings->admindetails = [
"name" => "Administrator",
"email" => "admin@localhost"
];
// Whether to only allow adminstrators to export the your wiki as a zip using
// the page-export module.
$settings->export_allow_only_admins = false;
// Array of links and display text to display at the top of the site.
// Format:
// [ "Display Text", "Link" ]
// You can also use strings here and they will be printed as-is, except the
// following special strings:
// user-status Expands to the user's login information
// e.g. "Logged in as {name}. | Logout".
// e.g. "Browsing as Anonymous. | Login".
//
// search Expands to a search box.
//
// divider Expands to a divider to separate stuff.
//
// more Expands to the "More..." submenu.
$settings->nav_links = [
"user-status",
[ "Home", "index.php" ],
// [ "Login", "index.php?action=login" ],
"search",
[ "Read", "index.php?page={page}" ],
[ "Edit", "index.php?action=edit&page={page}" ],
[ "Printable", "index.php?action=view&printable=yes&page={page}" ],
//"divider",
[ "All Pages", "index.php?action=list" ],
"menu"
];
// An array of additional links in the above format that will be shown under
// "More" subsection.
$settings->nav_links_extra = [
[ $settings->admindisplaychar . "Delete", "index.php?action=delete&page={page}" ],
[ $settings->admindisplaychar . "Move", "index.php?action=move&page={page}" ]
];
// An array of links in the above format that will be shown at the bottom of
// the page.
$settings->nav_links_bottom = [
[ "Credits", "index.php?action=credits" ],
[ "Help", "index.php?action=help" ]
];
// A message that will appear at the bottom of every page. May contain HTML.
$settings->footer_message = "All content is under this license.";
// A string of css to include. Will be included in the
of every page
// inside a ";
}
public static $nav_divider = " | ";
/*
* @summary Function to render a navigation bar from an array of links. See
* $settings->nav_links for format information.
*
* @param $nav_links - The links to add to the navigation bar.
* @param $nav_links_extra - The extra nav links to add to the "More..."
* menu.
*/
public static function render_navigation_bar($nav_links, $nav_links_extra, $class = "")
{
global $settings, $env;
$result = "";
return $result;
}
public static function render_username($name)
{
global $settings;
$result = "";
if(in_array($name, $settings->admins))
$result .= $settings->admindisplaychar;
$result .= $name;
return $result;
}
public static function generate_all_pages_datalist()
{
global $pageindex;
$result = "";
return $result;
}
}
//////////////////////////
/// Module functions ///
//////////////////////////
// These functions are //
// used by modules to //
// register themselves //
// or new pages. //
//////////////////////////
$modules = []; // List that contains all the loaded modules
// Function to register a module
function register_module($moduledata)
{
global $modules;
//echo("registering module\n");
//var_dump($moduledata);
$modules[] = $moduledata;
}
// Function to register an action handler
$actions = new stdClass();
function add_action($action_name, $func)
{
global $actions;
//echo("adding $action_name\n");
$actions->$action_name = $func;
}
// Function to register a new parser. If multiple parsers are registered then
// only the last parser registered will actually be used.
$parse_page_source = function() {
throw new Exception("No parser registered!");
};
function add_parser($parser_code)
{
global $parse_page_source;
$parse_page_source = $parser_code;
}
//////////////////////////////////////////////////////////////////
register_module([
"name" => "Password hashing action",
"version" => "0.5",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a utility action (that anyone can use) called hash that hashes a given string. Useful when changing a user's password.",
"id" => "action-hash",
"code" => function() {
add_action("hash", function() {
if(!isset($_GET["string"]))
{
http_response_code(422);
exit(page_renderer::render_main("Missing parameter", "
The GET parameter string must be specified.
It is strongly recommended that you utilise this page via a private or incognito window in order to prevent your password from appearing in your browser history.
")));
}
});
}
]);
register_module([
"name" => "Raw page source",
"version" => "0.3",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a 'raw' action that shows you the raw source of a page.",
"id" => "action-raw",
"code" => function() {
add_action("raw", function() {
global $env;
http_response_code(307);
header("x-filename: " . rawurlencode($env->page) . ".md");
header("content-type: text/markdown");
exit(file_get_contents("$env->page.md"));
exit();
});
}
]);
register_module([
"name" => "Sidebar",
"version" => "0.2",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a sidebar to the left hand side of every page. Add '\$settings->sidebar_show = true;' to your configuration, or append '&sidebar=yes' to the url to enable. Adding to the url sets a cookie to remember your setting.",
"id" => "extra-sidebar",
"code" => function() {
$show_sidebar = false;
// Show the sidebar if it is enabled in the settings
if(isset($settings->sidebar_show) && $settings->sidebar_show === true)
$show_sidebar = true;
// Also show and persist the sidebar if the special GET parameter
// sidebar is seet
if(!$show_sidebar && isset($_GET["sidebar"]))
{
$show_sidebar = true;
// Set a cookie to persist the display of the sidebar
setcookie("sidebar_show", "true", time() + (60 * 60 * 24 * 30));
}
// Show the sidebar if the cookie is set
if(!$show_sidebar && isset($_COOKIE["sidebar_show"]))
$show_sidebar = true;
// Delete the cookie and hide the sidebar if the special GET paramter
// nosidebar is set
if(isset($_GET["nosidebar"]))
{
$show_sidebar = false;
unset($_COOKIE["sidebar_show"]);
setcookie("sidebar_show", null, time() - 3600);
}
page_renderer::register_part_preprocessor(function(&$parts) use ($show_sidebar) {
global $settings, $pageindex;
if($show_sidebar && !isset($_GET["printable"]))
{
// Show the sidebar
$exec_start = microtime(true);
// Sort the pageindex
$sorted_pageindex = get_object_vars($pageindex);
ksort($sorted_pageindex, SORT_NATURAL);
$sidebar_contents = "";
$sidebar_contents .= render_sidebar($sorted_pageindex);
$parts["{body}"] = "
" . $parts["{body}"] . "
";
}
});
}
]);
/*
* @summary Renders the sidebar for a given pageindex.
*
* @param $pageindex {array} - The pageindex to render the sidebar for
* @param $root_pagename {string} - The pagename that should be considered the root of the rendering. You don't usually need to use this, it is used by the algorithm itself since it is recursive.
*
* @returns {string} A HTML rendering of the sidebar for the given pageindex
*/
function render_sidebar($pageindex, $root_pagename = "")
{
global $settings;
$result = "
$details)
{
// If we have a valid root pagename, and it isn't present at the
// beginning of the current pagename, skip it
if($root_pagename !== "" && strpos($pagename, $root_pagename) !== 0)
continue;
// The current page is the same as the root page, skip it
if($pagename == $root_pagename)
continue;
// If the part of the current pagename that comes after the root
// pagename has a slash in it, skip it as it is a sub-sub page.
if(strpos(substr($pagename, strlen($root_pagename)), "/") !== false)
continue;
$result .= "
$settings->sitename is powered by Pepperminty Wiki - an entire wiki packed inside a single file, which was built by Starbeamrainbowlabs, and can be found on GitHub (contributors will ablso be listed here in the future).
Click here to go back."));
}
$page = $env->page;
unset($pageindex->$page); //delete the page from the page index
file_put_contents("./pageindex.json", json_encode($pageindex, JSON_PRETTY_PRINT)); //save the new page index
unlink("./$env->page.md"); //delete the page from the disk
exit(page_renderer::render_main("Deleting $env->page - $settings->sitename", "
"));
}
if(!$env->is_logged_in and !$settings->anonedits)
{
http_response_code(403);
header("refresh: 5; url=index.php?page=$env->page");
exit("You are not logged in, so you are not allowed to save pages on $settings->sitename. Redirecting in 5 seconds....");
}
if(!isset($_POST["content"]))
{
http_response_code(400);
header("refresh: 5; url=index.php?page=$env->page");
exit("Bad request: No content specified.");
}
// Make sure that the directory in which the page needs to be saved exists
if(!is_dir(dirname("$env->page.md")))
{
// Recursively create the directory if needed
mkdir(dirname("$env->page.md"), null, true);
}
if(file_put_contents("$env->page.md", htmlentities($_POST["content"]), ENT_QUOTES) !== false)
{
$page = $env->page;
// Make sure that this page's parents exist
check_subpage_parents($page);
//update the page index
if(!isset($pageindex->$page))
{
$pageindex->$page = new stdClass();
$pageindex->$page->filename = "$env->page.md";
}
$pageindex->$page->size = strlen($_POST["content"]);
$pageindex->$page->lastmodified = time();
if($isloggedin)
$pageindex->$page->lasteditor = utf8_encode($env->user);
else
$pageindex->$page->lasteditor = utf8_encode("anonymous");
file_put_contents("./pageindex.json", json_encode($pageindex, JSON_PRETTY_PRINT));
if(isset($_GET["newpage"]))
http_response_code(201);
else
http_response_code(200);
header("location: index.php?page=$env->page&edit_status=success");
exit();
}
else
{
http_response_code(507);
exit(page_renderer::render_main("Error saving page - $settings->sitename", "
$settings->sitename failed to write your changes to the disk. Your changes have not been saved, but you might be able to recover your edit by pressing the back button in your browser.
Please tell the administrator of this wiki (" . $settings->admindetails["name"] . ") about this problem.
"));
}
});
}
]);
register_module([
"name" => "Export",
"version" => "0.2",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a page that you can use to export your wiki as a .zip file. Uses \$settings->export_only_allow_admins, which controls whether only admins are allowed to export the wiki.",
"id" => "page-export",
"code" => function() {
add_action("export", function() {
global $settings, $pageindex, $env;
if($settings->export_allow_only_admins && !$env->is_admin)
{
http_response_code(401);
exit(page_renderer::render("Export error - $settings->sitename", "Only administrators of $settings->sitename are allowed to export the wiki as a zip. Return to the $settings->defaultpage."));
}
$tmpfilename = tempnam(sys_get_temp_dir(), "pepperminty-wiki-");
$zip = new ZipArchive();
if($zip->open($tmpfilename, ZipArchive::CREATE) !== true)
{
http_response_code(507);
exit(page_renderer::render("Export error - $settings->sitename", "Pepperminty Wiki was unable to open a temporary file to store the exported data in. Please contact $settings->sitename's administrator (" . $settings->admindetails["name"] . " at " . hide_email($settings->admindetails["email"]) . ") for assistance."));
}
foreach($pageindex as $entry)
{
$zip->addFile("./$entry->filename", $entry->filename);
}
if($zip->close() !== true)
{
http_response_code(500);
exit(page_renderer::render("Export error - $settings->sitename", "Pepperminty wiki was unable to close the temporary zip file after creating it. Please contact $settings->sitename's administrator (" . $settings->admindetails["name"] . " at " . hide_email($settings->admindetails["email"]) . ") for assistance."));
}
header("content-type: application/zip");
header("content-disposition: attachment; filename=$settings->sitename-export.zip");
header("content-length: " . filesize($tmpfilename));
$zip_handle = fopen($tmpfilename, "rb");
fpassthru($zip_handle);
fclose($zip_handle);
unlink($tmpfilename);
});
}
]);
register_module([
"name" => "Help page",
"version" => "0.6",
"author" => "Starbeamrainbowlabs",
"description" => "Adds the help action. You really want this one.",
"id" => "page-help",
"code" => function() {
add_action("help", function() {
global $settings, $version;
$title = "Help - $settings->sitename";
$content = "
$settings->sitename Help
Welcome to $settings->sitename!
$settings->sitename is powered by Pepperminty wiki, a complete wiki in a box you can drop into your server.
Navigating
All the navigation links can be found in the top right corner, along with a box in which you can type a page name and hit enter to be taken to that page (if your site administrator has enabled it).
In order to edit pages on $settings->sitename, you probably need to be logged in. If you do not already have an account you will need to ask $settings->sitename's administrator for an account since there is not registration form. Note that the $settings->sitename's administrator may have changed these settings to allow anonymous edits.
Editing
$settings->sitename's editor uses a modified version of slimdown, a flavour of markdown that is implementated using regular expressions. See the credits page for more information and links to the original source for this. A quick reference can be found below:
In addition, the following extra syntax is supported for images:
Size the image to at most 250 pixels wide:
![Alt text](//starbeamrainbowlabs.com/favicon-small.png 250px)
Size the image to at most 120px wide and have it float at the right ahnd size of the page:
![Alt text](//starbeamrainbowlabs.com/favicon-small.png 120px right)
Administrator Actions
By default, the delete and move actions are shown on the nav bar. These can be used by administrators to delete or move pages.
The other thing admininistrators can do is update the wiki (provided they know the site's secret). This page can be found here: Update $settings->sitename.
$settings->sitename is currently running on Pepperminty Wiki $version
";
exit(page_renderer::render_main($title, $content));
});
}
]);
register_module([
"name" => "Page list",
"version" => "0.6",
"author" => "Starbeamrainbowlabs",
"description" => "Adds a page that lists all the pages in the index along with their metadata.",
"id" => "page-list",
"code" => function() {
add_action("list", function() {
global $pageindex, $settings;
$sorted_pageindex = get_object_vars($pageindex);
ksort($sorted_pageindex, SORT_NATURAL);
$title = "All Pages";
$content = "
$title on $settings->sitename
Page Name
Size
Last Editor
Last Edit Time
\n";
// todo list the pages in alphabetical order
foreach($sorted_pageindex as $pagename => $pagedetails)
{
$content .= "\t\t
You tried to move $page, but the new name you gave is the same as it's current name.
It is possible that you tried to use some characters in the new name that are not allowed and were removed.
Page names may only contain alphanumeric characters, dashes, and underscores.
"));
//move the page in the page index
$pageindex->$new_name = new stdClass();
foreach($pageindex->$page as $key => $value)
{
$pageindex->$new_name->$key = $value;
}
unset($pageindex->$page);
file_put_contents("./pageindex.json", json_encode($pageindex, JSON_PRETTY_PRINT));
//move the page on the disk
rename("$env->page.md", "$new_name.md");
exit(page_renderer::render_main("Moving $env->page", "
"));
});
}
]);
register_module([
"name" => "Update",
"version" => "0.6.1",
"author" => "Starbeamrainbowlabs",
"description" => "Adds an update page that downloads the latest stable version of Pepperminty Wiki. This module is currently outdated as it doesn't save your module preferences.",
"id" => "page-update",
"code" => function() {
add_action("update", function() {
global $settings, $env;
if(!$env->is_admin)
{
http_response_code(401);
exit(page_renderer::render_main("Update - Error", "
This page allows you to update $settings->sitename.
Currently, $settings->sitename is using $settings->version of Pepperminty Wiki.
This script will automatically download and install the latest version of Pepperminty Wiki from the url of your choice (see settings), regardless of whether an update is actually needed (version checking isn't implemented yet).
To update $settings->sitename, fill out the form below and click click the update button.
Note that a backup system has not been implemented yet! If this script fails you will loose your wiki's code and have to re-build it.
You forgot to enter $settings->sitename's secret code or entered it incorrectly. $settings->sitename's secret can be found in the settings portion of index.php.
"));
}
$settings_separator = "/////////////// Do not edit below this line unless you know what you are doing! ///////////////";
$log = "Beginning update...\n";
$log .= "I am " . __FILE__ . ".\n";
$oldcode = file_get_contents(__FILE__);
$log .= "Fetching new code...";
$newcode = file_get_contents($settings->updateurl);
$log .= "done.\n";
$log .= "Rewriting " . __FILE__ . "...";
$settings = substr($oldcode, 0, strpos($oldcode, $settings_separator));
$code = substr($newcode, strpos($newcode, $settings_separator));
$result = $settings . $code;
$log .= "done.\n";
$log .= "Saving...";
file_put_contents(__FILE__, $result);
$log .= "done.\n";
$log .= "Update complete. I am now running on the latest version of Pepperminty Wiki.";
$log .= "The version number that I have updated to can be found on the credits or help ages.";
exit(page_renderer::render_main("Update - Success", "
" . implode("
", explode("\n", $log)) . "
"));
});
}
]);
register_module([
"name" => "Page viewer",
"version" => "0.9",
"author" => "Starbeamrainbowlabs",
"description" => "Allows you to view pages. You should include this one.",
"id" => "page-view",
"code" => function() {
add_action("view", function() {
global $pageindex, $settings, $env, $parse_page_source;
// Check to make sure that the page exists
$page = $env->page;
if(!isset($pageindex->$page))
{
// todo make this intelligent so we only redirect if the user is acutally able to create the page
if($settings->editing)
{
// Editing is enabled, redirect to the editing page
http_response_code(307); // Temporary redirect
header("location: index.php?action=edit&newpage=yes&page=" . rawurlencode($env->page));
exit();
}
else
{
// Editing is disabled, show an error message
http_response_code(404);
exit(page_renderer::render_main("$env->page - 404 - $settings->sitename", "
$env->page does not exist.
Since editing is currently disabled on this wiki, you may not create this page. If you feel that this page should exist, try contacting this wiki's Administrator.