Removed a call to wrCommonSandboxParse: The wrreport extension should not depend...
[philipp/winterrodeln/mediawiki_extensions/wrreport.git] / wrreport.body.php
1 <?php
2 // Classes for the wrreport extension.
3
4
5 // Special page
6 // ------------
7
8 /// Specal Page to show reports
9 class SpecialWrReport extends SpecialPage {
10         function __construct() {
11                 parent::__construct('wrreport');
12         }
13
14
15         /// \param $par Possibilities:
16         /// - action == 'view' (default)
17         /// - action == 'preview': Preview new report
18         /// - action == 'store': Store new report
19         /// - action == 'deletepreview': Preview the deleted record
20         /// - action == 'delete': Delete an existing report
21         /// - action == 'showerror': Shows the error and exits
22         /// \param $override_action If not NULL (default), it overrides the action in $par
23         /// \param $errorMsg UFT-8 encoded error message (in WikiText) to show on top of the page or NULL (default):
24         function execute($par, $override_action = NULL, $errorMsg = NULL) {
25                 global $wgRequest, $wgOut, $wgParser;
26
27                 $this->setHeaders();
28
29                 // Get request data
30                 $action = $wgRequest->getText('action');
31                 if (!$action) {
32                         if ($wgRequest->getVal('preview')) $action = 'preview';
33                         elseif ($wgRequest->getVal('store')) $action = 'store';
34                         elseif ($wgRequest->getVal('deletepreview')) $action = 'deletepreview';
35                         elseif ($wgRequest->getVal('delete')) $action = 'delete';
36                         else $action = 'view';
37                 }
38                 if ($override_action) $action = $override_action;
39
40                 // Show error message
41                 if ($errorMsg || $action == 'showerror') {
42                         $wgOut->addWikiText('<div class="errorbox">' . $errorMsg . "</div>\n");
43                         if ($action == 'showerror') return;
44                 }
45
46                 // Action view
47                 if ($action == 'view') {                
48                         $conditions = array('date_invalid > now()');
49                         $rows = wrReportGetReports($conditions);
50                         if (count($rows) == 0) $wgOut->addHTML(wfMsg('wrreport-reports-none'));
51                         else {
52                                 $wgOut->addWikiText(''); // this is necessary because otherwise $wgParser is not properly initialized but $wgParser is needed in the next line
53                                 $wgOut->addHTML(wrReportTableRender2($rows, WRREPORT_DETAIL, wrReportUserMayDelete(), $wgParser)); 
54                         }
55                 }
56
57                 // Action deletepreview or delete
58                 elseif ($action == 'deletepreview' || $action == 'delete') {
59                         $reportid = (int) $wgRequest->getText('reportid');
60                         if ($reportid == 0) {
61                                 $this->execute($par, 'showerror', wfMsg('wrreport-deletereport-noreport'));
62                                 return;
63                         }
64                         $rows = wrReportGetReports(array('id' => $reportid));
65                         if (count($rows) != 1) {
66                                 $this->execute($par, 'showerror', wfMsg('wrreport-deletereport-invalid'));
67                                 return;
68                         }
69                         $row = $rows[0];
70                         if (!is_null($row['delete_date'])) {
71                                 $this->execute($par, 'showerror', wfMsg('wrreport-deletereport-alreadydeleted'));
72                                 return;
73                         }
74                         $delete_reason_public = $wgRequest->getText('delete_reason_public');
75                         $delete_person_name = $wgRequest->getText('delete_person_name');
76                         $delete_invisible = $wgRequest->getText('delete_invisible') ? TRUE : FALSE;
77                         if ($action == 'delete') {
78                                 // page
79                                 $title = Title::newFromId($row['page_id']);
80
81                                 // user
82                                 global $wgUser;
83                                 $delete_person_userid = $wgUser->getId();
84                                 if ($delete_person_userid == 0) $delete_person_userid = NULL; // to store a NULL value in the database if no user is logged in instead of 0.
85                                 $delete_person_username = $wgUser->getName();
86
87                                 // Check permissions - see also function wrReportUserMayDelete, that does also check permissions but does not return an error message.
88                                 $errorMsg = NULL;
89                                 global $wgWrReportDeleteMode;
90                                 if ($wgWrReportDeleteMode == 'deny') $errorMsg = wfMsg('wrreport-deletereport-deny');
91                                 elseif ($wgWrReportDeleteMode == 'loggedin' && !$wgUser->isLoggedIn()) $errorMsg = wfMsg('wrreport-deletereport-loggedin');
92                                 elseif (!$delete_person_name || !$delete_reason_public) $errorMsg = wfMsg('wrreport-deletereport-incomplete');
93                                 if ($errorMsg) {
94                                         $this->execute($par, 'deletepreview', $errorMsg);
95                                         return;
96                                 }
97                                 
98                                 // "Delete" (update) entry
99                                 $dbr = wfGetDB(DB_MASTER);
100                                 $dbr->update(
101                                         'wrreport', 
102                                         array(
103                                                 'delete_date' => date('c'),
104                                                 'delete_person_name' => $delete_person_name,
105                                                 'delete_person_ip' => $_SERVER['REMOTE_ADDR'],
106                                                 'delete_person_userid' => $delete_person_userid,
107                                                 'delete_person_username' => $delete_person_username,
108                                                 'delete_reason_public' => $delete_reason_public,
109                                                 'delete_invisible' => $delete_invisible ? 't' : 'f'
110                                         ),
111                                         array('id' => $reportid)
112                                 );
113
114                                 // Purge cache
115                                 $title->invalidateCache();
116                                 wrRecacheRegions();                             
117
118                                 // Show success message
119                                 $wgOut->addWikiText(wfMsg('wrreport-deletereport-success', '[[' . $row['page_title'] . '#' . wfMsg('wrreport-reports-sectionname') . '|' . $row['page_title'] . ']]'));
120                         }
121                         if ($action == 'deletepreview') {
122                                 $wgOut->addWikiText(wfMsg('wrreport-deletereport-preview-before'));
123                                 $format = WRREPORT_COMPACT_PAGE;
124                                 $wgOut->addHTML(wrReportTableRender2(array($row), $format, FALSE, $wgParser));
125                                 $wgOut->addWikiText(wfMsg('wrreport-deletereport-preview-after'));
126                                 $row['delete_date'] = date('c');
127                                 $row['delete_reason_public'] = $delete_reason_public;
128                                 $row['delete_person_name'] = $delete_person_name;
129                                 $row['delete_invisible'] = $delete_invisible;
130                                 $wgOut->addHTML(wrReportTableRender2(array($row), $format, FALSE, $wgParser));
131                                 $wgOut->addWikiText(wfMsg('wrreport-deletereport-preview-form'));
132                                 $wgOut->addHTML(wrDeleteReportFormRender($reportid, $delete_person_name, $delete_reason_public, $delete_invisible));
133                                 $wgOut->addWikiText(wfMsg('wrreport-deletereport-preview-bottom'));
134                         }
135                 }
136
137                 // Action preview or store
138                 elseif ($action == 'preview' || $action == 'store') {
139                         $page_title = $wgRequest->getText('page_title');
140                         $date_report = $wgRequest->getText('date_report');
141                         $condition = $wgRequest->getText('condition');
142                         $description = $wgRequest->getText('description');
143                         $author_name = $wgRequest->getText('author_name');
144                         
145                         // condition
146                         $condition = (int) $condition; // force to be nummeric. -1 ... "keine Bewertung", 0 ... "Bitte eingeben", 1 to 5 ... "Sehr gut" to "Geht nicht"
147                         if ($condition < -1 or $condition > 5) $condition = 0; // invalid condition: Tread like 0.
148                         $condition_sql = NULL;
149                         if ($condition >= 1 and $condition <= 5) $condition_sql = $condition;
150
151                         // author_name
152                         $author_name = trim($author_name);
153
154                         if ($action == 'store') {
155                                 // page_id
156                                 $title = Title::newFromText($page_title);
157                                 $page_id = $title->getArticleId();
158                                 if ($page_id == 0) $page_id = NULL;
159                                 
160                                 // user_id
161                                 global $wgUser;
162                                 $author_userid = $wgUser->getId();
163                                 if ($author_userid == 0) $author_userid = NULL; // to store a NULL value in the database if no user is logged in instead of 0.
164                                 $author_username = $wgUser->getName();
165
166                                 // check conditions/permissions
167                                 $errorMsg = NULL;
168                                 global $wgWrReportMode;
169                                 global $wgWrReportBlackListAll;
170                                 global $wgWrReportBlackListStrangers;
171                                 if ($wgWrReportMode == 'summer') $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-summer'));
172                                 elseif ($wgWrReportMode == 'deny') $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-deny'));
173                                 elseif ($wgWrReportMode == 'loggedin' && !$wgUser->isLoggedIn()) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-loggedin'));
174                                 elseif (!$page_id) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-pagenotfound'));
175                                 elseif (in_array($page_title, $wgWrReportBlackListAll)) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-blacklist'));
176                                 elseif (!$wgUser->isLoggedIn() && in_array($page_title, $wgWrReportBlackListStrangers)) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-blackliststrangers'));
177                                 elseif ($condition == 0) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-choosecondition'));
178                                 elseif (!$wgUser->isLoggedIn()) {
179                                         if (!$description) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-enterdescription'));
180                                         elseif (!(stripos($description, 'http') === FALSE)) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-nohttp'));
181                                         elseif (!$author_name) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-enterauthor'));
182                                 }
183
184                                 // check author name
185                                 if (!$errorMsg) {
186                                         $author_name_id = $wgUser->idFromName(strtolower($author_name));
187                                         if ($wgUser->isLoggedIn()) {
188                                                 if ($author_name_id != 0 && $author_name_id != $wgUser->getId())
189                                                         $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-authorused'));
190                                         } else {
191                                                 if ($author_name_id != 0)
192                                                         $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-authorlogin'));
193                                         }
194                                 }
195
196                                 // Chech whether identical reports are present
197                                 if (!$errorMsg) {
198                                         $dbr = wfGetDB(DB_SLAVE);
199                                         $cond = 'condition';
200                                         global $wgDBtype;
201                                         if ($wgDBtype == "mysql") $cond = "`$cond`"; // "condition" is a reserved word in mysql
202                                         $sqlConditions = array('page_id' => $page_id, 'date_report' => $date_report, $cond => $condition_sql, 'description' => $description, 'author_name' => $author_name);
203                                         $res = $dbr->select('wrreport', 'id', $sqlConditions);
204                                         if ($res->numRows() == 1) $errorMsg = htmlspecialchars(wfMsg('wrreport-newreport-alreadysaved'));
205                                         $dbr->freeResult($res);
206                                 }
207
208                                 // Show error if any
209                                 if ($errorMsg) {
210                                         $this->execute($par, 'preview', $errorMsg);
211                                         return;
212                                 }
213
214                                 // Save entry
215                                 $dbr = wfGetDB(DB_MASTER);
216                                 $dbr->insert(
217                                         'wrreport', 
218                                         array(
219                                                 'page_id' => $page_id, 
220                                                 'page_title' => $page_title, 
221                                                 'date_report' => $date_report, 
222                                                 'date_entry' => date('c'),
223                                                 'date_invalid' => date('c', strtotime('+9 days')),
224                                                 $cond => $condition_sql,
225                                                 'description' => $description,
226                                                 'author_name' => $author_name,
227                                                 'author_ip' => $_SERVER['REMOTE_ADDR'],
228                                                 'author_userid' => $author_userid,
229                                                 'author_username' => $author_username
230                                                 // 'delete_*' => // use database defaults (NULL)
231                                         )
232                                 );
233
234                                 // Purge cache
235                                 $title->invalidateCache();
236                                 wrRecacheRegions();                             
237                                 wrUpdateWrReportCacheTable($page_id);
238
239                                 // Show success message
240                                 $wgOut->addWikiText(wfMsg('wrreport-newreport-success', '[[' . $page_title . '#' . wfMsg('wrreport-reports-sectionname') . '|' . $page_title . ']]'));
241                                 // We could redirect to result with the following line but we don't want to.
242                                 // $wgOut->redirect($title->getFullURL() . '#' . wfMsg('wrreport-reports-sectionname'));
243                         }
244                         if ($action == 'preview') {
245                                 $wgOut->addWikiText(wfMsg('wrreport-newreport-preview-top'));
246                                 $format = WRREPORT_COMPACT_PAGE;
247                                 $row = array_fill_keys(wrReportGetColumnNames(), NULL);
248                                 $row['page_title'] = $page_title;
249                                 $row['date_report'] = $date_report;
250                                 $row['condition'] = $condition_sql;
251                                 $row['description'] = $description;
252                                 $row['author_name'] = $author_name;
253                                 $wgOut->addHTML(wrReportTableRender2(array($row), $format, FALSE, $wgParser));
254                                 $wgOut->addWikiText(wfMsg('wrreport-newreport-preview-middle'));
255                                 $wgOut->addHTML(wrReportFormRender(FALSE, $page_title, $date_report, $condition, $description, $author_name));
256                                 $wgOut->addWikiText(wfMsg('wrreport-newreport-preview-bottom'));
257                         } 
258                         
259                 }
260
261                 else die('Wrong action');
262         }
263 }
264
265
266 ?>