2 rcs_id('$Id: Request.php,v 1.70 2004-10-21 19:59:18 rurban Exp $');
4 Copyright (C) 2002,2004 $ThePhpWikiProgrammingTeam
6 This file is part of PhpWiki.
8 PhpWiki is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License as published by
10 the Free Software Foundation; either version 2 of the License, or
11 (at your option) any later version.
13 PhpWiki is distributed in the hope that it will be useful,
14 but WITHOUT ANY WARRANTY; without even the implied warranty of
15 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 GNU General Public License for more details.
18 You should have received a copy of the GNU General Public License
19 along with PhpWiki; if not, write to the Free Software
20 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
23 // backward compatibility for PHP < 4.2.0
24 if (!function_exists('ob_clean')) {
35 $this->_fix_magic_quotes_gpc();
36 $this->_fix_multipart_form_data();
38 switch($this->get('REQUEST_METHOD')) {
41 $this->args = &$GLOBALS['HTTP_GET_VARS'];
44 $this->args = &$GLOBALS['HTTP_POST_VARS'];
47 $this->args = array();
51 $this->session = new Request_SessionVars;
52 $this->cookies = new Request_CookieVars;
55 if (! is_writeable(ACCESS_LOG)) {
57 (sprintf(_("%s is not writable."), _("The PhpWiki access log file"))
59 . sprintf(_("Please ensure that %s is writable, or redefine %s in config/config.ini."),
60 sprintf(_("the file '%s'"), ACCESS_LOG),
65 $this->_log_entry = & new Request_AccessLogEntry($this,
69 $GLOBALS['request'] = $this;
73 if (!empty($GLOBALS['HTTP_SERVER_VARS']))
74 $vars = &$GLOBALS['HTTP_SERVER_VARS'];
75 else // cgi or other servers than Apache
76 $vars = &$GLOBALS['HTTP_ENV_VARS'];
78 if (isset($vars[$key]))
83 $addr = $vars['REMOTE_ADDR'];
84 if (defined('ENABLE_REVERSE_DNS') && ENABLE_REVERSE_DNS)
85 return $vars[$key] = gethostbyaddr($addr);
93 function getArg($key) {
94 if (isset($this->args[$key]))
95 return $this->args[$key];
103 function setArg($key, $val) {
105 unset($this->args[$key]);
107 $this->args[$key] = $val;
110 // Well oh well. Do we really want to pass POST params back as GET?
111 function getURLtoSelf($args = false, $exclude = array()) {
112 $get_args = $this->args;
114 $get_args = array_merge($get_args, $args);
116 // Err... good point...
118 if ($this->isPost()) {
119 $exclude = array_merge($exclude, array('action','auth'));
120 //$get_args = $args; // or only the provided
122 trigger_error("Request::getURLtoSelf() should probably not be from POST",
127 foreach ($exclude as $ex) {
128 if (!empty($get_args[$ex])) unset($get_args[$ex]);
131 $pagename = $get_args['pagename'];
132 unset ($get_args['pagename']);
133 if (!empty($get_args['action']) and $get_args['action'] == 'browse')
134 unset($get_args['action']);
136 return WikiURL($pagename, $get_args);
140 return $this->get("REQUEST_METHOD") == "POST";
143 function isGetOrHead () {
144 return in_array($this->get('REQUEST_METHOD'),
145 array('GET', 'HEAD'));
148 function httpVersion() {
149 if (!preg_match('@HTTP\s*/\s*(\d+.\d+)@', $this->get('SERVER_PROTOCOL'), $m))
151 return (float) $m[1];
154 function redirect($url, $noreturn=true) {
155 $bogus = defined('DISABLE_HTTP_REDIRECT') and DISABLE_HTTP_REDIRECT;
158 header("Location: $url");
160 * "302 Found" is not really meant to be sent in response
161 * to a POST. Worse still, according to (both HTTP 1.0
162 * and 1.1) spec, the user, if it is sent, the user agent
163 * is supposed to use the same method to fetch the
164 * redirected URI as the original.
166 * That means if we redirect from a POST, the user-agent
167 * supposed to generate another POST. Not what we want.
168 * (We do this after a page save after all.)
170 * Fortunately, most/all browsers don't do that.
172 * "303 See Other" is what we really want. But it only
175 * FIXME: this is still not spec compliant for HTTP
178 $status = $this->httpVersion() >= 1.1 ? 303 : 302;
180 $this->setStatus($status);
184 include_once('lib/Template.php');
185 $this->discardOutput();
186 $tmpl = new Template('redirect', $this, array('REDIRECT_URL' => $url));
192 function redirect(url) {
193 if (typeof location.replace == 'function')
194 location.replace(url);
195 else if (typeof location.assign == 'function')
196 location.assign(url);
198 window.location = url;
200 redirect('" . addslashes($url) . "')");
204 /** Set validators for this response.
206 * This sets a (possibly incomplete) set of validators
209 * The validator set can be extended using appendValidators().
211 * When you're all done setting and appending validators, you
212 * must call checkValidators() to check them and set the
213 * appropriate headers in the HTTP response.
217 * $request->setValidators(array('pagename' => $pagename,
218 * '%mtime' => $rev->get('mtime')));
220 * // Wups... response content depends on $otherpage, too...
221 * $request->appendValidators(array('otherpage' => $otherpagerev->getPageName(),
222 * '%mtime' => $otherpagerev->get('mtime')));
224 * // After all validators have been set:
225 * $request->checkValidators();
227 function setValidators($validator_set) {
228 if (is_array($validator_set))
229 $validator_set = new HTTP_ValidatorSet($validator_set);
230 $this->_validators = $validator_set;
233 /** Append more validators for this response.
234 * i.e dependencies on other pages mtimes
235 * now it may be called in init also to simplify client code.
237 function appendValidators($validator_set) {
238 if (!isset($this->_validators)) {
239 $this->setValidators($validator_set);
242 $this->_validators->append($validator_set);
245 /** Check validators and set headers in HTTP response
247 * This sets the appropriate "Last-Modified" and "ETag"
248 * headers in the HTTP response.
250 * Additionally, if the validators match any(all) conditional
251 * headers in the HTTP request, this method will not return, but
252 * instead will send "304 Not Modified" or "412 Precondition
253 * Failed" (as appropriate) back to the client.
255 function checkValidators() {
256 $validators = &$this->_validators;
258 // Set validator headers
259 if (($etag = $validators->getETag()) !== false)
260 header("ETag: " . $etag->asString());
261 if (($mtime = $validators->getModificationTime()) !== false)
262 header("Last-Modified: " . Rfc1123DateTime($mtime));
264 // Set cache control headers
265 $this->cacheControl();
267 if (CACHE_CONTROL == 'NO_CACHE')
268 return; // don't check conditionals...
270 // Check conditional headers in request
271 $status = $validators->checkConditionalRequest($this);
273 // Return short response due to failed conditionals
274 $this->setStatus($status);
276 $this->discardOutput();
282 /** Set the cache control headers in the HTTP response.
284 function cacheControl($strategy=CACHE_CONTROL, $max_age=CACHE_CONTROL_MAX_AGE) {
285 if ($strategy == 'NO_CACHE') {
286 $cache_control = "no-cache";
289 elseif ($strategy == 'ALLOW_STALE' && $max_age > 0) {
290 $cache_control = sprintf("max-age=%d", $max_age);
293 $cache_control = "must-revalidate";
296 header("Cache-Control: $cache_control");
297 header("Expires: " . Rfc1123DateTime(time() + $max_age));
298 header("Vary: Cookie"); // FIXME: add more here?
301 function setStatus($status) {
302 if (preg_match('|^HTTP/.*?\s(\d+)|i', $status, $m)) {
307 $status = (integer) $status;
308 $reason = array('200' => 'OK',
310 '303' => 'See Other',
311 '304' => 'Not Modified',
312 '400' => 'Bad Request',
313 '401' => 'Unauthorized',
314 '403' => 'Forbidden',
315 '404' => 'Not Found',
316 '412' => 'Precondition Failed');
317 // FIXME: is it always okay to send HTTP/1.1 here, even for older clients?
318 header(sprintf("HTTP/1.1 %d %s", $status, $reason[$status]));
321 if (isset($this->_log_entry))
322 $this->_log_entry->setStatus($status);
325 function buffer_output($compress = true) {
326 // USECACHE = false turns off ob buffering also for now. (sf.net)
327 if (defined('USECACHE') and !USECACHE) {
328 $this->_is_buffering_output = false;
331 if (defined('COMPRESS_OUTPUT')) {
332 if (!COMPRESS_OUTPUT)
335 elseif (!check_php_version(4,2,3))
337 elseif (isCGI()) // necessary?
340 if ($GLOBALS['request']->getArg('start_debug'))
342 // Should we compress even when apache_note is not available?
343 // sf.net bug #933183 and http://bugs.php.net/17557
344 // This effectively eliminates CGI, but all other servers also. hmm.
346 and (!function_exists('ob_gzhandler')
347 or !function_exists('apache_note')))
350 // New: we check for the client Accept-Encoding: "gzip" presence also
351 // This should eliminate a lot or reported problems.
353 and (!$this->get("HTTP_ACCEPT_ENCODING")
354 or !strstr($this->get("HTTP_ACCEPT_ENCODING"), "gzip")))
357 // Most RSS clients are NOT(!) application/xml gzip compatible yet.
358 // Even if they are sending the accept-encoding gzip header!
359 // wget is, Mozilla, and MSIE no.
360 // Of the RSS readers only MagpieRSS 0.5.2 is. http://www.rssgov.com/rssparsers.html
361 // See also http://phpwiki.sourceforge.net/phpwiki/KnownBugs
363 and $this->getArg('format')
364 and strstr($this->getArg('format'), 'rss'))
368 ob_start('ob_gzhandler');
370 * Attempt to prevent Apache from doing the dreaded double-gzip.
372 * It would be better if we could detect when apache was going
373 * to zip for us, and then let it ... but I have yet to figure
374 * out how to do that.
376 if (function_exists('apache_note'))
377 @apache_note('no-gzip', 1);
380 // Now we alway buffer output.
381 // This is so we can set HTTP headers (e.g. for redirect)
383 // FIXME: change the name of this method.
386 $this->_is_buffering_output = true;
387 $this->_ob_get_length = 0;
390 function discardOutput() {
391 if (!empty($this->_is_buffering_output)) {
393 $this->_is_buffering_output = false;
395 trigger_error("Not buffering output", E_USER_NOTICE);
400 * Longer texts need too much memory on tiny or memory-limit=8MB systems.
401 * We might want to flush our buffer and restart again.
402 * (This would be fine if php would release its memory)
403 * Note that this must not be called inside Template expansion or other
404 * sections with ob_buffering.
406 function chunkOutput() {
407 if (!empty($this->_is_buffering_output)) {
408 $this->_do_chunked_output = true;
409 $this->_ob_get_length += ob_get_length();
410 while (@ob_end_flush());
417 session_write_close();
418 if (!empty($this->_is_buffering_output)) {
419 /* This cannot work because it might destroy xml markup */
421 if (0 and $GLOBALS['SearchHighLightQuery'] and check_php_version(4,2)) {
422 $html = str_replace($GLOBALS['SearchHighLightQuery'],
423 '<span class="search-term">'.$GLOBALS['SearchHighLightQuery'].'</span>',
426 header(sprintf("Content-Length: %d", strlen($html)));
430 if (empty($this->_do_chunked_output)) {
431 header(sprintf("Content-Length: %d", ob_get_length()));
433 header(sprintf("Content-Length: %d", $this->ob_get_length));
436 while (@ob_end_flush());
437 $this->_is_buffering_output = false;
442 function getSessionVar($key) {
443 return $this->session->get($key);
445 function setSessionVar($key, $val) {
446 return $this->session->set($key, $val);
448 function deleteSessionVar($key) {
449 return $this->session->delete($key);
452 function getCookieVar($key) {
453 return $this->cookies->get($key);
455 function setCookieVar($key, $val, $lifetime_in_days = false, $path = false) {
456 return $this->cookies->set($key, $val, $lifetime_in_days, $path);
458 function deleteCookieVar($key) {
459 return $this->cookies->delete($key);
462 function getUploadedFile($key) {
463 return Request_UploadedFile::getUploadedFile($key);
467 function _fix_magic_quotes_gpc() {
468 $needs_fix = array('HTTP_POST_VARS',
475 if (get_magic_quotes_gpc()) {
476 foreach ($needs_fix as $vars)
477 $this->_stripslashes($GLOBALS[$vars]);
481 function _stripslashes(&$var) {
482 if (is_array($var)) {
483 foreach ($var as $key => $val)
484 $this->_stripslashes($var[$key]);
486 elseif (is_string($var))
487 $var = stripslashes($var);
490 function _fix_multipart_form_data () {
491 if (preg_match('|^multipart/form-data|', $this->get('CONTENT_TYPE')))
492 $this->_strip_leading_nl($GLOBALS['HTTP_POST_VARS']);
495 function _strip_leading_nl(&$var) {
496 if (is_array($var)) {
497 foreach ($var as $key => $val)
498 $this->_strip_leading_nl($var[$key]);
500 elseif (is_string($var))
501 $var = preg_replace('|^\r?\n?|', '', $var);
505 class Request_SessionVars {
506 function Request_SessionVars() {
507 // Prevent cacheing problems with IE 5
508 session_cache_limiter('none');
510 // Avoid to get a notice if session is already started,
511 // for example if session.auto_start is activated
517 $vars = &$GLOBALS['HTTP_SESSION_VARS'];
518 if (isset($vars[$key]))
523 function set($key, $val) {
524 $vars = &$GLOBALS['HTTP_SESSION_VARS'];
525 if ($key == 'wiki_user') {
528 trigger_error("delete user session", E_USER_WARNING);
529 } elseif (!isset($val->_level)) {
530 trigger_error("lost level in session", E_USER_WARNING);
533 if (is_object($val)) {
534 $val->page = $GLOBALS['request']->getArg('pagename');
535 $val->action = $GLOBALS['request']->getArg('action');
536 // sessiondata may not exceed a certain size!
537 // otherwise it will get lost.
538 unset($val->_HomePagehandle);
539 unset($val->_auth_dbi);
540 unset($val->_HomePagehandle);
541 if (isset($val->_group)) {
542 unset($val->_group->request);
543 unset($val->_group->user);
547 if (!function_usable('get_cfg_var') or get_cfg_var('register_globals')) {
548 // This is funky but necessary, at least in some PHP's
549 $GLOBALS[$key] = $val;
552 if (isset($_SESSION))
553 $_SESSION[$key] = $val;
554 session_register($key);
557 function delete($key) {
558 $vars = &$GLOBALS['HTTP_SESSION_VARS'];
559 if (!function_usable('ini_get') or ini_get('register_globals'))
560 unset($GLOBALS[$key]);
561 if (DEBUG) trigger_error("delete session $key",E_USER_WARNING);
563 session_unregister($key);
567 class Request_CookieVars {
570 $vars = &$GLOBALS['HTTP_COOKIE_VARS'];
571 if (isset($vars[$key])) {
572 @$val = unserialize(base64_decode($vars[$key]));
575 @$val = urldecode($vars[$key]);
582 function get_old($key) {
583 $vars = &$GLOBALS['HTTP_COOKIE_VARS'];
584 if (isset($vars[$key])) {
585 @$val = unserialize(base64_decode($vars[$key]));
588 @$val = unserialize($vars[$key]);
598 function set($key, $val, $persist_days = false, $path = false) {
599 // if already defined, ignore
600 if (defined('MAIN_setUser') and $key = 'WIKI_ID') return;
601 $vars = &$GLOBALS['HTTP_COOKIE_VARS'];
602 if (is_numeric($persist_days)) {
603 $expires = time() + (24 * 3600) * $persist_days;
608 if (is_array($val) or is_object($val))
609 $packedval = base64_encode(serialize($val));
611 $packedval = urlencode($val);
612 $vars[$key] = $packedval;
614 @setcookie($key, $packedval, $expires, $path);
616 @setcookie($key, $packedval, $expires);
619 function delete($key) {
620 static $deleted = array();
621 if (isset($deleted[$key])) return;
622 $vars = &$GLOBALS['HTTP_COOKIE_VARS'];
623 @setcookie($key,'',0);
624 @setcookie($key,'',0,defined('COOKIE_DOMAIN') ? COOKIE_DOMAIN : '/');
626 unset($GLOBALS['HTTP_COOKIE_VARS'][$key]);
633 You must set "upload_tmp_dir" = "/tmp/" or "C:/tmp/"
634 Best on the same drive as apache, with forward slashes
635 and with ending slash!
636 Otherwise "\\" => "" and the uploaded file will not be found.
638 class Request_UploadedFile {
639 function getUploadedFile($postname) {
640 global $HTTP_POST_FILES;
642 if (!isset($HTTP_POST_FILES[$postname]))
645 $fileinfo = &$HTTP_POST_FILES[$postname];
646 if ($fileinfo['error']) {
647 // errmsgs by Shilad Sen
648 switch ($HTTP_POST_FILES['userfile']['error']) {
650 trigger_error(_("Upload error: file too big"), E_USER_ERROR);
653 trigger_error(_("Upload error: file too big"), E_USER_ERROR);
656 trigger_error(_("Upload error: file only partially recieved"), E_USER_ERROR);
659 trigger_error(_("Upload error: no file selected"), E_USER_ERROR);
662 trigger_error(_("Upload error: unknown error #") . $fileinfo['error'], E_USER_ERROR);
668 // With windows/php 4.2.1 is_uploaded_file() always returns false.
669 // Be sure that upload_tmp_dir ends with a slash!
670 if (!is_uploaded_file($fileinfo['tmp_name'])) {
672 if (!$tmp_file = get_cfg_var('upload_tmp_dir')) {
673 $tmp_file = dirname(tempnam('', ''));
675 $tmp_file .= '/' . basename($fileinfo['tmp_name']);
676 /* but ending slash in php.ini upload_tmp_dir is required. */
677 if (ereg_replace('/+', '/', $tmp_file) != $fileinfo['tmp_name']) {
678 trigger_error(sprintf("Uploaded tmpfile illegal: %s != %s.",$tmp_file, $fileinfo['tmp_name']).
680 "Probably illegal TEMP environment or upload_tmp_dir setting.",
685 trigger_error(sprintf("Workaround for PHP/Windows is_uploaded_file() problem for %s.",
686 $fileinfo['tmp_name'])."\n".
687 "Probably illegal TEMP environment or upload_tmp_dir setting.",
693 trigger_error(sprintf("Uploaded tmpfile %s not found.",$fileinfo['tmp_name'])."\n".
694 " Probably illegal TEMP environment or upload_tmp_dir setting.",
698 return new Request_UploadedFile($fileinfo);
701 function Request_UploadedFile($fileinfo) {
702 $this->_info = $fileinfo;
706 return $this->_info['size'];
710 return $this->_info['name'];
714 return $this->_info['type'];
717 function getTmpName() {
718 return $this->_info['tmp_name'];
722 if ( ($fd = fopen($this->_info['tmp_name'], "rb")) ) {
723 if ($this->getSize() < filesize($this->_info['tmp_name'])) {
724 // FIXME: Some PHP's (or is it some browsers?) put
725 // HTTP/MIME headers in the file body, some don't.
727 // At least, I think that's the case. I know I used
728 // to need this code, now I don't.
730 // This code is more-or-less untested currently.
732 // Dump HTTP headers.
733 while ( ($header = fgets($fd, 4096)) ) {
734 if (trim($header) == '') {
737 else if (!preg_match('/^content-(length|type):/i', $header)) {
747 function getContents() {
749 $data = fread($fd, $this->getSize());
756 * Create NCSA "combined" log entry for current request.
758 class Request_AccessLogEntry
763 * The log entry will be automatically appended to the log file
764 * when the current request terminates.
766 * If you want to modify a Request_AccessLogEntry before it gets
767 * written (e.g. via the setStatus and setSize methods) you should
768 * use an '&' on the constructor, so that you're working with the
769 * original (rather than a copy) object.
772 * $log_entry = & new Request_AccessLogEntry($req, "/tmp/wiki_access_log");
773 * $log_entry->setStatus(401);
777 * @param $request object Request object for current request.
778 * @param $logfile string Log file name.
780 function Request_AccessLogEntry (&$request, $logfile) {
781 $this->logfile = $logfile;
783 $this->host = $request->get('REMOTE_HOST');
784 $this->ident = $request->get('REMOTE_IDENT');
787 $this->user = '-'; // FIXME: get logged-in user name
788 $this->time = time();
789 $this->request = join(' ', array($request->get('REQUEST_METHOD'),
790 $request->get('REQUEST_URI'),
791 $request->get('SERVER_PROTOCOL')));
794 $this->referer = (string) $request->get('HTTP_REFERER');
795 $this->user_agent = (string) $request->get('HTTP_USER_AGENT');
797 global $Request_AccessLogEntry_entries;
798 if (!isset($Request_AccessLogEntry_entries)) {
799 register_shutdown_function("Request_AccessLogEntry_shutdown_function");
801 $Request_AccessLogEntry_entries[] = &$this;
805 * Set result status code.
807 * @param $status integer HTTP status code.
809 function setStatus ($status) {
810 $this->status = $status;
816 * @param $size integer
818 function setSize ($size) {
823 * Get time zone offset.
825 * This is a static member function.
827 * @param $time integer Unix timestamp (defaults to current time).
828 * @return string Zone offset, e.g. "-0800" for PST.
830 function _zone_offset ($time = false) {
833 $offset = date("Z", $time);
839 $offhours = floor($offset / 3600);
840 $offmins = $offset / 60 - $offhours * 60;
841 return sprintf("%s%02d%02d", $negoffset, $offhours, $offmins);
845 * Format time in NCSA format.
847 * This is a static member function.
849 * @param $time integer Unix timestamp (defaults to current time).
850 * @return string Formatted date & time.
852 function _ncsa_time($time = false) {
856 return date("d/M/Y:H:i:s", $time) .
857 " " . $this->_zone_offset();
861 * Write entry to log file.
864 $entry = sprintf('%s %s %s [%s] "%s" %d %d "%s" "%s"',
865 $this->host, $this->ident, $this->user,
866 $this->_ncsa_time($this->time),
867 $this->request, $this->status, $this->size,
868 $this->referer, $this->user_agent);
870 //Error log doesn't provide locking.
871 //error_log("$entry\n", 3, $this->logfile);
874 if (($fp = fopen($this->logfile, "a"))) {
876 fputs($fp, "$entry\n");
886 * @see Request_AccessLogEntry
888 function Request_AccessLogEntry_shutdown_function ()
890 global $Request_AccessLogEntry_entries;
892 foreach ($Request_AccessLogEntry_entries as $entry) {
895 unset($Request_AccessLogEntry_entries);
900 function HTTP_ETag($val, $is_weak=false) {
901 $this->_val = hash($val);
902 $this->_weak = $is_weak;
907 * Strong comparison: If either (or both) tag is weak, they
910 function equals($that, $strong_match=false) {
911 if ($this->_val != $that->_val)
913 if ($strong_match and ($this->_weak or $that->_weak))
919 function asString() {
920 $quoted = '"' . addslashes($this->_val) . '"';
921 return $this->_weak ? "W/$quoted" : $quoted;
924 /** Parse tag from header.
926 * This is a static member function.
928 function parse($strval) {
929 if (!preg_match(':^(W/)?"(.+)"$:i', trim($strval), $m))
930 return false; // parse failed
931 list(,$weak,$str) = $m;
932 return new HTTP_ETag(stripslashes($str), $weak);
935 function matches($taglist, $strong_match=false) {
936 $taglist = trim($taglist);
938 if ($taglist == '*') {
940 return ! $this->_weak;
945 while (preg_match('@^(W/)?"((?:\\\\.|[^"])*)"\s*,?\s*@i',
947 list($match, $weak, $str) = $m;
948 $taglist = substr($taglist, strlen($match));
949 $tag = new HTTP_ETag(stripslashes($str), $weak);
950 if ($this->equals($tag, $strong_match)) {
958 // Possible results from the HTTP_ValidatorSet::_check*() methods.
959 // (Higher numerical values take precedence.)
960 define ('_HTTP_VAL_PASS', 0); // Test is irrelevant
961 define ('_HTTP_VAL_NOT_MODIFIED', 1); // Test passed, content not changed
962 define ('_HTTP_VAL_MODIFIED', 2); // Test failed, content changed
963 define ('_HTTP_VAL_FAILED', 3); // Precondition failed.
965 class HTTP_ValidatorSet {
966 function HTTP_ValidatorSet($validators) {
967 $this->_mtime = $this->_weak = false;
968 $this->_tag = array();
970 foreach ($validators as $key => $val) {
971 if ($key == '%mtime') {
972 $this->_mtime = $val;
974 elseif ($key == '%weak') {
979 $this->_tag[$key] = $val;
984 function append($that) {
986 $that = new HTTP_ValidatorSet($that);
988 // Pick the most recent mtime
989 if (isset($that->_mtime))
990 if (!isset($this->_mtime) || $that->_mtime > $this->_mtime)
991 $this->_mtime = $that->_mtime;
993 // If either is weak, we're weak
994 if (!empty($that->_weak))
996 if (is_array($this->_tag))
997 $this->_tag = array_merge($this->_tag, $that->_tag);
999 $this->_tag = $that->_tag;
1002 function getETag() {
1005 return new HTTP_ETag($this->_tag, $this->_weak);
1008 function getModificationTime() {
1009 return $this->_mtime;
1012 function checkConditionalRequest (&$request) {
1013 $result = max($this->_checkIfUnmodifiedSince($request),
1014 $this->_checkIfModifiedSince($request),
1015 $this->_checkIfMatch($request),
1016 $this->_checkIfNoneMatch($request));
1018 if ($result == _HTTP_VAL_PASS || $result == _HTTP_VAL_MODIFIED)
1019 return false; // "please proceed with normal processing"
1020 elseif ($result == _HTTP_VAL_FAILED)
1021 return 412; // "412 Precondition Failed"
1022 elseif ($result == _HTTP_VAL_NOT_MODIFIED)
1023 return 304; // "304 Not Modified"
1025 trigger_error("Ack, shouldn't get here", E_USER_ERROR);
1029 function _checkIfUnmodifiedSince(&$request) {
1030 if ($this->_mtime !== false) {
1031 $since = ParseRfc1123DateTime($request->get("HTTP_IF_UNMODIFIED_SINCE"));
1032 if ($since !== false && $this->_mtime > $since)
1033 return _HTTP_VAL_FAILED;
1035 return _HTTP_VAL_PASS;
1038 function _checkIfModifiedSince(&$request) {
1039 if ($this->_mtime !== false and $request->isGetOrHead()) {
1040 $since = ParseRfc1123DateTime($request->get("HTTP_IF_MODIFIED_SINCE"));
1041 if ($since !== false) {
1042 if ($this->_mtime <= $since)
1043 return _HTTP_VAL_NOT_MODIFIED;
1044 return _HTTP_VAL_MODIFIED;
1047 return _HTTP_VAL_PASS;
1050 function _checkIfMatch(&$request) {
1051 if ($this->_tag && ($taglist = $request->get("HTTP_IF_MATCH"))) {
1052 $tag = $this->getETag();
1053 if (!$tag->matches($taglist, 'strong'))
1054 return _HTTP_VAL_FAILED;
1056 return _HTTP_VAL_PASS;
1059 function _checkIfNoneMatch(&$request) {
1060 if ($this->_tag && ($taglist = $request->get("HTTP_IF_NONE_MATCH"))) {
1061 $tag = $this->getETag();
1062 $strong_compare = ! $request->isGetOrHead();
1064 if ($tag->matches($taglist, $strong_compare)) {
1065 if ($request->isGetOrHead())
1066 return _HTTP_VAL_NOT_MODIFIED;
1068 return _HTTP_VAL_FAILED;
1070 return _HTTP_VAL_MODIFIED;
1073 return _HTTP_VAL_PASS;
1078 // $Log: not supported by cvs2svn $
1079 // Revision 1.69 2004/10/21 19:00:37 rurban
1080 // upload errmsgs by Shilad Sen.
1081 // chunkOutput support: flush the buffer piecewise (dumphtml, large pagelists)
1082 // doesn't gain much because ob_end_clean() doesn't release its
1083 // memory properly yet.
1085 // Revision 1.68 2004/10/12 13:13:19 rurban
1086 // php5 compatibility (5.0.1 ok)
1088 // Revision 1.67 2004/09/25 18:56:54 rurban
1089 // make start_debug logic work
1091 // Revision 1.66 2004/09/25 16:24:52 rurban
1092 // dont compress on debugging
1094 // Revision 1.65 2004/09/17 14:13:49 rurban
1095 // We check for the client Accept-Encoding: "gzip" presence also
1096 // This should eliminate a lot or reported problems.
1098 // Note that this doesn#t fix RSS ssues:
1099 // Most RSS clients are NOT(!) application/xml gzip compatible yet.
1100 // Even if they are sending the accept-encoding gzip header!
1101 // wget is, Mozilla, and MSIE no.
1102 // Of the RSS readers only MagpieRSS 0.5.2 is. http://www.rssgov.com/rssparsers.html
1104 // Revision 1.64 2004/09/17 13:32:36 rurban
1105 // Disable server-side gzip encoding for RSS (RDF encoding), even if the client says it
1106 // supports it. Mozilla has this error, wget works fine. IE not checked.
1108 // Revision 1.63 2004/07/01 09:29:40 rurban
1109 // fixed another DbSession crash: wrong WikiGroup vars
1111 // Revision 1.62 2004/06/27 10:26:02 rurban
1112 // oci8 patch by Philippe Vanhaesendonck + some ADODB notes+fixes
1114 // Revision 1.61 2004/06/25 14:29:17 rurban
1115 // WikiGroup refactoring:
1116 // global group attached to user, code for not_current user.
1117 // improved helpers for special groups (avoid double invocations)
1118 // new experimental config option ENABLE_XHTML_XML (fails with IE, and document.write())
1119 // fixed a XHTML validation error on userprefs.tmpl
1121 // Revision 1.60 2004/06/19 11:51:13 rurban
1122 // CACHE_CONTROL: NONE => NO_CACHE
1124 // Revision 1.59 2004/06/13 11:34:22 rurban
1125 // fixed bug #969532 (space in uploaded filenames)
1126 // improved upload error messages
1128 // Revision 1.58 2004/06/04 20:32:53 rurban
1129 // Several locale related improvements suggested by Pierrick Meignen
1130 // LDAP fix by John Cole
1131 // reanable admin check without ENABLE_PAGEPERM in the admin plugins
1133 // Revision 1.57 2004/06/03 18:54:25 rurban
1134 // fixed "lost level in session" warning, now that signout sets level = 0 (before -1)
1136 // Revision 1.56 2004/05/17 17:43:29 rurban
1137 // CGI: no PATH_INFO fix
1139 // Revision 1.55 2004/05/15 18:31:00 rurban
1140 // some action=pdf Request fixes: With MSIE it works now. Now the work with the page formatting begins.
1142 // Revision 1.54 2004/05/04 22:34:25 rurban
1145 // Revision 1.53 2004/05/03 21:57:47 rurban
1146 // locale updates: we previously lost some words because of wrong strings in
1147 // PhotoAlbum, german rewording.
1148 // fixed $_SESSION registering (lost session vars, esp. prefs)
1149 // fixed ending slash in listAvailableLanguages/Themes
1151 // Revision 1.52 2004/05/03 13:16:47 rurban
1152 // fixed UserPreferences update, esp for boolean and int
1154 // Revision 1.51 2004/05/02 21:26:38 rurban
1155 // limit user session data (HomePageHandle and auth_dbi have to invalidated anyway)
1156 // because they will not survive db sessions, if too large.
1157 // extended action=upgrade
1158 // some WikiTranslation button work
1159 // revert WIKIAUTH_UNOBTAINABLE (need it for main.php)
1160 // some temp. session debug statements
1162 // Revision 1.50 2004/04/29 19:39:44 rurban
1163 // special support for formatted plugins (one-liners)
1164 // like <small><plugin BlaBla ></small>
1165 // iter->asArray() helper for PopularNearby
1166 // db_session for older php's (no &func() allowed)
1168 // Revision 1.49 2004/04/26 20:44:34 rurban
1169 // locking table specific for better databases
1171 // Revision 1.48 2004/04/13 09:13:50 rurban
1172 // sf.net bug #933183 and http://bugs.php.net/17557
1173 // disable ob_gzhandler if apache_note cannot be used.
1174 // (conservative until we find why)
1176 // Revision 1.47 2004/04/02 15:06:55 rurban
1177 // fixed a nasty ADODB_mysql session update bug
1178 // improved UserPreferences layout (tabled hints)
1179 // fixed UserPreferences auth handling
1180 // improved auth stability
1181 // improved old cookie handling: fixed deletion of old cookies with paths
1183 // Revision 1.46 2004/03/30 02:14:03 rurban
1184 // fixed yet another Prefs bug
1185 // added generic PearDb_iter
1186 // $request->appendValidators no so strict as before
1187 // added some box plugin methods
1188 // PageList commalist for condensed output
1190 // Revision 1.45 2004/03/24 19:39:02 rurban
1191 // php5 workaround code (plus some interim debugging code in XmlElement)
1192 // php5 doesn't work yet with the current XmlElement class constructors,
1193 // WikiUserNew does work better than php4.
1194 // rewrote WikiUserNew user upgrading to ease php5 update
1195 // fixed pref handling in WikiUserNew
1196 // added Email Notification
1197 // added simple Email verification
1198 // removed emailVerify userpref subclass: just a email property
1199 // changed pref binary storage layout: numarray => hash of non default values
1200 // print optimize message only if really done.
1201 // forced new cookie policy: delete pref cookies, use only WIKI_ID as plain string.
1202 // prefs should be stored in db or homepage, besides the current session.
1204 // Revision 1.44 2004/03/14 16:26:22 rurban
1207 // Revision 1.43 2004/03/12 20:59:17 rurban
1208 // important cookie fix by Konstantin Zadorozhny
1209 // new editpage feature: JS_SEARCHREPLACE
1211 // Revision 1.42 2004/03/10 15:38:48 rurban
1212 // store current user->page and ->action in session for WhoIsOnline
1213 // better WhoIsOnline icon
1214 // fixed WhoIsOnline warnings
1216 // Revision 1.41 2004/02/27 01:25:14 rurban
1217 // Workarounds for upload handling
1219 // Revision 1.40 2004/02/26 01:39:51 rurban
1222 // Revision 1.39 2004/02/24 15:14:57 rurban
1223 // fixed action=upload problems on Win32, and remove Merge Edit buttons: file does not exist anymore
1225 // Revision 1.38 2004/01/25 10:26:02 rurban
1226 // fixed bug [ 541193 ] HTTP_SERVER_VARS are Apache specific
1227 // http://sourceforge.net/tracker/index.php?func=detail&aid=541193&group_id=6121&atid=106121
1228 // CGI and other servers than apache populate _ENV and not _SERVER
1230 // Revision 1.37 2003/12/26 06:41:16 carstenklapp
1231 // Bugfix: Try to defer OS errors about session.save_path and ACCESS_LOG,
1232 // so they don't prevent IE from partially (or not at all) rendering the
1233 // page. This should help a little for the IE user who encounters trouble
1234 // when setting up a new PhpWiki for the first time.
1240 // c-basic-offset: 4
1241 // c-hanging-comment-ender-p: nil
1242 // indent-tabs-mode: nil