This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | |||
3 | namespace Wikibase\Repo\Diff; |
||
4 | |||
5 | use Content; |
||
6 | use DifferenceEngine; |
||
7 | use Html; |
||
8 | use IContextSource; |
||
9 | use Language; |
||
10 | use MediaWiki\MediaWikiServices; |
||
11 | use MediaWiki\Revision\RevisionRecord; |
||
12 | use MWException; |
||
13 | use ParserOutput; |
||
14 | use Revision; |
||
15 | use Wikibase\Repo\Content\EntityContent; |
||
16 | use Wikibase\Repo\FederatedProperties\FederatedPropertiesError; |
||
17 | use Wikibase\Repo\WikibaseRepo; |
||
18 | use Wikibase\View\ToolbarEditSectionGenerator; |
||
19 | use WikiPage; |
||
20 | |||
21 | /** |
||
22 | * Difference view for Wikibase entities. |
||
23 | * |
||
24 | * @license GPL-2.0-or-later |
||
25 | * @author Daniel Kinzler |
||
26 | * @author Jeroen De Dauw < [email protected] > |
||
27 | */ |
||
28 | class EntityContentDiffView extends DifferenceEngine { |
||
29 | |||
30 | /** |
||
31 | * @var BasicEntityDiffVisualizer |
||
32 | */ |
||
33 | private $diffVisualizer; |
||
34 | |||
35 | /** |
||
36 | * @see DifferenceEngine::__construct |
||
37 | * |
||
38 | * @param IContextSource|null $context |
||
39 | * @param int $old |
||
40 | * @param int $new |
||
41 | * @param int $rcid |
||
42 | * @param bool $refreshCache |
||
43 | * @param bool $unhide |
||
44 | */ |
||
45 | public function __construct( $context = null, $old = 0, $new = 0, $rcid = 0, $refreshCache = false, $unhide = false ) { |
||
46 | parent::__construct( $context, $old, $new, $rcid, $refreshCache, $unhide ); |
||
47 | |||
48 | $wikibaseRepo = WikibaseRepo::getDefaultInstance(); |
||
49 | |||
50 | $entityDiffVisualizerFactory = $wikibaseRepo->getEntityDiffVisualizerFactory( $context ); |
||
51 | $this->diffVisualizer = new DispatchingEntityDiffVisualizer( $entityDiffVisualizerFactory ); |
||
52 | } |
||
53 | |||
54 | /** |
||
55 | * @return Language |
||
56 | */ |
||
57 | public function getDiffLang() { |
||
58 | if ( $this->mDiffLang === null ) { |
||
59 | $this->mDiffLang = $this->getLanguage(); |
||
60 | } |
||
61 | |||
62 | return parent::getDiffLang(); |
||
63 | } |
||
64 | |||
65 | /** |
||
66 | * Get a header for a specified revision. |
||
67 | * |
||
68 | * @param Revision|RevisionRecord $rev Pasing Revision is deprecated since 1.35 |
||
69 | * @param string $complete 'complete' to get the header wrapped depending |
||
70 | * the visibility of the revision and a link to edit the page. |
||
71 | * |
||
72 | * @return string HTML fragment |
||
73 | */ |
||
74 | public function getRevisionHeader( $rev, $complete = '' ) { |
||
75 | //NOTE: This must be kept in sync with the parent implementation. |
||
76 | // Perhaps some parts could be factored out to reduce code duplication. |
||
77 | |||
78 | if ( $rev instanceof Revision ) { |
||
0 ignored issues
–
show
Bug
introduced
by
Loading history...
|
|||
79 | wfDeprecated( __METHOD__ . ' with Revision objects', '1.35' ); |
||
80 | $rev = $rev->getRevisionRecord(); |
||
81 | } |
||
82 | |||
83 | $lang = $this->getLanguage(); |
||
84 | $user = $this->getUser(); |
||
85 | $revtimestamp = $rev->getTimestamp(); |
||
86 | $timestamp = $lang->userTimeAndDate( $revtimestamp, $user ); |
||
87 | $dateofrev = $lang->userDate( $revtimestamp, $user ); |
||
88 | $timeofrev = $lang->userTime( $revtimestamp, $user ); |
||
89 | |||
90 | $headerMsg = $this->msg( |
||
91 | $rev->isCurrent() ? 'currentrev-asof' : 'revisionasof', |
||
92 | $timestamp, |
||
93 | $dateofrev, |
||
94 | $timeofrev |
||
95 | ); |
||
96 | |||
97 | if ( $complete !== 'complete' ) { |
||
98 | return $headerMsg->escaped(); |
||
99 | } |
||
100 | |||
101 | $title = $rev->getPageAsLinkTarget(); |
||
102 | |||
103 | $linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer(); |
||
104 | |||
105 | $header = $linkRenderer->makeKnownLink( $title, $headerMsg->text(), [], |
||
106 | [ 'oldid' => $rev->getId() ] ); |
||
107 | |||
108 | if ( RevisionRecord::userCanBitfield( |
||
109 | $rev->getVisibility(), |
||
110 | RevisionRecord::DELETED_TEXT, |
||
111 | $user |
||
112 | ) ) { |
||
113 | if ( MediaWikiServices::getInstance()->getPermissionManager() |
||
114 | ->quickUserCan( 'edit', $user, $title ) && !$rev->isCurrent() |
||
115 | ) { |
||
116 | $editQuery = [ |
||
117 | 'action' => 'edit', |
||
118 | 'restore' => $rev->getId() |
||
119 | ]; |
||
120 | $msg = $this->msg( 'wikibase-restoreold' )->text(); |
||
121 | $header .= ' ' . $this->msg( 'parentheses' )->rawParams( |
||
122 | $linkRenderer->makeKnownLink( $title, $msg, [], $editQuery ) |
||
123 | )->escaped(); |
||
124 | } |
||
125 | |||
126 | if ( $rev->isDeleted( RevisionRecord::DELETED_TEXT ) ) { |
||
127 | $header = Html::rawElement( 'span', [ 'class' => 'history-deleted' ], $header ); |
||
128 | } |
||
129 | } else { |
||
130 | $header = Html::rawElement( 'span', [ 'class' => 'history-deleted' ], $header ); |
||
131 | } |
||
132 | |||
133 | return $header; |
||
134 | } |
||
135 | |||
136 | /** |
||
137 | * @see DifferenceEngine::generateContentDiffBody |
||
138 | * |
||
139 | * @param Content $old |
||
140 | * @param Content $new |
||
141 | * |
||
142 | * @throws MWException If the two content objects are neither EntityContent nor TextContent. |
||
143 | * @return string |
||
144 | */ |
||
145 | public function generateContentDiffBody( Content $old, Content $new ) { |
||
146 | if ( ( $old instanceof EntityContent ) && ( $new instanceof EntityContent ) ) { |
||
147 | $diff = $old->getDiff( $new ); |
||
148 | return $this->diffVisualizer->visualizeEntityContentDiff( $diff ); |
||
149 | } elseif ( ( $old instanceof EntityContent ) !== ( $new instanceof EntityContent ) ) { |
||
150 | $this->getOutput()->showErrorPage( 'errorpagetitle', 'wikibase-non-entity-diff' ); |
||
151 | return ''; |
||
152 | } |
||
153 | |||
154 | return parent::generateContentDiffBody( $old, $new ); |
||
155 | } |
||
156 | |||
157 | /** |
||
158 | * @param WikiPage $page |
||
159 | * @param RevisionRecord $rev |
||
160 | * |
||
161 | * @return ParserOutput|bool False if the revision was not found |
||
162 | */ |
||
163 | protected function getParserOutput( WikiPage $page, RevisionRecord $rev ) { |
||
164 | $parserOptions = $page->makeParserOptions( $this->getContext() ); |
||
165 | |||
166 | // Do not poison parser cache with diff-specific stuff |
||
167 | $parserOptions->addExtraKey( 'diff=1' ); |
||
168 | |||
169 | try { |
||
170 | $parserOutput = $page->getParserOutput( $parserOptions, $rev->getId() ); |
||
171 | } catch ( FederatedPropertiesError $ex ) { |
||
172 | $parserOutput = false; |
||
173 | } |
||
174 | |||
175 | if ( $parserOutput ) { |
||
176 | $parserOutput->setText( ToolbarEditSectionGenerator::enableSectionEditLinks( |
||
177 | $parserOutput->getRawText(), |
||
178 | false |
||
179 | ) ); |
||
180 | } |
||
181 | |||
182 | return $parserOutput; |
||
183 | } |
||
184 | |||
185 | /** |
||
186 | * @inheritDoc |
||
187 | */ |
||
188 | protected function getDiffBodyCacheKeyParams() { |
||
189 | $parent = parent::getDiffBodyCacheKeyParams(); |
||
190 | $code = $this->getLanguage()->getCode(); |
||
191 | $parent[] = "lang-{$code}"; |
||
192 | |||
193 | return $parent; |
||
194 | } |
||
195 | |||
196 | } |
||
197 |