These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Handle ajax requests and send them to the proper handler. |
||
4 | * |
||
5 | * This program is free software; you can redistribute it and/or modify |
||
6 | * it under the terms of the GNU General Public License as published by |
||
7 | * the Free Software Foundation; either version 2 of the License, or |
||
8 | * (at your option) any later version. |
||
9 | * |
||
10 | * This program is distributed in the hope that it will be useful, |
||
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
13 | * GNU General Public License for more details. |
||
14 | * |
||
15 | * You should have received a copy of the GNU General Public License along |
||
16 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
17 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
18 | * http://www.gnu.org/copyleft/gpl.html |
||
19 | * |
||
20 | * @file |
||
21 | * @ingroup Ajax |
||
22 | */ |
||
23 | |||
24 | /** |
||
25 | * @defgroup Ajax Ajax |
||
26 | */ |
||
27 | |||
28 | /** |
||
29 | * Object-Oriented Ajax functions. |
||
30 | * @ingroup Ajax |
||
31 | */ |
||
32 | class AjaxDispatcher { |
||
33 | /** |
||
34 | * The way the request was made, either a 'get' or a 'post' |
||
35 | * @var string $mode |
||
36 | */ |
||
37 | private $mode; |
||
38 | |||
39 | /** |
||
40 | * Name of the requested handler |
||
41 | * @var string $func_name |
||
42 | */ |
||
43 | private $func_name; |
||
44 | |||
45 | /** Arguments passed |
||
46 | * @var array $args |
||
47 | */ |
||
48 | private $args; |
||
49 | |||
50 | /** |
||
51 | * @var Config |
||
52 | */ |
||
53 | private $config; |
||
54 | |||
55 | /** |
||
56 | * Load up our object with user supplied data |
||
57 | */ |
||
58 | function __construct( Config $config ) { |
||
59 | $this->config = $config; |
||
60 | |||
61 | $this->mode = ""; |
||
62 | |||
63 | if ( !empty( $_GET["rs"] ) ) { |
||
64 | $this->mode = "get"; |
||
65 | } |
||
66 | |||
67 | if ( !empty( $_POST["rs"] ) ) { |
||
68 | $this->mode = "post"; |
||
69 | } |
||
70 | |||
71 | switch ( $this->mode ) { |
||
72 | View Code Duplication | case 'get': |
|
73 | $this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : ''; |
||
74 | if ( !empty( $_GET["rsargs"] ) ) { |
||
75 | $this->args = $_GET["rsargs"]; |
||
76 | } else { |
||
77 | $this->args = []; |
||
78 | } |
||
79 | break; |
||
80 | View Code Duplication | case 'post': |
|
81 | $this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : ''; |
||
82 | if ( !empty( $_POST["rsargs"] ) ) { |
||
83 | $this->args = $_POST["rsargs"]; |
||
84 | } else { |
||
85 | $this->args = []; |
||
86 | } |
||
87 | break; |
||
88 | default: |
||
89 | return; |
||
90 | # Or we could throw an exception: |
||
91 | # throw new MWException( __METHOD__ . ' called without any data (mode empty).' ); |
||
92 | } |
||
93 | |||
94 | } |
||
95 | |||
96 | /** |
||
97 | * Pass the request to our internal function. |
||
98 | * BEWARE! Data are passed as they have been supplied by the user, |
||
99 | * they should be carefully handled in the function processing the |
||
100 | * request. |
||
101 | * |
||
102 | * @param User $user |
||
103 | */ |
||
104 | function performAction( User $user ) { |
||
105 | if ( empty( $this->mode ) ) { |
||
106 | return; |
||
107 | } |
||
108 | |||
109 | if ( !in_array( $this->func_name, $this->config->get( 'AjaxExportList' ) ) ) { |
||
110 | wfDebug( __METHOD__ . ' Bad Request for unknown function ' . $this->func_name . "\n" ); |
||
111 | wfHttpError( |
||
112 | 400, |
||
113 | 'Bad Request', |
||
114 | "unknown function " . $this->func_name |
||
115 | ); |
||
116 | } elseif ( !User::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) { |
||
117 | wfHttpError( |
||
118 | 403, |
||
119 | 'Forbidden', |
||
120 | 'You are not allowed to view pages.' ); |
||
121 | } else { |
||
122 | wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" ); |
||
123 | try { |
||
124 | $result = call_user_func_array( $this->func_name, $this->args ); |
||
125 | |||
126 | if ( $result === false || $result === null ) { |
||
127 | wfDebug( __METHOD__ . ' ERROR while dispatching ' . |
||
128 | $this->func_name . "(" . var_export( $this->args, true ) . "): " . |
||
129 | "no data returned\n" ); |
||
130 | |||
131 | wfHttpError( 500, 'Internal Error', |
||
132 | "{$this->func_name} returned no data" ); |
||
133 | } else { |
||
134 | if ( is_string( $result ) ) { |
||
135 | $result = new AjaxResponse( $result ); |
||
136 | } |
||
137 | |||
138 | // Make sure DB commit succeeds before sending a response |
||
139 | wfGetLBFactory()->commitMasterChanges( __METHOD__ ); |
||
0 ignored issues
–
show
|
|||
140 | |||
141 | $result->sendHeaders(); |
||
142 | $result->printText(); |
||
143 | |||
144 | wfDebug( __METHOD__ . ' dispatch complete for ' . $this->func_name . "\n" ); |
||
145 | } |
||
146 | } catch ( Exception $e ) { |
||
147 | wfDebug( __METHOD__ . ' ERROR while dispatching ' . |
||
148 | $this->func_name . "(" . var_export( $this->args, true ) . "): " . |
||
149 | get_class( $e ) . ": " . $e->getMessage() . "\n" ); |
||
150 | |||
151 | if ( !headers_sent() ) { |
||
152 | wfHttpError( 500, 'Internal Error', |
||
153 | $e->getMessage() ); |
||
154 | } else { |
||
155 | print $e->getMessage(); |
||
156 | } |
||
157 | } |
||
158 | } |
||
159 | |||
160 | } |
||
161 | } |
||
162 |
This function has been deprecated. The supplier of the file has supplied an explanatory message.
The explanatory message should give you some clue as to whether and when the function will be removed from the class and what other function to use instead.