These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
2 | /** |
||
3 | * Raw page text accessor |
||
4 | * |
||
5 | * Copyright © 2004 Gabriel Wicke <[email protected]> |
||
6 | * http://wikidev.net/ |
||
7 | * |
||
8 | * Based on HistoryAction and SpecialExport |
||
9 | * |
||
10 | * This program is free software; you can redistribute it and/or modify |
||
11 | * it under the terms of the GNU General Public License as published by |
||
12 | * the Free Software Foundation; either version 2 of the License, or |
||
13 | * (at your option) any later version. |
||
14 | * |
||
15 | * This program is distributed in the hope that it will be useful, |
||
16 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
17 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
18 | * GNU General Public License for more details. |
||
19 | * |
||
20 | * You should have received a copy of the GNU General Public License along |
||
21 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
22 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
23 | * http://www.gnu.org/copyleft/gpl.html |
||
24 | * |
||
25 | * @author Gabriel Wicke <[email protected]> |
||
26 | * @file |
||
27 | */ |
||
28 | |||
29 | /** |
||
30 | * A simple method to retrieve the plain source of an article, |
||
31 | * using "action=raw" in the GET request string. |
||
32 | * |
||
33 | * @ingroup Actions |
||
34 | */ |
||
35 | class RawAction extends FormlessAction { |
||
36 | public function getName() { |
||
37 | return 'raw'; |
||
38 | } |
||
39 | |||
40 | public function requiresWrite() { |
||
41 | return false; |
||
42 | } |
||
43 | |||
44 | public function requiresUnblock() { |
||
45 | return false; |
||
46 | } |
||
47 | |||
48 | function onView() { |
||
49 | $this->getOutput()->disable(); |
||
50 | $request = $this->getRequest(); |
||
51 | $response = $request->response(); |
||
52 | $config = $this->context->getConfig(); |
||
53 | |||
54 | if ( !$request->checkUrlExtension() ) { |
||
55 | return; |
||
56 | } |
||
57 | |||
58 | if ( $this->getOutput()->checkLastModified( $this->page->getTouched() ) ) { |
||
0 ignored issues
–
show
|
|||
59 | return; // Client cache fresh and headers sent, nothing more to do. |
||
60 | } |
||
61 | |||
62 | $gen = $request->getVal( 'gen' ); |
||
63 | if ( $gen == 'css' || $gen == 'js' ) { |
||
64 | $this->gen = true; |
||
65 | } |
||
66 | |||
67 | $contentType = $this->getContentType(); |
||
68 | |||
69 | $maxage = $request->getInt( 'maxage', $config->get( 'SquidMaxage' ) ); |
||
70 | $smaxage = $request->getIntOrNull( 'smaxage' ); |
||
71 | if ( $smaxage === null ) { |
||
72 | if ( $contentType == 'text/css' || $contentType == 'text/javascript' ) { |
||
73 | // CSS/JS raw content has its own CDN max age configuration. |
||
74 | // Note: Title::getCdnUrls() includes action=raw for css/js pages, |
||
75 | // so if using the canonical url, this will get HTCP purges. |
||
76 | $smaxage = intval( $config->get( 'ForcedRawSMaxage' ) ); |
||
77 | } else { |
||
78 | // No CDN cache for anything else |
||
79 | $smaxage = 0; |
||
80 | } |
||
81 | } |
||
82 | |||
83 | // Set standard Vary headers so cache varies on cookies and such (T125283) |
||
84 | $response->header( $this->getOutput()->getVaryHeader() ); |
||
85 | if ( $config->get( 'UseKeyHeader' ) ) { |
||
86 | $response->header( $this->getOutput()->getKeyHeader() ); |
||
87 | } |
||
88 | |||
89 | $response->header( 'Content-type: ' . $contentType . '; charset=UTF-8' ); |
||
90 | // Output may contain user-specific data; |
||
91 | // vary generated content for open sessions on private wikis |
||
92 | $privateCache = !User::isEveryoneAllowed( 'read' ) && |
||
93 | ( $smaxage == 0 || MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent() ); |
||
94 | // Don't accidentally cache cookies if user is logged in (T55032) |
||
95 | $privateCache = $privateCache || $this->getUser()->isLoggedIn(); |
||
96 | $mode = $privateCache ? 'private' : 'public'; |
||
97 | $response->header( |
||
98 | 'Cache-Control: ' . $mode . ', s-maxage=' . $smaxage . ', max-age=' . $maxage |
||
99 | ); |
||
100 | |||
101 | $text = $this->getRawText(); |
||
102 | |||
103 | // Don't return a 404 response for CSS or JavaScript; |
||
104 | // 404s aren't generally cached and it would create |
||
105 | // extra hits when user CSS/JS are on and the user doesn't |
||
106 | // have the pages. |
||
107 | if ( $text === false && $contentType == 'text/x-wiki' ) { |
||
108 | $response->statusHeader( 404 ); |
||
109 | } |
||
110 | |||
111 | if ( !Hooks::run( 'RawPageViewBeforeOutput', [ &$this, &$text ] ) ) { |
||
112 | wfDebug( __METHOD__ . ": RawPageViewBeforeOutput hook broke raw page output.\n" ); |
||
113 | } |
||
114 | |||
115 | echo $text; |
||
116 | } |
||
117 | |||
118 | /** |
||
119 | * Get the text that should be returned, or false if the page or revision |
||
120 | * was not found. |
||
121 | * |
||
122 | * @return string|bool |
||
123 | */ |
||
124 | public function getRawText() { |
||
125 | global $wgParser; |
||
126 | |||
127 | $text = false; |
||
128 | $title = $this->getTitle(); |
||
129 | $request = $this->getRequest(); |
||
130 | |||
131 | // If it's a MediaWiki message we can just hit the message cache |
||
132 | if ( $request->getBool( 'usemsgcache' ) && $title->getNamespace() == NS_MEDIAWIKI ) { |
||
133 | // The first "true" is to use the database, the second is to use |
||
134 | // the content langue and the last one is to specify the message |
||
135 | // key already contains the language in it ("/de", etc.). |
||
136 | $text = MessageCache::singleton()->get( $title->getDBkey(), true, true, true ); |
||
137 | // If the message doesn't exist, return a blank |
||
138 | if ( $text === false ) { |
||
139 | $text = ''; |
||
140 | } |
||
141 | } else { |
||
142 | // Get it from the DB |
||
143 | $rev = Revision::newFromTitle( $title, $this->getOldId() ); |
||
144 | if ( $rev ) { |
||
145 | $lastmod = wfTimestamp( TS_RFC2822, $rev->getTimestamp() ); |
||
146 | $request->response()->header( "Last-modified: $lastmod" ); |
||
147 | |||
148 | // Public-only due to cache headers |
||
149 | $content = $rev->getContent(); |
||
150 | |||
151 | if ( $content === null ) { |
||
152 | // revision not found (or suppressed) |
||
153 | $text = false; |
||
154 | } elseif ( !$content instanceof TextContent ) { |
||
155 | // non-text content |
||
156 | wfHttpError( 415, "Unsupported Media Type", "The requested page uses the content model `" |
||
157 | . $content->getModel() . "` which is not supported via this interface." ); |
||
158 | die(); |
||
159 | } else { |
||
160 | // want a section? |
||
161 | $section = $request->getIntOrNull( 'section' ); |
||
162 | if ( $section !== null ) { |
||
163 | $content = $content->getSection( $section ); |
||
164 | } |
||
165 | |||
166 | if ( $content === null || $content === false ) { |
||
167 | // section not found (or section not supported, e.g. for JS and CSS) |
||
168 | $text = false; |
||
169 | } else { |
||
170 | $text = $content->getNativeData(); |
||
171 | } |
||
172 | } |
||
173 | } |
||
174 | } |
||
175 | |||
176 | if ( $text !== false && $text !== '' && $request->getVal( 'templates' ) === 'expand' ) { |
||
177 | $text = $wgParser->preprocess( |
||
178 | $text, |
||
179 | $title, |
||
180 | ParserOptions::newFromContext( $this->getContext() ) |
||
181 | ); |
||
182 | } |
||
183 | |||
184 | return $text; |
||
185 | } |
||
186 | |||
187 | /** |
||
188 | * Get the ID of the revision that should used to get the text. |
||
189 | * |
||
190 | * @return int |
||
191 | */ |
||
192 | public function getOldId() { |
||
193 | $oldid = $this->getRequest()->getInt( 'oldid' ); |
||
194 | switch ( $this->getRequest()->getText( 'direction' ) ) { |
||
195 | case 'next': |
||
196 | # output next revision, or nothing if there isn't one |
||
197 | $nextid = 0; |
||
198 | if ( $oldid ) { |
||
199 | $nextid = $this->getTitle()->getNextRevisionID( $oldid ); |
||
200 | } |
||
201 | $oldid = $nextid ?: -1; |
||
202 | break; |
||
203 | case 'prev': |
||
204 | # output previous revision, or nothing if there isn't one |
||
205 | if ( !$oldid ) { |
||
206 | # get the current revision so we can get the penultimate one |
||
207 | $oldid = $this->page->getLatest(); |
||
208 | } |
||
209 | $previd = $this->getTitle()->getPreviousRevisionID( $oldid ); |
||
210 | $oldid = $previd ?: -1; |
||
211 | break; |
||
212 | case 'cur': |
||
213 | $oldid = 0; |
||
214 | break; |
||
215 | } |
||
216 | |||
217 | return $oldid; |
||
218 | } |
||
219 | |||
220 | /** |
||
221 | * Get the content type to use for the response |
||
222 | * |
||
223 | * @return string |
||
224 | */ |
||
225 | public function getContentType() { |
||
226 | $ctype = $this->getRequest()->getVal( 'ctype' ); |
||
227 | |||
228 | if ( $ctype == '' ) { |
||
229 | $gen = $this->getRequest()->getVal( 'gen' ); |
||
230 | if ( $gen == 'js' ) { |
||
231 | $ctype = 'text/javascript'; |
||
232 | } elseif ( $gen == 'css' ) { |
||
233 | $ctype = 'text/css'; |
||
234 | } |
||
235 | } |
||
236 | |||
237 | $allowedCTypes = [ 'text/x-wiki', 'text/javascript', 'text/css', 'application/x-zope-edit' ]; |
||
238 | if ( $ctype == '' || !in_array( $ctype, $allowedCTypes ) ) { |
||
239 | $ctype = 'text/x-wiki'; |
||
240 | } |
||
241 | |||
242 | return $ctype; |
||
243 | } |
||
244 | } |
||
245 |
It seems like the method you are trying to call exists only in some of the possible types.
Let’s take a look at an example:
Available Fixes
Add an additional type-check:
Only allow a single type to be passed if the variable comes from a parameter: