- Generated on Thu Nov 21 2013 13:28:49 for MediaWiki by
1.7.6.1
|
MediaWiki
REL1_20
|
00001 <?php 00038 class WebRequest { 00039 protected $data, $headers = array(); 00040 00045 private $response; 00046 00051 private $ip; 00052 00053 public function __construct() { 00057 $this->checkMagicQuotes(); 00058 00059 // POST overrides GET data 00060 // We don't use $_REQUEST here to avoid interference from cookies... 00061 $this->data = $_POST + $_GET; 00062 } 00063 00079 static public function getPathInfo( $want = 'all' ) { 00080 global $wgUsePathInfo; 00081 // PATH_INFO is mangled due to http://bugs.php.net/bug.php?id=31892 00082 // And also by Apache 2.x, double slashes are converted to single slashes. 00083 // So we will use REQUEST_URI if possible. 00084 $matches = array(); 00085 if ( !empty( $_SERVER['REQUEST_URI'] ) ) { 00086 // Slurp out the path portion to examine... 00087 $url = $_SERVER['REQUEST_URI']; 00088 if ( !preg_match( '!^https?://!', $url ) ) { 00089 $url = 'http://unused' . $url; 00090 } 00091 wfSuppressWarnings(); 00092 $a = parse_url( $url ); 00093 wfRestoreWarnings(); 00094 if( $a ) { 00095 $path = isset( $a['path'] ) ? $a['path'] : ''; 00096 00097 global $wgScript; 00098 if( $path == $wgScript && $want !== 'all' ) { 00099 // Script inside a rewrite path? 00100 // Abort to keep from breaking... 00101 return $matches; 00102 } 00103 00104 $router = new PathRouter; 00105 00106 // Raw PATH_INFO style 00107 $router->add( "$wgScript/$1" ); 00108 00109 if( isset( $_SERVER['SCRIPT_NAME'] ) 00110 && preg_match( '/\.php5?/', $_SERVER['SCRIPT_NAME'] ) ) 00111 { 00112 # Check for SCRIPT_NAME, we handle index.php explicitly 00113 # But we do have some other .php files such as img_auth.php 00114 # Don't let root article paths clober the parsing for them 00115 $router->add( $_SERVER['SCRIPT_NAME'] . "/$1" ); 00116 } 00117 00118 global $wgArticlePath; 00119 if( $wgArticlePath ) { 00120 $router->add( $wgArticlePath ); 00121 } 00122 00123 global $wgActionPaths; 00124 if( $wgActionPaths ) { 00125 $router->add( $wgActionPaths, array( 'action' => '$key' ) ); 00126 } 00127 00128 global $wgVariantArticlePath, $wgContLang; 00129 if( $wgVariantArticlePath ) { 00130 $router->add( $wgVariantArticlePath, 00131 array( 'variant' => '$2'), 00132 array( '$2' => $wgContLang->getVariants() ) 00133 ); 00134 } 00135 00136 wfRunHooks( 'WebRequestPathInfoRouter', array( $router ) ); 00137 00138 $matches = $router->parse( $path ); 00139 } 00140 } elseif ( $wgUsePathInfo ) { 00141 if ( isset( $_SERVER['ORIG_PATH_INFO'] ) && $_SERVER['ORIG_PATH_INFO'] != '' ) { 00142 // Mangled PATH_INFO 00143 // http://bugs.php.net/bug.php?id=31892 00144 // Also reported when ini_get('cgi.fix_pathinfo')==false 00145 $matches['title'] = substr( $_SERVER['ORIG_PATH_INFO'], 1 ); 00146 00147 } elseif ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != '') ) { 00148 // Regular old PATH_INFO yay 00149 $matches['title'] = substr( $_SERVER['PATH_INFO'], 1 ); 00150 } 00151 } 00152 00153 return $matches; 00154 } 00155 00162 public static function detectServer() { 00163 list( $proto, $stdPort ) = self::detectProtocolAndStdPort(); 00164 00165 $varNames = array( 'HTTP_HOST', 'SERVER_NAME', 'HOSTNAME', 'SERVER_ADDR' ); 00166 $host = 'localhost'; 00167 $port = $stdPort; 00168 foreach ( $varNames as $varName ) { 00169 if ( !isset( $_SERVER[$varName] ) ) { 00170 continue; 00171 } 00172 $parts = IP::splitHostAndPort( $_SERVER[$varName] ); 00173 if ( !$parts ) { 00174 // Invalid, do not use 00175 continue; 00176 } 00177 $host = $parts[0]; 00178 if ( $parts[1] === false ) { 00179 if ( isset( $_SERVER['SERVER_PORT'] ) ) { 00180 $port = $_SERVER['SERVER_PORT']; 00181 } // else leave it as $stdPort 00182 } else { 00183 $port = $parts[1]; 00184 } 00185 break; 00186 } 00187 00188 return $proto . '://' . IP::combineHostAndPort( $host, $port, $stdPort ); 00189 } 00190 00194 public static function detectProtocolAndStdPort() { 00195 return ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) ? array( 'https', 443 ) : array( 'http', 80 ); 00196 } 00197 00201 public static function detectProtocol() { 00202 list( $proto, $stdPort ) = self::detectProtocolAndStdPort(); 00203 return $proto; 00204 } 00205 00213 public function interpolateTitle() { 00214 // bug 16019: title interpolation on API queries is useless and sometimes harmful 00215 if ( defined( 'MW_API' ) ) { 00216 return; 00217 } 00218 00219 $matches = self::getPathInfo( 'title' ); 00220 foreach( $matches as $key => $val) { 00221 $this->data[$key] = $_GET[$key] = $_REQUEST[$key] = $val; 00222 } 00223 } 00224 00235 static function extractTitle( $path, $bases, $key = false ) { 00236 foreach( (array)$bases as $keyValue => $base ) { 00237 // Find the part after $wgArticlePath 00238 $base = str_replace( '$1', '', $base ); 00239 $baseLen = strlen( $base ); 00240 if( substr( $path, 0, $baseLen ) == $base ) { 00241 $raw = substr( $path, $baseLen ); 00242 if( $raw !== '' ) { 00243 $matches = array( 'title' => rawurldecode( $raw ) ); 00244 if( $key ) { 00245 $matches[$key] = $keyValue; 00246 } 00247 return $matches; 00248 } 00249 } 00250 } 00251 return array(); 00252 } 00253 00265 private function &fix_magic_quotes( &$arr, $topLevel = true ) { 00266 $clean = array(); 00267 foreach( $arr as $key => $val ) { 00268 if( is_array( $val ) ) { 00269 $cleanKey = $topLevel ? stripslashes( $key ) : $key; 00270 $clean[$cleanKey] = $this->fix_magic_quotes( $arr[$key], false ); 00271 } else { 00272 $cleanKey = stripslashes( $key ); 00273 $clean[$cleanKey] = stripslashes( $val ); 00274 } 00275 } 00276 $arr = $clean; 00277 return $arr; 00278 } 00279 00286 private function checkMagicQuotes() { 00287 $mustFixQuotes = function_exists( 'get_magic_quotes_gpc' ) 00288 && get_magic_quotes_gpc(); 00289 if( $mustFixQuotes ) { 00290 $this->fix_magic_quotes( $_COOKIE ); 00291 $this->fix_magic_quotes( $_ENV ); 00292 $this->fix_magic_quotes( $_GET ); 00293 $this->fix_magic_quotes( $_POST ); 00294 $this->fix_magic_quotes( $_REQUEST ); 00295 $this->fix_magic_quotes( $_SERVER ); 00296 } 00297 } 00298 00306 function normalizeUnicode( $data ) { 00307 if( is_array( $data ) ) { 00308 foreach( $data as $key => $val ) { 00309 $data[$key] = $this->normalizeUnicode( $val ); 00310 } 00311 } else { 00312 global $wgContLang; 00313 $data = isset( $wgContLang ) ? $wgContLang->normalize( $data ) : UtfNormal::cleanUp( $data ); 00314 } 00315 return $data; 00316 } 00317 00326 private function getGPCVal( $arr, $name, $default ) { 00327 # PHP is so nice to not touch input data, except sometimes: 00328 # http://us2.php.net/variables.external#language.variables.external.dot-in-names 00329 # Work around PHP *feature* to avoid *bugs* elsewhere. 00330 $name = strtr( $name, '.', '_' ); 00331 if( isset( $arr[$name] ) ) { 00332 global $wgContLang; 00333 $data = $arr[$name]; 00334 if( isset( $_GET[$name] ) && !is_array( $data ) ) { 00335 # Check for alternate/legacy character encoding. 00336 if( isset( $wgContLang ) ) { 00337 $data = $wgContLang->checkTitleEncoding( $data ); 00338 } 00339 } 00340 $data = $this->normalizeUnicode( $data ); 00341 return $data; 00342 } else { 00343 taint( $default ); 00344 return $default; 00345 } 00346 } 00347 00358 public function getVal( $name, $default = null ) { 00359 $val = $this->getGPCVal( $this->data, $name, $default ); 00360 if( is_array( $val ) ) { 00361 $val = $default; 00362 } 00363 if( is_null( $val ) ) { 00364 return $val; 00365 } else { 00366 return (string)$val; 00367 } 00368 } 00369 00377 public function setVal( $key, $value ) { 00378 $ret = isset( $this->data[$key] ) ? $this->data[$key] : null; 00379 $this->data[$key] = $value; 00380 return $ret; 00381 } 00382 00383 00390 public function unsetVal( $key ) { 00391 if ( !isset( $this->data[$key] ) ) { 00392 $ret = null; 00393 } else { 00394 $ret = $this->data[$key]; 00395 unset( $this->data[$key] ); 00396 } 00397 return $ret; 00398 } 00399 00409 public function getArray( $name, $default = null ) { 00410 $val = $this->getGPCVal( $this->data, $name, $default ); 00411 if( is_null( $val ) ) { 00412 return null; 00413 } else { 00414 return (array)$val; 00415 } 00416 } 00417 00428 public function getIntArray( $name, $default = null ) { 00429 $val = $this->getArray( $name, $default ); 00430 if( is_array( $val ) ) { 00431 $val = array_map( 'intval', $val ); 00432 } 00433 return $val; 00434 } 00435 00445 public function getInt( $name, $default = 0 ) { 00446 return intval( $this->getVal( $name, $default ) ); 00447 } 00448 00457 public function getIntOrNull( $name ) { 00458 $val = $this->getVal( $name ); 00459 return is_numeric( $val ) 00460 ? intval( $val ) 00461 : null; 00462 } 00463 00473 public function getBool( $name, $default = false ) { 00474 return (bool)$this->getVal( $name, $default ); 00475 } 00476 00486 public function getFuzzyBool( $name, $default = false ) { 00487 return $this->getBool( $name, $default ) && strcasecmp( $this->getVal( $name ), 'false' ) !== 0; 00488 } 00489 00498 public function getCheck( $name ) { 00499 # Checkboxes and buttons are only present when clicked 00500 # Presence connotes truth, abscense false 00501 return $this->getVal( $name, null ) !== null; 00502 } 00503 00516 public function getText( $name, $default = '' ) { 00517 global $wgContLang; 00518 $val = $this->getVal( $name, $default ); 00519 return str_replace( "\r\n", "\n", 00520 $wgContLang->recodeInput( $val ) ); 00521 } 00522 00530 public function getValues() { 00531 $names = func_get_args(); 00532 if ( count( $names ) == 0 ) { 00533 $names = array_keys( $this->data ); 00534 } 00535 00536 $retVal = array(); 00537 foreach ( $names as $name ) { 00538 $value = $this->getGPCVal( $this->data, $name, null ); 00539 if ( !is_null( $value ) ) { 00540 $retVal[$name] = $value; 00541 } 00542 } 00543 return $retVal; 00544 } 00545 00552 public function getValueNames( $exclude = array() ) { 00553 return array_diff( array_keys( $this->getValues() ), $exclude ); 00554 } 00555 00562 public function getQueryValues() { 00563 return $_GET; 00564 } 00565 00571 public function getMethod() { 00572 return isset( $_SERVER['REQUEST_METHOD'] ) ? $_SERVER['REQUEST_METHOD'] : 'GET'; 00573 } 00574 00584 public function wasPosted() { 00585 return $this->getMethod() == 'POST'; 00586 } 00587 00599 public function checkSessionCookie() { 00600 return isset( $_COOKIE[ session_name() ] ); 00601 } 00602 00611 public function getCookie( $key, $prefix = null, $default = null ) { 00612 if( $prefix === null ) { 00613 global $wgCookiePrefix; 00614 $prefix = $wgCookiePrefix; 00615 } 00616 return $this->getGPCVal( $_COOKIE, $prefix . $key , $default ); 00617 } 00618 00625 public function getRequestURL() { 00626 if( isset( $_SERVER['REQUEST_URI'] ) && strlen( $_SERVER['REQUEST_URI'] ) ) { 00627 $base = $_SERVER['REQUEST_URI']; 00628 } elseif ( isset( $_SERVER['HTTP_X_ORIGINAL_URL'] ) && strlen( $_SERVER['HTTP_X_ORIGINAL_URL'] ) ) { 00629 // Probably IIS; doesn't set REQUEST_URI 00630 $base = $_SERVER['HTTP_X_ORIGINAL_URL']; 00631 } elseif( isset( $_SERVER['SCRIPT_NAME'] ) ) { 00632 $base = $_SERVER['SCRIPT_NAME']; 00633 if( isset( $_SERVER['QUERY_STRING'] ) && $_SERVER['QUERY_STRING'] != '' ) { 00634 $base .= '?' . $_SERVER['QUERY_STRING']; 00635 } 00636 } else { 00637 // This shouldn't happen! 00638 throw new MWException( "Web server doesn't provide either " . 00639 "REQUEST_URI, HTTP_X_ORIGINAL_URL or SCRIPT_NAME. Report details " . 00640 "of your web server configuration to http://bugzilla.wikimedia.org/" ); 00641 } 00642 // User-agents should not send a fragment with the URI, but 00643 // if they do, and the web server passes it on to us, we 00644 // need to strip it or we get false-positive redirect loops 00645 // or weird output URLs 00646 $hash = strpos( $base, '#' ); 00647 if( $hash !== false ) { 00648 $base = substr( $base, 0, $hash ); 00649 } 00650 if( $base[0] == '/' ) { 00651 return $base; 00652 } else { 00653 // We may get paths with a host prepended; strip it. 00654 return preg_replace( '!^[^:]+://[^/]+/!', '/', $base ); 00655 } 00656 } 00657 00668 public function getFullRequestURL() { 00669 return wfExpandUrl( $this->getRequestURL(), PROTO_CURRENT ); 00670 } 00671 00678 public function appendQuery( $query ) { 00679 return $this->appendQueryArray( wfCgiToArray( $query ) ); 00680 } 00681 00689 public function escapeAppendQuery( $query ) { 00690 return htmlspecialchars( $this->appendQuery( $query ) ); 00691 } 00692 00699 public function appendQueryValue( $key, $value, $onlyquery = false ) { 00700 return $this->appendQueryArray( array( $key => $value ), $onlyquery ); 00701 } 00702 00711 public function appendQueryArray( $array, $onlyquery = false ) { 00712 global $wgTitle; 00713 $newquery = $this->getQueryValues(); 00714 unset( $newquery['title'] ); 00715 $newquery = array_merge( $newquery, $array ); 00716 $query = wfArrayToCGI( $newquery ); 00717 return $onlyquery ? $query : $wgTitle->getLocalURL( $query ); 00718 } 00719 00729 public function getLimitOffset( $deflimit = 50, $optionname = 'rclimit' ) { 00730 global $wgUser; 00731 00732 $limit = $this->getInt( 'limit', 0 ); 00733 if( $limit < 0 ) { 00734 $limit = 0; 00735 } 00736 if( ( $limit == 0 ) && ( $optionname != '' ) ) { 00737 $limit = (int)$wgUser->getOption( $optionname ); 00738 } 00739 if( $limit <= 0 ) { 00740 $limit = $deflimit; 00741 } 00742 if( $limit > 5000 ) { 00743 $limit = 5000; # We have *some* limits... 00744 } 00745 00746 $offset = $this->getInt( 'offset', 0 ); 00747 if( $offset < 0 ) { 00748 $offset = 0; 00749 } 00750 00751 return array( $limit, $offset ); 00752 } 00753 00760 public function getFileTempname( $key ) { 00761 $file = new WebRequestUpload( $this, $key ); 00762 return $file->getTempName(); 00763 } 00764 00772 public function getFileSize( $key ) { 00773 wfDeprecated( __METHOD__, '1.17' ); 00774 $file = new WebRequestUpload( $this, $key ); 00775 return $file->getSize(); 00776 } 00777 00784 public function getUploadError( $key ) { 00785 $file = new WebRequestUpload( $this, $key ); 00786 return $file->getError(); 00787 } 00788 00800 public function getFileName( $key ) { 00801 $file = new WebRequestUpload( $this, $key ); 00802 return $file->getName(); 00803 } 00804 00811 public function getUpload( $key ) { 00812 return new WebRequestUpload( $this, $key ); 00813 } 00814 00821 public function response() { 00822 /* Lazy initialization of response object for this request */ 00823 if ( !is_object( $this->response ) ) { 00824 $class = ( $this instanceof FauxRequest ) ? 'FauxResponse' : 'WebResponse'; 00825 $this->response = new $class(); 00826 } 00827 return $this->response; 00828 } 00829 00833 private function initHeaders() { 00834 if ( count( $this->headers ) ) { 00835 return; 00836 } 00837 00838 if ( function_exists( 'apache_request_headers' ) ) { 00839 foreach ( apache_request_headers() as $tempName => $tempValue ) { 00840 $this->headers[ strtoupper( $tempName ) ] = $tempValue; 00841 } 00842 } else { 00843 foreach ( $_SERVER as $name => $value ) { 00844 if ( substr( $name, 0, 5 ) === 'HTTP_' ) { 00845 $name = str_replace( '_', '-', substr( $name, 5 ) ); 00846 $this->headers[$name] = $value; 00847 } elseif ( $name === 'CONTENT_LENGTH' ) { 00848 $this->headers['CONTENT-LENGTH'] = $value; 00849 } 00850 } 00851 } 00852 } 00853 00859 public function getAllHeaders() { 00860 $this->initHeaders(); 00861 return $this->headers; 00862 } 00863 00870 public function getHeader( $name ) { 00871 $this->initHeaders(); 00872 $name = strtoupper( $name ); 00873 if ( isset( $this->headers[$name] ) ) { 00874 return $this->headers[$name]; 00875 } else { 00876 return false; 00877 } 00878 } 00879 00886 public function getSessionData( $key ) { 00887 if( !isset( $_SESSION[$key] ) ) { 00888 return null; 00889 } 00890 return $_SESSION[$key]; 00891 } 00892 00899 public function setSessionData( $key, $data ) { 00900 $_SESSION[$key] = $data; 00901 } 00902 00912 public function checkUrlExtension( $extWhitelist = array() ) { 00913 global $wgScriptExtension; 00914 $extWhitelist[] = ltrim( $wgScriptExtension, '.' ); 00915 if ( IEUrlExtension::areServerVarsBad( $_SERVER, $extWhitelist ) ) { 00916 if ( !$this->wasPosted() ) { 00917 $newUrl = IEUrlExtension::fixUrlForIE6( 00918 $this->getFullRequestURL(), $extWhitelist ); 00919 if ( $newUrl !== false ) { 00920 $this->doSecurityRedirect( $newUrl ); 00921 return false; 00922 } 00923 } 00924 throw new HttpError( 403, 00925 'Invalid file extension found in the path info or query string.' ); 00926 } 00927 return true; 00928 } 00929 00937 protected function doSecurityRedirect( $url ) { 00938 header( 'Location: ' . $url ); 00939 header( 'Content-Type: text/html' ); 00940 $encUrl = htmlspecialchars( $url ); 00941 echo <<<HTML 00942 <html> 00943 <head> 00944 <title>Security redirect</title> 00945 </head> 00946 <body> 00947 <h1>Security redirect</h1> 00948 <p> 00949 We can't serve non-HTML content from the URL you have requested, because 00950 Internet Explorer would interpret it as an incorrect and potentially dangerous 00951 content type.</p> 00952 <p>Instead, please use <a href="$encUrl">this URL</a>, which is the same as the URL you have requested, except that 00953 "&*" is appended. This prevents Internet Explorer from seeing a bogus file 00954 extension. 00955 </p> 00956 </body> 00957 </html> 00958 HTML; 00959 echo "\n"; 00960 return true; 00961 } 00962 00985 public function isPathInfoBad( $extWhitelist = array() ) { 00986 wfDeprecated( __METHOD__, '1.17' ); 00987 global $wgScriptExtension; 00988 $extWhitelist[] = ltrim( $wgScriptExtension, '.' ); 00989 return IEUrlExtension::areServerVarsBad( $_SERVER, $extWhitelist ); 00990 } 00991 01000 public function getAcceptLang() { 01001 // Modified version of code found at http://www.thefutureoftheweb.com/blog/use-accept-language-header 01002 $acceptLang = $this->getHeader( 'Accept-Language' ); 01003 if ( !$acceptLang ) { 01004 return array(); 01005 } 01006 01007 // Return the language codes in lower case 01008 $acceptLang = strtolower( $acceptLang ); 01009 01010 // Break up string into pieces (languages and q factors) 01011 $lang_parse = null; 01012 preg_match_all( '/([a-z]{1,8}(-[a-z]{1,8})*|\*)\s*(;\s*q\s*=\s*(1(\.0{0,3})?|0(\.[0-9]{0,3})?)?)?/', 01013 $acceptLang, $lang_parse ); 01014 01015 if ( !count( $lang_parse[1] ) ) { 01016 return array(); 01017 } 01018 01019 $langcodes = $lang_parse[1]; 01020 $qvalues = $lang_parse[4]; 01021 $indices = range( 0, count( $lang_parse[1] ) - 1 ); 01022 01023 // Set default q factor to 1 01024 foreach ( $indices as $index ) { 01025 if ( $qvalues[$index] === '' ) { 01026 $qvalues[$index] = 1; 01027 } elseif ( $qvalues[$index] == 0 ) { 01028 unset( $langcodes[$index], $qvalues[$index], $indices[$index] ); 01029 } 01030 } 01031 01032 // Sort list. First by $qvalues, then by order. Reorder $langcodes the same way 01033 array_multisort( $qvalues, SORT_DESC, SORT_NUMERIC, $indices, $langcodes ); 01034 01035 // Create a list like "en" => 0.8 01036 $langs = array_combine( $langcodes, $qvalues ); 01037 01038 return $langs; 01039 } 01040 01048 protected function getRawIP() { 01049 if ( isset( $_SERVER['REMOTE_ADDR'] ) ) { 01050 return IP::canonicalize( $_SERVER['REMOTE_ADDR'] ); 01051 } else { 01052 return null; 01053 } 01054 } 01055 01064 public function getIP() { 01065 global $wgUsePrivateIPs; 01066 01067 # Return cached result 01068 if ( $this->ip !== null ) { 01069 return $this->ip; 01070 } 01071 01072 # collect the originating ips 01073 $ip = $this->getRawIP(); 01074 01075 # Append XFF 01076 $forwardedFor = $this->getHeader( 'X-Forwarded-For' ); 01077 if ( $forwardedFor !== false ) { 01078 $ipchain = array_map( 'trim', explode( ',', $forwardedFor ) ); 01079 $ipchain = array_reverse( $ipchain ); 01080 if ( $ip ) { 01081 array_unshift( $ipchain, $ip ); 01082 } 01083 01084 # Step through XFF list and find the last address in the list which is a trusted server 01085 # Set $ip to the IP address given by that trusted server, unless the address is not sensible (e.g. private) 01086 foreach ( $ipchain as $i => $curIP ) { 01087 $curIP = IP::canonicalize( $curIP ); 01088 if ( wfIsTrustedProxy( $curIP ) ) { 01089 if ( isset( $ipchain[$i + 1] ) ) { 01090 if ( $wgUsePrivateIPs || IP::isPublic( $ipchain[$i + 1 ] ) ) { 01091 $ip = $ipchain[$i + 1]; 01092 } 01093 } 01094 } else { 01095 break; 01096 } 01097 } 01098 } 01099 01100 # Allow extensions to improve our guess 01101 wfRunHooks( 'GetIP', array( &$ip ) ); 01102 01103 if ( !$ip ) { 01104 throw new MWException( "Unable to determine IP" ); 01105 } 01106 01107 wfDebug( "IP: $ip\n" ); 01108 $this->ip = $ip; 01109 return $ip; 01110 } 01111 } 01112 01116 class WebRequestUpload { 01117 protected $request; 01118 protected $doesExist; 01119 protected $fileInfo; 01120 01127 public function __construct( $request, $key ) { 01128 $this->request = $request; 01129 $this->doesExist = isset( $_FILES[$key] ); 01130 if ( $this->doesExist ) { 01131 $this->fileInfo = $_FILES[$key]; 01132 } 01133 } 01134 01140 public function exists() { 01141 return $this->doesExist; 01142 } 01143 01149 public function getName() { 01150 if ( !$this->exists() ) { 01151 return null; 01152 } 01153 01154 global $wgContLang; 01155 $name = $this->fileInfo['name']; 01156 01157 # Safari sends filenames in HTML-encoded Unicode form D... 01158 # Horrid and evil! Let's try to make some kind of sense of it. 01159 $name = Sanitizer::decodeCharReferences( $name ); 01160 $name = $wgContLang->normalize( $name ); 01161 wfDebug( __METHOD__ . ": {$this->fileInfo['name']} normalized to '$name'\n" ); 01162 return $name; 01163 } 01164 01170 public function getSize() { 01171 if ( !$this->exists() ) { 01172 return 0; 01173 } 01174 01175 return $this->fileInfo['size']; 01176 } 01177 01183 public function getTempName() { 01184 if ( !$this->exists() ) { 01185 return null; 01186 } 01187 01188 return $this->fileInfo['tmp_name']; 01189 } 01190 01197 public function getError() { 01198 if ( !$this->exists() ) { 01199 return 0; # UPLOAD_ERR_OK 01200 } 01201 01202 return $this->fileInfo['error']; 01203 } 01204 01211 public function isIniSizeOverflow() { 01212 if ( $this->getError() == UPLOAD_ERR_INI_SIZE ) { 01213 # PHP indicated that upload_max_filesize is exceeded 01214 return true; 01215 } 01216 01217 $contentLength = $this->request->getHeader( 'CONTENT_LENGTH' ); 01218 if ( $contentLength > wfShorthandToInteger( ini_get( 'post_max_size' ) ) ) { 01219 # post_max_size is exceeded 01220 return true; 01221 } 01222 01223 return false; 01224 } 01225 } 01226 01232 class FauxRequest extends WebRequest { 01233 private $wasPosted = false; 01234 private $session = array(); 01235 01242 public function __construct( $data = array(), $wasPosted = false, $session = null ) { 01243 if( is_array( $data ) ) { 01244 $this->data = $data; 01245 } else { 01246 throw new MWException( "FauxRequest() got bogus data" ); 01247 } 01248 $this->wasPosted = $wasPosted; 01249 if( $session ) 01250 $this->session = $session; 01251 } 01252 01257 private function notImplemented( $method ) { 01258 throw new MWException( "{$method}() not implemented" ); 01259 } 01260 01266 public function getText( $name, $default = '' ) { 01267 # Override; don't recode since we're using internal data 01268 return (string)$this->getVal( $name, $default ); 01269 } 01270 01274 public function getValues() { 01275 return $this->data; 01276 } 01277 01281 public function getQueryValues() { 01282 if ( $this->wasPosted ) { 01283 return array(); 01284 } else { 01285 return $this->data; 01286 } 01287 } 01288 01289 public function getMethod() { 01290 return $this->wasPosted ? 'POST' : 'GET'; 01291 } 01292 01296 public function wasPosted() { 01297 return $this->wasPosted; 01298 } 01299 01300 public function getCookie( $key, $prefix = null, $default = null ) { 01301 return $default; 01302 } 01303 01304 public function checkSessionCookie() { 01305 return false; 01306 } 01307 01308 public function getRequestURL() { 01309 $this->notImplemented( __METHOD__ ); 01310 } 01311 01316 public function getHeader( $name ) { 01317 return isset( $this->headers[$name] ) ? $this->headers[$name] : false; 01318 } 01319 01324 public function setHeader( $name, $val ) { 01325 $this->headers[$name] = $val; 01326 } 01327 01332 public function getSessionData( $key ) { 01333 if( isset( $this->session[$key] ) ) 01334 return $this->session[$key]; 01335 } 01336 01341 public function setSessionData( $key, $data ) { 01342 $this->session[$key] = $data; 01343 } 01344 01348 public function getSessionArray() { 01349 return $this->session; 01350 } 01351 01356 public function isPathInfoBad( $extWhitelist = array() ) { 01357 return false; 01358 } 01359 01364 public function checkUrlExtension( $extWhitelist = array() ) { 01365 return true; 01366 } 01367 01371 protected function getRawIP() { 01372 return '127.0.0.1'; 01373 } 01374 } 01375 01384 class DerivativeRequest extends FauxRequest { 01385 private $base; 01386 01387 public function __construct( WebRequest $base, $data, $wasPosted = false ) { 01388 $this->base = $base; 01389 parent::__construct( $data, $wasPosted ); 01390 } 01391 01392 public function getCookie( $key, $prefix = null, $default = null ) { 01393 return $this->base->getCookie( $key, $prefix, $default ); 01394 } 01395 01396 public function checkSessionCookie() { 01397 return $this->base->checkSessionCookie(); 01398 } 01399 01400 public function getHeader( $name ) { 01401 return $this->base->getHeader( $name ); 01402 } 01403 01404 public function getAllHeaders() { 01405 return $this->base->getAllHeaders(); 01406 } 01407 01408 public function getSessionData( $key ) { 01409 return $this->base->getSessionData( $key ); 01410 } 01411 01412 public function setSessionData( $key, $data ) { 01413 $this->base->setSessionData( $key, $data ); 01414 } 01415 01416 public function getAcceptLang() { 01417 return $this->base->getAcceptLang(); 01418 } 01419 01420 public function getIP() { 01421 return $this->base->getIP(); 01422 } 01423 }
1.7.6.1