search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge "Improve sorting on SpecialWanted*-Pages"
[mediawiki.git] / includes / EditPage.php
blobc22125a6a2ad9e0ac98f3e3f2b2022c4b6828701
1 <?php
2 /**
3 * User interface for page editing.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 */
22
23 use MediaWiki\Logger\LoggerFactory;
24 use MediaWiki\MediaWikiServices;
25 use Wikimedia\ScopedCallback;
26
27 /**
28 * The edit page/HTML interface (split from Article)
29 * The actual database and text munging is still in Article,
30 * but it should get easier to call those from alternate
31 * interfaces.
32 *
33 * EditPage cares about two distinct titles:
34 * $this->mContextTitle is the page that forms submit to, links point to,
35 * redirects go to, etc. $this->mTitle (as well as $mArticle) is the
36 * page in the database that is actually being edited. These are
37 * usually the same, but they are now allowed to be different.
38 *
39 * Surgeon General's Warning: prolonged exposure to this class is known to cause
40 * headaches, which may be fatal.
41 */
42 class EditPage {
43 /**
44 * Status: Article successfully updated
45 */
46 const AS_SUCCESS_UPDATE = 200;
47
48 /**
49 * Status: Article successfully created
50 */
51 const AS_SUCCESS_NEW_ARTICLE = 201;
52
53 /**
54 * Status: Article update aborted by a hook function
55 */
56 const AS_HOOK_ERROR = 210;
57
58 /**
59 * Status: A hook function returned an error
60 */
61 const AS_HOOK_ERROR_EXPECTED = 212;
62
63 /**
64 * Status: User is blocked from editing this page
65 */
66 const AS_BLOCKED_PAGE_FOR_USER = 215;
67
68 /**
69 * Status: Content too big (> $wgMaxArticleSize)
70 */
71 const AS_CONTENT_TOO_BIG = 216;
72
73 /**
74 * Status: this anonymous user is not allowed to edit this page
75 */
76 const AS_READ_ONLY_PAGE_ANON = 218;
77
78 /**
79 * Status: this logged in user is not allowed to edit this page
80 */
81 const AS_READ_ONLY_PAGE_LOGGED = 219;
82
83 /**
84 * Status: wiki is in readonly mode (wfReadOnly() == true)
85 */
86 const AS_READ_ONLY_PAGE = 220;
87
88 /**
89 * Status: rate limiter for action 'edit' was tripped
90 */
91 const AS_RATE_LIMITED = 221;
92
93 /**
94 * Status: article was deleted while editing and param wpRecreate == false or form
95 * was not posted
96 */
97 const AS_ARTICLE_WAS_DELETED = 222;
98
99 /**
100 * Status: user tried to create this page, but is not allowed to do that
101 * ( Title->userCan('create') == false )
102 */
103 const AS_NO_CREATE_PERMISSION = 223;
104
105 /**
106 * Status: user tried to create a blank page and wpIgnoreBlankArticle == false
107 */
108 const AS_BLANK_ARTICLE = 224;
109
110 /**
111 * Status: (non-resolvable) edit conflict
112 */
113 const AS_CONFLICT_DETECTED = 225;
114
115 /**
116 * Status: no edit summary given and the user has forceeditsummary set and the user is not
117 * editing in his own userspace or talkspace and wpIgnoreBlankSummary == false
118 */
119 const AS_SUMMARY_NEEDED = 226;
120
121 /**
122 * Status: user tried to create a new section without content
123 */
124 const AS_TEXTBOX_EMPTY = 228;
125
126 /**
127 * Status: article is too big (> $wgMaxArticleSize), after merging in the new section
128 */
129 const AS_MAX_ARTICLE_SIZE_EXCEEDED = 229;
130
131 /**
132 * Status: WikiPage::doEdit() was unsuccessful
133 */
134 const AS_END = 231;
135
136 /**
137 * Status: summary contained spam according to one of the regexes in $wgSummarySpamRegex
138 */
139 const AS_SPAM_ERROR = 232;
140
141 /**
142 * Status: anonymous user is not allowed to upload (User::isAllowed('upload') == false)
143 */
144 const AS_IMAGE_REDIRECT_ANON = 233;
145
146 /**
147 * Status: logged in user is not allowed to upload (User::isAllowed('upload') == false)
148 */
149 const AS_IMAGE_REDIRECT_LOGGED = 234;
150
151 /**
152 * Status: user tried to modify the content model, but is not allowed to do that
153 * ( User::isAllowed('editcontentmodel') == false )
154 */
155 const AS_NO_CHANGE_CONTENT_MODEL = 235;
156
157 /**
158 * Status: user tried to create self-redirect (redirect to the same article) and
159 * wpIgnoreSelfRedirect == false
160 */
161 const AS_SELF_REDIRECT = 236;
162
163 /**
164 * Status: an error relating to change tagging. Look at the message key for
165 * more details
166 */
167 const AS_CHANGE_TAG_ERROR = 237;
168
169 /**
170 * Status: can't parse content
171 */
172 const AS_PARSE_ERROR = 240;
173
174 /**
175 * Status: when changing the content model is disallowed due to
176 * $wgContentHandlerUseDB being false
177 */
178 const AS_CANNOT_USE_CUSTOM_MODEL = 241;
179
180 /**
181 * HTML id and name for the beginning of the edit form.
182 */
183 const EDITFORM_ID = 'editform';
184
185 /**
186 * Prefix of key for cookie used to pass post-edit state.
187 * The revision id edited is added after this
188 */
189 const POST_EDIT_COOKIE_KEY_PREFIX = 'PostEditRevision';
190
191 /**
192 * Duration of PostEdit cookie, in seconds.
193 * The cookie will be removed instantly if the JavaScript runs.
194 *
195 * Otherwise, though, we don't want the cookies to accumulate.
196 * RFC 2109 ( https://www.ietf.org/rfc/rfc2109.txt ) specifies a possible
197 * limit of only 20 cookies per domain. This still applies at least to some
198 * versions of IE without full updates:
199 * https://blogs.msdn.com/b/ieinternals/archive/2009/08/20/wininet-ie-cookie-internals-faq.aspx
200 *
201 * A value of 20 minutes should be enough to take into account slow loads and minor
202 * clock skew while still avoiding cookie accumulation when JavaScript is turned off.
203 */
204 const POST_EDIT_COOKIE_DURATION = 1200;
205
206 /** @var Article */
207 public $mArticle;
208 /** @var WikiPage */
209 private $page;
210
211 /** @var Title */
212 public $mTitle;
213
214 /** @var null|Title */
215 private $mContextTitle = null;
216
217 /** @var string */
218 public $action = 'submit';
219
220 /** @var bool */
221 public $isConflict = false;
222
223 /** @var bool */
224 public $isCssJsSubpage = false;
225
226 /** @var bool */
227 public $isCssSubpage = false;
228
229 /** @var bool */
230 public $isJsSubpage = false;
231
232 /** @var bool */
233 public $isWrongCaseCssJsPage = false;
234
235 /** @var bool New page or new section */
236 public $isNew = false;
237
238 /** @var bool */
239 public $deletedSinceEdit;
240
241 /** @var string */
242 public $formtype;
243
244 /** @var bool */
245 public $firsttime;
246
247 /** @var bool|stdClass */
248 public $lastDelete;
249
250 /** @var bool */
251 public $mTokenOk = false;
252
253 /** @var bool */
254 public $mTokenOkExceptSuffix = false;
255
256 /** @var bool */
257 public $mTriedSave = false;
258
259 /** @var bool */
260 public $incompleteForm = false;
261
262 /** @var bool */
263 public $tooBig = false;
264
265 /** @var bool */
266 public $missingComment = false;
267
268 /** @var bool */
269 public $missingSummary = false;
270
271 /** @var bool */
272 public $allowBlankSummary = false;
273
274 /** @var bool */
275 protected $blankArticle = false;
276
277 /** @var bool */
278 protected $allowBlankArticle = false;
279
280 /** @var bool */
281 protected $selfRedirect = false;
282
283 /** @var bool */
284 protected $allowSelfRedirect = false;
285
286 /** @var string */
287 public $autoSumm = '';
288
289 /** @var string */
290 public $hookError = '';
291
292 /** @var ParserOutput */
293 public $mParserOutput;
294
295 /** @var bool Has a summary been preset using GET parameter &summary= ? */
296 public $hasPresetSummary = false;
297
298 /** @var Revision|bool */
299 public $mBaseRevision = false;
300
301 /** @var bool */
302 public $mShowSummaryField = true;
303
304 # Form values
305
306 /** @var bool */
307 public $save = false;
308
309 /** @var bool */
310 public $preview = false;
311
312 /** @var bool */
313 public $diff = false;
314
315 /** @var bool */
316 public $minoredit = false;
317
318 /** @var bool */
319 public $watchthis = false;
320
321 /** @var bool */
322 public $recreate = false;
323
324 /** @var string */
325 public $textbox1 = '';
326
327 /** @var string */
328 public $textbox2 = '';
329
330 /** @var string */
331 public $summary = '';
332
333 /** @var bool */
334 public $nosummary = false;
335
336 /** @var string */
337 public $edittime = '';
338
339 /** @var integer */
340 private $editRevId = null;
341
342 /** @var string */
343 public $section = '';
344
345 /** @var string */
346 public $sectiontitle = '';
347
348 /** @var string */
349 public $starttime = '';
350
351 /** @var int */
352 public $oldid = 0;
353
354 /** @var int */
355 public $parentRevId = 0;
356
357 /** @var string */
358 public $editintro = '';
359
360 /** @var null */
361 public $scrolltop = null;
362
363 /** @var bool */
364 public $bot = true;
365
366 /** @var string */
367 public $contentModel;
368
369 /** @var null|string */
370 public $contentFormat = null;
371
372 /** @var null|array */
373 private $changeTags = null;
374
375 # Placeholders for text injection by hooks (must be HTML)
376 # extensions should take care to _append_ to the present value
377
378 /** @var string Before even the preview */
379 public $editFormPageTop = '';
380 public $editFormTextTop = '';
381 public $editFormTextBeforeContent = '';
382 public $editFormTextAfterWarn = '';
383 public $editFormTextAfterTools = '';
384 public $editFormTextBottom = '';
385 public $editFormTextAfterContent = '';
386 public $previewTextAfterContent = '';
387 public $mPreloadContent = null;
388
389 /* $didSave should be set to true whenever an article was successfully altered. */
390 public $didSave = false;
391 public $undidRev = 0;
392
393 public $suppressIntro = false;
394
395 /** @var bool */
396 protected $edit;
397
398 /** @var bool|int */
399 protected $contentLength = false;
400
401 /**
402 * @var bool Set in ApiEditPage, based on ContentHandler::allowsDirectApiEditing
403 */
404 private $enableApiEditOverride = false;
405
406 /**
407 * @var IContextSource
408 */
409 protected $context;
410
411 /**
412 * @var bool Whether an old revision is edited
413 */
414 private $isOldRev = false;
415
416 /**
417 * @param Article $article
418 */
419 public function __construct( Article $article ) {
420 $this->mArticle = $article;
421 $this->page = $article->getPage(); // model object
422 $this->mTitle = $article->getTitle();
423 $this->context = $article->getContext();
424
425 $this->contentModel = $this->mTitle->getContentModel();
426
427 $handler = ContentHandler::getForModelID( $this->contentModel );
428 $this->contentFormat = $handler->getDefaultFormat();
429 }
430
431 /**
432 * @return Article
433 */
434 public function getArticle() {
435 return $this->mArticle;
436 }
437
438 /**
439 * @since 1.28
440 * @return IContextSource
441 */
442 public function getContext() {
443 return $this->context;
444 }
445
446 /**
447 * @since 1.19
448 * @return Title
449 */
450 public function getTitle() {
451 return $this->mTitle;
452 }
453
454 /**
455 * Set the context Title object
456 *
457 * @param Title|null $title Title object or null
458 */
459 public function setContextTitle( $title ) {
460 $this->mContextTitle = $title;
461 }
462
463 /**
464 * Get the context title object.
465 * If not set, $wgTitle will be returned. This behavior might change in
466 * the future to return $this->mTitle instead.
467 *
468 * @return Title
469 */
470 public function getContextTitle() {
471 if ( is_null( $this->mContextTitle ) ) {
472 global $wgTitle;
473 return $wgTitle;
474 } else {
475 return $this->mContextTitle;
476 }
477 }
478
479 /**
480 * Returns if the given content model is editable.
481 *
482 * @param string $modelId The ID of the content model to test. Use CONTENT_MODEL_XXX constants.
483 * @return bool
484 * @throws MWException If $modelId has no known handler
485 */
486 public function isSupportedContentModel( $modelId ) {
487 return $this->enableApiEditOverride === true ||
488 ContentHandler::getForModelID( $modelId )->supportsDirectEditing();
489 }
490
491 /**
492 * Allow editing of content that supports API direct editing, but not general
493 * direct editing. Set to false by default.
494 *
495 * @param bool $enableOverride
496 */
497 public function setApiEditOverride( $enableOverride ) {
498 $this->enableApiEditOverride = $enableOverride;
499 }
500
501 /**
502 * @deprecated since 1.29, call edit directly
503 */
504 public function submit() {
505 $this->edit();
506 }
507
508 /**
509 * This is the function that gets called for "action=edit". It
510 * sets up various member variables, then passes execution to
511 * another function, usually showEditForm()
512 *
513 * The edit form is self-submitting, so that when things like
514 * preview and edit conflicts occur, we get the same form back
515 * with the extra stuff added. Only when the final submission
516 * is made and all is well do we actually save and redirect to
517 * the newly-edited page.
518 */
519 public function edit() {
520 global $wgOut, $wgRequest, $wgUser;
521 // Allow extensions to modify/prevent this form or submission
522 if ( !Hooks::run( 'AlternateEdit', [ $this ] ) ) {
523 return;
524 }
525
526 wfDebug( __METHOD__ . ": enter\n" );
527
528 // If they used redlink=1 and the page exists, redirect to the main article
529 if ( $wgRequest->getBool( 'redlink' ) && $this->mTitle->exists() ) {
530 $wgOut->redirect( $this->mTitle->getFullURL() );
531 return;
532 }
533
534 $this->importFormData( $wgRequest );
535 $this->firsttime = false;
536
537 if ( wfReadOnly() && $this->save ) {
538 // Force preview
539 $this->save = false;
540 $this->preview = true;
541 }
542
543 if ( $this->save ) {
544 $this->formtype = 'save';
545 } elseif ( $this->preview ) {
546 $this->formtype = 'preview';
547 } elseif ( $this->diff ) {
548 $this->formtype = 'diff';
549 } else { # First time through
550 $this->firsttime = true;
551 if ( $this->previewOnOpen() ) {
552 $this->formtype = 'preview';
553 } else {
554 $this->formtype = 'initial';
555 }
556 }
557
558 $permErrors = $this->getEditPermissionErrors( $this->save ? 'secure' : 'full' );
559 if ( $permErrors ) {
560 wfDebug( __METHOD__ . ": User can't edit\n" );
561 // Auto-block user's IP if the account was "hard" blocked
562 if ( !wfReadOnly() ) {
563 $user = $wgUser;
564 DeferredUpdates::addCallableUpdate( function () use ( $user ) {
565 $user->spreadAnyEditBlock();
566 } );
567 }
568 $this->displayPermissionsError( $permErrors );
569
570 return;
571 }
572
573 $revision = $this->mArticle->getRevisionFetched();
574 // Disallow editing revisions with content models different from the current one
575 // Undo edits being an exception in order to allow reverting content model changes.
576 if ( $revision
577 && $revision->getContentModel() !== $this->contentModel
578 ) {
579 $prevRev = null;
580 if ( $this->undidRev ) {
581 $undidRevObj = Revision::newFromId( $this->undidRev );
582 $prevRev = $undidRevObj ? $undidRevObj->getPrevious() : null;
583 }
584 if ( !$this->undidRev
585 || !$prevRev
586 || $prevRev->getContentModel() !== $this->contentModel
587 ) {
588 $this->displayViewSourcePage(
589 $this->getContentObject(),
590 $this->context->msg(
591 'contentmodelediterror',
592 $revision->getContentModel(),
593 $this->contentModel
594 )->plain()
595 );
596 return;
597 }
598 }
599
600 $this->isConflict = false;
601 // css / js subpages of user pages get a special treatment
602 $this->isCssJsSubpage = $this->mTitle->isCssJsSubpage();
603 $this->isCssSubpage = $this->mTitle->isCssSubpage();
604 $this->isJsSubpage = $this->mTitle->isJsSubpage();
605 // @todo FIXME: Silly assignment.
606 $this->isWrongCaseCssJsPage = $this->isWrongCaseCssJsPage();
607
608 # Show applicable editing introductions
609 if ( $this->formtype == 'initial' || $this->firsttime ) {
610 $this->showIntro();
611 }
612
613 # Attempt submission here. This will check for edit conflicts,
614 # and redundantly check for locked database, blocked IPs, etc.
615 # that edit() already checked just in case someone tries to sneak
616 # in the back door with a hand-edited submission URL.
617
618 if ( 'save' == $this->formtype ) {
619 $resultDetails = null;
620 $status = $this->attemptSave( $resultDetails );
621 if ( !$this->handleStatus( $status, $resultDetails ) ) {
622 return;
623 }
624 }
625
626 # First time through: get contents, set time for conflict
627 # checking, etc.
628 if ( 'initial' == $this->formtype || $this->firsttime ) {
629 if ( $this->initialiseForm() === false ) {
630 $this->noSuchSectionPage();
631 return;
632 }
633
634 if ( !$this->mTitle->getArticleID() ) {
635 Hooks::run( 'EditFormPreloadText', [ &$this->textbox1, &$this->mTitle ] );
636 } else {
637 Hooks::run( 'EditFormInitialText', [ $this ] );
638 }
639
640 }
641
642 $this->showEditForm();
643 }
644
645 /**
646 * @param string $rigor Same format as Title::getUserPermissionErrors()
647 * @return array
648 */
649 protected function getEditPermissionErrors( $rigor = 'secure' ) {
650 global $wgUser;
651
652 $permErrors = $this->mTitle->getUserPermissionsErrors( 'edit', $wgUser, $rigor );
653 # Can this title be created?
654 if ( !$this->mTitle->exists() ) {
655 $permErrors = array_merge(
656 $permErrors,
657 wfArrayDiff2(
658 $this->mTitle->getUserPermissionsErrors( 'create', $wgUser, $rigor ),
659 $permErrors
660 )
661 );
662 }
663 # Ignore some permissions errors when a user is just previewing/viewing diffs
664 $remove = [];
665 foreach ( $permErrors as $error ) {
666 if ( ( $this->preview || $this->diff )
667 && (
668 $error[0] == 'blockedtext' ||
669 $error[0] == 'autoblockedtext' ||
670 $error[0] == 'systemblockedtext'
671 )
672 ) {
673 $remove[] = $error;
674 }
675 }
676 $permErrors = wfArrayDiff2( $permErrors, $remove );
677
678 return $permErrors;
679 }
680
681 /**
682 * Display a permissions error page, like OutputPage::showPermissionsErrorPage(),
683 * but with the following differences:
684 * - If redlink=1, the user will be redirected to the page
685 * - If there is content to display or the error occurs while either saving,
686 * previewing or showing the difference, it will be a
687 * "View source for ..." page displaying the source code after the error message.
688 *
689 * @since 1.19
690 * @param array $permErrors Array of permissions errors, as returned by
691 * Title::getUserPermissionsErrors().
692 * @throws PermissionsError
693 */
694 protected function displayPermissionsError( array $permErrors ) {
695 global $wgRequest, $wgOut;
696
697 if ( $wgRequest->getBool( 'redlink' ) ) {
698 // The edit page was reached via a red link.
699 // Redirect to the article page and let them click the edit tab if
700 // they really want a permission error.
701 $wgOut->redirect( $this->mTitle->getFullURL() );
702 return;
703 }
704
705 $content = $this->getContentObject();
706
707 # Use the normal message if there's nothing to display
708 if ( $this->firsttime && ( !$content || $content->isEmpty() ) ) {
709 $action = $this->mTitle->exists() ? 'edit' :
710 ( $this->mTitle->isTalkPage() ? 'createtalk' : 'createpage' );
711 throw new PermissionsError( $action, $permErrors );
712 }
713
714 $this->displayViewSourcePage(
715 $content,
716 $wgOut->formatPermissionsErrorMessage( $permErrors, 'edit' )
717 );
718 }
719
720 /**
721 * Display a read-only View Source page
722 * @param Content $content content object
723 * @param string $errorMessage additional wikitext error message to display
724 */
725 protected function displayViewSourcePage( Content $content, $errorMessage = '' ) {
726 global $wgOut;
727
728 Hooks::run( 'EditPage::showReadOnlyForm:initial', [ $this, &$wgOut ] );
729
730 $wgOut->setRobotPolicy( 'noindex,nofollow' );
731 $wgOut->setPageTitle( $this->context->msg(
732 'viewsource-title',
733 $this->getContextTitle()->getPrefixedText()
734 ) );
735 $wgOut->addBacklinkSubtitle( $this->getContextTitle() );
736 $wgOut->addHTML( $this->editFormPageTop );
737 $wgOut->addHTML( $this->editFormTextTop );
738
739 if ( $errorMessage !== '' ) {
740 $wgOut->addWikiText( $errorMessage );
741 $wgOut->addHTML( "<hr />\n" );
742 }
743
744 # If the user made changes, preserve them when showing the markup
745 # (This happens when a user is blocked during edit, for instance)
746 if ( !$this->firsttime ) {
747 $text = $this->textbox1;
748 $wgOut->addWikiMsg( 'viewyourtext' );
749 } else {
750 try {
751 $text = $this->toEditText( $content );
752 } catch ( MWException $e ) {
753 # Serialize using the default format if the content model is not supported
754 # (e.g. for an old revision with a different model)
755 $text = $content->serialize();
756 }
757 $wgOut->addWikiMsg( 'viewsourcetext' );
758 }
759
760 $wgOut->addHTML( $this->editFormTextBeforeContent );
761 $this->showTextbox( $text, 'wpTextbox1', [ 'readonly' ] );
762 $wgOut->addHTML( $this->editFormTextAfterContent );
763
764 $wgOut->addHTML( $this->makeTemplatesOnThisPageList( $this->getTemplates() ) );
765
766 $wgOut->addModules( 'mediawiki.action.edit.collapsibleFooter' );
767
768 $wgOut->addHTML( $this->editFormTextBottom );
769 if ( $this->mTitle->exists() ) {
770 $wgOut->returnToMain( null, $this->mTitle );
771 }
772 }
773
774 /**
775 * Should we show a preview when the edit form is first shown?
776 *
777 * @return bool
778 */
779 protected function previewOnOpen() {
780 global $wgRequest, $wgUser, $wgPreviewOnOpenNamespaces;
781 if ( $wgRequest->getVal( 'preview' ) == 'yes' ) {
782 // Explicit override from request
783 return true;
784 } elseif ( $wgRequest->getVal( 'preview' ) == 'no' ) {
785 // Explicit override from request
786 return false;
787 } elseif ( $this->section == 'new' ) {
788 // Nothing *to* preview for new sections
789 return false;
790 } elseif ( ( $wgRequest->getVal( 'preload' ) !== null || $this->mTitle->exists() )
791 && $wgUser->getOption( 'previewonfirst' )
792 ) {
793 // Standard preference behavior
794 return true;
795 } elseif ( !$this->mTitle->exists()
796 && isset( $wgPreviewOnOpenNamespaces[$this->mTitle->getNamespace()] )
797 && $wgPreviewOnOpenNamespaces[$this->mTitle->getNamespace()]
798 ) {
799 // Categories are special
800 return true;
801 } else {
802 return false;
803 }
804 }
805
806 /**
807 * Checks whether the user entered a skin name in uppercase,
808 * e.g. "User:Example/Monobook.css" instead of "monobook.css"
809 *
810 * @return bool
811 */
812 protected function isWrongCaseCssJsPage() {
813 if ( $this->mTitle->isCssJsSubpage() ) {
814 $name = $this->mTitle->getSkinFromCssJsSubpage();
815 $skins = array_merge(
816 array_keys( Skin::getSkinNames() ),
817 [ 'common' ]
818 );
819 return !in_array( $name, $skins )
820 && in_array( strtolower( $name ), $skins );
821 } else {
822 return false;
823 }
824 }
825
826 /**
827 * Returns whether section editing is supported for the current page.
828 * Subclasses may override this to replace the default behavior, which is
829 * to check ContentHandler::supportsSections.
830 *
831 * @return bool True if this edit page supports sections, false otherwise.
832 */
833 protected function isSectionEditSupported() {
834 $contentHandler = ContentHandler::getForTitle( $this->mTitle );
835 return $contentHandler->supportsSections();
836 }
837
838 /**
839 * This function collects the form data and uses it to populate various member variables.
840 * @param WebRequest $request
841 * @throws ErrorPageError
842 */
843 public function importFormData( &$request ) {
844 global $wgContLang, $wgUser;
845
846 # Section edit can come from either the form or a link
847 $this->section = $request->getVal( 'wpSection', $request->getVal( 'section' ) );
848
849 if ( $this->section !== null && $this->section !== '' && !$this->isSectionEditSupported() ) {
850 throw new ErrorPageError( 'sectioneditnotsupported-title', 'sectioneditnotsupported-text' );
851 }
852
853 $this->isNew = !$this->mTitle->exists() || $this->section == 'new';
854
855 if ( $request->wasPosted() ) {
856 # These fields need to be checked for encoding.
857 # Also remove trailing whitespace, but don't remove _initial_
858 # whitespace from the text boxes. This may be significant formatting.
859 $this->textbox1 = $this->safeUnicodeInput( $request, 'wpTextbox1' );
860 if ( !$request->getCheck( 'wpTextbox2' ) ) {
861 // Skip this if wpTextbox2 has input, it indicates that we came
862 // from a conflict page with raw page text, not a custom form
863 // modified by subclasses
864 $textbox1 = $this->importContentFormData( $request );
865 if ( $textbox1 !== null ) {
866 $this->textbox1 = $textbox1;
867 }
868 }
869
870 # Truncate for whole multibyte characters
871 $this->summary = $wgContLang->truncate( $request->getText( 'wpSummary' ), 255 );
872
873 # If the summary consists of a heading, e.g. '==Foobar==', extract the title from the
874 # header syntax, e.g. 'Foobar'. This is mainly an issue when we are using wpSummary for
875 # section titles.
876 $this->summary = preg_replace( '/^\s*=+\s*(.*?)\s*=+\s*$/', '$1', $this->summary );
877
878 # Treat sectiontitle the same way as summary.
879 # Note that wpSectionTitle is not yet a part of the actual edit form, as wpSummary is
880 # currently doing double duty as both edit summary and section title. Right now this
881 # is just to allow API edits to work around this limitation, but this should be
882 # incorporated into the actual edit form when EditPage is rewritten (Bugs 18654, 26312).
883 $this->sectiontitle = $wgContLang->truncate( $request->getText( 'wpSectionTitle' ), 255 );
884 $this->sectiontitle = preg_replace( '/^\s*=+\s*(.*?)\s*=+\s*$/', '$1', $this->sectiontitle );
885
886 $this->edittime = $request->getVal( 'wpEdittime' );
887 $this->editRevId = $request->getIntOrNull( 'editRevId' );
888 $this->starttime = $request->getVal( 'wpStarttime' );
889
890 $undidRev = $request->getInt( 'wpUndidRevision' );
891 if ( $undidRev ) {
892 $this->undidRev = $undidRev;
893 }
894
895 $this->scrolltop = $request->getIntOrNull( 'wpScrolltop' );
896
897 if ( $this->textbox1 === '' && $request->getVal( 'wpTextbox1' ) === null ) {
898 // wpTextbox1 field is missing, possibly due to being "too big"
899 // according to some filter rules such as Suhosin's setting for
900 // suhosin.request.max_value_length (d'oh)
901 $this->incompleteForm = true;
902 } else {
903 // If we receive the last parameter of the request, we can fairly
904 // claim the POST request has not been truncated.
905
906 // TODO: softened the check for cutover. Once we determine
907 // that it is safe, we should complete the transition by
908 // removing the "edittime" clause.
909 $this->incompleteForm = ( !$request->getVal( 'wpUltimateParam' )
910 && is_null( $this->edittime ) );
911 }
912 if ( $this->incompleteForm ) {
913 # If the form is incomplete, force to preview.
914 wfDebug( __METHOD__ . ": Form data appears to be incomplete\n" );
915 wfDebug( "POST DATA: " . var_export( $_POST, true ) . "\n" );
916 $this->preview = true;
917 } else {
918 $this->preview = $request->getCheck( 'wpPreview' );
919 $this->diff = $request->getCheck( 'wpDiff' );
920
921 // Remember whether a save was requested, so we can indicate
922 // if we forced preview due to session failure.
923 $this->mTriedSave = !$this->preview;
924
925 if ( $this->tokenOk( $request ) ) {
926 # Some browsers will not report any submit button
927 # if the user hits enter in the comment box.
928 # The unmarked state will be assumed to be a save,
929 # if the form seems otherwise complete.
930 wfDebug( __METHOD__ . ": Passed token check.\n" );
931 } elseif ( $this->diff ) {
932 # Failed token check, but only requested "Show Changes".
933 wfDebug( __METHOD__ . ": Failed token check; Show Changes requested.\n" );
934 } else {
935 # Page might be a hack attempt posted from
936 # an external site. Preview instead of saving.
937 wfDebug( __METHOD__ . ": Failed token check; forcing preview\n" );
938 $this->preview = true;
939 }
940 }
941 $this->save = !$this->preview && !$this->diff;
942 if ( !preg_match( '/^\d{14}$/', $this->edittime ) ) {
943 $this->edittime = null;
944 }
945
946 if ( !preg_match( '/^\d{14}$/', $this->starttime ) ) {
947 $this->starttime = null;
948 }
949
950 $this->recreate = $request->getCheck( 'wpRecreate' );
951
952 $this->minoredit = $request->getCheck( 'wpMinoredit' );
953 $this->watchthis = $request->getCheck( 'wpWatchthis' );
954
955 # Don't force edit summaries when a user is editing their own user or talk page
956 if ( ( $this->mTitle->mNamespace == NS_USER || $this->mTitle->mNamespace == NS_USER_TALK )
957 && $this->mTitle->getText() == $wgUser->getName()
958 ) {
959 $this->allowBlankSummary = true;
960 } else {
961 $this->allowBlankSummary = $request->getBool( 'wpIgnoreBlankSummary' )
962 || !$wgUser->getOption( 'forceeditsummary' );
963 }
964
965 $this->autoSumm = $request->getText( 'wpAutoSummary' );
966
967 $this->allowBlankArticle = $request->getBool( 'wpIgnoreBlankArticle' );
968 $this->allowSelfRedirect = $request->getBool( 'wpIgnoreSelfRedirect' );
969
970 $changeTags = $request->getVal( 'wpChangeTags' );
971 if ( is_null( $changeTags ) || $changeTags === '' ) {
972 $this->changeTags = [];
973 } else {
974 $this->changeTags = array_filter( array_map( 'trim', explode( ',',
975 $changeTags ) ) );
976 }
977 } else {
978 # Not a posted form? Start with nothing.
979 wfDebug( __METHOD__ . ": Not a posted form.\n" );
980 $this->textbox1 = '';
981 $this->summary = '';
982 $this->sectiontitle = '';
983 $this->edittime = '';
984 $this->editRevId = null;
985 $this->starttime = wfTimestampNow();
986 $this->edit = false;
987 $this->preview = false;
988 $this->save = false;
989 $this->diff = false;
990 $this->minoredit = false;
991 // Watch may be overridden by request parameters
992 $this->watchthis = $request->getBool( 'watchthis', false );
993 $this->recreate = false;
994
995 // When creating a new section, we can preload a section title by passing it as the
996 // preloadtitle parameter in the URL (T15100)
997 if ( $this->section == 'new' && $request->getVal( 'preloadtitle' ) ) {
998 $this->sectiontitle = $request->getVal( 'preloadtitle' );
999 // Once wpSummary isn't being use for setting section titles, we should delete this.
1000 $this->summary = $request->getVal( 'preloadtitle' );
1001 } elseif ( $this->section != 'new' && $request->getVal( 'summary' ) ) {
1002 $this->summary = $request->getText( 'summary' );
1003 if ( $this->summary !== '' ) {
1004 $this->hasPresetSummary = true;
1005 }
1006 }
1007
1008 if ( $request->getVal( 'minor' ) ) {
1009 $this->minoredit = true;
1010 }
1011 }
1012
1013 $this->oldid = $request->getInt( 'oldid' );
1014 $this->parentRevId = $request->getInt( 'parentRevId' );
1015
1016 $this->bot = $request->getBool( 'bot', true );
1017 $this->nosummary = $request->getBool( 'nosummary' );
1018
1019 // May be overridden by revision.
1020 $this->contentModel = $request->getText( 'model', $this->contentModel );
1021 // May be overridden by revision.
1022 $this->contentFormat = $request->getText( 'format', $this->contentFormat );
1023
1024 try {
1025 $handler = ContentHandler::getForModelID( $this->contentModel );
1026 } catch ( MWUnknownContentModelException $e ) {
1027 throw new ErrorPageError(
1028 'editpage-invalidcontentmodel-title',
1029 'editpage-invalidcontentmodel-text',
1030 [ $this->contentModel ]
1031 );
1032 }
1033
1034 if ( !$handler->isSupportedFormat( $this->contentFormat ) ) {
1035 throw new ErrorPageError(
1036 'editpage-notsupportedcontentformat-title',
1037 'editpage-notsupportedcontentformat-text',
1038 [ $this->contentFormat, ContentHandler::getLocalizedName( $this->contentModel ) ]
1039 );
1040 }
1041
1042 /**
1043 * @todo Check if the desired model is allowed in this namespace, and if
1044 * a transition from the page's current model to the new model is
1045 * allowed.
1046 */
1047
1048 $this->editintro = $request->getText( 'editintro',
1049 // Custom edit intro for new sections
1050 $this->section === 'new' ? 'MediaWiki:addsection-editintro' : '' );
1051
1052 // Allow extensions to modify form data
1053 Hooks::run( 'EditPage::importFormData', [ $this, $request ] );
1054 }
1055
1056 /**
1057 * Subpage overridable method for extracting the page content data from the
1058 * posted form to be placed in $this->textbox1, if using customized input
1059 * this method should be overridden and return the page text that will be used
1060 * for saving, preview parsing and so on...
1061 *
1062 * @param WebRequest $request
1063 * @return string|null
1064 */
1065 protected function importContentFormData( &$request ) {
1066 return; // Don't do anything, EditPage already extracted wpTextbox1
1067 }
1068
1069 /**
1070 * Initialise form fields in the object
1071 * Called on the first invocation, e.g. when a user clicks an edit link
1072 * @return bool If the requested section is valid
1073 */
1074 public function initialiseForm() {
1075 global $wgUser;
1076 $this->edittime = $this->page->getTimestamp();
1077 $this->editRevId = $this->page->getLatest();
1078
1079 $content = $this->getContentObject( false ); # TODO: track content object?!
1080 if ( $content === false ) {
1081 return false;
1082 }
1083 $this->textbox1 = $this->toEditText( $content );
1084
1085 // activate checkboxes if user wants them to be always active
1086 # Sort out the "watch" checkbox
1087 if ( $wgUser->getOption( 'watchdefault' ) ) {
1088 # Watch all edits
1089 $this->watchthis = true;
1090 } elseif ( $wgUser->getOption( 'watchcreations' ) && !$this->mTitle->exists() ) {
1091 # Watch creations
1092 $this->watchthis = true;
1093 } elseif ( $wgUser->isWatched( $this->mTitle ) ) {
1094 # Already watched
1095 $this->watchthis = true;
1096 }
1097 if ( $wgUser->getOption( 'minordefault' ) && !$this->isNew ) {
1098 $this->minoredit = true;
1099 }
1100 if ( $this->textbox1 === false ) {
1101 return false;
1102 }
1103 return true;
1104 }
1105
1106 /**
1107 * @param Content|null $def_content The default value to return
1108 *
1109 * @return Content|null Content on success, $def_content for invalid sections
1110 *
1111 * @since 1.21
1112 */
1113 protected function getContentObject( $def_content = null ) {
1114 global $wgOut, $wgRequest, $wgUser, $wgContLang;
1115
1116 $content = false;
1117
1118 // For message page not locally set, use the i18n message.
1119 // For other non-existent articles, use preload text if any.
1120 if ( !$this->mTitle->exists() || $this->section == 'new' ) {
1121 if ( $this->mTitle->getNamespace() == NS_MEDIAWIKI && $this->section != 'new' ) {
1122 # If this is a system message, get the default text.
1123 $msg = $this->mTitle->getDefaultMessageText();
1124
1125 $content = $this->toEditContent( $msg );
1126 }
1127 if ( $content === false ) {
1128 # If requested, preload some text.
1129 $preload = $wgRequest->getVal( 'preload',
1130 // Custom preload text for new sections
1131 $this->section === 'new' ? 'MediaWiki:addsection-preload' : '' );
1132 $params = $wgRequest->getArray( 'preloadparams', [] );
1133
1134 $content = $this->getPreloadedContent( $preload, $params );
1135 }
1136 // For existing pages, get text based on "undo" or section parameters.
1137 } else {
1138 if ( $this->section != '' ) {
1139 // Get section edit text (returns $def_text for invalid sections)
1140 $orig = $this->getOriginalContent( $wgUser );
1141 $content = $orig ? $orig->getSection( $this->section ) : null;
1142
1143 if ( !$content ) {
1144 $content = $def_content;
1145 }
1146 } else {
1147 $undoafter = $wgRequest->getInt( 'undoafter' );
1148 $undo = $wgRequest->getInt( 'undo' );
1149
1150 if ( $undo > 0 && $undoafter > 0 ) {
1151 $undorev = Revision::newFromId( $undo );
1152 $oldrev = Revision::newFromId( $undoafter );
1153
1154 # Sanity check, make sure it's the right page,
1155 # the revisions exist and they were not deleted.
1156 # Otherwise, $content will be left as-is.
1157 if ( !is_null( $undorev ) && !is_null( $oldrev ) &&
1158 !$undorev->isDeleted( Revision::DELETED_TEXT ) &&
1159 !$oldrev->isDeleted( Revision::DELETED_TEXT )
1160 ) {
1161 $content = $this->page->getUndoContent( $undorev, $oldrev );
1162
1163 if ( $content === false ) {
1164 # Warn the user that something went wrong
1165 $undoMsg = 'failure';
1166 } else {
1167 $oldContent = $this->page->getContent( Revision::RAW );
1168 $popts = ParserOptions::newFromUserAndLang( $wgUser, $wgContLang );
1169 $newContent = $content->preSaveTransform( $this->mTitle, $wgUser, $popts );
1170 if ( $newContent->getModel() !== $oldContent->getModel() ) {
1171 // The undo may change content
1172 // model if its reverting the top
1173 // edit. This can result in
1174 // mismatched content model/format.
1175 $this->contentModel = $newContent->getModel();
1176 $this->contentFormat = $oldrev->getContentFormat();
1177 }
1178
1179 if ( $newContent->equals( $oldContent ) ) {
1180 # Tell the user that the undo results in no change,
1181 # i.e. the revisions were already undone.
1182 $undoMsg = 'nochange';
1183 $content = false;
1184 } else {
1185 # Inform the user of our success and set an automatic edit summary
1186 $undoMsg = 'success';
1187
1188 # If we just undid one rev, use an autosummary
1189 $firstrev = $oldrev->getNext();
1190 if ( $firstrev && $firstrev->getId() == $undo ) {
1191 $userText = $undorev->getUserText();
1192 if ( $userText === '' ) {
1193 $undoSummary = $this->context->msg(
1194 'undo-summary-username-hidden',
1195 $undo
1196 )->inContentLanguage()->text();
1197 } else {
1198 $undoSummary = $this->context->msg(
1199 'undo-summary',
1200 $undo,
1201 $userText
1202 )->inContentLanguage()->text();
1203 }
1204 if ( $this->summary === '' ) {
1205 $this->summary = $undoSummary;
1206 } else {
1207 $this->summary = $undoSummary . $this->context->msg( 'colon-separator' )
1208 ->inContentLanguage()->text() . $this->summary;
1209 }
1210 $this->undidRev = $undo;
1211 }
1212 $this->formtype = 'diff';
1213 }
1214 }
1215 } else {
1216 // Failed basic sanity checks.
1217 // Older revisions may have been removed since the link
1218 // was created, or we may simply have got bogus input.
1219 $undoMsg = 'norev';
1220 }
1221
1222 // Messages: undo-success, undo-failure, undo-norev, undo-nochange
1223 $class = ( $undoMsg == 'success' ? '' : 'error ' ) . "mw-undo-{$undoMsg}";
1224 $this->editFormPageTop .= $wgOut->parse( "<div class=\"{$class}\">" .
1225 $this->context->msg( 'undo-' . $undoMsg )->plain() . '</div>', true, /* interface */true );
1226 }
1227
1228 if ( $content === false ) {
1229 $content = $this->getOriginalContent( $wgUser );
1230 }
1231 }
1232 }
1233
1234 return $content;
1235 }
1236
1237 /**
1238 * Get the content of the wanted revision, without section extraction.
1239 *
1240 * The result of this function can be used to compare user's input with
1241 * section replaced in its context (using WikiPage::replaceSectionAtRev())
1242 * to the original text of the edit.
1243 *
1244 * This differs from Article::getContent() that when a missing revision is
1245 * encountered the result will be null and not the
1246 * 'missing-revision' message.
1247 *
1248 * @since 1.19
1249 * @param User $user The user to get the revision for
1250 * @return Content|null
1251 */
1252 private function getOriginalContent( User $user ) {
1253 if ( $this->section == 'new' ) {
1254 return $this->getCurrentContent();
1255 }
1256 $revision = $this->mArticle->getRevisionFetched();
1257 if ( $revision === null ) {
1258 $handler = ContentHandler::getForModelID( $this->contentModel );
1259 return $handler->makeEmptyContent();
1260 }
1261 $content = $revision->getContent( Revision::FOR_THIS_USER, $user );
1262 return $content;
1263 }
1264
1265 /**
1266 * Get the edit's parent revision ID
1267 *
1268 * The "parent" revision is the ancestor that should be recorded in this
1269 * page's revision history. It is either the revision ID of the in-memory
1270 * article content, or in the case of a 3-way merge in order to rebase
1271 * across a recoverable edit conflict, the ID of the newer revision to
1272 * which we have rebased this page.
1273 *
1274 * @since 1.27
1275 * @return int Revision ID
1276 */
1277 public function getParentRevId() {
1278 if ( $this->parentRevId ) {
1279 return $this->parentRevId;
1280 } else {
1281 return $this->mArticle->getRevIdFetched();
1282 }
1283 }
1284
1285 /**
1286 * Get the current content of the page. This is basically similar to
1287 * WikiPage::getContent( Revision::RAW ) except that when the page doesn't exist an empty
1288 * content object is returned instead of null.
1289 *
1290 * @since 1.21
1291 * @return Content
1292 */
1293 protected function getCurrentContent() {
1294 $rev = $this->page->getRevision();
1295 $content = $rev ? $rev->getContent( Revision::RAW ) : null;
1296
1297 if ( $content === false || $content === null ) {
1298 $handler = ContentHandler::getForModelID( $this->contentModel );
1299 return $handler->makeEmptyContent();
1300 } elseif ( !$this->undidRev ) {
1301 // Content models should always be the same since we error
1302 // out if they are different before this point (in ->edit()).
1303 // The exception being, during an undo, the current revision might
1304 // differ from the prior revision.
1305 $logger = LoggerFactory::getInstance( 'editpage' );
1306 if ( $this->contentModel !== $rev->getContentModel() ) {
1307 $logger->warning( "Overriding content model from current edit {prev} to {new}", [
1308 'prev' => $this->contentModel,
1309 'new' => $rev->getContentModel(),
1310 'title' => $this->getTitle()->getPrefixedDBkey(),
1311 'method' => __METHOD__
1312 ] );
1313 $this->contentModel = $rev->getContentModel();
1314 }
1315
1316 // Given that the content models should match, the current selected
1317 // format should be supported.
1318 if ( !$content->isSupportedFormat( $this->contentFormat ) ) {
1319 $logger->warning( "Current revision content format unsupported. Overriding {prev} to {new}", [
1320
1321 'prev' => $this->contentFormat,
1322 'new' => $rev->getContentFormat(),
1323 'title' => $this->getTitle()->getPrefixedDBkey(),
1324 'method' => __METHOD__
1325 ] );
1326 $this->contentFormat = $rev->getContentFormat();
1327 }
1328 }
1329 return $content;
1330 }
1331
1332 /**
1333 * Use this method before edit() to preload some content into the edit box
1334 *
1335 * @param Content $content
1336 *
1337 * @since 1.21
1338 */
1339 public function setPreloadedContent( Content $content ) {
1340 $this->mPreloadContent = $content;
1341 }
1342
1343 /**
1344 * Get the contents to be preloaded into the box, either set by
1345 * an earlier setPreloadText() or by loading the given page.
1346 *
1347 * @param string $preload Representing the title to preload from.
1348 * @param array $params Parameters to use (interface-message style) in the preloaded text
1349 *
1350 * @return Content
1351 *
1352 * @since 1.21
1353 */
1354 protected function getPreloadedContent( $preload, $params = [] ) {
1355 global $wgUser;
1356
1357 if ( !empty( $this->mPreloadContent ) ) {
1358 return $this->mPreloadContent;
1359 }
1360
1361 $handler = ContentHandler::getForModelID( $this->contentModel );
1362
1363 if ( $preload === '' ) {
1364 return $handler->makeEmptyContent();
1365 }
1366
1367 $title = Title::newFromText( $preload );
1368 # Check for existence to avoid getting MediaWiki:Noarticletext
1369 if ( $title === null || !$title->exists() || !$title->userCan( 'read', $wgUser ) ) {
1370 // TODO: somehow show a warning to the user!
1371 return $handler->makeEmptyContent();
1372 }
1373
1374 $page = WikiPage::factory( $title );
1375 if ( $page->isRedirect() ) {
1376 $title = $page->getRedirectTarget();
1377 # Same as before
1378 if ( $title === null || !$title->exists() || !$title->userCan( 'read', $wgUser ) ) {
1379 // TODO: somehow show a warning to the user!
1380 return $handler->makeEmptyContent();
1381 }
1382 $page = WikiPage::factory( $title );
1383 }
1384
1385 $parserOptions = ParserOptions::newFromUser( $wgUser );
1386 $content = $page->getContent( Revision::RAW );
1387
1388 if ( !$content ) {
1389 // TODO: somehow show a warning to the user!
1390 return $handler->makeEmptyContent();
1391 }
1392
1393 if ( $content->getModel() !== $handler->getModelID() ) {
1394 $converted = $content->convert( $handler->getModelID() );
1395
1396 if ( !$converted ) {
1397 // TODO: somehow show a warning to the user!
1398 wfDebug( "Attempt to preload incompatible content: " .
1399 "can't convert " . $content->getModel() .
1400 " to " . $handler->getModelID() );
1401
1402 return $handler->makeEmptyContent();
1403 }
1404
1405 $content = $converted;
1406 }
1407
1408 return $content->preloadTransform( $title, $parserOptions, $params );
1409 }
1410
1411 /**
1412 * Make sure the form isn't faking a user's credentials.
1413 *
1414 * @param WebRequest $request
1415 * @return bool
1416 * @private
1417 */
1418 public function tokenOk( &$request ) {
1419 global $wgUser;
1420 $token = $request->getVal( 'wpEditToken' );
1421 $this->mTokenOk = $wgUser->matchEditToken( $token );
1422 $this->mTokenOkExceptSuffix = $wgUser->matchEditTokenNoSuffix( $token );
1423 return $this->mTokenOk;
1424 }
1425
1426 /**
1427 * Sets post-edit cookie indicating the user just saved a particular revision.
1428 *
1429 * This uses a temporary cookie for each revision ID so separate saves will never
1430 * interfere with each other.
1431 *
1432 * The cookie is deleted in the mediawiki.action.view.postEdit JS module after
1433 * the redirect. It must be clearable by JavaScript code, so it must not be
1434 * marked HttpOnly. The JavaScript code converts the cookie to a wgPostEdit config
1435 * variable.
1436 *
1437 * If the variable were set on the server, it would be cached, which is unwanted
1438 * since the post-edit state should only apply to the load right after the save.
1439 *
1440 * @param int $statusValue The status value (to check for new article status)
1441 */
1442 protected function setPostEditCookie( $statusValue ) {
1443 $revisionId = $this->page->getLatest();
1444 $postEditKey = self::POST_EDIT_COOKIE_KEY_PREFIX . $revisionId;
1445
1446 $val = 'saved';
1447 if ( $statusValue == self::AS_SUCCESS_NEW_ARTICLE ) {
1448 $val = 'created';
1449 } elseif ( $this->oldid ) {
1450 $val = 'restored';
1451 }
1452
1453 $response = RequestContext::getMain()->getRequest()->response();
1454 $response->setCookie( $postEditKey, $val, time() + self::POST_EDIT_COOKIE_DURATION, [
1455 'httpOnly' => false,
1456 ] );
1457 }
1458
1459 /**
1460 * Attempt submission
1461 * @param array|bool $resultDetails See docs for $result in internalAttemptSave
1462 * @throws UserBlockedError|ReadOnlyError|ThrottledError|PermissionsError
1463 * @return Status The resulting status object.
1464 */
1465 public function attemptSave( &$resultDetails = false ) {
1466 global $wgUser;
1467
1468 # Allow bots to exempt some edits from bot flagging
1469 $bot = $wgUser->isAllowed( 'bot' ) && $this->bot;
1470 $status = $this->internalAttemptSave( $resultDetails, $bot );
1471
1472 Hooks::run( 'EditPage::attemptSave:after', [ $this, $status, $resultDetails ] );
1473
1474 return $status;
1475 }
1476
1477 /**
1478 * Handle status, such as after attempt save
1479 *
1480 * @param Status $status
1481 * @param array|bool $resultDetails
1482 *
1483 * @throws ErrorPageError
1484 * @return bool False, if output is done, true if rest of the form should be displayed
1485 */
1486 private function handleStatus( Status $status, $resultDetails ) {
1487 global $wgUser, $wgOut;
1488
1489 /**
1490 * @todo FIXME: once the interface for internalAttemptSave() is made
1491 * nicer, this should use the message in $status
1492 */
1493 if ( $status->value == self::AS_SUCCESS_UPDATE
1494 || $status->value == self::AS_SUCCESS_NEW_ARTICLE
1495 ) {
1496 $this->didSave = true;
1497 if ( !$resultDetails['nullEdit'] ) {
1498 $this->setPostEditCookie( $status->value );
1499 }
1500 }
1501
1502 // "wpExtraQueryRedirect" is a hidden input to modify
1503 // after save URL and is not used by actual edit form
1504 $request = RequestContext::getMain()->getRequest();
1505 $extraQueryRedirect = $request->getVal( 'wpExtraQueryRedirect' );
1506
1507 switch ( $status->value ) {
1508 case self::AS_HOOK_ERROR_EXPECTED:
1509 case self::AS_CONTENT_TOO_BIG:
1510 case self::AS_ARTICLE_WAS_DELETED:
1511 case self::AS_CONFLICT_DETECTED:
1512 case self::AS_SUMMARY_NEEDED:
1513 case self::AS_TEXTBOX_EMPTY:
1514 case self::AS_MAX_ARTICLE_SIZE_EXCEEDED:
1515 case self::AS_END:
1516 case self::AS_BLANK_ARTICLE:
1517 case self::AS_SELF_REDIRECT:
1518 return true;
1519
1520 case self::AS_HOOK_ERROR:
1521 return false;
1522
1523 case self::AS_CANNOT_USE_CUSTOM_MODEL:
1524 case self::AS_PARSE_ERROR:
1525 $wgOut->addWikiText( '<div class="error">' . "\n" . $status->getWikiText() . '</div>' );
1526 return true;
1527
1528 case self::AS_SUCCESS_NEW_ARTICLE:
1529 $query = $resultDetails['redirect'] ? 'redirect=no' : '';
1530 if ( $extraQueryRedirect ) {
1531 if ( $query === '' ) {
1532 $query = $extraQueryRedirect;
1533 } else {
1534 $query = $query . '&' . $extraQueryRedirect;
1535 }
1536 }
1537 $anchor = isset( $resultDetails['sectionanchor'] ) ? $resultDetails['sectionanchor'] : '';
1538 $wgOut->redirect( $this->mTitle->getFullURL( $query ) . $anchor );
1539 return false;
1540
1541 case self::AS_SUCCESS_UPDATE:
1542 $extraQuery = '';
1543 $sectionanchor = $resultDetails['sectionanchor'];
1544
1545 // Give extensions a chance to modify URL query on update
1546 Hooks::run(
1547 'ArticleUpdateBeforeRedirect',
1548 [ $this->mArticle, &$sectionanchor, &$extraQuery ]
1549 );
1550
1551 if ( $resultDetails['redirect'] ) {
1552 if ( $extraQuery == '' ) {
1553 $extraQuery = 'redirect=no';
1554 } else {
1555 $extraQuery = 'redirect=no&' . $extraQuery;
1556 }
1557 }
1558 if ( $extraQueryRedirect ) {
1559 if ( $extraQuery === '' ) {
1560 $extraQuery = $extraQueryRedirect;
1561 } else {
1562 $extraQuery = $extraQuery . '&' . $extraQueryRedirect;
1563 }
1564 }
1565
1566 $wgOut->redirect( $this->mTitle->getFullURL( $extraQuery ) . $sectionanchor );
1567 return false;
1568
1569 case self::AS_SPAM_ERROR:
1570 $this->spamPageWithContent( $resultDetails['spam'] );
1571 return false;
1572
1573 case self::AS_BLOCKED_PAGE_FOR_USER:
1574 throw new UserBlockedError( $wgUser->getBlock() );
1575
1576 case self::AS_IMAGE_REDIRECT_ANON:
1577 case self::AS_IMAGE_REDIRECT_LOGGED:
1578 throw new PermissionsError( 'upload' );
1579
1580 case self::AS_READ_ONLY_PAGE_ANON:
1581 case self::AS_READ_ONLY_PAGE_LOGGED:
1582 throw new PermissionsError( 'edit' );
1583
1584 case self::AS_READ_ONLY_PAGE:
1585 throw new ReadOnlyError;
1586
1587 case self::AS_RATE_LIMITED:
1588 throw new ThrottledError();
1589
1590 case self::AS_NO_CREATE_PERMISSION:
1591 $permission = $this->mTitle->isTalkPage() ? 'createtalk' : 'createpage';
1592 throw new PermissionsError( $permission );
1593
1594 case self::AS_NO_CHANGE_CONTENT_MODEL:
1595 throw new PermissionsError( 'editcontentmodel' );
1596
1597 default:
1598 // We don't recognize $status->value. The only way that can happen
1599 // is if an extension hook aborted from inside ArticleSave.
1600 // Render the status object into $this->hookError
1601 // FIXME this sucks, we should just use the Status object throughout
1602 $this->hookError = '<div class="error">' ."\n" . $status->getWikiText() .
1603 '</div>';
1604 return true;
1605 }
1606 }
1607
1608 /**
1609 * Run hooks that can filter edits just before they get saved.
1610 *
1611 * @param Content $content The Content to filter.
1612 * @param Status $status For reporting the outcome to the caller
1613 * @param User $user The user performing the edit
1614 *
1615 * @return bool
1616 */
1617 protected function runPostMergeFilters( Content $content, Status $status, User $user ) {
1618 // Run old style post-section-merge edit filter
1619 if ( $this->hookError != '' ) {
1620 # ...or the hook could be expecting us to produce an error
1621 $status->fatal( 'hookaborted' );
1622 $status->value = self::AS_HOOK_ERROR_EXPECTED;
1623 return false;
1624 }
1625
1626 // Run new style post-section-merge edit filter
1627 if ( !Hooks::run( 'EditFilterMergedContent',
1628 [ $this->mArticle->getContext(), $content, $status, $this->summary,
1629 $user, $this->minoredit ] )
1630 ) {
1631 # Error messages etc. could be handled within the hook...
1632 if ( $status->isGood() ) {
1633 $status->fatal( 'hookaborted' );
1634 // Not setting $this->hookError here is a hack to allow the hook
1635 // to cause a return to the edit page without $this->hookError
1636 // being set. This is used by ConfirmEdit to display a captcha
1637 // without any error message cruft.
1638 } else {
1639 $this->hookError = $status->getWikiText();
1640 }
1641 // Use the existing $status->value if the hook set it
1642 if ( !$status->value ) {
1643 $status->value = self::AS_HOOK_ERROR;
1644 }
1645 return false;
1646 } elseif ( !$status->isOK() ) {
1647 # ...or the hook could be expecting us to produce an error
1648 // FIXME this sucks, we should just use the Status object throughout
1649 $this->hookError = $status->getWikiText();
1650 $status->fatal( 'hookaborted' );
1651 $status->value = self::AS_HOOK_ERROR_EXPECTED;
1652 return false;
1653 }
1654
1655 return true;
1656 }
1657
1658 /**
1659 * Return the summary to be used for a new section.
1660 *
1661 * @param string $sectionanchor Set to the section anchor text
1662 * @return string
1663 */
1664 private function newSectionSummary( &$sectionanchor = null ) {
1665 global $wgParser;
1666
1667 if ( $this->sectiontitle !== '' ) {
1668 $sectionanchor = $wgParser->guessLegacySectionNameFromWikiText( $this->sectiontitle );
1669 // If no edit summary was specified, create one automatically from the section
1670 // title and have it link to the new section. Otherwise, respect the summary as
1671 // passed.
1672 if ( $this->summary === '' ) {
1673 $cleanSectionTitle = $wgParser->stripSectionName( $this->sectiontitle );
1674 return $this->context->msg( 'newsectionsummary' )
1675 ->rawParams( $cleanSectionTitle )->inContentLanguage()->text();
1676 }
1677 } elseif ( $this->summary !== '' ) {
1678 $sectionanchor = $wgParser->guessLegacySectionNameFromWikiText( $this->summary );
1679 # This is a new section, so create a link to the new section
1680 # in the revision summary.
1681 $cleanSummary = $wgParser->stripSectionName( $this->summary );
1682 return $this->context->msg( 'newsectionsummary' )
1683 ->rawParams( $cleanSummary )->inContentLanguage()->text();
1684 }
1685 return $this->summary;
1686 }
1687
1688 /**
1689 * Attempt submission (no UI)
1690 *
1691 * @param array $result Array to add statuses to, currently with the
1692 * possible keys:
1693 * - spam (string): Spam string from content if any spam is detected by
1694 * matchSpamRegex.
1695 * - sectionanchor (string): Section anchor for a section save.
1696 * - nullEdit (boolean): Set if doEditContent is OK. True if null edit,
1697 * false otherwise.
1698 * - redirect (bool): Set if doEditContent is OK. True if resulting
1699 * revision is a redirect.
1700 * @param bool $bot True if edit is being made under the bot right.
1701 *
1702 * @return Status Status object, possibly with a message, but always with
1703 * one of the AS_* constants in $status->value,
1704 *
1705 * @todo FIXME: This interface is TERRIBLE, but hard to get rid of due to
1706 * various error display idiosyncrasies. There are also lots of cases
1707 * where error metadata is set in the object and retrieved later instead
1708 * of being returned, e.g. AS_CONTENT_TOO_BIG and
1709 * AS_BLOCKED_PAGE_FOR_USER. All that stuff needs to be cleaned up some
1710 * time.
1711 */
1712 public function internalAttemptSave( &$result, $bot = false ) {
1713 global $wgUser, $wgRequest, $wgParser, $wgMaxArticleSize;
1714 global $wgContentHandlerUseDB;
1715
1716 $status = Status::newGood();
1717
1718 if ( !Hooks::run( 'EditPage::attemptSave', [ $this ] ) ) {
1719 wfDebug( "Hook 'EditPage::attemptSave' aborted article saving\n" );
1720 $status->fatal( 'hookaborted' );
1721 $status->value = self::AS_HOOK_ERROR;
1722 return $status;
1723 }
1724
1725 $spam = $wgRequest->getText( 'wpAntispam' );
1726 if ( $spam !== '' ) {
1727 wfDebugLog(
1728 'SimpleAntiSpam',
1729 $wgUser->getName() .
1730 ' editing "' .
1731 $this->mTitle->getPrefixedText() .
1732 '" submitted bogus field "' .
1733 $spam .
1734 '"'
1735 );
1736 $status->fatal( 'spamprotectionmatch', false );
1737 $status->value = self::AS_SPAM_ERROR;
1738 return $status;
1739 }
1740
1741 try {
1742 # Construct Content object
1743 $textbox_content = $this->toEditContent( $this->textbox1 );
1744 } catch ( MWContentSerializationException $ex ) {
1745 $status->fatal(
1746 'content-failed-to-parse',
1747 $this->contentModel,
1748 $this->contentFormat,
1749 $ex->getMessage()
1750 );
1751 $status->value = self::AS_PARSE_ERROR;
1752 return $status;
1753 }
1754
1755 # Check image redirect
1756 if ( $this->mTitle->getNamespace() == NS_FILE &&
1757 $textbox_content->isRedirect() &&
1758 !$wgUser->isAllowed( 'upload' )
1759 ) {
1760 $code = $wgUser->isAnon() ? self::AS_IMAGE_REDIRECT_ANON : self::AS_IMAGE_REDIRECT_LOGGED;
1761 $status->setResult( false, $code );
1762
1763 return $status;
1764 }
1765
1766 # Check for spam
1767 $match = self::matchSummarySpamRegex( $this->summary );
1768 if ( $match === false && $this->section == 'new' ) {
1769 # $wgSpamRegex is enforced on this new heading/summary because, unlike
1770 # regular summaries, it is added to the actual wikitext.
1771 if ( $this->sectiontitle !== '' ) {
1772 # This branch is taken when the API is used with the 'sectiontitle' parameter.
1773 $match = self::matchSpamRegex( $this->sectiontitle );
1774 } else {
1775 # This branch is taken when the "Add Topic" user interface is used, or the API
1776 # is used with the 'summary' parameter.
1777 $match = self::matchSpamRegex( $this->summary );
1778 }
1779 }
1780 if ( $match === false ) {
1781 $match = self::matchSpamRegex( $this->textbox1 );
1782 }
1783 if ( $match !== false ) {
1784 $result['spam'] = $match;
1785 $ip = $wgRequest->getIP();
1786 $pdbk = $this->mTitle->getPrefixedDBkey();
1787 $match = str_replace( "\n", '', $match );
1788 wfDebugLog( 'SpamRegex', "$ip spam regex hit [[$pdbk]]: \"$match\"" );
1789 $status->fatal( 'spamprotectionmatch', $match );
1790 $status->value = self::AS_SPAM_ERROR;
1791 return $status;
1792 }
1793 if ( !Hooks::run(
1794 'EditFilter',
1795 [ $this, $this->textbox1, $this->section, &$this->hookError, $this->summary ] )
1796 ) {
1797 # Error messages etc. could be handled within the hook...
1798 $status->fatal( 'hookaborted' );
1799 $status->value = self::AS_HOOK_ERROR;
1800 return $status;
1801 } elseif ( $this->hookError != '' ) {
1802 # ...or the hook could be expecting us to produce an error
1803 $status->fatal( 'hookaborted' );
1804 $status->value = self::AS_HOOK_ERROR_EXPECTED;
1805 return $status;
1806 }
1807
1808 if ( $wgUser->isBlockedFrom( $this->mTitle, false ) ) {
1809 // Auto-block user's IP if the account was "hard" blocked
1810 if ( !wfReadOnly() ) {
1811 $wgUser->spreadAnyEditBlock();
1812 }
1813 # Check block state against master, thus 'false'.
1814 $status->setResult( false, self::AS_BLOCKED_PAGE_FOR_USER );
1815 return $status;
1816 }
1817
1818 $this->contentLength = strlen( $this->textbox1 );
1819 if ( $this->contentLength > $wgMaxArticleSize * 1024 ) {
1820 // Error will be displayed by showEditForm()
1821 $this->tooBig = true;
1822 $status->setResult( false, self::AS_CONTENT_TOO_BIG );
1823 return $status;
1824 }
1825
1826 if ( !$wgUser->isAllowed( 'edit' ) ) {
1827 if ( $wgUser->isAnon() ) {
1828 $status->setResult( false, self::AS_READ_ONLY_PAGE_ANON );
1829 return $status;
1830 } else {
1831 $status->fatal( 'readonlytext' );
1832 $status->value = self::AS_READ_ONLY_PAGE_LOGGED;
1833 return $status;
1834 }
1835 }
1836
1837 $changingContentModel = false;
1838 if ( $this->contentModel !== $this->mTitle->getContentModel() ) {
1839 if ( !$wgContentHandlerUseDB ) {
1840 $status->fatal( 'editpage-cannot-use-custom-model' );
1841 $status->value = self::AS_CANNOT_USE_CUSTOM_MODEL;
1842 return $status;
1843 } elseif ( !$wgUser->isAllowed( 'editcontentmodel' ) ) {
1844 $status->setResult( false, self::AS_NO_CHANGE_CONTENT_MODEL );
1845 return $status;
1846 }
1847 // Make sure the user can edit the page under the new content model too
1848 $titleWithNewContentModel = clone $this->mTitle;
1849 $titleWithNewContentModel->setContentModel( $this->contentModel );
1850 if ( !$titleWithNewContentModel->userCan( 'editcontentmodel', $wgUser )
1851 || !$titleWithNewContentModel->userCan( 'edit', $wgUser )
1852 ) {
1853 $status->setResult( false, self::AS_NO_CHANGE_CONTENT_MODEL );
1854 return $status;
1855 }
1856
1857 $changingContentModel = true;
1858 $oldContentModel = $this->mTitle->getContentModel();
1859 }
1860
1861 if ( $this->changeTags ) {
1862 $changeTagsStatus = ChangeTags::canAddTagsAccompanyingChange(
1863 $this->changeTags, $wgUser );
1864 if ( !$changeTagsStatus->isOK() ) {
1865 $changeTagsStatus->value = self::AS_CHANGE_TAG_ERROR;
1866 return $changeTagsStatus;
1867 }
1868 }
1869
1870 if ( wfReadOnly() ) {
1871 $status->fatal( 'readonlytext' );
1872 $status->value = self::AS_READ_ONLY_PAGE;
1873 return $status;
1874 }
1875 if ( $wgUser->pingLimiter() || $wgUser->pingLimiter( 'linkpurge', 0 )
1876 || ( $changingContentModel && $wgUser->pingLimiter( 'editcontentmodel' ) )
1877 ) {
1878 $status->fatal( 'actionthrottledtext' );
1879 $status->value = self::AS_RATE_LIMITED;
1880 return $status;
1881 }
1882
1883 # If the article has been deleted while editing, don't save it without
1884 # confirmation
1885 if ( $this->wasDeletedSinceLastEdit() && !$this->recreate ) {
1886 $status->setResult( false, self::AS_ARTICLE_WAS_DELETED );
1887 return $status;
1888 }
1889
1890 # Load the page data from the master. If anything changes in the meantime,
1891 # we detect it by using page_latest like a token in a 1 try compare-and-swap.
1892 $this->page->loadPageData( 'fromdbmaster' );
1893 $new = !$this->page->exists();
1894
1895 if ( $new ) {
1896 // Late check for create permission, just in case *PARANOIA*
1897 if ( !$this->mTitle->userCan( 'create', $wgUser ) ) {
1898 $status->fatal( 'nocreatetext' );
1899 $status->value = self::AS_NO_CREATE_PERMISSION;
1900 wfDebug( __METHOD__ . ": no create permission\n" );
1901 return $status;
1902 }
1903
1904 // Don't save a new page if it's blank or if it's a MediaWiki:
1905 // message with content equivalent to default (allow empty pages
1906 // in this case to disable messages, see T52124)
1907 $defaultMessageText = $this->mTitle->getDefaultMessageText();
1908 if ( $this->mTitle->getNamespace() === NS_MEDIAWIKI && $defaultMessageText !== false ) {
1909 $defaultText = $defaultMessageText;
1910 } else {
1911 $defaultText = '';
1912 }
1913
1914 if ( !$this->allowBlankArticle && $this->textbox1 === $defaultText ) {
1915 $this->blankArticle = true;
1916 $status->fatal( 'blankarticle' );
1917 $status->setResult( false, self::AS_BLANK_ARTICLE );
1918 return $status;
1919 }
1920
1921 if ( !$this->runPostMergeFilters( $textbox_content, $status, $wgUser ) ) {
1922 return $status;
1923 }
1924
1925 $content = $textbox_content;
1926
1927 $result['sectionanchor'] = '';
1928 if ( $this->section == 'new' ) {
1929 if ( $this->sectiontitle !== '' ) {
1930 // Insert the section title above the content.
1931 $content = $content->addSectionHeader( $this->sectiontitle );
1932 } elseif ( $this->summary !== '' ) {
1933 // Insert the section title above the content.
1934 $content = $content->addSectionHeader( $this->summary );
1935 }
1936 $this->summary = $this->newSectionSummary( $result['sectionanchor'] );
1937 }
1938
1939 $status->value = self::AS_SUCCESS_NEW_ARTICLE;
1940
1941 } else { # not $new
1942
1943 # Article exists. Check for edit conflict.
1944
1945 $this->page->clear(); # Force reload of dates, etc.
1946 $timestamp = $this->page->getTimestamp();
1947 $latest = $this->page->getLatest();
1948
1949 wfDebug( "timestamp: {$timestamp}, edittime: {$this->edittime}\n" );
1950
1951 // Check editRevId if set, which handles same-second timestamp collisions
1952 if ( $timestamp != $this->edittime
1953 || ( $this->editRevId !== null && $this->editRevId != $latest )
1954 ) {
1955 $this->isConflict = true;
1956 if ( $this->section == 'new' ) {
1957 if ( $this->page->getUserText() == $wgUser->getName() &&
1958 $this->page->getComment() == $this->newSectionSummary()
1959 ) {
1960 // Probably a duplicate submission of a new comment.
1961 // This can happen when CDN resends a request after
1962 // a timeout but the first one actually went through.
1963 wfDebug( __METHOD__
1964 . ": duplicate new section submission; trigger edit conflict!\n" );
1965 } else {
1966 // New comment; suppress conflict.
1967 $this->isConflict = false;
1968 wfDebug( __METHOD__ . ": conflict suppressed; new section\n" );
1969 }
1970 } elseif ( $this->section == ''
1971 && Revision::userWasLastToEdit(
1972 DB_MASTER, $this->mTitle->getArticleID(),
1973 $wgUser->getId(), $this->edittime
1974 )
1975 ) {
1976 # Suppress edit conflict with self, except for section edits where merging is required.
1977 wfDebug( __METHOD__ . ": Suppressing edit conflict, same user.\n" );
1978 $this->isConflict = false;
1979 }
1980 }
1981
1982 // If sectiontitle is set, use it, otherwise use the summary as the section title.
1983 if ( $this->sectiontitle !== '' ) {
1984 $sectionTitle = $this->sectiontitle;
1985 } else {
1986 $sectionTitle = $this->summary;
1987 }
1988
1989 $content = null;
1990
1991 if ( $this->isConflict ) {
1992 wfDebug( __METHOD__
1993 . ": conflict! getting section '{$this->section}' for time '{$this->edittime}'"
1994 . " (id '{$this->editRevId}') (article time '{$timestamp}')\n" );
1995 // @TODO: replaceSectionAtRev() with base ID (not prior current) for ?oldid=X case
1996 // ...or disable section editing for non-current revisions (not exposed anyway).
1997 if ( $this->editRevId !== null ) {
1998 $content = $this->page->replaceSectionAtRev(
1999 $this->section,
2000 $textbox_content,
2001 $sectionTitle,
2002 $this->editRevId
2003 );
2004 } else {
2005 $content = $this->page->replaceSectionContent(
2006 $this->section,
2007 $textbox_content,
2008 $sectionTitle,
2009 $this->edittime
2010 );
2011 }
2012 } else {
2013 wfDebug( __METHOD__ . ": getting section '{$this->section}'\n" );
2014 $content = $this->page->replaceSectionContent(
2015 $this->section,
2016 $textbox_content,
2017 $sectionTitle
2018 );
2019 }
2020
2021 if ( is_null( $content ) ) {
2022 wfDebug( __METHOD__ . ": activating conflict; section replace failed.\n" );
2023 $this->isConflict = true;
2024 $content = $textbox_content; // do not try to merge here!
2025 } elseif ( $this->isConflict ) {
2026 # Attempt merge
2027 if ( $this->mergeChangesIntoContent( $content ) ) {
2028 // Successful merge! Maybe we should tell the user the good news?
2029 $this->isConflict = false;
2030 wfDebug( __METHOD__ . ": Suppressing edit conflict, successful merge.\n" );
2031 } else {
2032 $this->section = '';
2033 $this->textbox1 = ContentHandler::getContentText( $content );
2034 wfDebug( __METHOD__ . ": Keeping edit conflict, failed merge.\n" );
2035 }
2036 }
2037
2038 if ( $this->isConflict ) {
2039 $status->setResult( false, self::AS_CONFLICT_DETECTED );
2040 return $status;
2041 }
2042
2043 if ( !$this->runPostMergeFilters( $content, $status, $wgUser ) ) {
2044 return $status;
2045 }
2046
2047 if ( $this->section == 'new' ) {
2048 // Handle the user preference to force summaries here
2049 if ( !$this->allowBlankSummary && trim( $this->summary ) == '' ) {
2050 $this->missingSummary = true;
2051 $status->fatal( 'missingsummary' ); // or 'missingcommentheader' if $section == 'new'. Blegh
2052 $status->value = self::AS_SUMMARY_NEEDED;
2053 return $status;
2054 }
2055
2056 // Do not allow the user to post an empty comment
2057 if ( $this->textbox1 == '' ) {
2058 $this->missingComment = true;
2059 $status->fatal( 'missingcommenttext' );
2060 $status->value = self::AS_TEXTBOX_EMPTY;
2061 return $status;
2062 }
2063 } elseif ( !$this->allowBlankSummary
2064 && !$content->equals( $this->getOriginalContent( $wgUser ) )
2065 && !$content->isRedirect()
2066 && md5( $this->summary ) == $this->autoSumm
2067 ) {
2068 $this->missingSummary = true;
2069 $status->fatal( 'missingsummary' );
2070 $status->value = self::AS_SUMMARY_NEEDED;
2071 return $status;
2072 }
2073
2074 # All's well
2075 $sectionanchor = '';
2076 if ( $this->section == 'new' ) {
2077 $this->summary = $this->newSectionSummary( $sectionanchor );
2078 } elseif ( $this->section != '' ) {
2079 # Try to get a section anchor from the section source, redirect
2080 # to edited section if header found.
2081 # XXX: Might be better to integrate this into Article::replaceSectionAtRev
2082 # for duplicate heading checking and maybe parsing.
2083 $hasmatch = preg_match( "/^ *([=]{1,6})(.*?)(\\1) *\\n/i", $this->textbox1, $matches );
2084 # We can't deal with anchors, includes, html etc in the header for now,
2085 # headline would need to be parsed to improve this.
2086 if ( $hasmatch && strlen( $matches[2] ) > 0 ) {
2087 $sectionanchor = $wgParser->guessLegacySectionNameFromWikiText( $matches[2] );
2088 }
2089 }
2090 $result['sectionanchor'] = $sectionanchor;
2091
2092 // Save errors may fall down to the edit form, but we've now
2093 // merged the section into full text. Clear the section field
2094 // so that later submission of conflict forms won't try to
2095 // replace that into a duplicated mess.
2096 $this->textbox1 = $this->toEditText( $content );
2097 $this->section = '';
2098
2099 $status->value = self::AS_SUCCESS_UPDATE;
2100 }
2101
2102 if ( !$this->allowSelfRedirect
2103 && $content->isRedirect()
2104 && $content->getRedirectTarget()->equals( $this->getTitle() )
2105 ) {
2106 // If the page already redirects to itself, don't warn.
2107 $currentTarget = $this->getCurrentContent()->getRedirectTarget();
2108 if ( !$currentTarget || !$currentTarget->equals( $this->getTitle() ) ) {
2109 $this->selfRedirect = true;
2110 $status->fatal( 'selfredirect' );
2111 $status->value = self::AS_SELF_REDIRECT;
2112 return $status;
2113 }
2114 }
2115
2116 // Check for length errors again now that the section is merged in
2117 $this->contentLength = strlen( $this->toEditText( $content ) );
2118 if ( $this->contentLength > $wgMaxArticleSize * 1024 ) {
2119 $this->tooBig = true;
2120 $status->setResult( false, self::AS_MAX_ARTICLE_SIZE_EXCEEDED );
2121 return $status;
2122 }
2123
2124 $flags = EDIT_AUTOSUMMARY |
2125 ( $new ? EDIT_NEW : EDIT_UPDATE ) |
2126 ( ( $this->minoredit && !$this->isNew ) ? EDIT_MINOR : 0 ) |
2127 ( $bot ? EDIT_FORCE_BOT : 0 );
2128
2129 $doEditStatus = $this->page->doEditContent(
2130 $content,
2131 $this->summary,
2132 $flags,
2133 false,
2134 $wgUser,
2135 $content->getDefaultFormat(),
2136 $this->changeTags,
2137 $this->undidRev
2138 );
2139
2140 if ( !$doEditStatus->isOK() ) {
2141 // Failure from doEdit()
2142 // Show the edit conflict page for certain recognized errors from doEdit(),
2143 // but don't show it for errors from extension hooks
2144 $errors = $doEditStatus->getErrorsArray();
2145 if ( in_array( $errors[0][0],
2146 [ 'edit-gone-missing', 'edit-conflict', 'edit-already-exists' ] )
2147 ) {
2148 $this->isConflict = true;
2149 // Destroys data doEdit() put in $status->value but who cares
2150 $doEditStatus->value = self::AS_END;
2151 }
2152 return $doEditStatus;
2153 }
2154
2155 $result['nullEdit'] = $doEditStatus->hasMessage( 'edit-no-change' );
2156 if ( $result['nullEdit'] ) {
2157 // We don't know if it was a null edit until now, so increment here
2158 $wgUser->pingLimiter( 'linkpurge' );
2159 }
2160 $result['redirect'] = $content->isRedirect();
2161
2162 $this->updateWatchlist();
2163
2164 // If the content model changed, add a log entry
2165 if ( $changingContentModel ) {
2166 $this->addContentModelChangeLogEntry(
2167 $wgUser,
2168 $new ? false : $oldContentModel,
2169 $this->contentModel,
2170 $this->summary
2171 );
2172 }
2173
2174 return $status;
2175 }
2176
2177 /**
2178 * @param User $user
2179 * @param string|false $oldModel false if the page is being newly created
2180 * @param string $newModel
2181 * @param string $reason
2182 */
2183 protected function addContentModelChangeLogEntry( User $user, $oldModel, $newModel, $reason ) {
2184 $new = $oldModel === false;
2185 $log = new ManualLogEntry( 'contentmodel', $new ? 'new' : 'change' );
2186 $log->setPerformer( $user );
2187 $log->setTarget( $this->mTitle );
2188 $log->setComment( $reason );
2189 $log->setParameters( [
2190 '4::oldmodel' => $oldModel,
2191 '5::newmodel' => $newModel
2192 ] );
2193 $logid = $log->insert();
2194 $log->publish( $logid );
2195 }
2196
2197 /**
2198 * Register the change of watch status
2199 */
2200 protected function updateWatchlist() {
2201 global $wgUser;
2202
2203 if ( !$wgUser->isLoggedIn() ) {
2204 return;
2205 }
2206
2207 $user = $wgUser;
2208 $title = $this->mTitle;
2209 $watch = $this->watchthis;
2210 // Do this in its own transaction to reduce contention...
2211 DeferredUpdates::addCallableUpdate( function () use ( $user, $title, $watch ) {
2212 if ( $watch == $user->isWatched( $title, User::IGNORE_USER_RIGHTS ) ) {
2213 return; // nothing to change
2214 }
2215 WatchAction::doWatchOrUnwatch( $watch, $title, $user );
2216 } );
2217 }
2218
2219 /**
2220 * Attempts to do 3-way merge of edit content with a base revision
2221 * and current content, in case of edit conflict, in whichever way appropriate
2222 * for the content type.
2223 *
2224 * @since 1.21
2225 *
2226 * @param Content $editContent
2227 *
2228 * @return bool
2229 */
2230 private function mergeChangesIntoContent( &$editContent ) {
2231 $db = wfGetDB( DB_MASTER );
2232
2233 // This is the revision the editor started from
2234 $baseRevision = $this->getBaseRevision();
2235 $baseContent = $baseRevision ? $baseRevision->getContent() : null;
2236
2237 if ( is_null( $baseContent ) ) {
2238 return false;
2239 }
2240
2241 // The current state, we want to merge updates into it
2242 $currentRevision = Revision::loadFromTitle( $db, $this->mTitle );
2243 $currentContent = $currentRevision ? $currentRevision->getContent() : null;
2244
2245 if ( is_null( $currentContent ) ) {
2246 return false;
2247 }
2248
2249 $handler = ContentHandler::getForModelID( $baseContent->getModel() );
2250
2251 $result = $handler->merge3( $baseContent, $editContent, $currentContent );
2252
2253 if ( $result ) {
2254 $editContent = $result;
2255 // Update parentRevId to what we just merged.
2256 $this->parentRevId = $currentRevision->getId();
2257 return true;
2258 }
2259
2260 return false;
2261 }
2262
2263 /**
2264 * @note: this method is very poorly named. If the user opened the form with ?oldid=X,
2265 * one might think of X as the "base revision", which is NOT what this returns.
2266 * @return Revision Current version when the edit was started
2267 */
2268 public function getBaseRevision() {
2269 if ( !$this->mBaseRevision ) {
2270 $db = wfGetDB( DB_MASTER );
2271 $this->mBaseRevision = $this->editRevId
2272 ? Revision::newFromId( $this->editRevId, Revision::READ_LATEST )
2273 : Revision::loadFromTimestamp( $db, $this->mTitle, $this->edittime );
2274 }
2275 return $this->mBaseRevision;
2276 }
2277
2278 /**
2279 * Check given input text against $wgSpamRegex, and return the text of the first match.
2280 *
2281 * @param string $text
2282 *
2283 * @return string|bool Matching string or false
2284 */
2285 public static function matchSpamRegex( $text ) {
2286 global $wgSpamRegex;
2287 // For back compatibility, $wgSpamRegex may be a single string or an array of regexes.
2288 $regexes = (array)$wgSpamRegex;
2289 return self::matchSpamRegexInternal( $text, $regexes );
2290 }
2291
2292 /**
2293 * Check given input text against $wgSummarySpamRegex, and return the text of the first match.
2294 *
2295 * @param string $text
2296 *
2297 * @return string|bool Matching string or false
2298 */
2299 public static function matchSummarySpamRegex( $text ) {
2300 global $wgSummarySpamRegex;
2301 $regexes = (array)$wgSummarySpamRegex;
2302 return self::matchSpamRegexInternal( $text, $regexes );
2303 }
2304
2305 /**
2306 * @param string $text
2307 * @param array $regexes
2308 * @return bool|string
2309 */
2310 protected static function matchSpamRegexInternal( $text, $regexes ) {
2311 foreach ( $regexes as $regex ) {
2312 $matches = [];
2313 if ( preg_match( $regex, $text, $matches ) ) {
2314 return $matches[0];
2315 }
2316 }
2317 return false;
2318 }
2319
2320 public function setHeaders() {
2321 global $wgOut, $wgUser, $wgAjaxEditStash, $wgCookieSetOnAutoblock;
2322
2323 $wgOut->addModules( 'mediawiki.action.edit' );
2324 if ( $wgCookieSetOnAutoblock === true ) {
2325 $wgOut->addModules( 'mediawiki.user.blockcookie' );
2326 }
2327 $wgOut->addModuleStyles( 'mediawiki.action.edit.styles' );
2328
2329 if ( $wgUser->getOption( 'showtoolbar' ) ) {
2330 // The addition of default buttons is handled by getEditToolbar() which
2331 // has its own dependency on this module. The call here ensures the module
2332 // is loaded in time (it has position "top") for other modules to register
2333 // buttons (e.g. extensions, gadgets, user scripts).
2334 $wgOut->addModules( 'mediawiki.toolbar' );
2335 }
2336
2337 if ( $wgUser->getOption( 'uselivepreview' ) ) {
2338 $wgOut->addModules( 'mediawiki.action.edit.preview' );
2339 }
2340
2341 if ( $wgUser->getOption( 'useeditwarning' ) ) {
2342 $wgOut->addModules( 'mediawiki.action.edit.editWarning' );
2343 }
2344
2345 # Enabled article-related sidebar, toplinks, etc.
2346 $wgOut->setArticleRelated( true );
2347
2348 $contextTitle = $this->getContextTitle();
2349 if ( $this->isConflict ) {
2350 $msg = 'editconflict';
2351 } elseif ( $contextTitle->exists() && $this->section != '' ) {
2352 $msg = $this->section == 'new' ? 'editingcomment' : 'editingsection';
2353 } else {
2354 $msg = $contextTitle->exists()
2355 || ( $contextTitle->getNamespace() == NS_MEDIAWIKI
2356 && $contextTitle->getDefaultMessageText() !== false
2357 )
2358 ? 'editing'
2359 : 'creating';
2360 }
2361
2362 # Use the title defined by DISPLAYTITLE magic word when present
2363 # NOTE: getDisplayTitle() returns HTML while getPrefixedText() returns plain text.
2364 # setPageTitle() treats the input as wikitext, which should be safe in either case.
2365 $displayTitle = isset( $this->mParserOutput ) ? $this->mParserOutput->getDisplayTitle() : false;
2366 if ( $displayTitle === false ) {
2367 $displayTitle = $contextTitle->getPrefixedText();
2368 }
2369 $wgOut->setPageTitle( $this->context->msg( $msg, $displayTitle ) );
2370 # Transmit the name of the message to JavaScript for live preview
2371 # Keep Resources.php/mediawiki.action.edit.preview in sync with the possible keys
2372 $wgOut->addJsConfigVars( [
2373 'wgEditMessage' => $msg,
2374 'wgAjaxEditStash' => $wgAjaxEditStash,
2375 ] );
2376 }
2377
2378 /**
2379 * Show all applicable editing introductions
2380 */
2381 protected function showIntro() {
2382 global $wgOut, $wgUser;
2383 if ( $this->suppressIntro ) {
2384 return;
2385 }
2386
2387 $namespace = $this->mTitle->getNamespace();
2388
2389 if ( $namespace == NS_MEDIAWIKI ) {
2390 # Show a warning if editing an interface message
2391 $wgOut->wrapWikiMsg( "<div class='mw-editinginterface'>\n$1\n</div>", 'editinginterface' );
2392 # If this is a default message (but not css or js),
2393 # show a hint that it is translatable on translatewiki.net
2394 if ( !$this->mTitle->hasContentModel( CONTENT_MODEL_CSS )
2395 && !$this->mTitle->hasContentModel( CONTENT_MODEL_JAVASCRIPT )
2396 ) {
2397 $defaultMessageText = $this->mTitle->getDefaultMessageText();
2398 if ( $defaultMessageText !== false ) {
2399 $wgOut->wrapWikiMsg( "<div class='mw-translateinterface'>\n$1\n</div>",
2400 'translateinterface' );
2401 }
2402 }
2403 } elseif ( $namespace == NS_FILE ) {
2404 # Show a hint to shared repo
2405 $file = wfFindFile( $this->mTitle );
2406 if ( $file && !$file->isLocal() ) {
2407 $descUrl = $file->getDescriptionUrl();
2408 # there must be a description url to show a hint to shared repo
2409 if ( $descUrl ) {
2410 if ( !$this->mTitle->exists() ) {
2411 $wgOut->wrapWikiMsg( "<div class=\"mw-sharedupload-desc-create\">\n$1\n</div>", [
2412 'sharedupload-desc-create', $file->getRepo()->getDisplayName(), $descUrl
2413 ] );
2414 } else {
2415 $wgOut->wrapWikiMsg( "<div class=\"mw-sharedupload-desc-edit\">\n$1\n</div>", [
2416 'sharedupload-desc-edit', $file->getRepo()->getDisplayName(), $descUrl
2417 ] );
2418 }
2419 }
2420 }
2421 }
2422
2423 # Show a warning message when someone creates/edits a user (talk) page but the user does not exist
2424 # Show log extract when the user is currently blocked
2425 if ( $namespace == NS_USER || $namespace == NS_USER_TALK ) {
2426 $username = explode( '/', $this->mTitle->getText(), 2 )[0];
2427 $user = User::newFromName( $username, false /* allow IP users*/ );
2428 $ip = User::isIP( $username );
2429 $block = Block::newFromTarget( $user, $user );
2430 if ( !( $user && $user->isLoggedIn() ) && !$ip ) { # User does not exist
2431 $wgOut->wrapWikiMsg( "<div class=\"mw-userpage-userdoesnotexist error\">\n$1\n</div>",
2432 [ 'userpage-userdoesnotexist', wfEscapeWikiText( $username ) ] );
2433 } elseif ( !is_null( $block ) && $block->getType() != Block::TYPE_AUTO ) {
2434 # Show log extract if the user is currently blocked
2435 LogEventsList::showLogExtract(
2436 $wgOut,
2437 'block',
2438 MWNamespace::getCanonicalName( NS_USER ) . ':' . $block->getTarget(),
2439 '',
2440 [
2441 'lim' => 1,
2442 'showIfEmpty' => false,
2443 'msgKey' => [
2444 'blocked-notice-logextract',
2445 $user->getName() # Support GENDER in notice
2446 ]
2447 ]
2448 );
2449 }
2450 }
2451 # Try to add a custom edit intro, or use the standard one if this is not possible.
2452 if ( !$this->showCustomIntro() && !$this->mTitle->exists() ) {
2453 $helpLink = wfExpandUrl( Skin::makeInternalOrExternalUrl(
2454 $this->context->msg( 'helppage' )->inContentLanguage()->text()
2455 ) );
2456 if ( $wgUser->isLoggedIn() ) {
2457 $wgOut->wrapWikiMsg(
2458 // Suppress the external link icon, consider the help url an internal one
2459 "<div class=\"mw-newarticletext plainlinks\">\n$1\n</div>",
2460 [
2461 'newarticletext',
2462 $helpLink
2463 ]
2464 );
2465 } else {
2466 $wgOut->wrapWikiMsg(
2467 // Suppress the external link icon, consider the help url an internal one
2468 "<div class=\"mw-newarticletextanon plainlinks\">\n$1\n</div>",
2469 [
2470 'newarticletextanon',
2471 $helpLink
2472 ]
2473 );
2474 }
2475 }
2476 # Give a notice if the user is editing a deleted/moved page...
2477 if ( !$this->mTitle->exists() ) {
2478 $dbr = wfGetDB( DB_REPLICA );
2479
2480 LogEventsList::showLogExtract( $wgOut, [ 'delete', 'move' ], $this->mTitle,
2481 '',
2482 [
2483 'lim' => 10,
2484 'conds' => [ 'log_action != ' . $dbr->addQuotes( 'revision' ) ],
2485 'showIfEmpty' => false,
2486 'msgKey' => [ 'recreate-moveddeleted-warn' ]
2487 ]
2488 );
2489 }
2490 }
2491
2492 /**
2493 * Attempt to show a custom editing introduction, if supplied
2494 *
2495 * @return bool
2496 */
2497 protected function showCustomIntro() {
2498 if ( $this->editintro ) {
2499 $title = Title::newFromText( $this->editintro );
2500 if ( $title instanceof Title && $title->exists() && $title->userCan( 'read' ) ) {
2501 global $wgOut;
2502 // Added using template syntax, to take <noinclude>'s into account.
2503 $wgOut->addWikiTextTitleTidy(
2504 '<div class="mw-editintro">{{:' . $title->getFullText() . '}}</div>',
2505 $this->mTitle
2506 );
2507 return true;
2508 }
2509 }
2510 return false;
2511 }
2512
2513 /**
2514 * Gets an editable textual representation of $content.
2515 * The textual representation can be turned by into a Content object by the
2516 * toEditContent() method.
2517 *
2518 * If $content is null or false or a string, $content is returned unchanged.
2519 *
2520 * If the given Content object is not of a type that can be edited using
2521 * the text base EditPage, an exception will be raised. Set
2522 * $this->allowNonTextContent to true to allow editing of non-textual
2523 * content.
2524 *
2525 * @param Content|null|bool|string $content
2526 * @return string The editable text form of the content.
2527 *
2528 * @throws MWException If $content is not an instance of TextContent and
2529 * $this->allowNonTextContent is not true.
2530 */
2531 protected function toEditText( $content ) {
2532 if ( $content === null || $content === false || is_string( $content ) ) {
2533 return $content;
2534 }
2535
2536 if ( !$this->isSupportedContentModel( $content->getModel() ) ) {
2537 throw new MWException( 'This content model is not supported: ' . $content->getModel() );
2538 }
2539
2540 return $content->serialize( $this->contentFormat );
2541 }
2542
2543 /**
2544 * Turns the given text into a Content object by unserializing it.
2545 *
2546 * If the resulting Content object is not of a type that can be edited using
2547 * the text base EditPage, an exception will be raised. Set
2548 * $this->allowNonTextContent to true to allow editing of non-textual
2549 * content.
2550 *
2551 * @param string|null|bool $text Text to unserialize
2552 * @return Content|bool|null The content object created from $text. If $text was false
2553 * or null, false resp. null will be returned instead.
2554 *
2555 * @throws MWException If unserializing the text results in a Content
2556 * object that is not an instance of TextContent and
2557 * $this->allowNonTextContent is not true.
2558 */
2559 protected function toEditContent( $text ) {
2560 if ( $text === false || $text === null ) {
2561 return $text;
2562 }
2563
2564 $content = ContentHandler::makeContent( $text, $this->getTitle(),
2565 $this->contentModel, $this->contentFormat );
2566
2567 if ( !$this->isSupportedContentModel( $content->getModel() ) ) {
2568 throw new MWException( 'This content model is not supported: ' . $content->getModel() );
2569 }
2570
2571 return $content;
2572 }
2573
2574 /**
2575 * Send the edit form and related headers to $wgOut
2576 * @param callable|null $formCallback That takes an OutputPage parameter; will be called
2577 * during form output near the top, for captchas and the like.
2578 *
2579 * The $formCallback parameter is deprecated since MediaWiki 1.25. Please
2580 * use the EditPage::showEditForm:fields hook instead.
2581 */
2582 public function showEditForm( $formCallback = null ) {
2583 global $wgOut, $wgUser;
2584
2585 # need to parse the preview early so that we know which templates are used,
2586 # otherwise users with "show preview after edit box" will get a blank list
2587 # we parse this near the beginning so that setHeaders can do the title
2588 # setting work instead of leaving it in getPreviewText
2589 $previewOutput = '';
2590 if ( $this->formtype == 'preview' ) {
2591 $previewOutput = $this->getPreviewText();
2592 }
2593
2594 // Avoid PHP 7.1 warning of passing $this by reference
2595 $editPage = $this;
2596 Hooks::run( 'EditPage::showEditForm:initial', [ &$editPage, &$wgOut ] );
2597
2598 $this->setHeaders();
2599
2600 $this->addTalkPageText();
2601 $this->addEditNotices();
2602
2603 if ( !$this->isConflict &&
2604 $this->section != '' &&
2605 !$this->isSectionEditSupported() ) {
2606 // We use $this->section to much before this and getVal('wgSection') directly in other places
2607 // at this point we can't reset $this->section to '' to fallback to non-section editing.
2608 // Someone is welcome to try refactoring though
2609 $wgOut->showErrorPage( 'sectioneditnotsupported-title', 'sectioneditnotsupported-text' );
2610 return;
2611 }
2612
2613 $this->showHeader();
2614
2615 $wgOut->addHTML( $this->editFormPageTop );
2616
2617 if ( $wgUser->getOption( 'previewontop' ) ) {
2618 $this->displayPreviewArea( $previewOutput, true );
2619 }
2620
2621 $wgOut->addHTML( $this->editFormTextTop );
2622
2623 $showToolbar = true;
2624 if ( $this->wasDeletedSinceLastEdit() ) {
2625 if ( $this->formtype == 'save' ) {
2626 // Hide the toolbar and edit area, user can click preview to get it back
2627 // Add an confirmation checkbox and explanation.
2628 $showToolbar = false;
2629 } else {
2630 $wgOut->wrapWikiMsg( "<div class='error mw-deleted-while-editing'>\n$1\n</div>",
2631 'deletedwhileediting' );
2632 }
2633 }
2634
2635 // @todo add EditForm plugin interface and use it here!
2636 // search for textarea1 and textares2, and allow EditForm to override all uses.
2637 $wgOut->addHTML( Html::openElement(
2638 'form',
2639 [
2640 'id' => self::EDITFORM_ID,
2641 'name' => self::EDITFORM_ID,
2642 'method' => 'post',
2643 'action' => $this->getActionURL( $this->getContextTitle() ),
2644 'enctype' => 'multipart/form-data'
2645 ]
2646 ) );
2647
2648 if ( is_callable( $formCallback ) ) {
2649 wfWarn( 'The $formCallback parameter to ' . __METHOD__ . 'is deprecated' );
2650 call_user_func_array( $formCallback, [ &$wgOut ] );
2651 }
2652
2653 // Add an empty field to trip up spambots
2654 $wgOut->addHTML(
2655 Xml::openElement( 'div', [ 'id' => 'antispam-container', 'style' => 'display: none;' ] )
2656 . Html::rawElement(
2657 'label',
2658 [ 'for' => 'wpAntispam' ],
2659 $this->context->msg( 'simpleantispam-label' )->parse()
2660 )
2661 . Xml::element(
2662 'input',
2663 [
2664 'type' => 'text',
2665 'name' => 'wpAntispam',
2666 'id' => 'wpAntispam',
2667 'value' => ''
2668 ]
2669 )
2670 . Xml::closeElement( 'div' )
2671 );
2672
2673 // Avoid PHP 7.1 warning of passing $this by reference
2674 $editPage = $this;
2675 Hooks::run( 'EditPage::showEditForm:fields', [ &$editPage, &$wgOut ] );
2676
2677 // Put these up at the top to ensure they aren't lost on early form submission
2678 $this->showFormBeforeText();
2679
2680 if ( $this->wasDeletedSinceLastEdit() && 'save' == $this->formtype ) {
2681 $username = $this->lastDelete->user_name;
2682 $comment = $this->lastDelete->log_comment;
2683
2684 // It is better to not parse the comment at all than to have templates expanded in the middle
2685 // TODO: can the checkLabel be moved outside of the div so that wrapWikiMsg could be used?
2686 $key = $comment === ''
2687 ? 'confirmrecreate-noreason'
2688 : 'confirmrecreate';
2689 $wgOut->addHTML(
2690 '<div class="mw-confirm-recreate">' .
2691 $this->context->msg( $key, $username, "<nowiki>$comment</nowiki>" )->parse() .
2692 Xml::checkLabel( $this->context->msg( 'recreate' )->text(), 'wpRecreate', 'wpRecreate', false,
2693 [ 'title' => Linker::titleAttrib( 'recreate' ), 'tabindex' => 1, 'id' => 'wpRecreate' ]
2694 ) .
2695 '</div>'
2696 );
2697 }
2698
2699 # When the summary is hidden, also hide them on preview/show changes
2700 if ( $this->nosummary ) {
2701 $wgOut->addHTML( Html::hidden( 'nosummary', true ) );
2702 }
2703
2704 # If a blank edit summary was previously provided, and the appropriate
2705 # user preference is active, pass a hidden tag as wpIgnoreBlankSummary. This will stop the
2706 # user being bounced back more than once in the event that a summary
2707 # is not required.
2708 # ####
2709 # For a bit more sophisticated detection of blank summaries, hash the
2710 # automatic one and pass that in the hidden field wpAutoSummary.
2711 if ( $this->missingSummary || ( $this->section == 'new' && $this->nosummary ) ) {
2712 $wgOut->addHTML( Html::hidden( 'wpIgnoreBlankSummary', true ) );
2713 }
2714
2715 if ( $this->undidRev ) {
2716 $wgOut->addHTML( Html::hidden( 'wpUndidRevision', $this->undidRev ) );
2717 }
2718
2719 if ( $this->selfRedirect ) {
2720 $wgOut->addHTML( Html::hidden( 'wpIgnoreSelfRedirect', true ) );
2721 }
2722
2723 if ( $this->hasPresetSummary ) {
2724 // If a summary has been preset using &summary= we don't want to prompt for
2725 // a different summary. Only prompt for a summary if the summary is blanked.
2726 // (T19416)
2727 $this->autoSumm = md5( '' );
2728 }
2729
2730 $autosumm = $this->autoSumm ? $this->autoSumm : md5( $this->summary );
2731 $wgOut->addHTML( Html::hidden( 'wpAutoSummary', $autosumm ) );
2732
2733 $wgOut->addHTML( Html::hidden( 'oldid', $this->oldid ) );
2734 $wgOut->addHTML( Html::hidden( 'parentRevId', $this->getParentRevId() ) );
2735
2736 $wgOut->addHTML( Html::hidden( 'format', $this->contentFormat ) );
2737 $wgOut->addHTML( Html::hidden( 'model', $this->contentModel ) );
2738
2739 if ( $this->section == 'new' ) {
2740 $this->showSummaryInput( true, $this->summary );
2741 $wgOut->addHTML( $this->getSummaryPreview( true, $this->summary ) );
2742 }
2743
2744 $wgOut->addHTML( $this->editFormTextBeforeContent );
2745
2746 if ( !$this->isCssJsSubpage && $showToolbar && $wgUser->getOption( 'showtoolbar' ) ) {
2747 $wgOut->addHTML( EditPage::getEditToolbar( $this->mTitle ) );
2748 }
2749
2750 if ( $this->blankArticle ) {
2751 $wgOut->addHTML( Html::hidden( 'wpIgnoreBlankArticle', true ) );
2752 }
2753
2754 if ( $this->isConflict ) {
2755 // In an edit conflict bypass the overridable content form method
2756 // and fallback to the raw wpTextbox1 since editconflicts can't be
2757 // resolved between page source edits and custom ui edits using the
2758 // custom edit ui.
2759 $this->textbox2 = $this->textbox1;
2760
2761 $content = $this->getCurrentContent();
2762 $this->textbox1 = $this->toEditText( $content );
2763
2764 $this->showTextbox1();
2765 } else {
2766 $this->showContentForm();
2767 }
2768
2769 $wgOut->addHTML( $this->editFormTextAfterContent );
2770
2771 $this->showStandardInputs();
2772
2773 $this->showFormAfterText();
2774
2775 $this->showTosSummary();
2776
2777 $this->showEditTools();
2778
2779 $wgOut->addHTML( $this->editFormTextAfterTools . "\n" );
2780
2781 $wgOut->addHTML( $this->makeTemplatesOnThisPageList( $this->getTemplates() ) );
2782
2783 $wgOut->addHTML( Html::rawElement( 'div', [ 'class' => 'hiddencats' ],
2784 Linker::formatHiddenCategories( $this->page->getHiddenCategories() ) ) );
2785
2786 $wgOut->addHTML( Html::rawElement( 'div', [ 'class' => 'limitreport' ],
2787 self::getPreviewLimitReport( $this->mParserOutput ) ) );
2788
2789 $wgOut->addModules( 'mediawiki.action.edit.collapsibleFooter' );
2790
2791 if ( $this->isConflict ) {
2792 try {
2793 $this->showConflict();
2794 } catch ( MWContentSerializationException $ex ) {
2795 // this can't really happen, but be nice if it does.
2796 $msg = $this->context->msg(
2797 'content-failed-to-parse',
2798 $this->contentModel,
2799 $this->contentFormat,
2800 $ex->getMessage()
2801 );
2802 $wgOut->addWikiText( '<div class="error">' . $msg->text() . '</div>' );
2803 }
2804 }
2805
2806 // Set a hidden field so JS knows what edit form mode we are in
2807 if ( $this->isConflict ) {
2808 $mode = 'conflict';
2809 } elseif ( $this->preview ) {
2810 $mode = 'preview';
2811 } elseif ( $this->diff ) {
2812 $mode = 'diff';
2813 } else {
2814 $mode = 'text';
2815 }
2816 $wgOut->addHTML( Html::hidden( 'mode', $mode, [ 'id' => 'mw-edit-mode' ] ) );
2817
2818 // Marker for detecting truncated form data. This must be the last
2819 // parameter sent in order to be of use, so do not move me.
2820 $wgOut->addHTML( Html::hidden( 'wpUltimateParam', true ) );
2821 $wgOut->addHTML( $this->editFormTextBottom . "\n</form>\n" );
2822
2823 if ( !$wgUser->getOption( 'previewontop' ) ) {
2824 $this->displayPreviewArea( $previewOutput, false );
2825 }
2826 }
2827
2828 /**
2829 * Wrapper around TemplatesOnThisPageFormatter to make
2830 * a "templates on this page" list.
2831 *
2832 * @param Title[] $templates
2833 * @return string HTML
2834 */
2835 public function makeTemplatesOnThisPageList( array $templates ) {
2836 $templateListFormatter = new TemplatesOnThisPageFormatter(
2837 $this->context, MediaWikiServices::getInstance()->getLinkRenderer()
2838 );
2839
2840 // preview if preview, else section if section, else false
2841 $type = false;
2842 if ( $this->preview ) {
2843 $type = 'preview';
2844 } elseif ( $this->section != '' ) {
2845 $type = 'section';
2846 }
2847
2848 return Html::rawElement( 'div', [ 'class' => 'templatesUsed' ],
2849 $templateListFormatter->format( $templates, $type )
2850 );
2851 }
2852
2853 /**
2854 * Extract the section title from current section text, if any.
2855 *
2856 * @param string $text
2857 * @return string|bool String or false
2858 */
2859 public static function extractSectionTitle( $text ) {
2860 preg_match( "/^(=+)(.+)\\1\\s*(\n|$)/i", $text, $matches );
2861 if ( !empty( $matches[2] ) ) {
2862 global $wgParser;
2863 return $wgParser->stripSectionName( trim( $matches[2] ) );
2864 } else {
2865 return false;
2866 }
2867 }
2868
2869 protected function showHeader() {
2870 global $wgOut, $wgUser;
2871 global $wgAllowUserCss, $wgAllowUserJs;
2872
2873 if ( $this->isConflict ) {
2874 $this->addExplainConflictHeader( $wgOut );
2875 $this->editRevId = $this->page->getLatest();
2876 } else {
2877 if ( $this->section != '' && $this->section != 'new' ) {
2878 if ( !$this->summary && !$this->preview && !$this->diff ) {
2879 $sectionTitle = self::extractSectionTitle( $this->textbox1 ); // FIXME: use Content object
2880 if ( $sectionTitle !== false ) {
2881 $this->summary = "/* $sectionTitle */ ";
2882 }
2883 }
2884 }
2885
2886 if ( $this->missingComment ) {
2887 $wgOut->wrapWikiMsg( "<div id='mw-missingcommenttext'>\n$1\n</div>", 'missingcommenttext' );
2888 }
2889
2890 if ( $this->missingSummary && $this->section != 'new' ) {
2891 $wgOut->wrapWikiMsg( "<div id='mw-missingsummary'>\n$1\n</div>", 'missingsummary' );
2892 }
2893
2894 if ( $this->missingSummary && $this->section == 'new' ) {
2895 $wgOut->wrapWikiMsg( "<div id='mw-missingcommentheader'>\n$1\n</div>", 'missingcommentheader' );
2896 }
2897
2898 if ( $this->blankArticle ) {
2899 $wgOut->wrapWikiMsg( "<div id='mw-blankarticle'>\n$1\n</div>", 'blankarticle' );
2900 }
2901
2902 if ( $this->selfRedirect ) {
2903 $wgOut->wrapWikiMsg( "<div id='mw-selfredirect'>\n$1\n</div>", 'selfredirect' );
2904 }
2905
2906 if ( $this->hookError !== '' ) {
2907 $wgOut->addWikiText( $this->hookError );
2908 }
2909
2910 if ( !$this->checkUnicodeCompliantBrowser() ) {
2911 $wgOut->addWikiMsg( 'nonunicodebrowser' );
2912 }
2913
2914 if ( $this->section != 'new' ) {
2915 $revision = $this->mArticle->getRevisionFetched();
2916 if ( $revision ) {
2917 // Let sysop know that this will make private content public if saved
2918
2919 if ( !$revision->userCan( Revision::DELETED_TEXT, $wgUser ) ) {
2920 $wgOut->wrapWikiMsg(
2921 "<div class='mw-warning plainlinks'>\n$1\n</div>\n",
2922 'rev-deleted-text-permission'
2923 );
2924 } elseif ( $revision->isDeleted( Revision::DELETED_TEXT ) ) {
2925 $wgOut->wrapWikiMsg(
2926 "<div class='mw-warning plainlinks'>\n$1\n</div>\n",
2927 'rev-deleted-text-view'
2928 );
2929 }
2930
2931 if ( !$revision->isCurrent() ) {
2932 $this->mArticle->setOldSubtitle( $revision->getId() );
2933 $wgOut->addWikiMsg( 'editingold' );
2934 $this->isOldRev = true;
2935 }
2936 } elseif ( $this->mTitle->exists() ) {
2937 // Something went wrong
2938
2939 $wgOut->wrapWikiMsg( "<div class='errorbox'>\n$1\n</div>\n",
2940 [ 'missing-revision', $this->oldid ] );
2941 }
2942 }
2943 }
2944
2945 if ( wfReadOnly() ) {
2946 $wgOut->wrapWikiMsg(
2947 "<div id=\"mw-read-only-warning\">\n$1\n</div>",
2948 [ 'readonlywarning', wfReadOnlyReason() ]
2949 );
2950 } elseif ( $wgUser->isAnon() ) {
2951 if ( $this->formtype != 'preview' ) {
2952 $wgOut->wrapWikiMsg(
2953 "<div id='mw-anon-edit-warning' class='warningbox'>\n$1\n</div>",
2954 [ 'anoneditwarning',
2955 // Log-in link
2956 SpecialPage::getTitleFor( 'Userlogin' )->getFullURL( [
2957 'returnto' => $this->getTitle()->getPrefixedDBkey()
2958 ] ),
2959 // Sign-up link
2960 SpecialPage::getTitleFor( 'CreateAccount' )->getFullURL( [
2961 'returnto' => $this->getTitle()->getPrefixedDBkey()
2962 ] )
2963 ]
2964 );
2965 } else {
2966 $wgOut->wrapWikiMsg( "<div id=\"mw-anon-preview-warning\" class=\"warningbox\">\n$1</div>",
2967 'anonpreviewwarning'
2968 );
2969 }
2970 } else {
2971 if ( $this->isCssJsSubpage ) {
2972 # Check the skin exists
2973 if ( $this->isWrongCaseCssJsPage ) {
2974 $wgOut->wrapWikiMsg(
2975 "<div class='error' id='mw-userinvalidcssjstitle'>\n$1\n</div>",
2976 [ 'userinvalidcssjstitle', $this->mTitle->getSkinFromCssJsSubpage() ]
2977 );
2978 }
2979 if ( $this->getTitle()->isSubpageOf( $wgUser->getUserPage() ) ) {
2980 $wgOut->wrapWikiMsg( '<div class="mw-usercssjspublic">$1</div>',
2981 $this->isCssSubpage ? 'usercssispublic' : 'userjsispublic'
2982 );
2983 if ( $this->formtype !== 'preview' ) {
2984 if ( $this->isCssSubpage && $wgAllowUserCss ) {
2985 $wgOut->wrapWikiMsg(
2986 "<div id='mw-usercssyoucanpreview'>\n$1\n</div>",
2987 [ 'usercssyoucanpreview' ]
2988 );
2989 }
2990
2991 if ( $this->isJsSubpage && $wgAllowUserJs ) {
2992 $wgOut->wrapWikiMsg(
2993 "<div id='mw-userjsyoucanpreview'>\n$1\n</div>",
2994 [ 'userjsyoucanpreview' ]
2995 );
2996 }
2997 }
2998 }
2999 }
3000 }
3001
3002 $this->addPageProtectionWarningHeaders();
3003
3004 $this->addLongPageWarningHeader();
3005
3006 # Add header copyright warning
3007 $this->showHeaderCopyrightWarning();
3008 }
3009
3010 /**
3011 * Standard summary input and label (wgSummary), abstracted so EditPage
3012 * subclasses may reorganize the form.
3013 * Note that you do not need to worry about the label's for=, it will be
3014 * inferred by the id given to the input. You can remove them both by
3015 * passing [ 'id' => false ] to $userInputAttrs.
3016 *
3017 * @param string $summary The value of the summary input
3018 * @param string $labelText The html to place inside the label
3019 * @param array $inputAttrs Array of attrs to use on the input
3020 * @param array $spanLabelAttrs Array of attrs to use on the span inside the label
3021 *
3022 * @return array An array in the format [ $label, $input ]
3023 */
3024 public function getSummaryInput( $summary = "", $labelText = null,
3025 $inputAttrs = null, $spanLabelAttrs = null
3026 ) {
3027 // Note: the maxlength is overridden in JS to 255 and to make it use UTF-8 bytes, not characters.
3028 $inputAttrs = ( is_array( $inputAttrs ) ? $inputAttrs : [] ) + [
3029 'id' => 'wpSummary',
3030 'maxlength' => '200',
3031 'tabindex' => '1',
3032 'size' => 60,
3033 'spellcheck' => 'true',
3034 ] + Linker::tooltipAndAccesskeyAttribs( 'summary' );
3035
3036 $spanLabelAttrs = ( is_array( $spanLabelAttrs ) ? $spanLabelAttrs : [] ) + [
3037 'class' => $this->missingSummary ? 'mw-summarymissed' : 'mw-summary',
3038 'id' => "wpSummaryLabel"
3039 ];
3040
3041 $label = null;
3042 if ( $labelText ) {
3043 $label = Xml::tags(
3044 'label',
3045 $inputAttrs['id'] ? [ 'for' => $inputAttrs['id'] ] : null,
3046 $labelText
3047 );
3048 $label = Xml::tags( 'span', $spanLabelAttrs, $label );
3049 }
3050
3051 $input = Html::input( 'wpSummary', $summary, 'text', $inputAttrs );
3052
3053 return [ $label, $input ];
3054 }
3055
3056 /**
3057 * @param bool $isSubjectPreview True if this is the section subject/title
3058 * up top, or false if this is the comment summary
3059 * down below the textarea
3060 * @param string $summary The text of the summary to display
3061 */
3062 protected function showSummaryInput( $isSubjectPreview, $summary = "" ) {
3063 global $wgOut;
3064 # Add a class if 'missingsummary' is triggered to allow styling of the summary line
3065 $summaryClass = $this->missingSummary ? 'mw-summarymissed' : 'mw-summary';
3066 if ( $isSubjectPreview ) {
3067 if ( $this->nosummary ) {
3068 return;
3069 }
3070 } else {
3071 if ( !$this->mShowSummaryField ) {
3072 return;
3073 }
3074 }
3075 $labelText = $this->context->msg( $isSubjectPreview ? 'subject' : 'summary' )->parse();
3076 list( $label, $input ) = $this->getSummaryInput(
3077 $summary,
3078 $labelText,
3079 [ 'class' => $summaryClass ],
3080 []
3081 );
3082 $wgOut->addHTML( "{$label} {$input}" );
3083 }
3084
3085 /**
3086 * @param bool $isSubjectPreview True if this is the section subject/title
3087 * up top, or false if this is the comment summary
3088 * down below the textarea
3089 * @param string $summary The text of the summary to display
3090 * @return string
3091 */
3092 protected function getSummaryPreview( $isSubjectPreview, $summary = "" ) {
3093 // avoid spaces in preview, gets always trimmed on save
3094 $summary = trim( $summary );
3095 if ( !$summary || ( !$this->preview && !$this->diff ) ) {
3096 return "";
3097 }
3098
3099 global $wgParser;
3100
3101 if ( $isSubjectPreview ) {
3102 $summary = $this->context->msg( 'newsectionsummary' )
3103 ->rawParams( $wgParser->stripSectionName( $summary ) )
3104 ->inContentLanguage()->text();
3105 }
3106
3107 $message = $isSubjectPreview ? 'subject-preview' : 'summary-preview';
3108
3109 $summary = $this->context->msg( $message )->parse()
3110 . Linker::commentBlock( $summary, $this->mTitle, $isSubjectPreview );
3111 return Xml::tags( 'div', [ 'class' => 'mw-summary-preview' ], $summary );
3112 }
3113
3114 protected function showFormBeforeText() {
3115 global $wgOut;
3116 $section = htmlspecialchars( $this->section );
3117 $wgOut->addHTML( <<<HTML
3118 <input type='hidden' value="{$section}" name="wpSection"/>
3119 <input type='hidden' value="{$this->starttime}" name="wpStarttime" />
3120 <input type='hidden' value="{$this->edittime}" name="wpEdittime" />
3121 <input type='hidden' value="{$this->editRevId}" name="editRevId" />
3122 <input type='hidden' value="{$this->scrolltop}" name="wpScrolltop" id="wpScrolltop" />
3123
3124 HTML
3125 );
3126 if ( !$this->checkUnicodeCompliantBrowser() ) {
3127 $wgOut->addHTML( Html::hidden( 'safemode', '1' ) );
3128 }
3129 }
3130
3131 protected function showFormAfterText() {
3132 global $wgOut, $wgUser;
3133 /**
3134 * To make it harder for someone to slip a user a page
3135 * which submits an edit form to the wiki without their
3136 * knowledge, a random token is associated with the login
3137 * session. If it's not passed back with the submission,
3138 * we won't save the page, or render user JavaScript and
3139 * CSS previews.
3140 *
3141 * For anon editors, who may not have a session, we just
3142 * include the constant suffix to prevent editing from
3143 * broken text-mangling proxies.
3144 */
3145 $wgOut->addHTML( "\n" . Html::hidden( "wpEditToken", $wgUser->getEditToken() ) . "\n" );
3146 }
3147
3148 /**
3149 * Subpage overridable method for printing the form for page content editing
3150 * By default this simply outputs wpTextbox1
3151 * Subclasses can override this to provide a custom UI for editing;
3152 * be it a form, or simply wpTextbox1 with a modified content that will be
3153 * reverse modified when extracted from the post data.
3154 * Note that this is basically the inverse for importContentFormData
3155 */
3156 protected function showContentForm() {
3157 $this->showTextbox1();
3158 }
3159
3160 /**
3161 * Method to output wpTextbox1
3162 * The $textoverride method can be used by subclasses overriding showContentForm
3163 * to pass back to this method.
3164 *
3165 * @param array $customAttribs Array of html attributes to use in the textarea
3166 * @param string $textoverride Optional text to override $this->textarea1 with
3167 */
3168 protected function showTextbox1( $customAttribs = null, $textoverride = null ) {
3169 if ( $this->wasDeletedSinceLastEdit() && $this->formtype == 'save' ) {
3170 $attribs = [ 'style' => 'display:none;' ];
3171 } else {
3172 $classes = []; // Textarea CSS
3173 if ( $this->mTitle->isProtected( 'edit' ) &&
3174 MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace() ) !== [ '' ]
3175 ) {
3176 # Is the title semi-protected?
3177 if ( $this->mTitle->isSemiProtected() ) {
3178 $classes[] = 'mw-textarea-sprotected';
3179 } else {
3180 # Then it must be protected based on static groups (regular)
3181 $classes[] = 'mw-textarea-protected';
3182 }
3183 # Is the title cascade-protected?
3184 if ( $this->mTitle->isCascadeProtected() ) {
3185 $classes[] = 'mw-textarea-cprotected';
3186 }
3187 }
3188 # Is an old revision being edited?
3189 if ( $this->isOldRev ) {
3190 $classes[] = 'mw-textarea-oldrev';
3191 }
3192
3193 $attribs = [ 'tabindex' => 1 ];
3194
3195 if ( is_array( $customAttribs ) ) {
3196 $attribs += $customAttribs;
3197 }
3198
3199 if ( count( $classes ) ) {
3200 if ( isset( $attribs['class'] ) ) {
3201 $classes[] = $attribs['class'];
3202 }
3203 $attribs['class'] = implode( ' ', $classes );
3204 }
3205 }
3206
3207 $this->showTextbox(
3208 $textoverride !== null ? $textoverride : $this->textbox1,
3209 'wpTextbox1',
3210 $attribs
3211 );
3212 }
3213
3214 protected function showTextbox2() {
3215 $this->showTextbox( $this->textbox2, 'wpTextbox2', [ 'tabindex' => 6, 'readonly' ] );
3216 }
3217
3218 protected function showTextbox( $text, $name, $customAttribs = [] ) {
3219 global $wgOut, $wgUser;
3220
3221 $wikitext = $this->safeUnicodeOutput( $text );
3222 $wikitext = $this->addNewLineAtEnd( $wikitext );
3223
3224 $attribs = $this->buildTextboxAttribs( $name, $customAttribs, $wgUser );
3225
3226 $wgOut->addHTML( Html::textarea( $name, $wikitext, $attribs ) );
3227 }
3228
3229 protected function displayPreviewArea( $previewOutput, $isOnTop = false ) {
3230 global $wgOut;
3231 $classes = [];
3232 if ( $isOnTop ) {
3233 $classes[] = 'ontop';
3234 }
3235
3236 $attribs = [ 'id' => 'wikiPreview', 'class' => implode( ' ', $classes ) ];
3237
3238 if ( $this->formtype != 'preview' ) {
3239 $attribs['style'] = 'display: none;';
3240 }
3241
3242 $wgOut->addHTML( Xml::openElement( 'div', $attribs ) );
3243
3244 if ( $this->formtype == 'preview' ) {
3245 $this->showPreview( $previewOutput );
3246 } else {
3247 // Empty content container for LivePreview
3248 $pageViewLang = $this->mTitle->getPageViewLanguage();
3249 $attribs = [ 'lang' => $pageViewLang->getHtmlCode(), 'dir' => $pageViewLang->getDir(),
3250 'class' => 'mw-content-' . $pageViewLang->getDir() ];
3251 $wgOut->addHTML( Html::rawElement( 'div', $attribs ) );
3252 }
3253
3254 $wgOut->addHTML( '</div>' );
3255
3256 if ( $this->formtype == 'diff' ) {
3257 try {
3258 $this->showDiff();
3259 } catch ( MWContentSerializationException $ex ) {
3260 $msg = $this->context->msg(
3261 'content-failed-to-parse',
3262 $this->contentModel,
3263 $this->contentFormat,
3264 $ex->getMessage()
3265 );
3266 $wgOut->addWikiText( '<div class="error">' . $msg->text() . '</div>' );
3267 }
3268 }
3269 }
3270
3271 /**
3272 * Append preview output to $wgOut.
3273 * Includes category rendering if this is a category page.
3274 *
3275 * @param string $text The HTML to be output for the preview.
3276 */
3277 protected function showPreview( $text ) {
3278 global $wgOut;
3279 if ( $this->mArticle instanceof CategoryPage ) {
3280 $this->mArticle->openShowCategory();
3281 }
3282 # This hook seems slightly odd here, but makes things more
3283 # consistent for extensions.
3284 Hooks::run( 'OutputPageBeforeHTML', [ &$wgOut, &$text ] );
3285 $wgOut->addHTML( $text );
3286 if ( $this->mArticle instanceof CategoryPage ) {
3287 $this->mArticle->closeShowCategory();
3288 }
3289 }
3290
3291 /**
3292 * Get a diff between the current contents of the edit box and the
3293 * version of the page we're editing from.
3294 *
3295 * If this is a section edit, we'll replace the section as for final
3296 * save and then make a comparison.
3297 */
3298 public function showDiff() {
3299 global $wgUser, $wgContLang, $wgOut;
3300
3301 $oldtitlemsg = 'currentrev';
3302 # if message does not exist, show diff against the preloaded default
3303 if ( $this->mTitle->getNamespace() == NS_MEDIAWIKI && !$this->mTitle->exists() ) {
3304 $oldtext = $this->mTitle->getDefaultMessageText();
3305 if ( $oldtext !== false ) {
3306 $oldtitlemsg = 'defaultmessagetext';
3307 $oldContent = $this->toEditContent( $oldtext );
3308 } else {
3309 $oldContent = null;
3310 }
3311 } else {
3312 $oldContent = $this->getCurrentContent();
3313 }
3314
3315 $textboxContent = $this->toEditContent( $this->textbox1 );
3316 if ( $this->editRevId !== null ) {
3317 $newContent = $this->page->replaceSectionAtRev(
3318 $this->section, $textboxContent, $this->summary, $this->editRevId
3319 );
3320 } else {
3321 $newContent = $this->page->replaceSectionContent(
3322 $this->section, $textboxContent, $this->summary, $this->edittime
3323 );
3324 }
3325
3326 if ( $newContent ) {
3327 Hooks::run( 'EditPageGetDiffContent', [ $this, &$newContent ] );
3328
3329 $popts = ParserOptions::newFromUserAndLang( $wgUser, $wgContLang );
3330 $newContent = $newContent->preSaveTransform( $this->mTitle, $wgUser, $popts );
3331 }
3332
3333 if ( ( $oldContent && !$oldContent->isEmpty() ) || ( $newContent && !$newContent->isEmpty() ) ) {
3334 $oldtitle = $this->context->msg( $oldtitlemsg )->parse();
3335 $newtitle = $this->context->msg( 'yourtext' )->parse();
3336
3337 if ( !$oldContent ) {
3338 $oldContent = $newContent->getContentHandler()->makeEmptyContent();
3339 }
3340
3341 if ( !$newContent ) {
3342 $newContent = $oldContent->getContentHandler()->makeEmptyContent();
3343 }
3344
3345 $de = $oldContent->getContentHandler()->createDifferenceEngine( $this->mArticle->getContext() );
3346 $de->setContent( $oldContent, $newContent );
3347
3348 $difftext = $de->getDiff( $oldtitle, $newtitle );
3349 $de->showDiffStyle();
3350 } else {
3351 $difftext = '';
3352 }
3353
3354 $wgOut->addHTML( '<div id="wikiDiff">' . $difftext . '</div>' );
3355 }
3356
3357 /**
3358 * Show the header copyright warning.
3359 */
3360 protected function showHeaderCopyrightWarning() {
3361 $msg = 'editpage-head-copy-warn';
3362 if ( !$this->context->msg( $msg )->isDisabled() ) {
3363 global $wgOut;
3364 $wgOut->wrapWikiMsg( "<div class='editpage-head-copywarn'>\n$1\n</div>",
3365 'editpage-head-copy-warn' );
3366 }
3367 }
3368
3369 /**
3370 * Give a chance for site and per-namespace customizations of
3371 * terms of service summary link that might exist separately
3372 * from the copyright notice.
3373 *
3374 * This will display between the save button and the edit tools,
3375 * so should remain short!
3376 */
3377 protected function showTosSummary() {
3378 $msg = 'editpage-tos-summary';
3379 Hooks::run( 'EditPageTosSummary', [ $this->mTitle, &$msg ] );
3380 if ( !$this->context->msg( $msg )->isDisabled() ) {
3381 global $wgOut;
3382 $wgOut->addHTML( '<div class="mw-tos-summary">' );
3383 $wgOut->addWikiMsg( $msg );
3384 $wgOut->addHTML( '</div>' );
3385 }
3386 }
3387
3388 protected function showEditTools() {
3389 global $wgOut;
3390 $wgOut->addHTML( '<div class="mw-editTools">' .
3391 $this->context->msg( 'edittools' )->inContentLanguage()->parse() .
3392 '</div>' );
3393 }
3394
3395 /**
3396 * Get the copyright warning
3397 *
3398 * Renamed to getCopyrightWarning(), old name kept around for backwards compatibility
3399 * @return string
3400 */
3401 protected function getCopywarn() {
3402 return self::getCopyrightWarning( $this->mTitle );
3403 }
3404
3405 /**
3406 * Get the copyright warning, by default returns wikitext
3407 *
3408 * @param Title $title
3409 * @param string $format Output format, valid values are any function of a Message object
3410 * @param Language|string|null $langcode Language code or Language object.
3411 * @return string
3412 */
3413 public static function getCopyrightWarning( $title, $format = 'plain', $langcode = null ) {
3414 global $wgRightsText;
3415 if ( $wgRightsText ) {
3416 $copywarnMsg = [ 'copyrightwarning',
3417 '[[' . wfMessage( 'copyrightpage' )->inContentLanguage()->text() . ']]',
3418 $wgRightsText ];
3419 } else {
3420 $copywarnMsg = [ 'copyrightwarning2',
3421 '[[' . wfMessage( 'copyrightpage' )->inContentLanguage()->text() . ']]' ];
3422 }
3423 // Allow for site and per-namespace customization of contribution/copyright notice.
3424 Hooks::run( 'EditPageCopyrightWarning', [ $title, &$copywarnMsg ] );
3425
3426 $msg = call_user_func_array( 'wfMessage', $copywarnMsg )->title( $title );
3427 if ( $langcode ) {
3428 $msg->inLanguage( $langcode );
3429 }
3430 return "<div id=\"editpage-copywarn\">\n" .
3431 $msg->$format() . "\n</div>";
3432 }
3433
3434 /**
3435 * Get the Limit report for page previews
3436 *
3437 * @since 1.22
3438 * @param ParserOutput $output ParserOutput object from the parse
3439 * @return string HTML
3440 */
3441 public static function getPreviewLimitReport( $output ) {
3442 if ( !$output || !$output->getLimitReportData() ) {
3443 return '';
3444 }
3445
3446 $limitReport = Html::rawElement( 'div', [ 'class' => 'mw-limitReportExplanation' ],
3447 wfMessage( 'limitreport-title' )->parseAsBlock()
3448 );
3449
3450 // Show/hide animation doesn't work correctly on a table, so wrap it in a div.
3451 $limitReport .= Html::openElement( 'div', [ 'class' => 'preview-limit-report-wrapper' ] );
3452
3453 $limitReport .= Html::openElement( 'table', [
3454 'class' => 'preview-limit-report wikitable'
3455 ] ) .
3456 Html::openElement( 'tbody' );
3457
3458 foreach ( $output->getLimitReportData() as $key => $value ) {
3459 if ( Hooks::run( 'ParserLimitReportFormat',
3460 [ $key, &$value, &$limitReport, true, true ]
3461 ) ) {
3462 $keyMsg = wfMessage( $key );
3463 $valueMsg = wfMessage( [ "$key-value-html", "$key-value" ] );
3464 if ( !$valueMsg->exists() ) {
3465 $valueMsg = new RawMessage( '$1' );
3466 }
3467 if ( !$keyMsg->isDisabled() && !$valueMsg->isDisabled() ) {
3468 $limitReport .= Html::openElement( 'tr' ) .
3469 Html::rawElement( 'th', null, $keyMsg->parse() ) .
3470 Html::rawElement( 'td', null, $valueMsg->params( $value )->parse() ) .
3471 Html::closeElement( 'tr' );
3472 }
3473 }
3474 }
3475
3476 $limitReport .= Html::closeElement( 'tbody' ) .
3477 Html::closeElement( 'table' ) .
3478 Html::closeElement( 'div' );
3479
3480 return $limitReport;
3481 }
3482
3483 protected function showStandardInputs( &$tabindex = 2 ) {
3484 global $wgOut;
3485 $wgOut->addHTML( "<div class='editOptions'>\n" );
3486
3487 if ( $this->section != 'new' ) {
3488 $this->showSummaryInput( false, $this->summary );
3489 $wgOut->addHTML( $this->getSummaryPreview( false, $this->summary ) );
3490 }
3491
3492 $checkboxes = $this->getCheckboxes( $tabindex,
3493 [ 'minor' => $this->minoredit, 'watch' => $this->watchthis ] );
3494 $wgOut->addHTML( "<div class='editCheckboxes'>" . implode( $checkboxes, "\n" ) . "</div>\n" );
3495
3496 // Show copyright warning.
3497 $wgOut->addWikiText( $this->getCopywarn() );
3498 $wgOut->addHTML( $this->editFormTextAfterWarn );
3499
3500 $wgOut->addHTML( "<div class='editButtons'>\n" );
3501 $wgOut->addHTML( implode( $this->getEditButtons( $tabindex ), "\n" ) . "\n" );
3502
3503 $cancel = $this->getCancelLink();
3504 if ( $cancel !== '' ) {
3505 $cancel .= Html::element( 'span',
3506 [ 'class' => 'mw-editButtons-pipe-separator' ],
3507 $this->context->msg( 'pipe-separator' )->text() );
3508 }
3509
3510 $message = $this->context->msg( 'edithelppage' )->inContentLanguage()->text();
3511 $edithelpurl = Skin::makeInternalOrExternalUrl( $message );
3512 $attrs = [
3513 'target' => 'helpwindow',
3514 'href' => $edithelpurl,
3515 ];
3516 $edithelp = Html::linkButton( $this->context->msg( 'edithelp' )->text(),
3517 $attrs, [ 'mw-ui-quiet' ] ) .
3518 $this->context->msg( 'word-separator' )->escaped() .
3519 $this->context->msg( 'newwindow' )->parse();
3520
3521 $wgOut->addHTML( " <span class='cancelLink'>{$cancel}</span>\n" );
3522 $wgOut->addHTML( " <span class='editHelp'>{$edithelp}</span>\n" );
3523 $wgOut->addHTML( "</div><!-- editButtons -->\n" );
3524
3525 Hooks::run( 'EditPage::showStandardInputs:options', [ $this, $wgOut, &$tabindex ] );
3526
3527 $wgOut->addHTML( "</div><!-- editOptions -->\n" );
3528 }
3529
3530 /**
3531 * Show an edit conflict. textbox1 is already shown in showEditForm().
3532 * If you want to use another entry point to this function, be careful.
3533 */
3534 protected function showConflict() {
3535 global $wgOut;
3536
3537 // Avoid PHP 7.1 warning of passing $this by reference
3538 $editPage = $this;
3539 if ( Hooks::run( 'EditPageBeforeConflictDiff', [ &$editPage, &$wgOut ] ) ) {
3540 $this->incrementConflictStats();
3541
3542 $wgOut->wrapWikiMsg( '<h2>$1</h2>', "yourdiff" );
3543
3544 $content1 = $this->toEditContent( $this->textbox1 );
3545 $content2 = $this->toEditContent( $this->textbox2 );
3546
3547 $handler = ContentHandler::getForModelID( $this->contentModel );
3548 $de = $handler->createDifferenceEngine( $this->mArticle->getContext() );
3549 $de->setContent( $content2, $content1 );
3550 $de->showDiff(
3551 $this->context->msg( 'yourtext' )->parse(),
3552 $this->context->msg( 'storedversion' )->text()
3553 );
3554
3555 $wgOut->wrapWikiMsg( '<h2>$1</h2>', "yourtext" );
3556 $this->showTextbox2();
3557 }
3558 }
3559
3560 protected function incrementConflictStats() {
3561 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
3562 $stats->increment( 'edit.failures.conflict' );
3563 // Only include 'standard' namespaces to avoid creating unknown numbers of statsd metrics
3564 if (
3565 $this->mTitle->getNamespace() >= NS_MAIN &&
3566 $this->mTitle->getNamespace() <= NS_CATEGORY_TALK
3567 ) {
3568 $stats->increment( 'edit.failures.conflict.byNamespaceId.' . $this->mTitle->getNamespace() );
3569 }
3570 }
3571
3572 /**
3573 * @return string
3574 */
3575 public function getCancelLink() {
3576 $cancelParams = [];
3577 $linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer();
3578 if ( !$this->isConflict && $this->oldid > 0 ) {
3579 $cancelParams['oldid'] = $this->oldid;
3580 } elseif ( $this->getContextTitle()->isRedirect() ) {
3581 $cancelParams['redirect'] = 'no';
3582 }
3583 $attrs = [ 'id' => 'mw-editform-cancel' ];
3584
3585 return $linkRenderer->makeKnownLink(
3586 $this->getContextTitle(),
3587 new HtmlArmor( $this->context->msg( 'cancel' )->parse() ),
3588 Html::buttonAttributes( $attrs, [ 'mw-ui-quiet' ] ),
3589 $cancelParams
3590 );
3591 }
3592
3593 /**
3594 * Returns the URL to use in the form's action attribute.
3595 * This is used by EditPage subclasses when simply customizing the action
3596 * variable in the constructor is not enough. This can be used when the
3597 * EditPage lives inside of a Special page rather than a custom page action.
3598 *
3599 * @param Title $title Title object for which is being edited (where we go to for &action= links)
3600 * @return string
3601 */
3602 protected function getActionURL( Title $title ) {
3603 return $title->getLocalURL( [ 'action' => $this->action ] );
3604 }
3605
3606 /**
3607 * Check if a page was deleted while the user was editing it, before submit.
3608 * Note that we rely on the logging table, which hasn't been always there,
3609 * but that doesn't matter, because this only applies to brand new
3610 * deletes.
3611 * @return bool
3612 */
3613 protected function wasDeletedSinceLastEdit() {
3614 if ( $this->deletedSinceEdit !== null ) {
3615 return $this->deletedSinceEdit;
3616 }
3617
3618 $this->deletedSinceEdit = false;
3619
3620 if ( !$this->mTitle->exists() && $this->mTitle->isDeletedQuick() ) {
3621 $this->lastDelete = $this->getLastDelete();
3622 if ( $this->lastDelete ) {
3623 $deleteTime = wfTimestamp( TS_MW, $this->lastDelete->log_timestamp );
3624 if ( $deleteTime > $this->starttime ) {
3625 $this->deletedSinceEdit = true;
3626 }
3627 }
3628 }
3629
3630 return $this->deletedSinceEdit;
3631 }
3632
3633 /**
3634 * @return bool|stdClass
3635 */
3636 protected function getLastDelete() {
3637 $dbr = wfGetDB( DB_REPLICA );
3638 $data = $dbr->selectRow(
3639 [ 'logging', 'user' ],
3640 [
3641 'log_type',
3642 'log_action',
3643 'log_timestamp',
3644 'log_user',
3645 'log_namespace',
3646 'log_title',
3647 'log_comment',
3648 'log_params',
3649 'log_deleted',
3650 'user_name'
3651 ], [
3652 'log_namespace' => $this->mTitle->getNamespace(),
3653 'log_title' => $this->mTitle->getDBkey(),
3654 'log_type' => 'delete',
3655 'log_action' => 'delete',
3656 'user_id=log_user'
3657 ],
3658 __METHOD__,
3659 [ 'LIMIT' => 1, 'ORDER BY' => 'log_timestamp DESC' ]
3660 );
3661 // Quick paranoid permission checks...
3662 if ( is_object( $data ) ) {
3663 if ( $data->log_deleted & LogPage::DELETED_USER ) {
3664 $data->user_name = $this->context->msg( 'rev-deleted-user' )->escaped();
3665 }
3666
3667 if ( $data->log_deleted & LogPage::DELETED_COMMENT ) {
3668 $data->log_comment = $this->context->msg( 'rev-deleted-comment' )->escaped();
3669 }
3670 }
3671
3672 return $data;
3673 }
3674
3675 /**
3676 * Get the rendered text for previewing.
3677 * @throws MWException
3678 * @return string
3679 */
3680 public function getPreviewText() {
3681 global $wgOut, $wgRawHtml, $wgLang;
3682 global $wgAllowUserCss, $wgAllowUserJs;
3683
3684 if ( $wgRawHtml && !$this->mTokenOk ) {
3685 // Could be an offsite preview attempt. This is very unsafe if
3686 // HTML is enabled, as it could be an attack.
3687 $parsedNote = '';
3688 if ( $this->textbox1 !== '' ) {
3689 // Do not put big scary notice, if previewing the empty
3690 // string, which happens when you initially edit
3691 // a category page, due to automatic preview-on-open.
3692 $parsedNote = $wgOut->parse( "<div class='previewnote'>" .
3693 $this->context->msg( 'session_fail_preview_html' )->text() . "</div>",
3694 true, /* interface */true );
3695 }
3696 $this->incrementEditFailureStats( 'session_loss' );
3697 return $parsedNote;
3698 }
3699
3700 $note = '';
3701
3702 try {
3703 $content = $this->toEditContent( $this->textbox1 );
3704
3705 $previewHTML = '';
3706 if ( !Hooks::run(
3707 'AlternateEditPreview',
3708 [ $this, &$content, &$previewHTML, &$this->mParserOutput ] )
3709 ) {
3710 return $previewHTML;
3711 }
3712
3713 # provide a anchor link to the editform
3714 $continueEditing = '<span class="mw-continue-editing">' .
3715 '[[#' . self::EDITFORM_ID . '|' . $wgLang->getArrow() . ' ' .
3716 $this->context->msg( 'continue-editing' )->text() . ']]</span>';
3717 if ( $this->mTriedSave && !$this->mTokenOk ) {
3718 if ( $this->mTokenOkExceptSuffix ) {
3719 $note = $this->context->msg( 'token_suffix_mismatch' )->plain();
3720 $this->incrementEditFailureStats( 'bad_token' );
3721 } else {
3722 $note = $this->context->msg( 'session_fail_preview' )->plain();
3723 $this->incrementEditFailureStats( 'session_loss' );
3724 }
3725 } elseif ( $this->incompleteForm ) {
3726 $note = $this->context->msg( 'edit_form_incomplete' )->plain();
3727 if ( $this->mTriedSave ) {
3728 $this->incrementEditFailureStats( 'incomplete_form' );
3729 }
3730 } else {
3731 $note = $this->context->msg( 'previewnote' )->plain() . ' ' . $continueEditing;
3732 }
3733
3734 # don't parse non-wikitext pages, show message about preview
3735 if ( $this->mTitle->isCssJsSubpage() || $this->mTitle->isCssOrJsPage() ) {
3736 if ( $this->mTitle->isCssJsSubpage() ) {
3737 $level = 'user';
3738 } elseif ( $this->mTitle->isCssOrJsPage() ) {
3739 $level = 'site';
3740 } else {
3741 $level = false;
3742 }
3743
3744 if ( $content->getModel() == CONTENT_MODEL_CSS ) {
3745 $format = 'css';
3746 if ( $level === 'user' && !$wgAllowUserCss ) {
3747 $format = false;
3748 }
3749 } elseif ( $content->getModel() == CONTENT_MODEL_JAVASCRIPT ) {
3750 $format = 'js';
3751 if ( $level === 'user' && !$wgAllowUserJs ) {
3752 $format = false;
3753 }
3754 } else {
3755 $format = false;
3756 }
3757
3758 # Used messages to make sure grep find them:
3759 # Messages: usercsspreview, userjspreview, sitecsspreview, sitejspreview
3760 if ( $level && $format ) {
3761 $note = "<div id='mw-{$level}{$format}preview'>" .
3762 $this->context->msg( "{$level}{$format}preview" )->text() .
3763 ' ' . $continueEditing . "</div>";
3764 }
3765 }
3766
3767 # If we're adding a comment, we need to show the
3768 # summary as the headline
3769 if ( $this->section === "new" && $this->summary !== "" ) {
3770 $content = $content->addSectionHeader( $this->summary );
3771 }
3772
3773 $hook_args = [ $this, &$content ];
3774 Hooks::run( 'EditPageGetPreviewContent', $hook_args );
3775
3776 $parserResult = $this->doPreviewParse( $content );
3777 $parserOutput = $parserResult['parserOutput'];
3778 $previewHTML = $parserResult['html'];
3779 $this->mParserOutput = $parserOutput;
3780 $wgOut->addParserOutputMetadata( $parserOutput );
3781
3782 if ( count( $parserOutput->getWarnings() ) ) {
3783 $note .= "\n\n" . implode( "\n\n", $parserOutput->getWarnings() );
3784 }
3785
3786 } catch ( MWContentSerializationException $ex ) {
3787 $m = $this->context->msg(
3788 'content-failed-to-parse',
3789 $this->contentModel,
3790 $this->contentFormat,
3791 $ex->getMessage()
3792 );
3793 $note .= "\n\n" . $m->parse();
3794 $previewHTML = '';
3795 }
3796
3797 if ( $this->isConflict ) {
3798 $conflict = '<h2 id="mw-previewconflict">'
3799 . $this->context->msg( 'previewconflict' )->escaped() . "</h2>\n";
3800 } else {
3801 $conflict = '<hr />';
3802 }
3803
3804 $previewhead = "<div class='previewnote'>\n" .
3805 '<h2 id="mw-previewheader">' . $this->context->msg( 'preview' )->escaped() . "</h2>" .
3806 $wgOut->parse( $note, true, /* interface */true ) . $conflict . "</div>\n";
3807
3808 $pageViewLang = $this->mTitle->getPageViewLanguage();
3809 $attribs = [ 'lang' => $pageViewLang->getHtmlCode(), 'dir' => $pageViewLang->getDir(),
3810 'class' => 'mw-content-' . $pageViewLang->getDir() ];
3811 $previewHTML = Html::rawElement( 'div', $attribs, $previewHTML );
3812
3813 return $previewhead . $previewHTML . $this->previewTextAfterContent;
3814 }
3815
3816 private function incrementEditFailureStats( $failureType ) {
3817 $stats = MediaWikiServices::getInstance()->getStatsdDataFactory();
3818 $stats->increment( 'edit.failures.' . $failureType );
3819 }
3820
3821 /**
3822 * Get parser options for a preview
3823 * @return ParserOptions
3824 */
3825 protected function getPreviewParserOptions() {
3826 $parserOptions = $this->page->makeParserOptions( $this->mArticle->getContext() );
3827 $parserOptions->setIsPreview( true );
3828 $parserOptions->setIsSectionPreview( !is_null( $this->section ) && $this->section !== '' );
3829 $parserOptions->enableLimitReport();
3830 return $parserOptions;
3831 }
3832
3833 /**
3834 * Parse the page for a preview. Subclasses may override this class, in order
3835 * to parse with different options, or to otherwise modify the preview HTML.
3836 *
3837 * @param Content $content The page content
3838 * @return array with keys:
3839 * - parserOutput: The ParserOutput object
3840 * - html: The HTML to be displayed
3841 */
3842 protected function doPreviewParse( Content $content ) {
3843 global $wgUser;
3844 $parserOptions = $this->getPreviewParserOptions();
3845 $pstContent = $content->preSaveTransform( $this->mTitle, $wgUser, $parserOptions );
3846 $scopedCallback = $parserOptions->setupFakeRevision(
3847 $this->mTitle, $pstContent, $wgUser );
3848 $parserOutput = $pstContent->getParserOutput( $this->mTitle, null, $parserOptions );
3849 ScopedCallback::consume( $scopedCallback );
3850 $parserOutput->setEditSectionTokens( false ); // no section edit links
3851 return [
3852 'parserOutput' => $parserOutput,
3853 'html' => $parserOutput->getText() ];
3854 }
3855
3856 /**
3857 * @return array
3858 */
3859 public function getTemplates() {
3860 if ( $this->preview || $this->section != '' ) {
3861 $templates = [];
3862 if ( !isset( $this->mParserOutput ) ) {
3863 return $templates;
3864 }
3865 foreach ( $this->mParserOutput->getTemplates() as $ns => $template ) {
3866 foreach ( array_keys( $template ) as $dbk ) {
3867 $templates[] = Title::makeTitle( $ns, $dbk );
3868 }
3869 }
3870 return $templates;
3871 } else {
3872 return $this->mTitle->getTemplateLinksFrom();
3873 }
3874 }
3875
3876 /**
3877 * Shows a bulletin board style toolbar for common editing functions.
3878 * It can be disabled in the user preferences.
3879 *
3880 * @param Title $title Title object for the page being edited (optional)
3881 * @return string
3882 */
3883 public static function getEditToolbar( $title = null ) {
3884 global $wgContLang, $wgOut;
3885 global $wgEnableUploads, $wgForeignFileRepos;
3886
3887 $imagesAvailable = $wgEnableUploads || count( $wgForeignFileRepos );
3888 $showSignature = true;
3889 if ( $title ) {
3890 $showSignature = MWNamespace::wantSignatures( $title->getNamespace() );
3891 }
3892
3893 /**
3894 * $toolarray is an array of arrays each of which includes the
3895 * opening tag, the closing tag, optionally a sample text that is
3896 * inserted between the two when no selection is highlighted
3897 * and. The tip text is shown when the user moves the mouse
3898 * over the button.
3899 *
3900 * Images are defined in ResourceLoaderEditToolbarModule.
3901 */
3902 $toolarray = [
3903 [
3904 'id' => 'mw-editbutton-bold',
3905 'open' => '\'\'\'',
3906 'close' => '\'\'\'',
3907 'sample' => wfMessage( 'bold_sample' )->text(),
3908 'tip' => wfMessage( 'bold_tip' )->text(),
3909 ],
3910 [
3911 'id' => 'mw-editbutton-italic',
3912 'open' => '\'\'',
3913 'close' => '\'\'',
3914 'sample' => wfMessage( 'italic_sample' )->text(),
3915 'tip' => wfMessage( 'italic_tip' )->text(),
3916 ],
3917 [
3918 'id' => 'mw-editbutton-link',
3919 'open' => '[[',
3920 'close' => ']]',
3921 'sample' => wfMessage( 'link_sample' )->text(),
3922 'tip' => wfMessage( 'link_tip' )->text(),
3923 ],
3924 [
3925 'id' => 'mw-editbutton-extlink',
3926 'open' => '[',
3927 'close' => ']',
3928 'sample' => wfMessage( 'extlink_sample' )->text(),
3929 'tip' => wfMessage( 'extlink_tip' )->text(),
3930 ],
3931 [
3932 'id' => 'mw-editbutton-headline',
3933 'open' => "\n== ",
3934 'close' => " ==\n",
3935 'sample' => wfMessage( 'headline_sample' )->text(),
3936 'tip' => wfMessage( 'headline_tip' )->text(),
3937 ],
3938 $imagesAvailable ? [
3939 'id' => 'mw-editbutton-image',
3940 'open' => '[[' . $wgContLang->getNsText( NS_FILE ) . ':',
3941 'close' => ']]',
3942 'sample' => wfMessage( 'image_sample' )->text(),
3943 'tip' => wfMessage( 'image_tip' )->text(),
3944 ] : false,
3945 $imagesAvailable ? [
3946 'id' => 'mw-editbutton-media',
3947 'open' => '[[' . $wgContLang->getNsText( NS_MEDIA ) . ':',
3948 'close' => ']]',
3949 'sample' => wfMessage( 'media_sample' )->text(),
3950 'tip' => wfMessage( 'media_tip' )->text(),
3951 ] : false,
3952 [
3953 'id' => 'mw-editbutton-nowiki',
3954 'open' => "<nowiki>",
3955 'close' => "</nowiki>",
3956 'sample' => wfMessage( 'nowiki_sample' )->text(),
3957 'tip' => wfMessage( 'nowiki_tip' )->text(),
3958 ],
3959 $showSignature ? [
3960 'id' => 'mw-editbutton-signature',
3961 'open' => wfMessage( 'sig-text', '~~~~' )->inContentLanguage()->text(),
3962 'close' => '',
3963 'sample' => '',
3964 'tip' => wfMessage( 'sig_tip' )->text(),
3965 ] : false,
3966 [
3967 'id' => 'mw-editbutton-hr',
3968 'open' => "\n----\n",
3969 'close' => '',
3970 'sample' => '',
3971 'tip' => wfMessage( 'hr_tip' )->text(),
3972 ]
3973 ];
3974
3975 $script = 'mw.loader.using("mediawiki.toolbar", function () {';
3976 foreach ( $toolarray as $tool ) {
3977 if ( !$tool ) {
3978 continue;
3979 }
3980
3981 $params = [
3982 // Images are defined in ResourceLoaderEditToolbarModule
3983 false,
3984 // Note that we use the tip both for the ALT tag and the TITLE tag of the image.
3985 // Older browsers show a "speedtip" type message only for ALT.
3986 // Ideally these should be different, realistically they
3987 // probably don't need to be.
3988 $tool['tip'],
3989 $tool['open'],
3990 $tool['close'],
3991 $tool['sample'],
3992 $tool['id'],
3993 ];
3994
3995 $script .= Xml::encodeJsCall(
3996 'mw.toolbar.addButton',
3997 $params,
3998 ResourceLoader::inDebugMode()
3999 );
4000 }
4001
4002 $script .= '});';
4003 $wgOut->addScript( ResourceLoader::makeInlineScript( $script ) );
4004
4005 $toolbar = '<div id="toolbar"></div>';
4006
4007 Hooks::run( 'EditPageBeforeEditToolbar', [ &$toolbar ] );
4008
4009 return $toolbar;
4010 }
4011
4012 /**
4013 * Returns an array of html code of the following checkboxes:
4014 * minor and watch
4015 *
4016 * @param int $tabindex Current tabindex
4017 * @param array $checked Array of checkbox => bool, where bool indicates the checked
4018 * status of the checkbox
4019 *
4020 * @return array
4021 */
4022 public function getCheckboxes( &$tabindex, $checked ) {
4023 global $wgUser, $wgUseMediaWikiUIEverywhere;
4024
4025 $checkboxes = [];
4026
4027 // don't show the minor edit checkbox if it's a new page or section
4028 if ( !$this->isNew ) {
4029 $checkboxes['minor'] = '';
4030 $minorLabel = $this->context->msg( 'minoredit' )->parse();
4031 if ( $wgUser->isAllowed( 'minoredit' ) ) {
4032 $attribs = [
4033 'tabindex' => ++$tabindex,
4034 'accesskey' => $this->context->msg( 'accesskey-minoredit' )->text(),
4035 'id' => 'wpMinoredit',
4036 ];
4037 $minorEditHtml =
4038 Xml::check( 'wpMinoredit', $checked['minor'], $attribs ) .
4039 "&#160;<label for='wpMinoredit' id='mw-editpage-minoredit'" .
4040 Xml::expandAttributes( [ 'title' => Linker::titleAttrib( 'minoredit', 'withaccess' ) ] ) .
4041 ">{$minorLabel}</label>";
4042
4043 if ( $wgUseMediaWikiUIEverywhere ) {
4044 $checkboxes['minor'] = Html::openElement( 'div', [ 'class' => 'mw-ui-checkbox' ] ) .
4045 $minorEditHtml .
4046 Html::closeElement( 'div' );
4047 } else {
4048 $checkboxes['minor'] = $minorEditHtml;
4049 }
4050 }
4051 }
4052
4053 $watchLabel = $this->context->msg( 'watchthis' )->parse();
4054 $checkboxes['watch'] = '';
4055 if ( $wgUser->isLoggedIn() ) {
4056 $attribs = [
4057 'tabindex' => ++$tabindex,
4058 'accesskey' => $this->context->msg( 'accesskey-watch' )->text(),
4059 'id' => 'wpWatchthis',
4060 ];
4061 $watchThisHtml =
4062 Xml::check( 'wpWatchthis', $checked['watch'], $attribs ) .
4063 "&#160;<label for='wpWatchthis' id='mw-editpage-watch'" .
4064 Xml::expandAttributes( [ 'title' => Linker::titleAttrib( 'watch', 'withaccess' ) ] ) .
4065 ">{$watchLabel}</label>";
4066 if ( $wgUseMediaWikiUIEverywhere ) {
4067 $checkboxes['watch'] = Html::openElement( 'div', [ 'class' => 'mw-ui-checkbox' ] ) .
4068 $watchThisHtml .
4069 Html::closeElement( 'div' );
4070 } else {
4071 $checkboxes['watch'] = $watchThisHtml;
4072 }
4073 }
4074
4075 // Avoid PHP 7.1 warning of passing $this by reference
4076 $editPage = $this;
4077 Hooks::run( 'EditPageBeforeEditChecks', [ &$editPage, &$checkboxes, &$tabindex ] );
4078 return $checkboxes;
4079 }
4080
4081 /**
4082 * Returns an array of html code of the following buttons:
4083 * save, diff and preview
4084 *
4085 * @param int $tabindex Current tabindex
4086 *
4087 * @return array
4088 */
4089 public function getEditButtons( &$tabindex ) {
4090 $buttons = [];
4091
4092 $labelAsPublish =
4093 $this->mArticle->getContext()->getConfig()->get( 'EditSubmitButtonLabelPublish' );
4094
4095 // Can't use $this->isNew as that's also true if we're adding a new section to an extant page
4096 if ( $labelAsPublish ) {
4097 $buttonLabelKey = !$this->mTitle->exists() ? 'publishpage' : 'publishchanges';
4098 } else {
4099 $buttonLabelKey = !$this->mTitle->exists() ? 'savearticle' : 'savechanges';
4100 }
4101 $buttonLabel = $this->context->msg( $buttonLabelKey )->text();
4102 $attribs = [
4103 'id' => 'wpSave',
4104 'name' => 'wpSave',
4105 'tabindex' => ++$tabindex,
4106 ] + Linker::tooltipAndAccesskeyAttribs( 'save' );
4107 $buttons['save'] = Html::submitButton( $buttonLabel, $attribs, [ 'mw-ui-progressive' ] );
4108
4109 ++$tabindex; // use the same for preview and live preview
4110 $attribs = [
4111 'id' => 'wpPreview',
4112 'name' => 'wpPreview',
4113 'tabindex' => $tabindex,
4114 ] + Linker::tooltipAndAccesskeyAttribs( 'preview' );
4115 $buttons['preview'] = Html::submitButton( $this->context->msg( 'showpreview' )->text(),
4116 $attribs );
4117
4118 $attribs = [
4119 'id' => 'wpDiff',
4120 'name' => 'wpDiff',
4121 'tabindex' => ++$tabindex,
4122 ] + Linker::tooltipAndAccesskeyAttribs( 'diff' );
4123 $buttons['diff'] = Html::submitButton( $this->context->msg( 'showdiff' )->text(),
4124 $attribs );
4125
4126 // Avoid PHP 7.1 warning of passing $this by reference
4127 $editPage = $this;
4128 Hooks::run( 'EditPageBeforeEditButtons', [ &$editPage, &$buttons, &$tabindex ] );
4129 return $buttons;
4130 }
4131
4132 /**
4133 * Creates a basic error page which informs the user that
4134 * they have attempted to edit a nonexistent section.
4135 */
4136 public function noSuchSectionPage() {
4137 global $wgOut;
4138
4139 $wgOut->prepareErrorPage( $this->context->msg( 'nosuchsectiontitle' ) );
4140
4141 $res = $this->context->msg( 'nosuchsectiontext', $this->section )->parseAsBlock();
4142
4143 // Avoid PHP 7.1 warning of passing $this by reference
4144 $editPage = $this;
4145 Hooks::run( 'EditPageNoSuchSection', [ &$editPage, &$res ] );
4146 $wgOut->addHTML( $res );
4147
4148 $wgOut->returnToMain( false, $this->mTitle );
4149 }
4150
4151 /**
4152 * Show "your edit contains spam" page with your diff and text
4153 *
4154 * @param string|array|bool $match Text (or array of texts) which triggered one or more filters
4155 */
4156 public function spamPageWithContent( $match = false ) {
4157 global $wgOut, $wgLang;
4158 $this->textbox2 = $this->textbox1;
4159
4160 if ( is_array( $match ) ) {
4161 $match = $wgLang->listToText( $match );
4162 }
4163 $wgOut->prepareErrorPage( $this->context->msg( 'spamprotectiontitle' ) );
4164
4165 $wgOut->addHTML( '<div id="spamprotected">' );
4166 $wgOut->addWikiMsg( 'spamprotectiontext' );
4167 if ( $match ) {
4168 $wgOut->addWikiMsg( 'spamprotectionmatch', wfEscapeWikiText( $match ) );
4169 }
4170 $wgOut->addHTML( '</div>' );
4171
4172 $wgOut->wrapWikiMsg( '<h2>$1</h2>', "yourdiff" );
4173 $this->showDiff();
4174
4175 $wgOut->wrapWikiMsg( '<h2>$1</h2>', "yourtext" );
4176 $this->showTextbox2();
4177
4178 $wgOut->addReturnTo( $this->getContextTitle(), [ 'action' => 'edit' ] );
4179 }
4180
4181 /**
4182 * Check if the browser is on a blacklist of user-agents known to
4183 * mangle UTF-8 data on form submission. Returns true if Unicode
4184 * should make it through, false if it's known to be a problem.
4185 * @return bool
4186 */
4187 private function checkUnicodeCompliantBrowser() {
4188 global $wgBrowserBlackList, $wgRequest;
4189
4190 $currentbrowser = $wgRequest->getHeader( 'User-Agent' );
4191 if ( $currentbrowser === false ) {
4192 // No User-Agent header sent? Trust it by default...
4193 return true;
4194 }
4195
4196 foreach ( $wgBrowserBlackList as $browser ) {
4197 if ( preg_match( $browser, $currentbrowser ) ) {
4198 return false;
4199 }
4200 }
4201 return true;
4202 }
4203
4204 /**
4205 * Filter an input field through a Unicode de-armoring process if it
4206 * came from an old browser with known broken Unicode editing issues.
4207 *
4208 * @param WebRequest $request
4209 * @param string $field
4210 * @return string
4211 */
4212 protected function safeUnicodeInput( $request, $field ) {
4213 $text = rtrim( $request->getText( $field ) );
4214 return $request->getBool( 'safemode' )
4215 ? $this->unmakeSafe( $text )
4216 : $text;
4217 }
4218
4219 /**
4220 * Filter an output field through a Unicode armoring process if it is
4221 * going to an old browser with known broken Unicode editing issues.
4222 *
4223 * @param string $text
4224 * @return string
4225 */
4226 protected function safeUnicodeOutput( $text ) {
4227 return $this->checkUnicodeCompliantBrowser()
4228 ? $text
4229 : $this->makeSafe( $text );
4230 }
4231
4232 /**
4233 * A number of web browsers are known to corrupt non-ASCII characters
4234 * in a UTF-8 text editing environment. To protect against this,
4235 * detected browsers will be served an armored version of the text,
4236 * with non-ASCII chars converted to numeric HTML character references.
4237 *
4238 * Preexisting such character references will have a 0 added to them
4239 * to ensure that round-trips do not alter the original data.
4240 *
4241 * @param string $invalue
4242 * @return string
4243 */
4244 private function makeSafe( $invalue ) {
4245 // Armor existing references for reversibility.
4246 $invalue = strtr( $invalue, [ "&#x" => "&#x0" ] );
4247
4248 $bytesleft = 0;
4249 $result = "";
4250 $working = 0;
4251 $valueLength = strlen( $invalue );
4252 for ( $i = 0; $i < $valueLength; $i++ ) {
4253 $bytevalue = ord( $invalue[$i] );
4254 if ( $bytevalue <= 0x7F ) { // 0xxx xxxx
4255 $result .= chr( $bytevalue );
4256 $bytesleft = 0;
4257 } elseif ( $bytevalue <= 0xBF ) { // 10xx xxxx
4258 $working = $working << 6;
4259 $working += ( $bytevalue & 0x3F );
4260 $bytesleft--;
4261 if ( $bytesleft <= 0 ) {
4262 $result .= "&#x" . strtoupper( dechex( $working ) ) . ";";
4263 }
4264 } elseif ( $bytevalue <= 0xDF ) { // 110x xxxx
4265 $working = $bytevalue & 0x1F;
4266 $bytesleft = 1;
4267 } elseif ( $bytevalue <= 0xEF ) { // 1110 xxxx
4268 $working = $bytevalue & 0x0F;
4269 $bytesleft = 2;
4270 } else { // 1111 0xxx
4271 $working = $bytevalue & 0x07;
4272 $bytesleft = 3;
4273 }
4274 }
4275 return $result;
4276 }
4277
4278 /**
4279 * Reverse the previously applied transliteration of non-ASCII characters
4280 * back to UTF-8. Used to protect data from corruption by broken web browsers
4281 * as listed in $wgBrowserBlackList.
4282 *
4283 * @param string $invalue
4284 * @return string
4285 */
4286 private function unmakeSafe( $invalue ) {
4287 $result = "";
4288 $valueLength = strlen( $invalue );
4289 for ( $i = 0; $i < $valueLength; $i++ ) {
4290 if ( ( substr( $invalue, $i, 3 ) == "&#x" ) && ( $invalue[$i + 3] != '0' ) ) {
4291 $i += 3;
4292 $hexstring = "";
4293 do {
4294 $hexstring .= $invalue[$i];
4295 $i++;
4296 } while ( ctype_xdigit( $invalue[$i] ) && ( $i < strlen( $invalue ) ) );
4297
4298 // Do some sanity checks. These aren't needed for reversibility,
4299 // but should help keep the breakage down if the editor
4300 // breaks one of the entities whilst editing.
4301 if ( ( substr( $invalue, $i, 1 ) == ";" ) && ( strlen( $hexstring ) <= 6 ) ) {
4302 $codepoint = hexdec( $hexstring );
4303 $result .= UtfNormal\Utils::codepointToUtf8( $codepoint );
4304 } else {
4305 $result .= "&#x" . $hexstring . substr( $invalue, $i, 1 );
4306 }
4307 } else {
4308 $result .= substr( $invalue, $i, 1 );
4309 }
4310 }
4311 // reverse the transform that we made for reversibility reasons.
4312 return strtr( $result, [ "&#x0" => "&#x" ] );
4313 }
4314
4315 /**
4316 * @since 1.29
4317 */
4318 protected function addEditNotices() {
4319 global $wgOut;
4320
4321 $editNotices = $this->mTitle->getEditNotices( $this->oldid );
4322 if ( count( $editNotices ) ) {
4323 $wgOut->addHTML( implode( "\n", $editNotices ) );
4324 } else {
4325 $msg = $this->context->msg( 'editnotice-notext' );
4326 if ( !$msg->isDisabled() ) {
4327 $wgOut->addHTML(
4328 '<div class="mw-editnotice-notext">'
4329 . $msg->parseAsBlock()
4330 . '</div>'
4331 );
4332 }
4333 }
4334 }
4335
4336 /**
4337 * @since 1.29
4338 */
4339 protected function addTalkPageText() {
4340 global $wgOut;
4341
4342 if ( $this->mTitle->isTalkPage() ) {
4343 $wgOut->addWikiMsg( 'talkpagetext' );
4344 }
4345 }
4346
4347 /**
4348 * @since 1.29
4349 */
4350 protected function addLongPageWarningHeader() {
4351 global $wgMaxArticleSize, $wgOut, $wgLang;
4352
4353 if ( $this->contentLength === false ) {
4354 $this->contentLength = strlen( $this->textbox1 );
4355 }
4356
4357 if ( $this->tooBig || $this->contentLength > $wgMaxArticleSize * 1024 ) {
4358 $wgOut->wrapWikiMsg( "<div class='error' id='mw-edit-longpageerror'>\n$1\n</div>",
4359 [
4360 'longpageerror',
4361 $wgLang->formatNum( round( $this->contentLength / 1024, 3 ) ),
4362 $wgLang->formatNum( $wgMaxArticleSize )
4363 ]
4364 );
4365 } else {
4366 if ( !$this->context->msg( 'longpage-hint' )->isDisabled() ) {
4367 $wgOut->wrapWikiMsg( "<div id='mw-edit-longpage-hint'>\n$1\n</div>",
4368 [
4369 'longpage-hint',
4370 $wgLang->formatSize( strlen( $this->textbox1 ) ),
4371 strlen( $this->textbox1 )
4372 ]
4373 );
4374 }
4375 }
4376 }
4377
4378 /**
4379 * @since 1.29
4380 */
4381 protected function addPageProtectionWarningHeaders() {
4382 global $wgOut;
4383
4384 if ( $this->mTitle->isProtected( 'edit' ) &&
4385 MWNamespace::getRestrictionLevels( $this->mTitle->getNamespace() ) !== [ '' ]
4386 ) {
4387 # Is the title semi-protected?
4388 if ( $this->mTitle->isSemiProtected() ) {
4389 $noticeMsg = 'semiprotectedpagewarning';
4390 } else {
4391 # Then it must be protected based on static groups (regular)
4392 $noticeMsg = 'protectedpagewarning';
4393 }
4394 LogEventsList::showLogExtract( $wgOut, 'protect', $this->mTitle, '',
4395 [ 'lim' => 1, 'msgKey' => [ $noticeMsg ] ] );
4396 }
4397 if ( $this->mTitle->isCascadeProtected() ) {
4398 # Is this page under cascading protection from some source pages?
4399 /** @var Title[] $cascadeSources */
4400 list( $cascadeSources, /* $restrictions */ ) = $this->mTitle->getCascadeProtectionSources();
4401 $notice = "<div class='mw-cascadeprotectedwarning'>\n$1\n";
4402 $cascadeSourcesCount = count( $cascadeSources );
4403 if ( $cascadeSourcesCount > 0 ) {
4404 # Explain, and list the titles responsible
4405 foreach ( $cascadeSources as $page ) {
4406 $notice .= '* [[:' . $page->getPrefixedText() . "]]\n";
4407 }
4408 }
4409 $notice .= '</div>';
4410 $wgOut->wrapWikiMsg( $notice, [ 'cascadeprotectedwarning', $cascadeSourcesCount ] );
4411 }
4412 if ( !$this->mTitle->exists() && $this->mTitle->getRestrictions( 'create' ) ) {
4413 LogEventsList::showLogExtract( $wgOut, 'protect', $this->mTitle, '',
4414 [ 'lim' => 1,
4415 'showIfEmpty' => false,
4416 'msgKey' => [ 'titleprotectedwarning' ],
4417 'wrap' => "<div class=\"mw-titleprotectedwarning\">\n$1</div>" ] );
4418 }
4419 }
4420
4421 /**
4422 * @param OutputPage $out
4423 * @since 1.29
4424 */
4425 protected function addExplainConflictHeader( OutputPage $out ) {
4426 $out->wrapWikiMsg( "<div class='mw-explainconflict'>\n$1\n</div>", 'explainconflict' );
4427 }
4428
4429 /**
4430 * @param string $name
4431 * @param mixed[] $customAttribs
4432 * @param User $user
4433 * @return mixed[]
4434 * @since 1.29
4435 */
4436 protected function buildTextboxAttribs( $name, array $customAttribs, User $user ) {
4437 $attribs = $customAttribs + [
4438 'accesskey' => ',',
4439 'id' => $name,
4440 'cols' => 80,
4441 'rows' => 25,
4442 // Avoid PHP notices when appending preferences
4443 // (appending allows customAttribs['style'] to still work).
4444 'style' => ''
4445 ];
4446
4447 // The following classes can be used here:
4448 // * mw-editfont-default
4449 // * mw-editfont-monospace
4450 // * mw-editfont-sans-serif
4451 // * mw-editfont-serif
4452 $class = 'mw-editfont-' . $user->getOption( 'editfont' );
4453
4454 if ( isset( $attribs['class'] ) ) {
4455 if ( is_string( $attribs['class'] ) ) {
4456 $attribs['class'] .= ' ' . $class;
4457 } elseif ( is_array( $attribs['class'] ) ) {
4458 $attribs['class'][] = $class;
4459 }
4460 } else {
4461 $attribs['class'] = $class;
4462 }
4463
4464 $pageLang = $this->mTitle->getPageLanguage();
4465 $attribs['lang'] = $pageLang->getHtmlCode();
4466 $attribs['dir'] = $pageLang->getDir();
4467
4468 return $attribs;
4469 }
4470
4471 /**
4472 * @param string $wikitext
4473 * @return string
4474 * @since 1.29
4475 */
4476 protected function addNewLineAtEnd( $wikitext ) {
4477 if ( strval( $wikitext ) !== '' ) {
4478 // Ensure there's a newline at the end, otherwise adding lines
4479 // is awkward.
4480 // But don't add a newline if the text is empty, or Firefox in XHTML
4481 // mode will show an extra newline. A bit annoying.
4482 $wikitext .= "\n";
4483 return $wikitext;
4484 }
4485 return $wikitext;
4486 }
4487 }
MediaWiki Core