Merge "Whitelist the <wbr> element."
[mediawiki.git] / includes / api / ApiFormatBase.php
blobb89fb3a730a499e724b905ddc5a2ddbd0f72dbb8
1 <?php
2 /**
5 * Created on Sep 19, 2006
7 * Copyright © 2006 Yuri Astrakhan "<Firstname><Lastname>@gmail.com"
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
24 * @file
27 /**
28 * This is the abstract base class for API formatters.
30 * @ingroup API
32 abstract class ApiFormatBase extends ApiBase {
34 private $mIsHtml, $mFormat, $mUnescapeAmps, $mHelp, $mCleared;
35 private $mBufferResult = false, $mBuffer, $mDisabled = false;
37 /**
38 * Constructor
39 * If $format ends with 'fm', pretty-print the output in HTML.
40 * @param $main ApiMain
41 * @param string $format Format name
43 public function __construct( $main, $format ) {
44 parent::__construct( $main, $format );
46 $this->mIsHtml = ( substr( $format, - 2, 2 ) === 'fm' ); // ends with 'fm'
47 if ( $this->mIsHtml ) {
48 $this->mFormat = substr( $format, 0, - 2 ); // remove ending 'fm'
49 } else {
50 $this->mFormat = $format;
52 $this->mFormat = strtoupper( $this->mFormat );
53 $this->mCleared = false;
56 /**
57 * Overriding class returns the mime type that should be sent to the client.
58 * This method is not called if getIsHtml() returns true.
59 * @return string
61 abstract public function getMimeType();
63 /**
64 * Whether this formatter needs raw data such as _element tags
65 * @return bool
67 public function getNeedsRawData() {
68 return false;
71 /**
72 * Get the internal format name
73 * @return string
75 public function getFormat() {
76 return $this->mFormat;
79 /**
80 * Specify whether or not sequences like &amp;quot; should be unescaped
81 * to &quot; . This should only be set to true for the help message
82 * when rendered in the default (xmlfm) format. This is a temporary
83 * special-case fix that should be removed once the help has been
84 * reworked to use a fully HTML interface.
86 * @param bool $b Whether or not ampersands should be escaped.
88 public function setUnescapeAmps( $b ) {
89 $this->mUnescapeAmps = $b;
92 /**
93 * Returns true when the HTML pretty-printer should be used.
94 * The default implementation assumes that formats ending with 'fm'
95 * should be formatted in HTML.
96 * @return bool
98 public function getIsHtml() {
99 return $this->mIsHtml;
103 * Whether this formatter can format the help message in a nice way.
104 * By default, this returns the same as getIsHtml().
105 * When action=help is set explicitly, the help will always be shown
106 * @return bool
108 public function getWantsHelp() {
109 return $this->getIsHtml();
113 * Disable the formatter completely. This causes calls to initPrinter(),
114 * printText() and closePrinter() to be ignored.
116 public function disable() {
117 $this->mDisabled = true;
120 public function isDisabled() {
121 return $this->mDisabled;
125 * Initialize the printer function and prepare the output headers, etc.
126 * This method must be the first outputting method during execution.
127 * A human-targeted notice about available formats is printed for the HTML-based output,
128 * except for help screens (caused by either an error in the API parameters,
129 * the calling of action=help, or requesting the root script api.php).
130 * @param bool $isHelpScreen Whether a help screen is going to be shown
132 function initPrinter( $isHelpScreen ) {
133 if ( $this->mDisabled ) {
134 return;
136 $isHtml = $this->getIsHtml();
137 $mime = $isHtml ? 'text/html' : $this->getMimeType();
138 $script = wfScript( 'api' );
140 // Some printers (ex. Feed) do their own header settings,
141 // in which case $mime will be set to null
142 if ( is_null( $mime ) ) {
143 return; // skip any initialization
146 $this->getMain()->getRequest()->response()->header( "Content-Type: $mime; charset=utf-8" );
148 //Set X-Frame-Options API results (bug 39180)
149 global $wgApiFrameOptions;
150 if ( $wgApiFrameOptions ) {
151 $this->getMain()->getRequest()->response()->header( "X-Frame-Options: $wgApiFrameOptions" );
154 if ( $isHtml ) {
156 <!DOCTYPE HTML>
157 <html>
158 <head>
159 <?php if ( $this->mUnescapeAmps ) {
160 ?> <title>MediaWiki API</title>
161 <?php } else {
162 ?> <title>MediaWiki API Result</title>
163 <?php } ?>
164 </head>
165 <body>
166 <?php
169 if ( !$isHelpScreen ) {
171 <br />
172 <small>
173 You are looking at the HTML representation of the <?php echo $this->mFormat; ?> format.<br />
174 HTML is good for debugging, but is unsuitable for application use.<br />
175 Specify the format parameter to change the output format.<br />
176 To see the non HTML representation of the <?php echo $this->mFormat; ?> format, set format=<?php echo strtolower( $this->mFormat ); ?>.<br />
177 See the <a href='https://www.mediawiki.org/wiki/API'>complete documentation</a>, or
178 <a href='<?php echo $script; ?>'>API help</a> for more information.
179 </small>
180 <pre style='white-space: pre-wrap;'>
181 <?php
184 } else { // don't wrap the contents of the <pre> for help screens
185 // because these are actually formatted to rely on
186 // the monospaced font for layout purposes
188 <pre>
189 <?php
196 * Finish printing. Closes HTML tags.
198 public function closePrinter() {
199 if ( $this->mDisabled ) {
200 return;
202 if ( $this->getIsHtml() ) {
205 </pre>
206 </body>
207 </html>
208 <?php
215 * The main format printing function. Call it to output the result
216 * string to the user. This function will automatically output HTML
217 * when format name ends in 'fm'.
218 * @param $text string
220 public function printText( $text ) {
221 if ( $this->mDisabled ) {
222 return;
224 if ( $this->mBufferResult ) {
225 $this->mBuffer = $text;
226 } elseif ( $this->getIsHtml() ) {
227 echo $this->formatHTML( $text );
228 } else {
229 // For non-HTML output, clear all errors that might have been
230 // displayed if display_errors=On
231 // Do this only once, of course
232 if ( !$this->mCleared ) {
233 ob_clean();
234 $this->mCleared = true;
236 echo $text;
241 * Get the contents of the buffer.
243 public function getBuffer() {
244 return $this->mBuffer;
248 * Set the flag to buffer the result instead of printing it.
249 * @param $value bool
251 public function setBufferResult( $value ) {
252 $this->mBufferResult = $value;
256 * Sets whether the pretty-printer should format *bold*
257 * @param $help bool
259 public function setHelp( $help = true ) {
260 $this->mHelp = $help;
264 * Pretty-print various elements in HTML format, such as xml tags and
265 * URLs. This method also escapes characters like <
266 * @param $text string
267 * @return string
269 protected function formatHTML( $text ) {
270 // Escape everything first for full coverage
271 $text = htmlspecialchars( $text );
272 // encode all comments or tags as safe blue strings
273 $text = str_replace( '&lt;', '<span style="color:blue;">&lt;', $text );
274 $text = str_replace( '&gt;', '&gt;</span>', $text );
275 // identify requests to api.php
276 $text = preg_replace( "#api\\.php\\?[^ <\n\t]+#", '<a href="\\0">\\0</a>', $text );
277 if ( $this->mHelp ) {
278 // make strings inside * bold
279 $text = preg_replace( "#\\*[^<>\n]+\\*#", '<b>\\0</b>', $text );
281 // identify URLs
282 $protos = wfUrlProtocolsWithoutProtRel();
283 // This regex hacks around bug 13218 (&quot; included in the URL)
284 $text = preg_replace( "#(((?i)$protos).*?)(&quot;)?([ \\'\"<>\n]|&lt;|&gt;|&quot;)#", '<a href="\\1">\\1</a>\\3\\4', $text );
287 * Temporary fix for bad links in help messages. As a special case,
288 * XML-escaped metachars are de-escaped one level in the help message
289 * for legibility. Should be removed once we have completed a fully-HTML
290 * version of the help message.
292 if ( $this->mUnescapeAmps ) {
293 $text = preg_replace( '/&amp;(amp|quot|lt|gt);/', '&\1;', $text );
296 return $text;
299 public function getExamples() {
300 return array(
301 'api.php?action=query&meta=siteinfo&siprop=namespaces&format=' . $this->getModuleName()
302 => "Format the query result in the {$this->getModuleName()} format",
306 public function getHelpUrls() {
307 return 'https://www.mediawiki.org/wiki/API:Data_formats';
310 public function getDescription() {
311 return $this->getIsHtml() ? ' (pretty-print in HTML)' : '';
316 * This printer is used to wrap an instance of the Feed class
317 * @ingroup API
319 class ApiFormatFeedWrapper extends ApiFormatBase {
321 public function __construct( $main ) {
322 parent::__construct( $main, 'feed' );
326 * Call this method to initialize output data. See execute()
327 * @param $result ApiResult
328 * @param $feed object an instance of one of the $wgFeedClasses classes
329 * @param array $feedItems of FeedItem objects
331 public static function setResult( $result, $feed, $feedItems ) {
332 // Store output in the Result data.
333 // This way we can check during execution if any error has occurred
334 // Disable size checking for this because we can't continue
335 // cleanly; size checking would cause more problems than it'd
336 // solve
337 $result->disableSizeCheck();
338 $result->addValue( null, '_feed', $feed );
339 $result->addValue( null, '_feeditems', $feedItems );
340 $result->enableSizeCheck();
344 * Feed does its own headers
346 * @return null
348 public function getMimeType() {
349 return null;
353 * Optimization - no need to sanitize data that will not be needed
355 * @return bool
357 public function getNeedsRawData() {
358 return true;
362 * This class expects the result data to be in a custom format set by self::setResult()
363 * $result['_feed'] - an instance of one of the $wgFeedClasses classes
364 * $result['_feeditems'] - an array of FeedItem instances
366 public function execute() {
367 $data = $this->getResultData();
368 if ( isset( $data['_feed'] ) && isset( $data['_feeditems'] ) ) {
369 $feed = $data['_feed'];
370 $items = $data['_feeditems'];
372 $feed->outHeader();
373 foreach ( $items as & $item ) {
374 $feed->outItem( $item );
376 $feed->outFooter();
377 } else {
378 // Error has occurred, print something useful
379 ApiBase::dieDebug( __METHOD__, 'Invalid feed class/item' );