User::isSafeToLoad() should return false if MW_NO_SESSION
[mediawiki.git] / includes / AjaxDispatcher.php
blob91422385a2254499c0269082abb1079751a86d9d
1 <?php
2 /**
3 * Handle ajax requests and send them to the proper handler.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
21 * @ingroup Ajax
24 /**
25 * @defgroup Ajax Ajax
28 /**
29 * Object-Oriented Ajax functions.
30 * @ingroup Ajax
32 class AjaxDispatcher {
33 /**
34 * The way the request was made, either a 'get' or a 'post'
35 * @var string $mode
37 private $mode;
39 /**
40 * Name of the requested handler
41 * @var string $func_name
43 private $func_name;
45 /** Arguments passed
46 * @var array $args
48 private $args;
50 /**
51 * @var Config
53 private $config;
55 /**
56 * Load up our object with user supplied data
58 function __construct( Config $config ) {
59 $this->config = $config;
61 $this->mode = "";
63 if ( !empty( $_GET["rs"] ) ) {
64 $this->mode = "get";
67 if ( !empty( $_POST["rs"] ) ) {
68 $this->mode = "post";
71 switch ( $this->mode ) {
72 case 'get':
73 $this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
74 if ( !empty( $_GET["rsargs"] ) ) {
75 $this->args = $_GET["rsargs"];
76 } else {
77 $this->args = [];
79 break;
80 case 'post':
81 $this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
82 if ( !empty( $_POST["rsargs"] ) ) {
83 $this->args = $_POST["rsargs"];
84 } else {
85 $this->args = [];
87 break;
88 default:
89 return;
90 # Or we could throw an exception:
91 # throw new MWException( __METHOD__ . ' called without any data (mode empty).' );
96 /**
97 * Pass the request to our internal function.
98 * BEWARE! Data are passed as they have been supplied by the user,
99 * they should be carefully handled in the function processing the
100 * request.
102 * @param User $user
104 function performAction( User $user ) {
105 if ( empty( $this->mode ) ) {
106 return;
109 if ( !in_array( $this->func_name, $this->config->get( 'AjaxExportList' ) ) ) {
110 wfDebug( __METHOD__ . ' Bad Request for unknown function ' . $this->func_name . "\n" );
111 wfHttpError(
112 400,
113 'Bad Request',
114 "unknown function " . $this->func_name
116 } elseif ( !User::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) {
117 wfHttpError(
118 403,
119 'Forbidden',
120 'You are not allowed to view pages.' );
121 } else {
122 wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" );
123 try {
124 $result = call_user_func_array( $this->func_name, $this->args );
126 if ( $result === false || $result === null ) {
127 wfDebug( __METHOD__ . ' ERROR while dispatching ' .
128 $this->func_name . "(" . var_export( $this->args, true ) . "): " .
129 "no data returned\n" );
131 wfHttpError( 500, 'Internal Error',
132 "{$this->func_name} returned no data" );
133 } else {
134 if ( is_string( $result ) ) {
135 $result = new AjaxResponse( $result );
138 // Make sure DB commit succeeds before sending a response
139 wfGetLBFactory()->commitMasterChanges( __METHOD__ );
141 $result->sendHeaders();
142 $result->printText();
144 wfDebug( __METHOD__ . ' dispatch complete for ' . $this->func_name . "\n" );
146 } catch ( Exception $e ) {
147 wfDebug( __METHOD__ . ' ERROR while dispatching ' .
148 $this->func_name . "(" . var_export( $this->args, true ) . "): " .
149 get_class( $e ) . ": " . $e->getMessage() . "\n" );
151 if ( !headers_sent() ) {
152 wfHttpError( 500, 'Internal Error',
153 $e->getMessage() );
154 } else {
155 print $e->getMessage();