search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Localisation updates from https://translatewiki.net.
[mediawiki.git] / includes / specialpage / FormSpecialPage.php
blob582cbd5a4a8480fed13c775cb3ad384339947ec8
1 <?php
2 /**
3 * Special page which uses an HTMLForm to handle processing.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
19 *
20 * @file
21 * @ingroup SpecialPage
22 */
23
24 namespace MediaWiki\SpecialPage;
25
26 use MediaWiki\Context\DerivativeContext;
27 use MediaWiki\Debug\MWDebug;
28 use MediaWiki\HTMLForm\HTMLForm;
29 use MediaWiki\Request\DerivativeRequest;
30 use MediaWiki\Status\Status;
31 use MediaWiki\User\User;
32 use UserBlockedError;
33
34 /**
35 * Special page which uses an HTMLForm to handle processing. This is mostly a
36 * clone of FormAction. More special pages should be built this way; maybe this could be
37 * a new structure for SpecialPages.
38 *
39 * @ingroup SpecialPage
40 */
41 abstract class FormSpecialPage extends SpecialPage {
42 /**
43 * The subpage of the special page.
44 * @var string|null
45 */
46 protected $par = null;
47
48 /**
49 * @var array|null POST data preserved across re-authentication
50 * @since 1.32
51 */
52 protected $reauthPostData = null;
53
54 /**
55 * Get an HTMLForm descriptor array
56 * @return array
57 */
58 abstract protected function getFormFields();
59
60 /**
61 * Add pre-HTML to the form
62 * @return string HTML which will be sent to $form->addPreHtml()
63 * @since 1.38
64 */
65 protected function preHtml() {
66 return '';
67 }
68
69 /**
70 * Add post-HTML to the form
71 * @return string HTML which will be sent to $form->addPostHtml()
72 * @since 1.38
73 */
74 protected function postHtml() {
75 return '';
76 }
77
78 /**
79 * Add pre-text to the form
80 * @return string HTML which will be sent to $form->addPreHtml()
81 * @deprecated since 1.38, use preHtml() instead, hard-deprecated since 1.43
82 */
83 protected function preText() {
84 wfDeprecated( __METHOD__, '1.38' );
85 return $this->preHtml();
86 }
87
88 /**
89 * Add post-text to the form
90 * @return string HTML which will be sent to $form->addPostHtml()
91 * @deprecated since 1.38, use postHtml() instead, hard-deprecated since 1.43
92 */
93 protected function postText() {
94 wfDeprecated( __METHOD__, '1.38' );
95 return $this->postHtml();
96 }
97
98 /**
99 * Play with the HTMLForm if you need to more substantially
100 * @param HTMLForm $form
101 */
102 protected function alterForm( HTMLForm $form ) {
103 }
104
105 /**
106 * Get message prefix for HTMLForm
107 *
108 * @since 1.21
109 * @return string
110 */
111 protected function getMessagePrefix() {
112 return strtolower( $this->getName() );
113 }
114
115 /**
116 * Get display format for the form. See HTMLForm documentation for available values.
117 *
118 * @since 1.25
119 * @return string
120 */
121 protected function getDisplayFormat() {
122 return 'table';
123 }
124
125 /**
126 * Get the HTMLForm to control behavior
127 * @return HTMLForm|null
128 */
129 protected function getForm() {
130 $context = $this->getContext();
131 $onSubmit = [ $this, 'onSubmit' ];
132
133 if ( $this->reauthPostData ) {
134 // Restore POST data
135 $context = new DerivativeContext( $context );
136 $oldRequest = $this->getRequest();
137 $context->setRequest( new DerivativeRequest(
138 $oldRequest, $this->reauthPostData + $oldRequest->getQueryValues(), true
139 ) );
140
141 // But don't treat it as a "real" submission just in case of some
142 // crazy kind of CSRF.
143 $onSubmit = static function () {
144 return false;
145 };
146 }
147
148 $form = HTMLForm::factory(
149 $this->getDisplayFormat(),
150 $this->getFormFields(),
151 $context,
152 $this->getMessagePrefix()
153 );
154 if ( !$this->requiresPost() ) {
155 $form->setMethod( 'get' );
156 }
157 $form->setSubmitCallback( $onSubmit );
158 if ( $this->getDisplayFormat() !== 'ooui' ) {
159 // No legend and wrapper by default in OOUI forms, but can be set manually
160 // from alterForm()
161 $form->setWrapperLegendMsg( $this->getMessagePrefix() . '-legend' );
162 }
163
164 $headerMsg = $this->msg( $this->getMessagePrefix() . '-text' );
165 if ( !$headerMsg->isDisabled() ) {
166 $form->addHeaderHtml( $headerMsg->parseAsBlock() );
167 }
168
169 // preText / postText are deprecated, but we need to keep calling them until the end of
170 // the deprecation process so a subclass overriding *Text and *Html both work
171 $form->addPreHtml( MWDebug::detectDeprecatedOverride( $this, __CLASS__, 'preText', '1.38' )
172 ? $this->preText()
173 : $this->preHtml()
174 );
175 $form->addPostHtml( MWDebug::detectDeprecatedOverride( $this, __CLASS__, 'postText', '1.38' )
176 ? $this->postText()
177 : $this->postHtml()
178 );
179
180 // Give precedence to subpage syntax
181 $field = $this->getSubpageField();
182 // cast to string so that "0" is not thrown away
183 if ( strval( $this->par ) !== '' && $field ) {
184 $this->getRequest()->setVal( $form->getField( $field )->getName(), $this->par );
185 $form->setTitle( $this->getPageTitle() );
186 }
187 $this->alterForm( $form );
188 if ( $form->getMethod() == 'post' ) {
189 // Retain query parameters (uselang etc) on POST requests
190 $params = array_diff_key(
191 $this->getRequest()->getQueryValues(), [ 'title' => null ] );
192 $form->addHiddenField( 'redirectparams', wfArrayToCgi( $params ) );
193 }
194
195 // Give hooks a chance to alter the form, adding extra fields or text etc
196 $this->getHookRunner()->onSpecialPageBeforeFormDisplay( $this->getName(), $form );
197
198 return $form;
199 }
200
201 /**
202 * Process the form on submission.
203 * @phpcs:disable MediaWiki.Commenting.FunctionComment.ExtraParamComment
204 * @param array $data
205 * @param HTMLForm|null $form
206 * @suppress PhanCommentParamWithoutRealParam Many implementations don't have $form
207 * @return bool|string|array|Status As documented for HTMLForm::trySubmit.
208 * @phpcs:enable MediaWiki.Commenting.FunctionComment.ExtraParamComment
209 */
210 abstract public function onSubmit( array $data /* HTMLForm $form = null */ );
211
212 /**
213 * Do something exciting on successful processing of the form, most likely to show a
214 * confirmation message
215 * @since 1.22 Default is to do nothing
216 */
217 public function onSuccess() {
218 }
219
220 /**
221 * Basic SpecialPage workflow: get a form, send it to the user; get some data back,
222 *
223 * @param string|null $par Subpage string if one was specified
224 */
225 public function execute( $par ) {
226 $this->setParameter( $par );
227 $this->setHeaders();
228 $this->outputHeader();
229
230 // This will throw exceptions if there's a problem
231 $this->checkExecutePermissions( $this->getUser() );
232
233 $securityLevel = $this->getLoginSecurityLevel();
234 if ( $securityLevel !== false && !$this->checkLoginSecurityLevel( $securityLevel ) ) {
235 return;
236 }
237
238 $form = $this->getForm();
239 // GET forms can be set as includable
240 if ( !$this->including() ) {
241 $result = $this->getShowAlways() ? $form->showAlways() : $form->show();
242 } else {
243 $result = $form->prepareForm()->tryAuthorizedSubmit();
244 }
245 if ( $result === true || ( $result instanceof Status && $result->isGood() ) ) {
246 $this->onSuccess();
247 }
248 }
249
250 /**
251 * Whether the form should always be shown despite the success of submission.
252 * @since 1.40
253 * @return bool
254 */
255 protected function getShowAlways() {
256 return false;
257 }
258
259 /**
260 * Maybe do something interesting with the subpage parameter
261 * @param string|null $par
262 */
263 protected function setParameter( $par ) {
264 $this->par = $par;
265 }
266
267 /**
268 * Override this function to set the field name used in the subpage syntax.
269 * @since 1.40
270 * @return false|string
271 */
272 protected function getSubpageField() {
273 return false;
274 }
275
276 /**
277 * Called from execute() to check if the given user can perform this action.
278 * Failures here must throw subclasses of ErrorPageError.
279 * @param User $user
280 * @throws UserBlockedError
281 */
282 protected function checkExecutePermissions( User $user ) {
283 $this->checkPermissions();
284
285 if ( $this->requiresUnblock() ) {
286 $block = $user->getBlock();
287 if ( $block && $block->isSitewide() ) {
288 throw new UserBlockedError(
289 $block,
290 $user,
291 $this->getLanguage(),
292 $this->getRequest()->getIP()
293 );
294 }
295 }
296
297 if ( $this->requiresWrite() ) {
298 $this->checkReadOnly();
299 }
300 }
301
302 /**
303 * Whether this action should using POST method to submit, default to true
304 * @since 1.40
305 * @return bool
306 */
307 public function requiresPost() {
308 return true;
309 }
310
311 /**
312 * Whether this action requires the wiki not to be locked, default to requiresPost()
313 * @return bool
314 */
315 public function requiresWrite() {
316 return $this->requiresPost();
317 }
318
319 /**
320 * Whether this action cannot be executed by a blocked user, default to requiresPost()
321 * @return bool
322 */
323 public function requiresUnblock() {
324 return $this->requiresPost();
325 }
326
327 /**
328 * Preserve POST data across reauthentication
329 *
330 * @since 1.32
331 * @param array $data
332 */
333 protected function setReauthPostData( array $data ) {
334 $this->reauthPostData = $data;
335 }
336 }
337
338 /** @deprecated class alias since 1.41 */
339 class_alias( FormSpecialPage::class, 'FormSpecialPage' );
MediaWiki Core