Whitelist the <wbr> element.
[mediawiki.git] / includes / Wiki.php
blobcb0f60ac529ecb9cc48b528dd983744f0bb4cb67
1 <?php
2 /**
3 * Helper class for the index.php entry point.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
23 /**
24 * The MediaWiki class is the helper class for the index.php entry point.
26 * @internal documentation reviewed 15 Mar 2010
28 class MediaWiki {
30 /**
31 * TODO: fold $output, etc, into this
32 * @var IContextSource
34 private $context;
36 /**
37 * @param $x null|WebRequest
38 * @return WebRequest
40 public function request( WebRequest $x = null ) {
41 $old = $this->context->getRequest();
42 $this->context->setRequest( $x );
43 return $old;
46 /**
47 * @param $x null|OutputPage
48 * @return OutputPage
50 public function output( OutputPage $x = null ) {
51 $old = $this->context->getOutput();
52 $this->context->setOutput( $x );
53 return $old;
56 /**
57 * @param IContextSource|null $context
59 public function __construct( IContextSource $context = null ) {
60 if ( !$context ) {
61 $context = RequestContext::getMain();
64 $this->context = $context;
67 /**
68 * Parse the request to get the Title object
70 * @return Title object to be $wgTitle
72 private function parseTitle() {
73 global $wgContLang;
75 $request = $this->context->getRequest();
76 $curid = $request->getInt( 'curid' );
77 $title = $request->getVal( 'title' );
78 $action = $request->getVal( 'action', 'view' );
80 if ( $request->getCheck( 'search' ) ) {
81 // Compatibility with old search URLs which didn't use Special:Search
82 // Just check for presence here, so blank requests still
83 // show the search page when using ugly URLs (bug 8054).
84 $ret = SpecialPage::getTitleFor( 'Search' );
85 } elseif ( $curid ) {
86 // URLs like this are generated by RC, because rc_title isn't always accurate
87 $ret = Title::newFromID( $curid );
88 } elseif ( $title == '' && $action != 'delete' ) {
89 $ret = Title::newMainPage();
90 } else {
91 $ret = Title::newFromURL( $title );
92 // Alias NS_MEDIA page URLs to NS_FILE...we only use NS_MEDIA
93 // in wikitext links to tell Parser to make a direct file link
94 if ( !is_null( $ret ) && $ret->getNamespace() == NS_MEDIA ) {
95 $ret = Title::makeTitle( NS_FILE, $ret->getDBkey() );
97 // Check variant links so that interwiki links don't have to worry
98 // about the possible different language variants
99 if ( count( $wgContLang->getVariants() ) > 1
100 && !is_null( $ret ) && $ret->getArticleID() == 0 )
102 $wgContLang->findVariantLink( $title, $ret );
105 // For non-special titles, check for implicit titles
106 if ( is_null( $ret ) || !$ret->isSpecialPage() ) {
107 // We can have urls with just ?diff=,?oldid= or even just ?diff=
108 $oldid = $request->getInt( 'oldid' );
109 $oldid = $oldid ? $oldid : $request->getInt( 'diff' );
110 // Allow oldid to override a changed or missing title
111 if ( $oldid ) {
112 $rev = Revision::newFromId( $oldid );
113 $ret = $rev ? $rev->getTitle() : $ret;
117 if ( $ret === null || ( $ret->getDBkey() == '' && $ret->getInterwiki() == '' ) ) {
118 $ret = SpecialPage::getTitleFor( 'Badtitle' );
121 return $ret;
125 * Get the Title object that we'll be acting on, as specified in the WebRequest
126 * @return Title
128 public function getTitle() {
129 if ( $this->context->getTitle() === null ) {
130 $this->context->setTitle( $this->parseTitle() );
132 return $this->context->getTitle();
136 * Returns the name of the action that will be executed.
138 * @return string: action
140 public function getAction() {
141 static $action = null;
143 if ( $action === null ) {
144 $action = Action::getActionName( $this->context );
147 return $action;
151 * Create an Article object of the appropriate class for the given page.
153 * @deprecated in 1.18; use Article::newFromTitle() instead
154 * @param $title Title
155 * @param $context IContextSource
156 * @return Article object
158 public static function articleFromTitle( $title, IContextSource $context ) {
159 wfDeprecated( __METHOD__, '1.18' );
160 return Article::newFromTitle( $title, $context );
164 * Performs the request.
165 * - bad titles
166 * - read restriction
167 * - local interwiki redirects
168 * - redirect loop
169 * - special pages
170 * - normal pages
172 * @throws MWException|PermissionsError|BadTitleError|HttpError
173 * @return void
175 private function performRequest() {
176 global $wgServer, $wgUsePathInfo, $wgTitle;
178 wfProfileIn( __METHOD__ );
180 $request = $this->context->getRequest();
181 $requestTitle = $title = $this->context->getTitle();
182 $output = $this->context->getOutput();
183 $user = $this->context->getUser();
185 if ( $request->getVal( 'printable' ) === 'yes' ) {
186 $output->setPrintable();
189 $unused = null; // To pass it by reference
190 wfRunHooks( 'BeforeInitialize', array( &$title, &$unused, &$output, &$user, $request, $this ) );
192 // Invalid titles. Bug 21776: The interwikis must redirect even if the page name is empty.
193 if ( is_null( $title ) || ( $title->getDBkey() == '' && $title->getInterwiki() == '' ) ||
194 $title->isSpecial( 'Badtitle' ) )
196 $this->context->setTitle( SpecialPage::getTitleFor( 'Badtitle' ) );
197 wfProfileOut( __METHOD__ );
198 throw new BadTitleError();
201 // Check user's permissions to read this page.
202 // We have to check here to catch special pages etc.
203 // We will check again in Article::view().
204 $permErrors = $title->getUserPermissionsErrors( 'read', $user );
205 if ( count( $permErrors ) ) {
206 // Bug 32276: allowing the skin to generate output with $wgTitle or
207 // $this->context->title set to the input title would allow anonymous users to
208 // determine whether a page exists, potentially leaking private data. In fact, the
209 // curid and oldid request parameters would allow page titles to be enumerated even
210 // when they are not guessable. So we reset the title to Special:Badtitle before the
211 // permissions error is displayed.
213 // The skin mostly uses $this->context->getTitle() these days, but some extensions
214 // still use $wgTitle.
216 $badTitle = SpecialPage::getTitleFor( 'Badtitle' );
217 $this->context->setTitle( $badTitle );
218 $wgTitle = $badTitle;
220 wfProfileOut( __METHOD__ );
221 throw new PermissionsError( 'read', $permErrors );
224 $pageView = false; // was an article or special page viewed?
226 // Interwiki redirects
227 if ( $title->getInterwiki() != '' ) {
228 $rdfrom = $request->getVal( 'rdfrom' );
229 if ( $rdfrom ) {
230 $url = $title->getFullURL( array( 'rdfrom' => $rdfrom ) );
231 } else {
232 $query = $request->getValues();
233 unset( $query['title'] );
234 $url = $title->getFullURL( $query );
236 // Check for a redirect loop
237 if ( !preg_match( '/^' . preg_quote( $wgServer, '/' ) . '/', $url )
238 && $title->isLocal() )
240 // 301 so google et al report the target as the actual url.
241 $output->redirect( $url, 301 );
242 } else {
243 $this->context->setTitle( SpecialPage::getTitleFor( 'Badtitle' ) );
244 wfProfileOut( __METHOD__ );
245 throw new BadTitleError();
247 // Redirect loops, no title in URL, $wgUsePathInfo URLs, and URLs with a variant
248 } elseif ( $request->getVal( 'action', 'view' ) == 'view' && !$request->wasPosted()
249 && ( $request->getVal( 'title' ) === null ||
250 $title->getPrefixedDBkey() != $request->getVal( 'title' ) )
251 && !count( $request->getValueNames( array( 'action', 'title' ) ) )
252 && wfRunHooks( 'TestCanonicalRedirect', array( $request, $title, $output ) ) )
254 if ( $title->isSpecialPage() ) {
255 list( $name, $subpage ) = SpecialPageFactory::resolveAlias( $title->getDBkey() );
256 if ( $name ) {
257 $title = SpecialPage::getTitleFor( $name, $subpage );
260 $targetUrl = wfExpandUrl( $title->getFullURL(), PROTO_CURRENT );
261 // Redirect to canonical url, make it a 301 to allow caching
262 if ( $targetUrl == $request->getFullRequestURL() ) {
263 $message = "Redirect loop detected!\n\n" .
264 "This means the wiki got confused about what page was " .
265 "requested; this sometimes happens when moving a wiki " .
266 "to a new server or changing the server configuration.\n\n";
268 if ( $wgUsePathInfo ) {
269 $message .= "The wiki is trying to interpret the page " .
270 "title from the URL path portion (PATH_INFO), which " .
271 "sometimes fails depending on the web server. Try " .
272 "setting \"\$wgUsePathInfo = false;\" in your " .
273 "LocalSettings.php, or check that \$wgArticlePath " .
274 "is correct.";
275 } else {
276 $message .= "Your web server was detected as possibly not " .
277 "supporting URL path components (PATH_INFO) correctly; " .
278 "check your LocalSettings.php for a customized " .
279 "\$wgArticlePath setting and/or toggle \$wgUsePathInfo " .
280 "to true.";
282 throw new HttpError( 500, $message );
283 } else {
284 $output->setSquidMaxage( 1200 );
285 $output->redirect( $targetUrl, '301' );
287 // Special pages
288 } elseif ( NS_SPECIAL == $title->getNamespace() ) {
289 $pageView = true;
290 // Actions that need to be made when we have a special pages
291 SpecialPageFactory::executePath( $title, $this->context );
292 } else {
293 // ...otherwise treat it as an article view. The article
294 // may be a redirect to another article or URL.
295 $article = $this->initializeArticle();
296 if ( is_object( $article ) ) {
297 $pageView = true;
299 * $wgArticle is deprecated, do not use it.
300 * @deprecated since 1.18
302 global $wgArticle;
303 $wgArticle = new DeprecatedGlobal( 'wgArticle', $article, '1.18' );
305 $this->performAction( $article, $requestTitle );
306 } elseif ( is_string( $article ) ) {
307 $output->redirect( $article );
308 } else {
309 wfProfileOut( __METHOD__ );
310 throw new MWException( "Shouldn't happen: MediaWiki::initializeArticle() returned neither an object nor a URL" );
314 if ( $pageView ) {
315 // Promote user to any groups they meet the criteria for
316 $user->addAutopromoteOnceGroups( 'onView' );
319 wfProfileOut( __METHOD__ );
323 * Initialize the main Article object for "standard" actions (view, etc)
324 * Create an Article object for the page, following redirects if needed.
326 * @return mixed an Article, or a string to redirect to another URL
328 private function initializeArticle() {
329 global $wgDisableHardRedirects;
331 wfProfileIn( __METHOD__ );
333 $title = $this->context->getTitle();
334 if ( $this->context->canUseWikiPage() ) {
335 // Try to use request context wiki page, as there
336 // is already data from db saved in per process
337 // cache there from this->getAction() call.
338 $page = $this->context->getWikiPage();
339 $article = Article::newFromWikiPage( $page, $this->context );
340 } else {
341 // This case should not happen, but just in case.
342 $article = Article::newFromTitle( $title, $this->context );
343 $this->context->setWikiPage( $article->getPage() );
346 // NS_MEDIAWIKI has no redirects.
347 // It is also used for CSS/JS, so performance matters here...
348 if ( $title->getNamespace() == NS_MEDIAWIKI ) {
349 wfProfileOut( __METHOD__ );
350 return $article;
353 $request = $this->context->getRequest();
355 // Namespace might change when using redirects
356 // Check for redirects ...
357 $action = $request->getVal( 'action', 'view' );
358 $file = ( $title->getNamespace() == NS_FILE ) ? $article->getFile() : null;
359 if ( ( $action == 'view' || $action == 'render' ) // ... for actions that show content
360 && !$request->getVal( 'oldid' ) && // ... and are not old revisions
361 !$request->getVal( 'diff' ) && // ... and not when showing diff
362 $request->getVal( 'redirect' ) != 'no' && // ... unless explicitly told not to
363 // ... and the article is not a non-redirect image page with associated file
364 !( is_object( $file ) && $file->exists() && !$file->getRedirected() ) )
366 // Give extensions a change to ignore/handle redirects as needed
367 $ignoreRedirect = $target = false;
369 wfRunHooks( 'InitializeArticleMaybeRedirect',
370 array( &$title, &$request, &$ignoreRedirect, &$target, &$article ) );
372 // Follow redirects only for... redirects.
373 // If $target is set, then a hook wanted to redirect.
374 if ( !$ignoreRedirect && ( $target || $article->isRedirect() ) ) {
375 // Is the target already set by an extension?
376 $target = $target ? $target : $article->followRedirect();
377 if ( is_string( $target ) ) {
378 if ( !$wgDisableHardRedirects ) {
379 // we'll need to redirect
380 wfProfileOut( __METHOD__ );
381 return $target;
384 if ( is_object( $target ) ) {
385 // Rewrite environment to redirected article
386 $rarticle = Article::newFromTitle( $target, $this->context );
387 $rarticle->loadPageData();
388 if ( $rarticle->exists() || ( is_object( $file ) && !$file->isLocal() ) ) {
389 $rarticle->setRedirectedFrom( $title );
390 $article = $rarticle;
391 $this->context->setTitle( $target );
392 $this->context->setWikiPage( $article->getPage() );
395 } else {
396 $this->context->setTitle( $article->getTitle() );
397 $this->context->setWikiPage( $article->getPage() );
401 wfProfileOut( __METHOD__ );
402 return $article;
406 * Perform one of the "standard" actions
408 * @param $page Page
409 * @param $requestTitle The original title, before any redirects were applied
411 private function performAction( Page $page, Title $requestTitle ) {
412 global $wgUseSquid, $wgSquidMaxage;
414 wfProfileIn( __METHOD__ );
416 $request = $this->context->getRequest();
417 $output = $this->context->getOutput();
418 $title = $this->context->getTitle();
419 $user = $this->context->getUser();
421 if ( !wfRunHooks( 'MediaWikiPerformAction',
422 array( $output, $page, $title, $user, $request, $this ) ) )
424 wfProfileOut( __METHOD__ );
425 return;
428 $act = $this->getAction();
430 $action = Action::factory( $act, $page );
431 if ( $action instanceof Action ) {
432 # Let Squid cache things if we can purge them.
433 if ( $wgUseSquid &&
434 in_array( $request->getFullRequestURL(), $requestTitle->getSquidURLs() )
436 $output->setSquidMaxage( $wgSquidMaxage );
439 $action->show();
440 wfProfileOut( __METHOD__ );
441 return;
444 if ( wfRunHooks( 'UnknownAction', array( $request->getVal( 'action', 'view' ), $page ) ) ) {
445 $output->showErrorPage( 'nosuchaction', 'nosuchactiontext' );
448 wfProfileOut( __METHOD__ );
452 * Run the current MediaWiki instance
453 * index.php just calls this
455 public function run() {
456 try {
457 $this->checkMaxLag();
458 $this->main();
459 $this->restInPeace();
460 } catch ( Exception $e ) {
461 MWExceptionHandler::handle( $e );
466 * Checks if the request should abort due to a lagged server,
467 * for given maxlag parameter.
468 * @return bool
470 private function checkMaxLag() {
471 global $wgShowHostnames;
473 wfProfileIn( __METHOD__ );
474 $maxLag = $this->context->getRequest()->getVal( 'maxlag' );
475 if ( !is_null( $maxLag ) ) {
476 list( $host, $lag ) = wfGetLB()->getMaxLag();
477 if ( $lag > $maxLag ) {
478 $resp = $this->context->getRequest()->response();
479 $resp->header( 'HTTP/1.1 503 Service Unavailable' );
480 $resp->header( 'Retry-After: ' . max( intval( $maxLag ), 5 ) );
481 $resp->header( 'X-Database-Lag: ' . intval( $lag ) );
482 $resp->header( 'Content-Type: text/plain' );
483 if ( $wgShowHostnames ) {
484 echo "Waiting for $host: $lag seconds lagged\n";
485 } else {
486 echo "Waiting for a database server: $lag seconds lagged\n";
489 wfProfileOut( __METHOD__ );
491 exit;
494 wfProfileOut( __METHOD__ );
495 return true;
498 private function main() {
499 global $wgUseFileCache, $wgTitle, $wgUseAjax;
501 wfProfileIn( __METHOD__ );
503 $request = $this->context->getRequest();
505 if ( $request->getCookie( 'forceHTTPS' )
506 && $request->detectProtocol() == 'http'
507 && $request->getMethod() == 'GET'
509 $redirUrl = $request->getFullRequestURL();
510 $redirUrl = str_replace( 'http://', 'https://', $redirUrl );
512 // Setup dummy Title, otherwise OutputPage::redirect will fail
513 $title = Title::newFromText( NS_MAIN, 'REDIR' );
514 $this->context->setTitle( $title );
515 $output = $this->context->getOutput();
516 $output->redirect( $redirUrl );
517 $output->output();
518 wfProfileOut( __METHOD__ );
519 return;
522 // Send Ajax requests to the Ajax dispatcher.
523 if ( $wgUseAjax && $request->getVal( 'action', 'view' ) == 'ajax' ) {
525 // Set a dummy title, because $wgTitle == null might break things
526 $title = Title::makeTitle( NS_MAIN, 'AJAX' );
527 $this->context->setTitle( $title );
528 $wgTitle = $title;
530 $dispatcher = new AjaxDispatcher();
531 $dispatcher->performAction();
532 wfProfileOut( __METHOD__ );
533 return;
536 // Get title from request parameters,
537 // is set on the fly by parseTitle the first time.
538 $title = $this->getTitle();
539 $action = $this->getAction();
540 $wgTitle = $title;
542 if ( $wgUseFileCache && $title->getNamespace() >= 0 ) {
543 wfProfileIn( 'main-try-filecache' );
544 if ( HTMLFileCache::useFileCache( $this->context ) ) {
545 // Try low-level file cache hit
546 $cache = HTMLFileCache::newFromTitle( $title, $action );
547 if ( $cache->isCacheGood( /* Assume up to date */ ) ) {
548 // Check incoming headers to see if client has this cached
549 $timestamp = $cache->cacheTimestamp();
550 if ( !$this->context->getOutput()->checkLastModified( $timestamp ) ) {
551 $cache->loadFromFileCache( $this->context );
553 // Do any stats increment/watchlist stuff
554 $this->context->getWikiPage()->doViewUpdates( $this->context->getUser() );
555 // Tell OutputPage that output is taken care of
556 $this->context->getOutput()->disable();
557 wfProfileOut( 'main-try-filecache' );
558 wfProfileOut( __METHOD__ );
559 return;
562 wfProfileOut( 'main-try-filecache' );
565 $this->performRequest();
567 // Now commit any transactions, so that unreported errors after
568 // output() don't roll back the whole DB transaction
569 wfGetLBFactory()->commitMasterChanges();
571 // Output everything!
572 $this->context->getOutput()->output();
574 wfProfileOut( __METHOD__ );
578 * Ends this task peacefully
580 public function restInPeace() {
581 // Do any deferred jobs
582 DeferredUpdates::doUpdates( 'commit' );
584 // Execute a job from the queue
585 $this->doJobs();
587 // Log profiling data, e.g. in the database or UDP
588 wfLogProfilingData();
590 // Commit and close up!
591 $factory = wfGetLBFactory();
592 $factory->commitMasterChanges();
593 $factory->shutdown();
595 wfDebug( "Request ended normally\n" );
599 * Do a job from the job queue
601 private function doJobs() {
602 global $wgJobRunRate, $wgPhpCli, $IP;
604 if ( $wgJobRunRate <= 0 || wfReadOnly() ) {
605 return;
608 if ( $wgJobRunRate < 1 ) {
609 $max = mt_getrandmax();
610 if ( mt_rand( 0, $max ) > $max * $wgJobRunRate ) {
611 return; // the higher $wgJobRunRate, the less likely we return here
613 $n = 1;
614 } else {
615 $n = intval( $wgJobRunRate );
618 if ( !wfShellExecDisabled() && is_executable( $wgPhpCli ) ) {
619 // Start a background process to run some of the jobs.
620 // This will be asynchronous on *nix though not on Windows.
621 wfProfileIn( __METHOD__ . '-exec' );
622 $retVal = 1;
623 $cmd = wfShellWikiCmd( "$IP/maintenance/runJobs.php", array( '--maxjobs', $n ) );
624 wfShellExec( "$cmd &", $retVal );
625 wfProfileOut( __METHOD__ . '-exec' );
626 } else {
627 try {
628 // Fallback to running the jobs here while the user waits
629 $group = JobQueueGroup::singleton();
630 do {
631 $job = $group->pop( JobQueueGroup::USE_CACHE ); // job from any queue
632 if ( $job ) {
633 $output = $job->toString() . "\n";
634 $t = - microtime( true );
635 wfProfileIn( __METHOD__ . '-' . get_class( $job ) );
636 $success = $job->run();
637 wfProfileOut( __METHOD__ . '-' . get_class( $job ) );
638 $group->ack( $job ); // done
639 $t += microtime( true );
640 $t = round( $t * 1000 );
641 if ( $success === false ) {
642 $output .= "Error: " . $job->getLastError() . ", Time: $t ms\n";
643 } else {
644 $output .= "Success, Time: $t ms\n";
646 wfDebugLog( 'jobqueue', $output );
648 } while ( --$n && $job );
649 } catch ( MWException $e ) {
650 // We don't want exceptions thrown during job execution to
651 // be reported to the user since the output is already sent.
652 // Instead we just log them.
653 wfDebugLog( 'exception', $e->getLogMessage() );