Index: trunk/phase3/index.php |
— | — | @@ -3,46 +3,40 @@ |
4 | 4 | * Main wiki script; see docs/design.txt |
5 | 5 | * @package MediaWiki |
6 | 6 | */ |
7 | | -$wgRequestTime = microtime(); |
8 | 7 | |
9 | | -# getrusage() does not exist on the Window$ platform, catching this |
10 | | -if ( function_exists ( 'getrusage' ) ) { |
11 | | - $wgRUstart = getrusage(); |
12 | | -} else { |
13 | | - $wgRUstart = array(); |
14 | | -} |
15 | | - |
| 8 | +# In the beginning... |
| 9 | +require_once( "./includes/Wiki.php" ); |
| 10 | +$wgRequestTime = microtime(); |
| 11 | +$wgRUstart = MediaWiki::getRUsage(); |
16 | 12 | unset( $IP ); |
17 | | -@ini_set( 'allow_url_fopen', 0 ); # For security... |
| 13 | +MediaWiki::ckeckGlobalsVulnerability(); |
18 | 14 | |
19 | | -if ( isset( $_REQUEST['GLOBALS'] ) ) { |
20 | | - die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>'); |
21 | | -} |
22 | | - |
23 | 15 | # Valid web server entry point, enable includes. |
24 | 16 | # Please don't move this line to includes/Defines.php. This line essentially defines |
25 | 17 | # a valid entry point. If you put it in includes/Defines.php, then any script that includes |
26 | 18 | # it becomes an entry point, thereby defeating its purpose. |
27 | 19 | define( 'MEDIAWIKI', true ); |
28 | 20 | require_once( './includes/Defines.php' ); |
29 | | -@include_once( './LocalSettings.php' ); # Will die later if not included anyway |
30 | 21 | |
31 | 22 | |
32 | 23 | # Initialize MediaWiki base class |
33 | | -require_once( "includes/Wiki.php" ); |
34 | 24 | $mediaWiki = new MediaWiki(); |
35 | | - |
36 | | - |
37 | 25 | $mediaWiki->checkSetup(); |
38 | | -require_once( 'includes/Setup.php' ); # This can't be done in mdiaWiki.php for some weird reason |
39 | 26 | |
| 27 | +# These can't be done in mdiaWiki.php for some weird reason |
| 28 | +require_once( './LocalSettings.php' ); |
| 29 | +require_once( 'includes/Setup.php' ); |
| 30 | + |
40 | 31 | OutputPage::setEncodings(); # Not really used yet |
41 | 32 | |
| 33 | +$mediaWiki->setVal( "Request", $wgRequest ); |
| 34 | + |
42 | 35 | # Query string fields |
43 | | -$action = $wgRequest->getVal( 'action', 'view' ); |
44 | | -$title = $wgRequest->getVal( 'title' ); |
| 36 | +$mediaWiki->initializeActionTitle(); |
| 37 | +$action = $mediaWiki->getVal( 'action' ); # Global might be needed somewhere, sadly... |
45 | 38 | |
46 | | -$wgTitle = $mediaWiki->checkInitialQueries( $title,$action,$wgOut, $wgRequest, $wgContLang ); |
| 39 | +# Run initial queries |
| 40 | +$wgTitle = $mediaWiki->checkInitialQueries( $wgOut, $wgContLang ); |
47 | 41 | |
48 | 42 | # Is this necessary? Who knows... |
49 | 43 | if ($wgTitle == NULL) { |
— | — | @@ -52,7 +46,6 @@ |
53 | 47 | # Setting global variables in mediaWiki |
54 | 48 | $mediaWiki->setVal( "Server", $wgServer ); |
55 | 49 | $mediaWiki->setVal( "DisableInternalSearch", $wgDisableInternalSearch ); |
56 | | -$mediaWiki->setVal( "action", $action ); |
57 | 50 | $mediaWiki->setVal( "SquidMaxage", $wgSquidMaxage ); |
58 | 51 | $mediaWiki->setVal( "EnableDublinCoreRdf", $wgEnableDublinCoreRdf ); |
59 | 52 | $mediaWiki->setVal( "EnableCreativeCommonsRdf", $wgEnableCreativeCommonsRdf ); |
— | — | @@ -60,11 +53,8 @@ |
61 | 54 | $mediaWiki->setVal( "UseExternalEditor", $wgUseExternalEditor ); |
62 | 55 | $mediaWiki->setVal( "DisabledActions", $wgDisabledActions ); |
63 | 56 | |
64 | | -$wgArticle = $mediaWiki->initialize ( $wgTitle, $wgOut, $wgUser, $wgRequest ); |
| 57 | +$wgArticle = $mediaWiki->initialize ( $wgTitle, $wgOut, $wgUser ); |
65 | 58 | $mediaWiki->finalCleanup ( $wgDeferredUpdateList, $wgLoadBalancer, $wgOut ); |
66 | | - |
67 | | -# Not sure when $wgPostCommitUpdateList gets set, so I keep this separate from finalCleanup |
68 | 59 | $mediaWiki->doUpdates( $wgPostCommitUpdateList ); |
69 | | - |
70 | 60 | $mediaWiki->restInPeace( $wgLoadBalancer ); |
71 | 61 | ?> |
Index: trunk/phase3/includes/Wiki.php |
— | — | @@ -37,6 +37,28 @@ |
38 | 38 | } |
39 | 39 | |
40 | 40 | /** |
| 41 | + * Wrapper for getrusage, if it exists |
| 42 | + * getrusage() does not exist on the Window$ platform, catching this |
| 43 | + */ |
| 44 | + function getRUsage() { |
| 45 | + if ( function_exists ( 'getrusage' ) ) { |
| 46 | + return getrusage(); |
| 47 | + } else { |
| 48 | + return array(); |
| 49 | + } |
| 50 | + } |
| 51 | + |
| 52 | + /** |
| 53 | + * CHeck for $GLOBALS vulnerability |
| 54 | + */ |
| 55 | + function ckeckGlobalsVulnerability() { |
| 56 | + @ini_set( 'allow_url_fopen', 0 ); # For security... |
| 57 | + if ( isset( $_REQUEST['GLOBALS'] ) ) { |
| 58 | + die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>'); |
| 59 | + } |
| 60 | + } |
| 61 | + |
| 62 | + /** |
41 | 63 | * Checks if the wiki is set up at all, or configured but not activated |
42 | 64 | */ |
43 | 65 | function checkSetup() { |
— | — | @@ -56,22 +78,32 @@ |
57 | 79 | $msg = "Please <a href='config/index.php' title='setup'>setup the wiki</a> first."; |
58 | 80 | } |
59 | 81 | $out = str_replace( "$2", $msg, $out ); |
60 | | - echo $out ; |
| 82 | + echo $out; |
61 | 83 | die(); |
62 | 84 | } |
63 | 85 | |
64 | 86 | /** |
| 87 | + * Reads title and action values from request |
| 88 | + */ |
| 89 | + function initializeActionTitle () { |
| 90 | + $request = $this->getVal( 'Request' ); |
| 91 | + $this->setVal( 'action', $request->getVal( 'action', 'view' ) ); |
| 92 | + $this->setVal( 'urltitle', $request->getVal( 'title' ) ); |
| 93 | + } |
| 94 | + |
| 95 | + /** |
65 | 96 | * Initialization of ... everything |
66 | 97 | @return Article either the object to become $wgArticle, or NULL |
67 | 98 | */ |
68 | | - function initialize ( &$title, &$output, &$user, $request) { |
| 99 | + function initialize ( &$title, &$output, &$user ) { |
69 | 100 | wfProfileIn( 'MediaWiki::initialize' ); |
70 | | - $this->preliminaryChecks ( $title, $output, $request ) ; |
| 101 | + $request = $this->getVal( 'Request' ); |
| 102 | + $this->preliminaryChecks ( $title, $output ); |
71 | 103 | $article = NULL; |
72 | | - if ( !$this->initializeSpecialCases( $title, $output, $request ) ) { |
73 | | - $article = $this->initializeArticle( $title, $request ); |
| 104 | + if ( !$this->initializeSpecialCases( $title, $output ) ) { |
| 105 | + $article = $this->initializeArticle( $title ); |
74 | 106 | if( is_object( $article ) ) { |
75 | | - $this->performAction( $output, $article, $title, $user, $request ); |
| 107 | + $this->performAction( $output, $article, $title, $user ); |
76 | 108 | } elseif( is_string( $article ) ) { |
77 | 109 | $output->redirect( $article ); |
78 | 110 | } else { |
— | — | @@ -84,15 +116,17 @@ |
85 | 117 | |
86 | 118 | /** |
87 | 119 | * Checks some initial queries |
88 | | - * Note that $title here is *not* a Title object, but a string! |
89 | 120 | */ |
90 | | - function checkInitialQueries( $title,$action,&$output,$request, $lang) { |
| 121 | + function checkInitialQueries( &$output, $lang) { |
91 | 122 | wfProfileIn( 'MediaWiki::checkInitialQueries' ); |
| 123 | + $request = $this->getVal( 'Request' ); |
| 124 | + $action = $this->getVal( 'action' ); |
| 125 | + $title = $this->getVal( 'urltitle' ); |
92 | 126 | if ($request->getVal( 'printable' ) == 'yes') { |
93 | 127 | $output->setPrintable(); |
94 | 128 | } |
95 | 129 | |
96 | | - $ret = NULL ; |
| 130 | + $ret = NULL; |
97 | 131 | |
98 | 132 | |
99 | 133 | if ( '' == $title && 'delete' != $action ) { |
— | — | @@ -110,14 +144,14 @@ |
111 | 145 | |
112 | 146 | } |
113 | 147 | wfProfileOut( 'MediaWiki::checkInitialQueries' ); |
114 | | - return $ret ; |
| 148 | + return $ret; |
115 | 149 | } |
116 | 150 | |
117 | 151 | /** |
118 | 152 | * Checks for search query and anon-cannot-read case |
119 | 153 | */ |
120 | | - function preliminaryChecks ( &$title, &$output, $request ) { |
121 | | - |
| 154 | + function preliminaryChecks ( &$title, &$output ) { |
| 155 | + $request = $this->getVal( 'Request' ); |
122 | 156 | # Debug statement for user levels |
123 | 157 | // print_r($wgUser); |
124 | 158 | |
— | — | @@ -143,9 +177,9 @@ |
144 | 178 | /** |
145 | 179 | * Initialize the object to be known as $wgArticle for special cases |
146 | 180 | */ |
147 | | - function initializeSpecialCases ( &$title, &$output, $request ) { |
148 | | - |
| 181 | + function initializeSpecialCases ( &$title, &$output ) { |
149 | 182 | wfProfileIn( 'MediaWiki::initializeSpecialCases' ); |
| 183 | + $request = $this->getVal( 'Request' ); |
150 | 184 | |
151 | 185 | $search = $this->getVal('Search'); |
152 | 186 | $action = $this->getVal('Action'); |
— | — | @@ -216,13 +250,12 @@ |
217 | 251 | * Initialize the object to be known as $wgArticle for "standard" actions |
218 | 252 | * Create an Article object for the page, following redirects if needed. |
219 | 253 | * @param Title $title |
220 | | - * @param Request $request |
221 | | - * @param string $action |
222 | 254 | * @return mixed an Article, or a string to redirect to another URL |
223 | 255 | */ |
224 | | - function initializeArticle( $title, $request ) { |
| 256 | + function initializeArticle( $title ) { |
225 | 257 | wfProfileIn( 'MediaWiki::initializeArticle' ); |
226 | 258 | |
| 259 | + $request = $this->getVal( 'Request' ); |
227 | 260 | $action = $this->getVal('Action'); |
228 | 261 | $article = $this->articleFromTitle( $title ); |
229 | 262 | |
— | — | @@ -288,10 +321,10 @@ |
289 | 322 | /** |
290 | 323 | * Perform one of the "standard" actions |
291 | 324 | */ |
292 | | - function performAction( &$output, &$article, &$title, &$user, &$request ) { |
293 | | - |
| 325 | + function performAction( &$output, &$article, &$title, &$user ) { |
294 | 326 | wfProfileIn( 'MediaWiki::performAction' ); |
295 | | - |
| 327 | + |
| 328 | + $request = $this->getVal( 'Request' ); |
296 | 329 | $action = $this->getVal('Action'); |
297 | 330 | if( in_array( $action, $this->getVal('DisabledActions',array()) ) ) { |
298 | 331 | /* No such action; this will switch to the default case */ |