r58585 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r58584‎ \| r58585 \| r58586 >
Date:	15:47, 5 November 2009
Author:	yaron
Status:	resolved (Comments)
Tags:
Comment:	Re-added XML validation; using the SimpleXML library for now
Modified paths:	/trunk/extensions/TemplateInfo/ApiQueryTemplateInfo.php (modified) (history)

Diff [purge]

Index: trunk/extensions/TemplateInfo/ApiQueryTemplateInfo.php
—	—	@@ -20,6 +20,39 @@
21	21	parent :: __construct( $query, $moduleName, 'ti' );
22	22	}
23	23
	24	+ private function validateXML( $xml ) {
	25	+ $xmlDTD =<<<END
	26	+<?xml version="1.0" encoding="utf-8"?>
	27	+<!DOCTYPE template [
	28	+<!ELEMENT template (description?,params?,data*)>
	29	+<!ELEMENT params (param\|group)*>
	30	+<!ELEMENT param (label?,description?,options?,type?,data*)>
	31	+<!ATTLIST param id ID #REQUIRED>
	32	+<!ELEMENT group (label?,description?,param,data)>
	33	+<!ELEMENT label (#PCDATA\|msg)*>
	34	+<!ELEMENT description (#PCDATA\|msg)*>
	35	+<!ELEMENT options (option*)>
	36	+<!ELEMENT option (#PCDATA\|msg)*>
	37	+<!ELEMENT type (field*)>
	38	+<!ATTLIST type name CDATA #REQUIRED>
	39	+<!ELEMENT field EMPTY>
	40	+<!ATTLIST field name CDATA #REQUIRED>
	41	+<!ATTLIST field value CDATA #REQUIRED>
	42	+<!ELEMENT msg (#PCDATA)>
	43	+<!ATTLIST msg lang CDATA #REQUIRED>
	44	+<!ELEMENT data (field*)>
	45	+<!ATTLIST data app CDATA #REQUIRED>
	46	+]>
	47	+
	48	+END;
	49	+ // we are using the SimpleXML library to do the XML validation
	50	+ // for now - this may change later
	51	+ // hide parsing warnings
	52	+ libxml_use_internal_errors(true);
	53	+ $xml_success = simplexml_load_string($xmlDTD . $xml);
	54	+ return $xml_success;
	55	+ }
	56	+
24	57	public function execute() {
25	58	$params = $this->extractRequestParams();
26	59	$titles = $this->getPageSet()->getGoodTitles();
—	—	@@ -39,7 +72,11 @@
40	73	$res = $this->select(__METHOD__);
41	74	while ( $row = $this->getDB()->fetchObject( $res ) ) {
42	75	$vals = array( );
43		~~- ApiResult::setContent( $vals, $row->pp_value );~~
	76	+ if ($this->validateXML( $row->pp_value )) {
	77	+ ApiResult::setContent( $vals, $row->pp_value );
	78	+ } else {
	79	+ ApiResult::setContent( $vals, "Error! Invalid XML" );
	80	+ }
44	81	$fit = $this->addPageSubItems( $row->pp_page, $vals );
45	82	if( !$fit ) {
46	83	$this->setContinueEnumParameter( 'continue', $row->pp_page );

Comments

#Comment by Catrope (talk | contribs) 15:51, 5 November 2009

As I said before, I think it's better to validate the XML at parse time rather than in the API module.

#Comment by Yaron Koren (talk | contribs) 16:40, 5 November 2009

Oh yeah, I forgot... I changed this in the code now.

Status & tagging log

20:24, 5 November 2009 Catrope (talk | contribs) changed the status of r58585 [removed: fixme added: resolved]
15:51, 5 November 2009 Catrope (talk | contribs) changed the status of r58585 [removed: new added: fixme]