summaryrefslogtreecommitdiff
path: root/includes/WebRequest.php
diff options
context:
space:
mode:
authorPierre Schmitz <pierre@archlinux.de>2013-08-12 09:28:15 +0200
committerPierre Schmitz <pierre@archlinux.de>2013-08-12 09:28:15 +0200
commit08aa4418c30cfc18ccc69a0f0f9cb9e17be6c196 (patch)
tree577a29fb579188d16003a209ce2a2e9c5b0aa2bd /includes/WebRequest.php
parentcacc939b34e315b85e2d72997811eb6677996cc1 (diff)
Update to MediaWiki 1.21.1
Diffstat (limited to 'includes/WebRequest.php')
-rw-r--r--includes/WebRequest.php121
1 files changed, 75 insertions, 46 deletions
diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index 96279fb2..98007ef8 100644
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -1,6 +1,6 @@
<?php
/**
- * Deal with importing all those nasssty globals and things
+ * Deal with importing all those nasty globals and things
*
* Copyright © 2003 Brion Vibber <brion@pobox.com>
* http://www.mediawiki.org/
@@ -70,13 +70,13 @@ class WebRequest {
* If the REQUEST_URI is not provided we'll fall back on the PATH_INFO
* provided by the server if any and use that to set a 'title' parameter.
*
- * @param $want string: If this is not 'all', then the function
+ * @param string $want If this is not 'all', then the function
* will return an empty array if it determines that the URL is
* inside a rewrite path.
*
* @return Array: Any query arguments found in path matches.
*/
- static public function getPathInfo( $want = 'all' ) {
+ public static function getPathInfo( $want = 'all' ) {
global $wgUsePathInfo;
// PATH_INFO is mangled due to http://bugs.php.net/bug.php?id=31892
// And also by Apache 2.x, double slashes are converted to single slashes.
@@ -128,7 +128,7 @@ class WebRequest {
global $wgVariantArticlePath, $wgContLang;
if( $wgVariantArticlePath ) {
$router->add( $wgVariantArticlePath,
- array( 'variant' => '$2'),
+ array( 'variant' => '$2' ),
array( '$2' => $wgContLang->getVariants() )
);
}
@@ -144,7 +144,7 @@ class WebRequest {
// Also reported when ini_get('cgi.fix_pathinfo')==false
$matches['title'] = substr( $_SERVER['ORIG_PATH_INFO'], 1 );
- } elseif ( isset( $_SERVER['PATH_INFO'] ) && ($_SERVER['PATH_INFO'] != '') ) {
+ } elseif ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
// Regular old PATH_INFO yay
$matches['title'] = substr( $_SERVER['PATH_INFO'], 1 );
}
@@ -192,14 +192,21 @@ class WebRequest {
* @return array
*/
public static function detectProtocolAndStdPort() {
- return ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) ? array( 'https', 443 ) : array( 'http', 80 );
+ if ( ( isset( $_SERVER['HTTPS'] ) && $_SERVER['HTTPS'] == 'on' ) ||
+ ( isset( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) &&
+ $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' ) ) {
+ $arr = array( 'https', 443 );
+ } else {
+ $arr = array( 'http', 80 );
+ }
+ return $arr;
}
/**
* @return string
*/
public static function detectProtocol() {
- list( $proto, $stdPort ) = self::detectProtocolAndStdPort();
+ list( $proto, ) = self::detectProtocolAndStdPort();
return $proto;
}
@@ -226,9 +233,9 @@ class WebRequest {
* URL rewriting function; tries to extract page title and,
* optionally, one other fixed parameter value from a URL path.
*
- * @param $path string: the URL path given from the client
- * @param $bases array: one or more URLs, optionally with $1 at the end
- * @param $key string: if provided, the matching key in $bases will be
+ * @param string $path the URL path given from the client
+ * @param array $bases one or more URLs, optionally with $1 at the end
+ * @param string $key if provided, the matching key in $bases will be
* passed on as the value of this URL parameter
* @return array of URL variables to interpolate; empty if no match
*/
@@ -255,8 +262,8 @@ class WebRequest {
* Recursively strips slashes from the given array;
* used for undoing the evil that is magic_quotes_gpc.
*
- * @param $arr array: will be modified
- * @param $topLevel bool Specifies if the array passed is from the top
+ * @param array $arr will be modified
+ * @param bool $topLevel Specifies if the array passed is from the top
* level of the source. In PHP5 magic_quotes only escapes the first level
* of keys that belong to an array.
* @return array the original array
@@ -352,7 +359,7 @@ class WebRequest {
* selected by a drop-down menu). For freeform input, see getText().
*
* @param $name String
- * @param $default String: optional default (or NULL)
+ * @param string $default optional default (or NULL)
* @return String
*/
public function getVal( $name, $default = null ) {
@@ -370,7 +377,7 @@ class WebRequest {
/**
* Set an arbitrary value into our get/post data.
*
- * @param $key String: key name to use
+ * @param string $key key name to use
* @param $value Mixed: value to set
* @return Mixed: old value if one was present, null otherwise
*/
@@ -380,11 +387,10 @@ class WebRequest {
return $ret;
}
-
/**
* Unset an arbitrary value from our get/post data.
- *
- * @param $key String: key name to use
+ *
+ * @param string $key key name to use
* @return Mixed: old value if one was present, null otherwise
*/
public function unsetVal( $key ) {
@@ -403,7 +409,7 @@ class WebRequest {
* If no source and no default, returns NULL.
*
* @param $name String
- * @param $default Array: optional default (or NULL)
+ * @param array $default optional default (or NULL)
* @return Array
*/
public function getArray( $name, $default = null ) {
@@ -422,7 +428,7 @@ class WebRequest {
* If an array is returned, contents are guaranteed to be integers.
*
* @param $name String
- * @param $default Array: option default (or NULL)
+ * @param array $default option default (or NULL)
* @return Array of ints
*/
public function getIntArray( $name, $default = null ) {
@@ -497,7 +503,7 @@ class WebRequest {
*/
public function getCheck( $name ) {
# Checkboxes and buttons are only present when clicked
- # Presence connotes truth, abscense false
+ # Presence connotes truth, absence false
return $this->getVal( $name, null ) !== null;
}
@@ -510,7 +516,7 @@ class WebRequest {
* be required - e.g. Esperanto x-coding).
*
* @param $name String
- * @param $default String: optional
+ * @param string $default optional
* @return String
*/
public function getText( $name, $default = '' ) {
@@ -559,9 +565,9 @@ class WebRequest {
*
* @return Array
*/
- public function getQueryValues() {
+ public function getQueryValues() {
return $_GET;
- }
+ }
/**
* Get the HTTP method used for this request.
@@ -603,8 +609,8 @@ class WebRequest {
/**
* Get a cookie from the $_COOKIE jar
*
- * @param $key String: the name of the cookie
- * @param $prefix String: a prefix to use for the cookie name, if not $wgCookiePrefix
+ * @param string $key the name of the cookie
+ * @param string $prefix a prefix to use for the cookie name, if not $wgCookiePrefix
* @param $default Mixed: what to return if the value isn't found
* @return Mixed: cookie value or $default if the cookie not set
*/
@@ -613,13 +619,14 @@ class WebRequest {
global $wgCookiePrefix;
$prefix = $wgCookiePrefix;
}
- return $this->getGPCVal( $_COOKIE, $prefix . $key , $default );
+ return $this->getGPCVal( $_COOKIE, $prefix . $key, $default );
}
/**
* Return the path and query string portion of the request URI.
* This will be suitable for use as a relative link in HTML output.
*
+ * @throws MWException
* @return String
*/
public function getRequestURL() {
@@ -671,7 +678,7 @@ class WebRequest {
/**
* Take an arbitrary query and rewrite the present URL to include it
- * @param $query String: query string fragment; do not include initial '?'
+ * @param string $query query string fragment; do not include initial '?'
*
* @return String
*/
@@ -683,7 +690,7 @@ class WebRequest {
* HTML-safe version of appendQuery().
* @deprecated: Deprecated in 1.20, warnings in 1.21, remove in 1.22.
*
- * @param $query String: query string fragment; do not include initial '?'
+ * @param string $query query string fragment; do not include initial '?'
* @return String
*/
public function escapeAppendQuery( $query ) {
@@ -703,8 +710,8 @@ class WebRequest {
/**
* Appends or replaces value of query variables.
*
- * @param $array Array of values to replace/add to query
- * @param $onlyquery Bool: whether to only return the query string and not
+ * @param array $array of values to replace/add to query
+ * @param bool $onlyquery whether to only return the query string and not
* the complete URL
* @return String
*/
@@ -713,7 +720,7 @@ class WebRequest {
$newquery = $this->getQueryValues();
unset( $newquery['title'] );
$newquery = array_merge( $newquery, $array );
- $query = wfArrayToCGI( $newquery );
+ $query = wfArrayToCgi( $newquery );
return $onlyquery ? $query : $wgTitle->getLocalURL( $query );
}
@@ -723,7 +730,7 @@ class WebRequest {
* Offset must be positive but is not capped.
*
* @param $deflimit Integer: limit to use if no input and the user hasn't set the option.
- * @param $optionname String: to specify an option other than rclimit to pull from.
+ * @param string $optionname to specify an option other than rclimit to pull from.
* @return array first element is limit, second is offset
*/
public function getLimitOffset( $deflimit = 50, $optionname = 'rclimit' ) {
@@ -734,7 +741,7 @@ class WebRequest {
$limit = 0;
}
if( ( $limit == 0 ) && ( $optionname != '' ) ) {
- $limit = (int)$wgUser->getOption( $optionname );
+ $limit = $wgUser->getIntOption( $optionname );
}
if( $limit <= 0 ) {
$limit = $deflimit;
@@ -842,7 +849,7 @@ class WebRequest {
} else {
foreach ( $_SERVER as $name => $value ) {
if ( substr( $name, 0, 5 ) === 'HTTP_' ) {
- $name = str_replace( '_', '-', substr( $name, 5 ) );
+ $name = str_replace( '_', '-', substr( $name, 5 ) );
$this->headers[$name] = $value;
} elseif ( $name === 'CONTENT_LENGTH' ) {
$this->headers['CONTENT-LENGTH'] = $value;
@@ -863,7 +870,7 @@ class WebRequest {
/**
* Get a request header, or false if it isn't set
- * @param $name String: case-insensitive header name
+ * @param string $name case-insensitive header name
*
* @return string|bool False on failure
*/
@@ -880,7 +887,7 @@ class WebRequest {
/**
* Get data from $_SESSION
*
- * @param $key String: name of key in $_SESSION
+ * @param string $key name of key in $_SESSION
* @return Mixed
*/
public function getSessionData( $key ) {
@@ -893,7 +900,7 @@ class WebRequest {
/**
* Set session data
*
- * @param $key String: name of key in $_SESSION
+ * @param string $key name of key in $_SESSION
* @param $data Mixed
*/
public function setSessionData( $key, $data ) {
@@ -907,6 +914,7 @@ class WebRequest {
* false if an error message has been shown and the request should be aborted.
*
* @param $extWhitelist array
+ * @throws HttpError
* @return bool
*/
public function checkUrlExtension( $extWhitelist = array() ) {
@@ -1043,22 +1051,30 @@ HTML;
*
* @since 1.19
*
+ * @throws MWException
* @return String
*/
protected function getRawIP() {
- if ( isset( $_SERVER['REMOTE_ADDR'] ) ) {
- return IP::canonicalize( $_SERVER['REMOTE_ADDR'] );
- } else {
+ if ( !isset( $_SERVER['REMOTE_ADDR'] ) ) {
return null;
}
+
+ if ( is_array( $_SERVER['REMOTE_ADDR'] ) || strpos( $_SERVER['REMOTE_ADDR'], ',' ) !== false ) {
+ throw new MWException( __METHOD__ . " : Could not determine the remote IP address due to multiple values." );
+ } else {
+ $ipchain = $_SERVER['REMOTE_ADDR'];
+ }
+
+ return IP::canonicalize( $ipchain );
}
/**
* Work out the IP address based on various globals
* For trusted proxies, use the XFF client IP (first of the chain)
- *
+ *
* @since 1.19
*
+ * @throws MWException
* @return string
*/
public function getIP() {
@@ -1108,6 +1124,15 @@ HTML;
$this->ip = $ip;
return $ip;
}
+
+ /**
+ * @param string $ip
+ * @return void
+ * @since 1.21
+ */
+ public function setIP( $ip ) {
+ $this->ip = $ip;
+ }
}
/**
@@ -1122,7 +1147,7 @@ class WebRequestUpload {
* Constructor. Should only be called by WebRequest
*
* @param $request WebRequest The associated request
- * @param $key string Key in $_FILES array (name of form field)
+ * @param string $key Key in $_FILES array (name of form field)
*/
public function __construct( $request, $key ) {
$this->request = $request;
@@ -1234,10 +1259,11 @@ class FauxRequest extends WebRequest {
private $session = array();
/**
- * @param $data Array of *non*-urlencoded key => value pairs, the
+ * @param array $data of *non*-urlencoded key => value pairs, the
* fake GET/POST values
- * @param $wasPosted Bool: whether to treat the data as POST
+ * @param bool $wasPosted whether to treat the data as POST
* @param $session Mixed: session array or null
+ * @throws MWException
*/
public function __construct( $data = array(), $wasPosted = false, $session = null ) {
if( is_array( $data ) ) {
@@ -1246,8 +1272,9 @@ class FauxRequest extends WebRequest {
throw new MWException( "FauxRequest() got bogus data" );
}
$this->wasPosted = $wasPosted;
- if( $session )
+ if( $session ) {
$this->session = $session;
+ }
}
/**
@@ -1330,8 +1357,10 @@ class FauxRequest extends WebRequest {
* @return mixed
*/
public function getSessionData( $key ) {
- if( isset( $this->session[$key] ) )
+ if( isset( $this->session[$key] ) ) {
return $this->session[$key];
+ }
+ return null;
}
/**