REL1_32/php/ApiMain_8php_source.html

<?php

use MediaWiki\Logger\LoggerFactory;

use MediaWiki\MediaWikiServices;

use Wikimedia\Timestamp\TimestampException;


class ApiMain extends ApiBase {

    const API_DEFAULT_FORMAT = 'jsonfm';


    const API_DEFAULT_USELANG = 'user';


    private static $Modules = [

        'login' => ApiLogin::class,

        'clientlogin' => ApiClientLogin::class,

        'logout' => ApiLogout::class,

        'createaccount' => ApiAMCreateAccount::class,

        'linkaccount' => ApiLinkAccount::class,

        'unlinkaccount' => ApiRemoveAuthenticationData::class,

        'changeauthenticationdata' => ApiChangeAuthenticationData::class,

        'removeauthenticationdata' => ApiRemoveAuthenticationData::class,

        'resetpassword' => ApiResetPassword::class,

        'query' => ApiQuery::class,

        'expandtemplates' => ApiExpandTemplates::class,

        'parse' => ApiParse::class,

        'stashedit' => ApiStashEdit::class,

        'opensearch' => ApiOpenSearch::class,

        'feedcontributions' => ApiFeedContributions::class,

        'feedrecentchanges' => ApiFeedRecentChanges::class,

        'feedwatchlist' => ApiFeedWatchlist::class,

        'help' => ApiHelp::class,

        'paraminfo' => ApiParamInfo::class,

        'rsd' => ApiRsd::class,

        'compare' => ApiComparePages::class,

        'tokens' => ApiTokens::class,

        'checktoken' => ApiCheckToken::class,

        'cspreport' => ApiCSPReport::class,

        'validatepassword' => ApiValidatePassword::class,


        // Write modules

        'purge' => ApiPurge::class,

        'setnotificationtimestamp' => ApiSetNotificationTimestamp::class,

        'rollback' => ApiRollback::class,

        'delete' => ApiDelete::class,

        'undelete' => ApiUndelete::class,

        'protect' => ApiProtect::class,

        'block' => ApiBlock::class,

        'unblock' => ApiUnblock::class,

        'move' => ApiMove::class,

        'edit' => ApiEditPage::class,

        'upload' => ApiUpload::class,

        'filerevert' => ApiFileRevert::class,

        'emailuser' => ApiEmailUser::class,

        'watch' => ApiWatch::class,

        'patrol' => ApiPatrol::class,

        'import' => ApiImport::class,

        'clearhasmsg' => ApiClearHasMsg::class,

        'userrights' => ApiUserrights::class,

        'options' => ApiOptions::class,

        'imagerotate' => ApiImageRotate::class,

        'revisiondelete' => ApiRevisionDelete::class,

        'managetags' => ApiManageTags::class,

        'tag' => ApiTag::class,

        'mergehistory' => ApiMergeHistory::class,

        'setpagelanguage' => ApiSetPageLanguage::class,

    ];


    private static $Formats = [

        'json' => ApiFormatJson::class,

        'jsonfm' => ApiFormatJson::class,

        'php' => ApiFormatPhp::class,

        'phpfm' => ApiFormatPhp::class,

        'xml' => ApiFormatXml::class,

        'xmlfm' => ApiFormatXml::class,

        'rawfm' => ApiFormatJson::class,

        'none' => ApiFormatNone::class,

    ];


    private static $mRights = [

        'writeapi' => [

            'msg' => 'right-writeapi',

            'params' => []

        ],

        'apihighlimits' => [

            'msg' => 'api-help-right-apihighlimits',

            'params' => [ ApiBase::LIMIT_SML2, ApiBase::LIMIT_BIG2 ]

        ]

    ];


    private $mPrinter;


    private $mModuleMgr, $mResult, $mErrorFormatter = null;

    private $mContinuationManager;

    private $mAction;

    private $mEnableWrite;

    private $mInternalMode, $mSquidMaxage;

    private $mModule;


    private $mCacheMode = 'private';

    private $mCacheControl = [];

    private $mParamsUsed = [];

    private $mParamsSensitive = [];


    private $lacksSameOriginSecurity = null;


    public function __construct( $context = null, $enableWrite = false ) {

        if ( $context === null ) {

            $context = RequestContext::getMain();

        } elseif ( $context instanceof WebRequest ) {

            // BC for pre-1.19

            $request = $context;

            $context = RequestContext::getMain();

        }

        // We set a derivative context so we can change stuff later

        $this->setContext( new DerivativeContext( $context ) );


        if ( isset( $request ) ) {

            $this->getContext()->setRequest( $request );

        } else {

            $request = $this->getRequest();

        }


        $this->mInternalMode = ( $request instanceof FauxRequest );


        // Special handling for the main module: $parent === $this

        parent::__construct( $this, $this->mInternalMode ? 'main_int' : 'main' );


        $config = $this->getConfig();


        if ( !$this->mInternalMode ) {

            // Log if a request with a non-whitelisted Origin header is seen

            // with session cookies.

            $originHeader = $request->getHeader( 'Origin' );

            if ( $originHeader === false ) {

                $origins = [];

            } else {

                $originHeader = trim( $originHeader );

                $origins = preg_split( '/\s+/', $originHeader );

            }

            $sessionCookies = array_intersect(

                array_keys( $_COOKIE ),

                MediaWiki\Session\SessionManager::singleton()->getVaryCookies()

            );

            if ( $origins && $sessionCookies && (

                count( $origins ) !== 1 || !self::matchOrigin(

                    $origins[0],

                    $config->get( 'CrossSiteAJAXdomains' ),

                    $config->get( 'CrossSiteAJAXdomainExceptions' )

                )

            ) ) {

                LoggerFactory::getInstance( 'cors' )->warning(

                    'Non-whitelisted CORS request with session cookies', [

                        'origin' => $originHeader,

                        'cookies' => $sessionCookies,

                        'ip' => $request->getIP(),

                        'userAgent' => $this->getUserAgent(),

                        'wiki' => wfWikiID(),

                    ]

                );

            }


            // If we're in a mode that breaks the same-origin policy, strip

            // user credentials for security.

            if ( $this->lacksSameOriginSecurity() ) {

                global $wgUser;

                wfDebug( "API: stripping user credentials when the same-origin policy is not applied\n" );

                $wgUser = new User();

                $this->getContext()->setUser( $wgUser );

                $request->response()->header( 'MediaWiki-Login-Suppressed: true' );

            }

        }


        $this->mResult = new ApiResult( $this->getConfig()->get( 'APIMaxResultSize' ) );


        // Setup uselang. This doesn't use $this->getParameter()

        // because we're not ready to handle errors yet.

        $uselang = $request->getVal( 'uselang', self::API_DEFAULT_USELANG );

        if ( $uselang === 'user' ) {

            // Assume the parent context is going to return the user language

            // for uselang=user (see T85635).

        } else {

            if ( $uselang === 'content' ) {

                $uselang = MediaWikiServices::getInstance()->getContentLanguage()->getCode();

            }

            $code = RequestContext::sanitizeLangCode( $uselang );

            $this->getContext()->setLanguage( $code );

            if ( !$this->mInternalMode ) {

                global $wgLang;

                $wgLang = $this->getContext()->getLanguage();

                RequestContext::getMain()->setLanguage( $wgLang );

            }

        }


        // Set up the error formatter. This doesn't use $this->getParameter()

        // because we're not ready to handle errors yet.

        $errorFormat = $request->getVal( 'errorformat', 'bc' );

        $errorLangCode = $request->getVal( 'errorlang', 'uselang' );

        $errorsUseDB = $request->getCheck( 'errorsuselocal' );

        if ( in_array( $errorFormat, [ 'plaintext', 'wikitext', 'html', 'raw', 'none' ], true ) ) {

            if ( $errorLangCode === 'uselang' ) {

                $errorLang = $this->getLanguage();

            } elseif ( $errorLangCode === 'content' ) {

                $errorLang = MediaWikiServices::getInstance()->getContentLanguage();

            } else {

                $errorLangCode = RequestContext::sanitizeLangCode( $errorLangCode );

                $errorLang = Language::factory( $errorLangCode );

            }

            $this->mErrorFormatter = new ApiErrorFormatter(

                $this->mResult, $errorLang, $errorFormat, $errorsUseDB

            );

        } else {

            $this->mErrorFormatter = new ApiErrorFormatter_BackCompat( $this->mResult );

        }

        $this->mResult->setErrorFormatter( $this->getErrorFormatter() );


        $this->mModuleMgr = new ApiModuleManager( $this );

        $this->mModuleMgr->addModules( self::$Modules, 'action' );

        $this->mModuleMgr->addModules( $config->get( 'APIModules' ), 'action' );

        $this->mModuleMgr->addModules( self::$Formats, 'format' );

        $this->mModuleMgr->addModules( $config->get( 'APIFormatModules' ), 'format' );


        Hooks::run( 'ApiMain::moduleManager', [ $this->mModuleMgr ] );


        $this->mContinuationManager = null;

        $this->mEnableWrite = $enableWrite;


        $this->mSquidMaxage = -1; // flag for executeActionWithErrorHandling()

        $this->mCommit = false;

    }


    public function isInternalMode() {

        return $this->mInternalMode;

    }


    public function getResult() {

        return $this->mResult;

    }


    public function lacksSameOriginSecurity() {

        if ( $this->lacksSameOriginSecurity !== null ) {

            return $this->lacksSameOriginSecurity;

        }


        $request = $this->getRequest();


        // JSONP mode

        if ( $request->getVal( 'callback' ) !== null ) {

            $this->lacksSameOriginSecurity = true;

            return true;

        }


        // Anonymous CORS

        if ( $request->getVal( 'origin' ) === '*' ) {

            $this->lacksSameOriginSecurity = true;

            return true;

        }


        // Header to be used from XMLHTTPRequest when the request might

        // otherwise be used for XSS.

        if ( $request->getHeader( 'Treat-as-Untrusted' ) !== false ) {

            $this->lacksSameOriginSecurity = true;

            return true;

        }


        // Allow extensions to override.

        $this->lacksSameOriginSecurity = !Hooks::run( 'RequestHasSameOriginSecurity', [ $request ] );

        return $this->lacksSameOriginSecurity;

    }


    public function getErrorFormatter() {

        return $this->mErrorFormatter;

    }


    public function getContinuationManager() {

        return $this->mContinuationManager;

    }


    public function setContinuationManager( ApiContinuationManager $manager = null ) {

        if ( $manager !== null && $this->mContinuationManager !== null ) {

            throw new UnexpectedValueException(

                __METHOD__ . ': tried to set manager from ' . $manager->getSource() .

                ' when a manager is already set from ' . $this->mContinuationManager->getSource()

            );

        }

        $this->mContinuationManager = $manager;

    }


    public function getModule() {

        return $this->mModule;

    }


    public function getPrinter() {

        return $this->mPrinter;

    }


    public function setCacheMaxAge( $maxage ) {

        $this->setCacheControl( [

            'max-age' => $maxage,

            's-maxage' => $maxage

        ] );

    }


    public function setCacheMode( $mode ) {

        if ( !in_array( $mode, [ 'private', 'public', 'anon-public-user-private' ] ) ) {

            wfDebug( __METHOD__ . ": unrecognised cache mode \"$mode\"\n" );


            // Ignore for forwards-compatibility

            return;

        }


        if ( !User::isEveryoneAllowed( 'read' ) ) {

            // Private wiki, only private headers

            if ( $mode !== 'private' ) {

                wfDebug( __METHOD__ . ": ignoring request for $mode cache mode, private wiki\n" );


                return;

            }

        }


        if ( $mode === 'public' && $this->getParameter( 'uselang' ) === 'user' ) {

            // User language is used for i18n, so we don't want to publicly

            // cache. Anons are ok, because if they have non-default language

            // then there's an appropriate Vary header set by whatever set

            // their non-default language.

            wfDebug( __METHOD__ . ": downgrading cache mode 'public' to " .

                "'anon-public-user-private' due to uselang=user\n" );

            $mode = 'anon-public-user-private';

        }


        wfDebug( __METHOD__ . ": setting cache mode $mode\n" );

        $this->mCacheMode = $mode;

    }


    public function setCacheControl( $directives ) {

        $this->mCacheControl = $directives + $this->mCacheControl;

    }


    public function createPrinterByName( $format ) {

        $printer = $this->mModuleMgr->getModule( $format, 'format', /* $ignoreCache */ true );

        if ( $printer === null ) {

            $this->dieWithError(

                [ 'apierror-unknownformat', wfEscapeWikiText( $format ) ], 'unknown_format'

            );

        }


        return $printer;

    }


    public function execute() {

        if ( $this->mInternalMode ) {

            $this->executeAction();

        } else {

            $this->executeActionWithErrorHandling();

        }

    }


    protected function executeActionWithErrorHandling() {

        // Verify the CORS header before executing the action

        if ( !$this->handleCORS() ) {

            // handleCORS() has sent a 403, abort

            return;

        }


        // Exit here if the request method was OPTIONS

        // (assume there will be a followup GET or POST)

        if ( $this->getRequest()->getMethod() === 'OPTIONS' ) {

            return;

        }


        // In case an error occurs during data output,

        // clear the output buffer and print just the error information

        $obLevel = ob_get_level();

        ob_start();


        $t = microtime( true );

        $isError = false;

        try {

            $this->executeAction();

            $runTime = microtime( true ) - $t;

            $this->logRequest( $runTime );

            MediaWikiServices::getInstance()->getStatsdDataFactory()->timing(

                'api.' . $this->mModule->getModuleName() . '.executeTiming', 1000 * $runTime

            );

        } catch ( Exception $e ) { // @todo Remove this block when HHVM is no longer supported

            $this->handleException( $e );

            $this->logRequest( microtime( true ) - $t, $e );

            $isError = true;

        } catch ( Throwable $e ) {

            $this->handleException( $e );

            $this->logRequest( microtime( true ) - $t, $e );

            $isError = true;

        }


        // Commit DBs and send any related cookies and headers

        MediaWiki::preOutputCommit( $this->getContext() );


        // Send cache headers after any code which might generate an error, to

        // avoid sending public cache headers for errors.

        $this->sendCacheHeaders( $isError );


        // Executing the action might have already messed with the output

        // buffers.

        while ( ob_get_level() > $obLevel ) {

            ob_end_flush();

        }

    }


    protected function handleException( $e ) {

        // T65145: Rollback any open database transactions

        if ( !$e instanceof ApiUsageException ) {

            // ApiUsageExceptions are intentional, so don't rollback if that's the case

            MWExceptionHandler::rollbackMasterChangesAndLog( $e );

        }


        // Allow extra cleanup and logging

        Hooks::run( 'ApiMain::onException', [ $this, $e ] );


        // Handle any kind of exception by outputting properly formatted error message.

        // If this fails, an unhandled exception should be thrown so that global error

        // handler will process and log it.


        $errCodes = $this->substituteResultWithError( $e );


        // Error results should not be cached

        $this->setCacheMode( 'private' );


        $response = $this->getRequest()->response();

        $headerStr = 'MediaWiki-API-Error: ' . implode( ', ', $errCodes );

        $response->header( $headerStr );


        // Reset and print just the error message

        ob_clean();


        // Printer may not be initialized if the extractRequestParams() fails for the main module

        $this->createErrorPrinter();


        $failed = false;

        try {

            $this->printResult( $e->getCode() );

        } catch ( ApiUsageException $ex ) {

            // The error printer itself is failing. Try suppressing its request

            // parameters and redo.

            $failed = true;

            $this->addWarning( 'apiwarn-errorprinterfailed' );

            foreach ( $ex->getStatusValue()->getErrors() as $error ) {

                try {

                    $this->mPrinter->addWarning( $error );

                } catch ( Exception $ex2 ) { // @todo Remove this block when HHVM is no longer supported

                    // WTF?

                    $this->addWarning( $error );

                } catch ( Throwable $ex2 ) {

                    // WTF?

                    $this->addWarning( $error );

                }

            }

        }

        if ( $failed ) {

            $this->mPrinter = null;

            $this->createErrorPrinter();

            $this->mPrinter->forceDefaultParams();

            if ( $e->getCode() ) {

                $response->statusHeader( 200 ); // Reset in case the fallback doesn't want a non-200

            }

            $this->printResult( $e->getCode() );

        }

    }


    public static function handleApiBeforeMainException( $e ) {

        ob_start();


        try {

            $main = new self( RequestContext::getMain(), false );

            $main->handleException( $e );

            $main->logRequest( 0, $e );

        } catch ( Exception $e2 ) { // @todo Remove this block when HHVM is no longer supported

            // Nope, even that didn't work. Punt.

            throw $e;

        } catch ( Throwable $e2 ) {

            // Nope, even that didn't work. Punt.

            throw $e;

        }


        // Reset cache headers

        $main->sendCacheHeaders( true );


        ob_end_flush();

    }


    protected function handleCORS() {

        $originParam = $this->getParameter( 'origin' ); // defaults to null

        if ( $originParam === null ) {

            // No origin parameter, nothing to do

            return true;

        }


        $request = $this->getRequest();

        $response = $request->response();


        $matchedOrigin = false;

        $allowTiming = false;

        $varyOrigin = true;


        if ( $originParam === '*' ) {

            // Request for anonymous CORS

            // Technically we should check for the presence of an Origin header

            // and not process it as CORS if it's not set, but that would

            // require us to vary on Origin for all 'origin=*' requests which

            // we don't want to do.

            $matchedOrigin = true;

            $allowOrigin = '*';

            $allowCredentials = 'false';

            $varyOrigin = false; // No need to vary

        } else {

            // Non-anonymous CORS, check we allow the domain


            // Origin: header is a space-separated list of origins, check all of them

            $originHeader = $request->getHeader( 'Origin' );

            if ( $originHeader === false ) {

                $origins = [];

            } else {

                $originHeader = trim( $originHeader );

                $origins = preg_split( '/\s+/', $originHeader );

            }


            if ( !in_array( $originParam, $origins ) ) {

                // origin parameter set but incorrect

                // Send a 403 response

                $response->statusHeader( 403 );

                $response->header( 'Cache-Control: no-cache' );

                echo "'origin' parameter does not match Origin header\n";


                return false;

            }


            $config = $this->getConfig();

            $matchedOrigin = count( $origins ) === 1 && self::matchOrigin(

                $originParam,

                $config->get( 'CrossSiteAJAXdomains' ),

                $config->get( 'CrossSiteAJAXdomainExceptions' )

            );


            $allowOrigin = $originHeader;

            $allowCredentials = 'true';

            $allowTiming = $originHeader;

        }


        if ( $matchedOrigin ) {

            $requestedMethod = $request->getHeader( 'Access-Control-Request-Method' );

            $preflight = $request->getMethod() === 'OPTIONS' && $requestedMethod !== false;

            if ( $preflight ) {

                // This is a CORS preflight request

                if ( $requestedMethod !== 'POST' && $requestedMethod !== 'GET' ) {

                    // If method is not a case-sensitive match, do not set any additional headers and terminate.

                    $response->header( 'MediaWiki-CORS-Rejection: Unsupported method requested in preflight' );

                    return true;

                }

                // We allow the actual request to send the following headers

                $requestedHeaders = $request->getHeader( 'Access-Control-Request-Headers' );

                if ( $requestedHeaders !== false ) {

                    if ( !self::matchRequestedHeaders( $requestedHeaders ) ) {

                        $response->header( 'MediaWiki-CORS-Rejection: Unsupported header requested in preflight' );

                        return true;

                    }

                    $response->header( 'Access-Control-Allow-Headers: ' . $requestedHeaders );

                }


                // We only allow the actual request to be GET or POST

                $response->header( 'Access-Control-Allow-Methods: POST, GET' );

            } elseif ( $request->getMethod() !== 'POST' && $request->getMethod() !== 'GET' ) {

                // Unsupported non-preflight method, don't handle it as CORS

                $response->header(

                    'MediaWiki-CORS-Rejection: Unsupported method for simple request or actual request'

                );

                return true;

            }


            $response->header( "Access-Control-Allow-Origin: $allowOrigin" );

            $response->header( "Access-Control-Allow-Credentials: $allowCredentials" );

            // https://www.w3.org/TR/resource-timing/#timing-allow-origin

            if ( $allowTiming !== false ) {

                $response->header( "Timing-Allow-Origin: $allowTiming" );

            }


            if ( !$preflight ) {

                $response->header(

                    'Access-Control-Expose-Headers: MediaWiki-API-Error, Retry-After, X-Database-Lag, '

                    . 'MediaWiki-Login-Suppressed'

                );

            }

        } else {

            $response->header( 'MediaWiki-CORS-Rejection: Origin mismatch' );

        }


        if ( $varyOrigin ) {

            $this->getOutput()->addVaryHeader( 'Origin' );

        }


        return true;

    }


    protected static function matchOrigin( $value, $rules, $exceptions ) {

        foreach ( $rules as $rule ) {

            if ( preg_match( self::wildcardToRegex( $rule ), $value ) ) {

                // Rule matches, check exceptions

                foreach ( $exceptions as $exc ) {

                    if ( preg_match( self::wildcardToRegex( $exc ), $value ) ) {

                        return false;

                    }

                }


                return true;

            }

        }


        return false;

    }


    protected static function matchRequestedHeaders( $requestedHeaders ) {

        if ( trim( $requestedHeaders ) === '' ) {

            return true;

        }

        $requestedHeaders = explode( ',', $requestedHeaders );

        $allowedAuthorHeaders = array_flip( [

            /* simple headers (see spec) */

            'accept',

            'accept-language',

            'content-language',

            'content-type',

            /* non-authorable headers in XHR, which are however requested by some UAs */

            'accept-encoding',

            'dnt',

            'origin',

            /* MediaWiki whitelist */

            'api-user-agent',

        ] );

        foreach ( $requestedHeaders as $rHeader ) {

            $rHeader = strtolower( trim( $rHeader ) );

            if ( !isset( $allowedAuthorHeaders[$rHeader] ) ) {

                wfDebugLog( 'api', 'CORS preflight failed on requested header: ' . $rHeader );

                return false;

            }

        }

        return true;

    }


    protected static function wildcardToRegex( $wildcard ) {

        $wildcard = preg_quote( $wildcard, '/' );

        $wildcard = str_replace(

            [ '\*', '\?' ],

            [ '.*?', '.' ],

            $wildcard

        );


        return "/^https?:\/\/$wildcard$/";

    }


    protected function sendCacheHeaders( $isError ) {

        $response = $this->getRequest()->response();

        $out = $this->getOutput();


        $out->addVaryHeader( 'Treat-as-Untrusted' );


        $config = $this->getConfig();


        if ( $config->get( 'VaryOnXFP' ) ) {

            $out->addVaryHeader( 'X-Forwarded-Proto' );

        }


        if ( !$isError && $this->mModule &&

            ( $this->getRequest()->getMethod() === 'GET' || $this->getRequest()->getMethod() === 'HEAD' )

        ) {

            $etag = $this->mModule->getConditionalRequestData( 'etag' );

            if ( $etag !== null ) {

                $response->header( "ETag: $etag" );

            }

            $lastMod = $this->mModule->getConditionalRequestData( 'last-modified' );

            if ( $lastMod !== null ) {

                $response->header( 'Last-Modified: ' . wfTimestamp( TS_RFC2822, $lastMod ) );

            }

        }


        // The logic should be:

        // $this->mCacheControl['max-age'] is set?

        //    Use it, the module knows better than our guess.

        // !$this->mModule || $this->mModule->isWriteMode(), and mCacheMode is private?

        //    Use 0 because we can guess caching is probably the wrong thing to do.

        // Use $this->getParameter( 'maxage' ), which already defaults to 0.

        $maxage = 0;

        if ( isset( $this->mCacheControl['max-age'] ) ) {

            $maxage = $this->mCacheControl['max-age'];

        } elseif ( ( $this->mModule && !$this->mModule->isWriteMode() ) ||

            $this->mCacheMode !== 'private'

        ) {

            $maxage = $this->getParameter( 'maxage' );

        }

        $privateCache = 'private, must-revalidate, max-age=' . $maxage;


        if ( $this->mCacheMode == 'private' ) {

            $response->header( "Cache-Control: $privateCache" );

            return;

        }


        $useKeyHeader = $config->get( 'UseKeyHeader' );

        if ( $this->mCacheMode == 'anon-public-user-private' ) {

            $out->addVaryHeader( 'Cookie' );

            $response->header( $out->getVaryHeader() );

            if ( $useKeyHeader ) {

                $response->header( $out->getKeyHeader() );

                if ( $out->haveCacheVaryCookies() ) {

                    // Logged in, mark this request private

                    $response->header( "Cache-Control: $privateCache" );

                    return;

                }

                // Logged out, send normal public headers below

            } elseif ( MediaWiki\Session\SessionManager::getGlobalSession()->isPersistent() ) {

                // Logged in or otherwise has session (e.g. anonymous users who have edited)

                // Mark request private

                $response->header( "Cache-Control: $privateCache" );


                return;

            } // else no Key and anonymous, send public headers below

        }


        // Send public headers

        $response->header( $out->getVaryHeader() );

        if ( $useKeyHeader ) {

            $response->header( $out->getKeyHeader() );

        }


        // If nobody called setCacheMaxAge(), use the (s)maxage parameters

        if ( !isset( $this->mCacheControl['s-maxage'] ) ) {

            $this->mCacheControl['s-maxage'] = $this->getParameter( 'smaxage' );

        }

        if ( !isset( $this->mCacheControl['max-age'] ) ) {

            $this->mCacheControl['max-age'] = $this->getParameter( 'maxage' );

        }


        if ( !$this->mCacheControl['s-maxage'] && !$this->mCacheControl['max-age'] ) {

            // Public cache not requested

            // Sending a Vary header in this case is harmless, and protects us

            // against conditional calls of setCacheMaxAge().

            $response->header( "Cache-Control: $privateCache" );


            return;

        }


        $this->mCacheControl['public'] = true;


        // Send an Expires header

        $maxAge = min( $this->mCacheControl['s-maxage'], $this->mCacheControl['max-age'] );

        $expiryUnixTime = ( $maxAge == 0 ? 1 : time() + $maxAge );

        $response->header( 'Expires: ' . wfTimestamp( TS_RFC2822, $expiryUnixTime ) );


        // Construct the Cache-Control header

        $ccHeader = '';

        $separator = '';

        foreach ( $this->mCacheControl as $name => $value ) {

            if ( is_bool( $value ) ) {

                if ( $value ) {

                    $ccHeader .= $separator . $name;

                    $separator = ', ';

                }

            } else {

                $ccHeader .= $separator . "$name=$value";

                $separator = ', ';

            }

        }


        $response->header( "Cache-Control: $ccHeader" );

    }


    private function createErrorPrinter() {

        if ( !isset( $this->mPrinter ) ) {

            $value = $this->getRequest()->getVal( 'format', self::API_DEFAULT_FORMAT );

            if ( !$this->mModuleMgr->isDefined( $value, 'format' ) ) {

                $value = self::API_DEFAULT_FORMAT;

            }

            $this->mPrinter = $this->createPrinterByName( $value );

        }


        // Printer may not be able to handle errors. This is particularly

        // likely if the module returns something for getCustomPrinter().

        if ( !$this->mPrinter->canPrintErrors() ) {

            $this->mPrinter = $this->createPrinterByName( self::API_DEFAULT_FORMAT );

        }

    }


    protected function errorMessagesFromException( $e, $type = 'error' ) {

        $messages = [];

        if ( $e instanceof ApiUsageException ) {

            foreach ( $e->getStatusValue()->getErrorsByType( $type ) as $error ) {

                $messages[] = ApiMessage::create( $error );

            }

        } elseif ( $type !== 'error' ) {

            // None of the rest have any messages for non-error types

        } else {

            // Something is seriously wrong

            $config = $this->getConfig();

            $class = preg_replace( '#^Wikimedia\\\Rdbms\\\#', '', get_class( $e ) );

            $code = 'internal_api_error_' . $class;

            if ( $config->get( 'ShowExceptionDetails' ) ) {

                if ( $e instanceof ILocalizedException ) {

                    $msg = $e->getMessageObject();

                } elseif ( $e instanceof MessageSpecifier ) {

                    $msg = Message::newFromSpecifier( $e );

                } else {

                    $msg = wfEscapeWikiText( $e->getMessage() );

                }

                $params = [ 'apierror-exceptioncaught', WebRequest::getRequestId(), $msg ];

            } else {

                $params = [ 'apierror-exceptioncaughttype', WebRequest::getRequestId(), get_class( $e ) ];

            }


            $messages[] = ApiMessage::create( $params, $code );

        }

        return $messages;

    }


    protected function substituteResultWithError( $e ) {

        $result = $this->getResult();

        $formatter = $this->getErrorFormatter();

        $config = $this->getConfig();

        $errorCodes = [];


        // Remember existing warnings and errors across the reset

        $errors = $result->getResultData( [ 'errors' ] );

        $warnings = $result->getResultData( [ 'warnings' ] );

        $result->reset();

        if ( $warnings !== null ) {

            $result->addValue( null, 'warnings', $warnings, ApiResult::NO_SIZE_CHECK );

        }

        if ( $errors !== null ) {

            $result->addValue( null, 'errors', $errors, ApiResult::NO_SIZE_CHECK );


            // Collect the copied error codes for the return value

            foreach ( $errors as $error ) {

                if ( isset( $error['code'] ) ) {

                    $errorCodes[$error['code']] = true;

                }

            }

        }


        // Add errors from the exception

        $modulePath = $e instanceof ApiUsageException ? $e->getModulePath() : null;

        foreach ( $this->errorMessagesFromException( $e, 'error' ) as $msg ) {

            $errorCodes[$msg->getApiCode()] = true;

            $formatter->addError( $modulePath, $msg );

        }

        foreach ( $this->errorMessagesFromException( $e, 'warning' ) as $msg ) {

            $formatter->addWarning( $modulePath, $msg );

        }


        // Add additional data. Path depends on whether we're in BC mode or not.

        // Data depends on the type of exception.

        if ( $formatter instanceof ApiErrorFormatter_BackCompat ) {

            $path = [ 'error' ];

        } else {

            $path = null;

        }

        if ( $e instanceof ApiUsageException ) {

            $link = wfExpandUrl( wfScript( 'api' ) );

            $result->addContentValue(

                $path,

                'docref',

                trim(

                    $this->msg( 'api-usage-docref', $link )->inLanguage( $formatter->getLanguage() )->text()

                    . ' '

                    . $this->msg( 'api-usage-mailinglist-ref' )->inLanguage( $formatter->getLanguage() )->text()

                )

            );

        } else {

            if ( $config->get( 'ShowExceptionDetails' ) ) {

                $result->addContentValue(

                    $path,

                    'trace',

                    $this->msg( 'api-exception-trace',

                        get_class( $e ),

                        $e->getFile(),

                        $e->getLine(),

                        MWExceptionHandler::getRedactedTraceAsString( $e )

                    )->inLanguage( $formatter->getLanguage() )->text()

                );

            }

        }


        // Add the id and such

        $this->addRequestedFields( [ 'servedby' ] );


        return array_keys( $errorCodes );

    }


    protected function addRequestedFields( $force = [] ) {

        $result = $this->getResult();


        $requestid = $this->getParameter( 'requestid' );

        if ( $requestid !== null ) {

            $result->addValue( null, 'requestid', $requestid, ApiResult::NO_SIZE_CHECK );

        }


        if ( $this->getConfig()->get( 'ShowHostnames' ) && (

            in_array( 'servedby', $force, true ) || $this->getParameter( 'servedby' )

        ) ) {

            $result->addValue( null, 'servedby', wfHostname(), ApiResult::NO_SIZE_CHECK );

        }


        if ( $this->getParameter( 'curtimestamp' ) ) {

            $result->addValue( null, 'curtimestamp', wfTimestamp( TS_ISO_8601, time() ),

                ApiResult::NO_SIZE_CHECK );

        }


        if ( $this->getParameter( 'responselanginfo' ) ) {

            $result->addValue( null, 'uselang', $this->getLanguage()->getCode(),

                ApiResult::NO_SIZE_CHECK );

            $result->addValue( null, 'errorlang', $this->getErrorFormatter()->getLanguage()->getCode(),

                ApiResult::NO_SIZE_CHECK );

        }

    }


    protected function setupExecuteAction() {

        $this->addRequestedFields();


        $params = $this->extractRequestParams();

        $this->mAction = $params['action'];


        return $params;

    }


    protected function setupModule() {

        // Instantiate the module requested by the user

        $module = $this->mModuleMgr->getModule( $this->mAction, 'action' );

        if ( $module === null ) {

            // Probably can't happen

            // @codeCoverageIgnoreStart

            $this->dieWithError(

                [ 'apierror-unknownaction', wfEscapeWikiText( $this->mAction ) ], 'unknown_action'

            );

            // @codeCoverageIgnoreEnd

        }

        $moduleParams = $module->extractRequestParams();


        // Check token, if necessary

        if ( $module->needsToken() === true ) {

            throw new MWException(

                "Module '{$module->getModuleName()}' must be updated for the new token handling. " .

                'See documentation for ApiBase::needsToken for details.'

            );

        }

        if ( $module->needsToken() ) {

            if ( !$module->mustBePosted() ) {

                throw new MWException(

                    "Module '{$module->getModuleName()}' must require POST to use tokens."

                );

            }


            if ( !isset( $moduleParams['token'] ) ) {

                // Probably can't happen

                // @codeCoverageIgnoreStart

                $module->dieWithError( [ 'apierror-missingparam', 'token' ] );

                // @codeCoverageIgnoreEnd

            }


            $module->requirePostedParameters( [ 'token' ] );


            if ( !$module->validateToken( $moduleParams['token'], $moduleParams ) ) {

                $module->dieWithError( 'apierror-badtoken' );

            }

        }


        return $module;

    }


    private function getMaxLag() {

        $dbLag = MediaWikiServices::getInstance()->getDBLoadBalancer()->getMaxLag();

        $lagInfo = [

            'host' => $dbLag[0],

            'lag' => $dbLag[1],

            'type' => 'db'

        ];


        $jobQueueLagFactor = $this->getConfig()->get( 'JobQueueIncludeInMaxLagFactor' );

        if ( $jobQueueLagFactor ) {

            // Turn total number of jobs into seconds by using the configured value

            $totalJobs = array_sum( JobQueueGroup::singleton()->getQueueSizes() );

            $jobQueueLag = $totalJobs / (float)$jobQueueLagFactor;

            if ( $jobQueueLag > $lagInfo['lag'] ) {

                $lagInfo = [

                    'host' => wfHostname(), // XXX: Is there a better value that could be used?

                    'lag' => $jobQueueLag,

                    'type' => 'jobqueue',

                    'jobs' => $totalJobs,

                ];

            }

        }


        Hooks::runWithoutAbort( 'ApiMaxLagInfo', [ &$lagInfo ] );


        return $lagInfo;

    }


    protected function checkMaxLag( $module, $params ) {

        if ( $module->shouldCheckMaxlag() && isset( $params['maxlag'] ) ) {

            $maxLag = $params['maxlag'];

            $lagInfo = $this->getMaxLag();

            if ( $lagInfo['lag'] > $maxLag ) {

                $response = $this->getRequest()->response();


                $response->header( 'Retry-After: ' . max( intval( $maxLag ), 5 ) );

                $response->header( 'X-Database-Lag: ' . intval( $lagInfo['lag'] ) );


                if ( $this->getConfig()->get( 'ShowHostnames' ) ) {

                    $this->dieWithError(

                        [ 'apierror-maxlag', $lagInfo['lag'], $lagInfo['host'] ],

                        'maxlag',

                        $lagInfo

                    );

                }


                $this->dieWithError( [ 'apierror-maxlag-generic', $lagInfo['lag'] ], 'maxlag', $lagInfo );

            }

        }


        return true;

    }


    protected function checkConditionalRequestHeaders( $module ) {

        if ( $this->mInternalMode ) {

            // No headers to check in internal mode

            return true;

        }


        if ( $this->getRequest()->getMethod() !== 'GET' && $this->getRequest()->getMethod() !== 'HEAD' ) {

            // Don't check POSTs

            return true;

        }


        $return304 = false;


        $ifNoneMatch = array_diff(

            $this->getRequest()->getHeader( 'If-None-Match', WebRequest::GETHEADER_LIST ) ?: [],

            [ '' ]

        );

        if ( $ifNoneMatch ) {

            if ( $ifNoneMatch === [ '*' ] ) {

                // API responses always "exist"

                $etag = '*';

            } else {

                $etag = $module->getConditionalRequestData( 'etag' );

            }

        }

        if ( $ifNoneMatch && $etag !== null ) {

            $test = substr( $etag, 0, 2 ) === 'W/' ? substr( $etag, 2 ) : $etag;

            $match = array_map( function ( $s ) {

                return substr( $s, 0, 2 ) === 'W/' ? substr( $s, 2 ) : $s;

            }, $ifNoneMatch );

            $return304 = in_array( $test, $match, true );

        } else {

            $value = trim( $this->getRequest()->getHeader( 'If-Modified-Since' ) );


            // Some old browsers sends sizes after the date, like this:

            //  Wed, 20 Aug 2003 06:51:19 GMT; length=5202

            // Ignore that.

            $i = strpos( $value, ';' );

            if ( $i !== false ) {

                $value = trim( substr( $value, 0, $i ) );

            }


            if ( $value !== '' ) {

                try {

                    $ts = new MWTimestamp( $value );

                    if (

                        // RFC 7231 IMF-fixdate

                        $ts->getTimestamp( TS_RFC2822 ) === $value ||

                        // RFC 850

                        $ts->format( 'l, d-M-y H:i:s' ) . ' GMT' === $value ||

                        // asctime (with and without space-padded day)

                        $ts->format( 'D M j H:i:s Y' ) === $value ||

                        $ts->format( 'D M  j H:i:s Y' ) === $value

                    ) {

                        $lastMod = $module->getConditionalRequestData( 'last-modified' );

                        if ( $lastMod !== null ) {

                            // Mix in some MediaWiki modification times

                            $modifiedTimes = [

                                'page' => $lastMod,

                                'user' => $this->getUser()->getTouched(),

                                'epoch' => $this->getConfig()->get( 'CacheEpoch' ),

                            ];

                            if ( $this->getConfig()->get( 'UseSquid' ) ) {

                                // T46570: the core page itself may not change, but resources might

                                $modifiedTimes['sepoch'] = wfTimestamp(

                                    TS_MW, time() - $this->getConfig()->get( 'SquidMaxage' )

                                );

                            }

                            Hooks::run( 'OutputPageCheckLastModified', [ &$modifiedTimes, $this->getOutput() ] );

                            $lastMod = max( $modifiedTimes );

                            $return304 = wfTimestamp( TS_MW, $lastMod ) <= $ts->getTimestamp( TS_MW );

                        }

                    }

                } catch ( TimestampException $e ) {

                    // Invalid timestamp, ignore it

                }

            }

        }


        if ( $return304 ) {

            $this->getRequest()->response()->statusHeader( 304 );


            // Avoid outputting the compressed representation of a zero-length body

            Wikimedia\suppressWarnings();

            ini_set( 'zlib.output_compression', 0 );

            Wikimedia\restoreWarnings();

            wfClearOutputBuffers();


            return false;

        }


        return true;

    }


    protected function checkExecutePermissions( $module ) {

        $user = $this->getUser();

        if ( $module->isReadMode() && !User::isEveryoneAllowed( 'read' ) &&

            !$user->isAllowed( 'read' )

        ) {

            $this->dieWithError( 'apierror-readapidenied' );

        }


        if ( $module->isWriteMode() ) {

            if ( !$this->mEnableWrite ) {

                $this->dieWithError( 'apierror-noapiwrite' );

            } elseif ( !$user->isAllowed( 'writeapi' ) ) {

                $this->dieWithError( 'apierror-writeapidenied' );

            } elseif ( $this->getRequest()->getHeader( 'Promise-Non-Write-API-Action' ) ) {

                $this->dieWithError( 'apierror-promised-nonwrite-api' );

            }


            $this->checkReadOnly( $module );

        }


        // Allow extensions to stop execution for arbitrary reasons.

        $message = 'hookaborted';

        if ( !Hooks::run( 'ApiCheckCanExecute', [ $module, $user, &$message ] ) ) {

            $this->dieWithError( $message );

        }

    }


    protected function checkReadOnly( $module ) {

        if ( wfReadOnly() ) {

            $this->dieReadOnly();

        }


        if ( $module->isWriteMode()

            && $this->getUser()->isBot()

            && MediaWikiServices::getInstance()->getDBLoadBalancer()->getServerCount() > 1

        ) {

            $this->checkBotReadOnly();

        }

    }


    private function checkBotReadOnly() {

        // Figure out how many servers have passed the lag threshold

        $numLagged = 0;

        $lagLimit = $this->getConfig()->get( 'APIMaxLagThreshold' );

        $laggedServers = [];

        $loadBalancer = MediaWikiServices::getInstance()->getDBLoadBalancer();

        foreach ( $loadBalancer->getLagTimes() as $serverIndex => $lag ) {

            if ( $lag > $lagLimit ) {

                ++$numLagged;

                $laggedServers[] = $loadBalancer->getServerName( $serverIndex ) . " ({$lag}s)";

            }

        }


        // If a majority of replica DBs are too lagged then disallow writes

        $replicaCount = $loadBalancer->getServerCount() - 1;

        if ( $numLagged >= ceil( $replicaCount / 2 ) ) {

            $laggedServers = implode( ', ', $laggedServers );

            wfDebugLog(

                'api-readonly',

                "Api request failed as read only because the following DBs are lagged: $laggedServers"

            );


            $this->dieWithError(

                'readonly_lag',

                'readonly',

                [ 'readonlyreason' => "Waiting for $numLagged lagged database(s)" ]

            );

        }

    }


    protected function checkAsserts( $params ) {

        if ( isset( $params['assert'] ) ) {

            $user = $this->getUser();

            switch ( $params['assert'] ) {

                case 'user':

                    if ( $user->isAnon() ) {

                        $this->dieWithError( 'apierror-assertuserfailed' );

                    }

                    break;

                case 'bot':

                    if ( !$user->isAllowed( 'bot' ) ) {

                        $this->dieWithError( 'apierror-assertbotfailed' );

                    }

                    break;

            }

        }

        if ( isset( $params['assertuser'] ) ) {

            $assertUser = User::newFromName( $params['assertuser'], false );

            if ( !$assertUser || !$this->getUser()->equals( $assertUser ) ) {

                $this->dieWithError(

                    [ 'apierror-assertnameduserfailed', wfEscapeWikiText( $params['assertuser'] ) ]

                );

            }

        }

    }


    protected function setupExternalResponse( $module, $params ) {

        $request = $this->getRequest();

        if ( !$request->wasPosted() && $module->mustBePosted() ) {

            // Module requires POST. GET request might still be allowed

            // if $wgDebugApi is true, otherwise fail.

            $this->dieWithErrorOrDebug( [ 'apierror-mustbeposted', $this->mAction ] );

        }


        // See if custom printer is used

        $this->mPrinter = $module->getCustomPrinter();

        if ( is_null( $this->mPrinter ) ) {

            // Create an appropriate printer

            $this->mPrinter = $this->createPrinterByName( $params['format'] );

        }


        if ( $request->getProtocol() === 'http' && (

            $request->getSession()->shouldForceHTTPS() ||

            ( $this->getUser()->isLoggedIn() &&

                $this->getUser()->requiresHTTPS() )

        ) ) {

            $this->addDeprecation( 'apiwarn-deprecation-httpsexpected', 'https-expected' );

        }

    }


    protected function executeAction() {

        $params = $this->setupExecuteAction();


        // Check asserts early so e.g. errors in parsing a module's parameters due to being

        // logged out don't override the client's intended "am I logged in?" check.

        $this->checkAsserts( $params );


        $module = $this->setupModule();

        $this->mModule = $module;


        if ( !$this->mInternalMode ) {

            $this->setRequestExpectations( $module );

        }


        $this->checkExecutePermissions( $module );


        if ( !$this->checkMaxLag( $module, $params ) ) {

            return;

        }


        if ( !$this->checkConditionalRequestHeaders( $module ) ) {

            return;

        }


        if ( !$this->mInternalMode ) {

            $this->setupExternalResponse( $module, $params );

        }


        // Execute

        $module->execute();

        Hooks::run( 'APIAfterExecute', [ &$module ] );


        $this->reportUnusedParams();


        if ( !$this->mInternalMode ) {

            // append Debug information

            MWDebug::appendDebugInfoToApiResult( $this->getContext(), $this->getResult() );


            // Print result data

            $this->printResult();

        }

    }


    protected function setRequestExpectations( ApiBase $module ) {

        $limits = $this->getConfig()->get( 'TrxProfilerLimits' );

        $trxProfiler = Profiler::instance()->getTransactionProfiler();

        $trxProfiler->setLogger( LoggerFactory::getInstance( 'DBPerformance' ) );

        if ( $this->getRequest()->hasSafeMethod() ) {

            $trxProfiler->setExpectations( $limits['GET'], __METHOD__ );

        } elseif ( $this->getRequest()->wasPosted() && !$module->isWriteMode() ) {

            $trxProfiler->setExpectations( $limits['POST-nonwrite'], __METHOD__ );

            $this->getRequest()->markAsSafeRequest();

        } else {

            $trxProfiler->setExpectations( $limits['POST'], __METHOD__ );

        }

    }


    protected function logRequest( $time, $e = null ) {

        $request = $this->getRequest();

        $logCtx = [

            'ts' => time(),

            'ip' => $request->getIP(),

            'userAgent' => $this->getUserAgent(),

            'wiki' => wfWikiID(),

            'timeSpentBackend' => (int)round( $time * 1000 ),

            'hadError' => $e !== null,

            'errorCodes' => [],

            'params' => [],

        ];


        if ( $e ) {

            foreach ( $this->errorMessagesFromException( $e ) as $msg ) {

                $logCtx['errorCodes'][] = $msg->getApiCode();

            }

        }


        // Construct space separated message for 'api' log channel

        $msg = "API {$request->getMethod()} " .

            wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) .

            " {$logCtx['ip']} " .

            "T={$logCtx['timeSpentBackend']}ms";


        $sensitive = array_flip( $this->getSensitiveParams() );

        foreach ( $this->getParamsUsed() as $name ) {

            $value = $request->getVal( $name );

            if ( $value === null ) {

                continue;

            }


            if ( isset( $sensitive[$name] ) ) {

                $value = '[redacted]';

                $encValue = '[redacted]';

            } elseif ( strlen( $value ) > 256 ) {

                $value = substr( $value, 0, 256 );

                $encValue = $this->encodeRequestLogValue( $value ) . '[...]';

            } else {

                $encValue = $this->encodeRequestLogValue( $value );

            }


            $logCtx['params'][$name] = $value;

            $msg .= " {$name}={$encValue}";

        }


        wfDebugLog( 'api', $msg, 'private' );

        // ApiAction channel is for structured data consumers

        wfDebugLog( 'ApiAction', '', 'private', $logCtx );

    }


    protected function encodeRequestLogValue( $s ) {

        static $table;

        if ( !$table ) {

            $chars = ';@$!*(),/:';

            $numChars = strlen( $chars );

            for ( $i = 0; $i < $numChars; $i++ ) {

                $table[rawurlencode( $chars[$i] )] = $chars[$i];

            }

        }


        return strtr( rawurlencode( $s ), $table );

    }


    protected function getParamsUsed() {

        return array_keys( $this->mParamsUsed );

    }


    public function markParamsUsed( $params ) {

        $this->mParamsUsed += array_fill_keys( (array)$params, true );

    }


    protected function getSensitiveParams() {

        return array_keys( $this->mParamsSensitive );

    }


    public function markParamsSensitive( $params ) {

        $this->mParamsSensitive += array_fill_keys( (array)$params, true );

    }


    public function getVal( $name, $default = null ) {

        $this->mParamsUsed[$name] = true;


        $ret = $this->getRequest()->getVal( $name );

        if ( $ret === null ) {

            if ( $this->getRequest()->getArray( $name ) !== null ) {

                // See T12262 for why we don't just implode( '|', ... ) the

                // array.

                $this->addWarning( [ 'apiwarn-unsupportedarray', $name ] );

            }

            $ret = $default;

        }

        return $ret;

    }


    public function getCheck( $name ) {

        return $this->getVal( $name, null ) !== null;

    }


    public function getUpload( $name ) {

        $this->mParamsUsed[$name] = true;


        return $this->getRequest()->getUpload( $name );

    }


    protected function reportUnusedParams() {

        $paramsUsed = $this->getParamsUsed();

        $allParams = $this->getRequest()->getValueNames();


        if ( !$this->mInternalMode ) {

            // Printer has not yet executed; don't warn that its parameters are unused

            $printerParams = $this->mPrinter->encodeParamName(

                array_keys( $this->mPrinter->getFinalParams() ?: [] )

            );

            $unusedParams = array_diff( $allParams, $paramsUsed, $printerParams );

        } else {

            $unusedParams = array_diff( $allParams, $paramsUsed );

        }


        if ( count( $unusedParams ) ) {

            $this->addWarning( [

                'apierror-unrecognizedparams',

                Message::listParam( array_map( 'wfEscapeWikiText', $unusedParams ), 'comma' ),

                count( $unusedParams )

            ] );

        }

    }


    protected function printResult( $httpCode = 0 ) {

        if ( $this->getConfig()->get( 'DebugAPI' ) !== false ) {

            $this->addWarning( 'apiwarn-wgDebugAPI' );

        }


        $printer = $this->mPrinter;

        $printer->initPrinter( false );

        if ( $httpCode ) {

            $printer->setHttpStatus( $httpCode );

        }

        $printer->execute();

        $printer->closePrinter();

    }


    public function isReadMode() {

        return false;

    }


    public function getAllowedParams() {

        return [

            'action' => [

                ApiBase::PARAM_DFLT => 'help',

                ApiBase::PARAM_TYPE => 'submodule',

            ],

            'format' => [

                ApiBase::PARAM_DFLT => self::API_DEFAULT_FORMAT,

                ApiBase::PARAM_TYPE => 'submodule',

            ],

            'maxlag' => [

                ApiBase::PARAM_TYPE => 'integer'

            ],

            'smaxage' => [

                ApiBase::PARAM_TYPE => 'integer',

                ApiBase::PARAM_DFLT => 0

            ],

            'maxage' => [

                ApiBase::PARAM_TYPE => 'integer',

                ApiBase::PARAM_DFLT => 0

            ],

            'assert' => [

                ApiBase::PARAM_TYPE => [ 'user', 'bot' ]

            ],

            'assertuser' => [

                ApiBase::PARAM_TYPE => 'user',

            ],

            'requestid' => null,

            'servedby' => false,

            'curtimestamp' => false,

            'responselanginfo' => false,

            'origin' => null,

            'uselang' => [

                ApiBase::PARAM_DFLT => self::API_DEFAULT_USELANG,

            ],

            'errorformat' => [

                ApiBase::PARAM_TYPE => [ 'plaintext', 'wikitext', 'html', 'raw', 'none', 'bc' ],

                ApiBase::PARAM_DFLT => 'bc',

            ],

            'errorlang' => [

                ApiBase::PARAM_DFLT => 'uselang',

            ],

            'errorsuselocal' => [

                ApiBase::PARAM_DFLT => false,

            ],

        ];

    }


    protected function getExamplesMessages() {

        return [

            'action=help'

                => 'apihelp-help-example-main',

            'action=help&recursivesubmodules=1'

                => 'apihelp-help-example-recursive',

        ];

    }


    public function modifyHelp( array &$help, array $options, array &$tocData ) {

        // Wish PHP had an "array_insert_before". Instead, we have to manually

        // reindex the array to get 'permissions' in the right place.

        $oldHelp = $help;

        $help = [];

        foreach ( $oldHelp as $k => $v ) {

            if ( $k === 'submodules' ) {

                $help['permissions'] = '';

            }

            $help[$k] = $v;

        }

        $help['datatypes'] = '';

        $help['templatedparams'] = '';

        $help['credits'] = '';


        // Fill 'permissions'

        $help['permissions'] .= Html::openElement( 'div',

            [ 'class' => 'apihelp-block apihelp-permissions' ] );

        $m = $this->msg( 'api-help-permissions' );

        if ( !$m->isDisabled() ) {

            $help['permissions'] .= Html::rawElement( 'div', [ 'class' => 'apihelp-block-head' ],

                $m->numParams( count( self::$mRights ) )->parse()

            );

        }

        $help['permissions'] .= Html::openElement( 'dl' );

        foreach ( self::$mRights as $right => $rightMsg ) {

            $help['permissions'] .= Html::element( 'dt', null, $right );


            $rightMsg = $this->msg( $rightMsg['msg'], $rightMsg['params'] )->parse();

            $help['permissions'] .= Html::rawElement( 'dd', null, $rightMsg );


            $groups = array_map( function ( $group ) {

                return $group == '*' ? 'all' : $group;

            }, User::getGroupsWithPermission( $right ) );


            $help['permissions'] .= Html::rawElement( 'dd', null,

                $this->msg( 'api-help-permissions-granted-to' )

                    ->numParams( count( $groups ) )

                    ->params( Message::listParam( $groups ) )

                    ->parse()

            );

        }

        $help['permissions'] .= Html::closeElement( 'dl' );

        $help['permissions'] .= Html::closeElement( 'div' );


        // Fill 'datatypes', 'templatedparams', and 'credits', if applicable

        if ( empty( $options['nolead'] ) ) {

            $level = $options['headerlevel'];

            $tocnumber = &$options['tocnumber'];


            $header = $this->msg( 'api-help-datatypes-header' )->parse();


            $id = Sanitizer::escapeIdForAttribute( 'main/datatypes', Sanitizer::ID_PRIMARY );

            $idFallback = Sanitizer::escapeIdForAttribute( 'main/datatypes', Sanitizer::ID_FALLBACK );

            $headline = Linker::makeHeadline( min( 6, $level ),

                ' class="apihelp-header">',

                $id,

                $header,

                '',

                $idFallback

            );

            // Ensure we have a sane anchor

            if ( $id !== 'main/datatypes' && $idFallback !== 'main/datatypes' ) {

                $headline = '<div id="main/datatypes"></div>' . $headline;

            }

            $help['datatypes'] .= $headline;

            $help['datatypes'] .= $this->msg( 'api-help-datatypes' )->parseAsBlock();

            if ( !isset( $tocData['main/datatypes'] ) ) {

                $tocnumber[$level]++;

                $tocData['main/datatypes'] = [

                    'toclevel' => count( $tocnumber ),

                    'level' => $level,

                    'anchor' => 'main/datatypes',

                    'line' => $header,

                    'number' => implode( '.', $tocnumber ),

                    'index' => false,

                ];

            }


            $header = $this->msg( 'api-help-templatedparams-header' )->parse();


            $id = Sanitizer::escapeIdForAttribute( 'main/templatedparams', Sanitizer::ID_PRIMARY );

            $idFallback = Sanitizer::escapeIdForAttribute( 'main/templatedparams', Sanitizer::ID_FALLBACK );

            $headline = Linker::makeHeadline( min( 6, $level ),

                ' class="apihelp-header">',

                $id,

                $header,

                '',

                $idFallback

            );

            // Ensure we have a sane anchor

            if ( $id !== 'main/templatedparams' && $idFallback !== 'main/templatedparams' ) {

                $headline = '<div id="main/templatedparams"></div>' . $headline;

            }

            $help['templatedparams'] .= $headline;

            $help['templatedparams'] .= $this->msg( 'api-help-templatedparams' )->parseAsBlock();

            if ( !isset( $tocData['main/templatedparams'] ) ) {

                $tocnumber[$level]++;

                $tocData['main/templatedparams'] = [

                    'toclevel' => count( $tocnumber ),

                    'level' => $level,

                    'anchor' => 'main/templatedparams',

                    'line' => $header,

                    'number' => implode( '.', $tocnumber ),

                    'index' => false,

                ];

            }


            $header = $this->msg( 'api-credits-header' )->parse();

            $id = Sanitizer::escapeIdForAttribute( 'main/credits', Sanitizer::ID_PRIMARY );

            $idFallback = Sanitizer::escapeIdForAttribute( 'main/credits', Sanitizer::ID_FALLBACK );

            $headline = Linker::makeHeadline( min( 6, $level ),

                ' class="apihelp-header">',

                $id,

                $header,

                '',

                $idFallback

            );

            // Ensure we have a sane anchor

            if ( $id !== 'main/credits' && $idFallback !== 'main/credits' ) {

                $headline = '<div id="main/credits"></div>' . $headline;

            }

            $help['credits'] .= $headline;

            $help['credits'] .= $this->msg( 'api-credits' )->useDatabase( false )->parseAsBlock();

            if ( !isset( $tocData['main/credits'] ) ) {

                $tocnumber[$level]++;

                $tocData['main/credits'] = [

                    'toclevel' => count( $tocnumber ),

                    'level' => $level,

                    'anchor' => 'main/credits',

                    'line' => $header,

                    'number' => implode( '.', $tocnumber ),

                    'index' => false,

                ];

            }

        }

    }


    private $mCanApiHighLimits = null;


    public function canApiHighLimits() {

        if ( !isset( $this->mCanApiHighLimits ) ) {

            $this->mCanApiHighLimits = $this->getUser()->isAllowed( 'apihighlimits' );

        }


        return $this->mCanApiHighLimits;

    }


    public function getModuleManager() {

        return $this->mModuleMgr;

    }


    public function getUserAgent() {

        return trim(

            $this->getRequest()->getHeader( 'Api-user-agent' ) . ' ' .

            $this->getRequest()->getHeader( 'User-agent' )

        );

    }


}


wfDebug
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
Definition GlobalFunctions.php:1000

wfUrlencode
wfUrlencode( $s)
We want some things to be included as literal characters in our title URLs for prettiness,...
Definition GlobalFunctions.php:331

wfReadOnly
wfReadOnly()
Check whether the wiki is in read-only mode.
Definition GlobalFunctions.php:1249

wfHostname
wfHostname()
Fetch server name for use in error reporting etc.
Definition GlobalFunctions.php:1404

wfExpandUrl
wfExpandUrl( $url, $defaultProto=PROTO_CURRENT)
Expand a potentially local URL to a fully-qualified URL.
Definition GlobalFunctions.php:512

wfDebugLog
wfDebugLog( $logGroup, $text, $dest='all', array $context=[])
Send a line to a supplementary debug log file, if configured, or main debug log if not.
Definition GlobalFunctions.php:1094

wfClearOutputBuffers
wfClearOutputBuffers()
More legible than passing a 'false' parameter to wfResetOutputBuffers():
Definition GlobalFunctions.php:1828

wfScript
wfScript( $script='index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
Definition GlobalFunctions.php:2783

wfTimestamp
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
Definition GlobalFunctions.php:1966

wfEscapeWikiText
wfEscapeWikiText( $text)
Escapes the given text so that it may be output using addWikiText() without any linking,...
Definition GlobalFunctions.php:1629

wfWikiID
wfWikiID()
Get an ASCII string identifying this wiki This is used as a prefix in memcached keys.
Definition GlobalFunctions.php:2656

$messages
$messages
Definition LogTests.i18n.php:8

$wgLang
$wgLang
Definition Setup.php:910

ApiBase
This abstract class implements many basic API functions, and is the base of all API classes.
Definition ApiBase.php:37

ApiBase\getParameter
getParameter( $paramName, $parseLimit=true)
Get a value for the given parameter.
Definition ApiBase.php:884

ApiBase\dieWithError
dieWithError( $msg, $code=null, $data=null, $httpCode=null)
Abort execution with an error.
Definition ApiBase.php:1987

ApiBase\dieWithErrorOrDebug
dieWithErrorOrDebug( $msg, $code=null, $data=null, $httpCode=null)
Will only set a warning instead of failing if the global $wgDebugAPI is set to true.
Definition ApiBase.php:2138

ApiBase\PARAM_TYPE
const PARAM_TYPE
(string|string[]) Either an array of allowed value strings, or a string type as described below.
Definition ApiBase.php:87

ApiBase\isWriteMode
isWriteMode()
Indicates whether this module requires write mode.
Definition ApiBase.php:446

ApiBase\PARAM_DFLT
const PARAM_DFLT
(null|boolean|integer|string) Default value of the parameter.
Definition ApiBase.php:48

ApiBase\dieReadOnly
dieReadOnly()
Helper function for readonly errors.
Definition ApiBase.php:2079

ApiBase\addDeprecation
addDeprecation( $msg, $feature, $data=[])
Add a deprecation warning for this module.
Definition ApiBase.php:1920

ApiBase\LIMIT_SML2
const LIMIT_SML2
Slow query, apihighlimits limit.
Definition ApiBase.php:258

ApiBase\extractRequestParams
extractRequestParams( $options=[])
Using getAllowedParams(), this function makes an array of the values provided by the user,...
Definition ApiBase.php:770

ApiBase\addWarning
addWarning( $msg, $code=null, $data=null)
Add a warning for this module.
Definition ApiBase.php:1906

ApiBase\LIMIT_BIG2
const LIMIT_BIG2
Fast query, apihighlimits limit.
Definition ApiBase.php:254

ApiContinuationManager
This manages continuation state.
Definition ApiContinuationManager.php:26

ApiErrorFormatter_BackCompat
Format errors and warnings in the old style, for backwards compatibility.
Definition ApiErrorFormatter.php:378

ApiErrorFormatter
Formats errors and warnings for the API, and add them to the associated ApiResult.
Definition ApiErrorFormatter.php:30

ApiFormatBase
This is the abstract base class for API formatters.
Definition ApiFormatBase.php:28

ApiFormatBase\initPrinter
initPrinter( $unused=false)
Initialize the printer function and prepare the output headers.
Definition ApiFormatBase.php:189

ApiMain
This is the main API class, used for both external and internal processing.
Definition ApiMain.php:41

ApiMain\handleApiBeforeMainException
static handleApiBeforeMainException( $e)
Handle an exception from the ApiBeforeMain hook.
Definition ApiMain.php:637

ApiMain\getExamplesMessages
getExamplesMessages()
@inheritDoc
Definition ApiMain.php:1861

ApiMain\isReadMode
isReadMode()
Definition ApiMain.php:1803

ApiMain\setRequestExpectations
setRequestExpectations(ApiBase $module)
Set database connection, query, and write expectations given this module request.
Definition ApiMain.php:1588

ApiMain\getAllowedParams
getAllowedParams()
See ApiBase for description.
Definition ApiMain.php:1812

ApiMain\getSensitiveParams
getSensitiveParams()
Get the request parameters that should be considered sensitive.
Definition ApiMain.php:1697

ApiMain\$mResult
$mResult
Definition ApiMain.php:146

ApiMain\getPrinter
getPrinter()
Get the result formatter object.
Definition ApiMain.php:391

ApiMain\logRequest
logRequest( $time, $e=null)
Log the preceding request.
Definition ApiMain.php:1607

ApiMain\$Modules
static $Modules
List of available modules: action name => module class.
Definition ApiMain.php:55

ApiMain\sendCacheHeaders
sendCacheHeaders( $isError)
Send caching headers.
Definition ApiMain.php:868

ApiMain\encodeRequestLogValue
encodeRequestLogValue( $s)
Encode a value in a format suitable for a space-separated log line.
Definition ApiMain.php:1663

ApiMain\$mPrinter
ApiFormatBase $mPrinter
Definition ApiMain.php:144

ApiMain\getMaxLag
getMaxLag()
Definition ApiMain.php:1224

ApiMain\markParamsUsed
markParamsUsed( $params)
Mark parameters as used.
Definition ApiMain.php:1688

ApiMain\executeActionWithErrorHandling
executeActionWithErrorHandling()
Execute an action, and in case of an error, erase whatever partial results have been accumulated,...
Definition ApiMain.php:510

ApiMain\$mParamsSensitive
$mParamsSensitive
Definition ApiMain.php:158

ApiMain\$mModuleMgr
$mModuleMgr
Definition ApiMain.php:146

ApiMain\$mAction
$mAction
Definition ApiMain.php:149

ApiMain\createPrinterByName
createPrinterByName( $format)
Create an instance of an output formatter by its name.
Definition ApiMain.php:484

ApiMain\setCacheMaxAge
setCacheMaxAge( $maxage)
Set how long the response should be cached.
Definition ApiMain.php:400

ApiMain\$mRights
static $mRights
List of user roles that are specifically relevant to the API.
Definition ApiMain.php:130

ApiMain\getResult
getResult()
Get the ApiResult object associated with current request.
Definition ApiMain.php:308

ApiMain\$mCacheMode
$mCacheMode
Definition ApiMain.php:155

ApiMain\createErrorPrinter
createErrorPrinter()
Create the printer for error output.
Definition ApiMain.php:986

ApiMain\executeAction
executeAction()
Execute the actual module, without any error handling.
Definition ApiMain.php:1541

ApiMain\getErrorFormatter
getErrorFormatter()
Get the ApiErrorFormatter object associated with current request.
Definition ApiMain.php:351

ApiMain\checkMaxLag
checkMaxLag( $module, $params)
Check the max lag if necessary.
Definition ApiMain.php:1258

ApiMain\checkAsserts
checkAsserts( $params)
Check asserts of the user's rights.
Definition ApiMain.php:1483

ApiMain\$mErrorFormatter
$mErrorFormatter
Definition ApiMain.php:146

ApiMain\setupExternalResponse
setupExternalResponse( $module, $params)
Check POST for external response and setup result printer.
Definition ApiMain.php:1514

ApiMain\matchRequestedHeaders
static matchRequestedHeaders( $requestedHeaders)
Attempt to validate the value of Access-Control-Request-Headers against a list of headers that we all...
Definition ApiMain.php:816

ApiMain\$lacksSameOriginSecurity
bool null $lacksSameOriginSecurity
Cached return value from self::lacksSameOriginSecurity()
Definition ApiMain.php:161

ApiMain\setCacheControl
setCacheControl( $directives)
Set directives (key/value pairs) for the Cache-Control header.
Definition ApiMain.php:473

ApiMain\wildcardToRegex
static wildcardToRegex( $wildcard)
Helper function to convert wildcard string into a regex '*' => '.
Definition ApiMain.php:852

ApiMain\setContinuationManager
setContinuationManager(ApiContinuationManager $manager=null)
Set the continuation manager.
Definition ApiMain.php:367

ApiMain\setCacheMode
setCacheMode( $mode)
Set the type of caching headers which will be sent.
Definition ApiMain.php:432

ApiMain\setupModule
setupModule()
Set up the module for response.
Definition ApiMain.php:1177

ApiMain\markParamsSensitive
markParamsSensitive( $params)
Mark parameters as sensitive.
Definition ApiMain.php:1706

ApiMain\$mModule
ApiBase $mModule
Definition ApiMain.php:153

ApiMain\setupExecuteAction
setupExecuteAction()
Set up for the execution.
Definition ApiMain.php:1162

ApiMain\checkConditionalRequestHeaders
checkConditionalRequestHeaders( $module)
Check selected RFC 7232 precondition headers.
Definition ApiMain.php:1304

ApiMain\checkBotReadOnly
checkBotReadOnly()
Check whether we are readonly for bots.
Definition ApiMain.php:1449

ApiMain\handleException
handleException( $e)
Handle an exception as an API response.
Definition ApiMain.php:567

ApiMain\$mSquidMaxage
$mSquidMaxage
Definition ApiMain.php:151

ApiMain\getUserAgent
getUserAgent()
Fetches the user agent used for this request.
Definition ApiMain.php:2038

ApiMain\API_DEFAULT_USELANG
const API_DEFAULT_USELANG
When no uselang parameter is given, this language will be used.
Definition ApiMain.php:50

ApiMain\matchOrigin
static matchOrigin( $value, $rules, $exceptions)
Attempt to match an Origin header against a set of rules and a set of exceptions.
Definition ApiMain.php:792

ApiMain\getModule
getModule()
Get the API module object.
Definition ApiMain.php:382

ApiMain\__construct
__construct( $context=null, $enableWrite=false)
Constructs an instance of ApiMain that utilizes the module and format specified by $request.
Definition ApiMain.php:170

ApiMain\isInternalMode
isInternalMode()
Return true if the API was started by other PHP code using FauxRequest.
Definition ApiMain.php:299

ApiMain\addRequestedFields
addRequestedFields( $force=[])
Add requested fields to the result.
Definition ApiMain.php:1131

ApiMain\modifyHelp
modifyHelp(array &$help, array $options, array &$tocData)
Called from ApiHelp before the pieces are joined together and returned.
Definition ApiMain.php:1870

ApiMain\$mCacheControl
$mCacheControl
Definition ApiMain.php:156

ApiMain\checkReadOnly
checkReadOnly( $module)
Check if the DB is read-only for this user.
Definition ApiMain.php:1433

ApiMain\getCheck
getCheck( $name)
Get a boolean request value, and register the fact that the parameter was used, for logging.
Definition ApiMain.php:1737

ApiMain\$mInternalMode
$mInternalMode
Definition ApiMain.php:151

ApiMain\getContinuationManager
getContinuationManager()
Get the continuation manager.
Definition ApiMain.php:359

ApiMain\printResult
printResult( $httpCode=0)
Print results using the current printer.
Definition ApiMain.php:1786

ApiMain\reportUnusedParams
reportUnusedParams()
Report unused parameters, so the client gets a hint in case it gave us parameters we don't know,...
Definition ApiMain.php:1758

ApiMain\lacksSameOriginSecurity
lacksSameOriginSecurity()
Get the security flag for the current request.
Definition ApiMain.php:316

ApiMain\getVal
getVal( $name, $default=null)
Get a request value, and register the fact that it was used, for logging.
Definition ApiMain.php:1716

ApiMain\getParamsUsed
getParamsUsed()
Get the request parameters used in the course of the preceding execute() request.
Definition ApiMain.php:1680

ApiMain\getModuleManager
getModuleManager()
Overrides to return this instance's module manager.
Definition ApiMain.php:2026

ApiMain\$mContinuationManager
ApiContinuationManager null $mContinuationManager
Definition ApiMain.php:148

ApiMain\substituteResultWithError
substituteResultWithError( $e)
Replace the result data with the information about an exception.
Definition ApiMain.php:1053

ApiMain\API_DEFAULT_FORMAT
const API_DEFAULT_FORMAT
When no format parameter is given, this format will be used.
Definition ApiMain.php:45

ApiMain\checkExecutePermissions
checkExecutePermissions( $module)
Check for sufficient permissions to execute.
Definition ApiMain.php:1402

ApiMain\getUpload
getUpload( $name)
Get a request upload, and register the fact that it was used, for logging.
Definition ApiMain.php:1748

ApiMain\$mParamsUsed
$mParamsUsed
Definition ApiMain.php:157

ApiMain\canApiHighLimits
canApiHighLimits()
Check whether the current user is allowed to use high limits.
Definition ApiMain.php:2014

ApiMain\$Formats
static $Formats
List of available formats: format name => format class.
Definition ApiMain.php:113

ApiMain\$mCanApiHighLimits
$mCanApiHighLimits
Definition ApiMain.php:2008

ApiMain\errorMessagesFromException
errorMessagesFromException( $e, $type='error')
Create an error message for the given exception.
Definition ApiMain.php:1017

ApiMain\handleCORS
handleCORS()
Check the &origin= query parameter against the Origin: HTTP header and respond appropriately.
Definition ApiMain.php:672

ApiMain\execute
execute()
Execute api request.
Definition ApiMain.php:498

ApiMain\$mEnableWrite
$mEnableWrite
Definition ApiMain.php:150

ApiMessage\create
static create( $msg, $code=null, array $data=null)
Create an IApiMessage for the message.
Definition ApiMessage.php:40

ApiModuleManager
This class holds a list of modules and handles instantiation.
Definition ApiModuleManager.php:30

ApiResult
This class represents the result of the API operations.
Definition ApiResult.php:35

ApiResult\NO_SIZE_CHECK
const NO_SIZE_CHECK
For addValue() and similar functions, do not check size while adding a value Don't use this unless yo...
Definition ApiResult.php:58

ApiUsageException
Exception used to abort API execution with an error.
Definition ApiUsageException.php:28

ApiUsageException\getStatusValue
getStatusValue()
Fetch the error status.
Definition ApiUsageException.php:101

ContextSource\msg
msg( $key)
Get a Message object with context set Parameters are the same as wfMessage()
Definition ContextSource.php:168

ContextSource\getUser
getUser()
Definition ContextSource.php:120

ContextSource\getRequest
getRequest()
Definition ContextSource.php:71

ContextSource\getConfig
getConfig()
Definition ContextSource.php:63

ContextSource\getOutput
getOutput()
Definition ContextSource.php:112

ContextSource\$context
IContextSource $context
Definition ContextSource.php:33

ContextSource\getLanguage
getLanguage()
Definition ContextSource.php:128

ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition ContextSource.php:40

ContextSource\setContext
setContext(IContextSource $context)
Definition ContextSource.php:55

DerivativeContext
An IContextSource implementation which will inherit context from another source but allow individual ...
Definition DerivativeContext.php:30

FauxRequest
WebRequest clone which takes values from a provided array.
Definition FauxRequest.php:33

Linker\makeHeadline
static makeHeadline( $level, $attribs, $anchor, $html, $link, $fallbackAnchor=false)
Create a headline for content.
Definition Linker.php:1641

MWException
MediaWiki exception.
Definition MWException.php:26

MWTimestamp
Library for creating and parsing MW-style timestamps.
Definition MWTimestamp.php:32

MediaWiki\Logger\LoggerFactory
PSR-3 logger instance factory.
Definition LoggerFactory.php:45

MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:99

User
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:47

User\isEveryoneAllowed
static isEveryoneAllowed( $right)
Check if all users may be assumed to have the given permission.
Definition User.php:5033

User\newFromName
static newFromName( $name, $validate='valid')
Static factory method for creation from username.
Definition User.php:592

User\getGroupsWithPermission
static getGroupsWithPermission( $role)
Get all the groups who have a given permission.
Definition User.php:4990

WebRequest
The WebRequest class encapsulates getting at data passed in the URL or via a POSTed form stripping il...
Definition WebRequest.php:41

$request
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on $request
Definition hooks.txt:2880

$time
see documentation in includes Linker php for Linker::makeImageLink & $time
Definition hooks.txt:1841

$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:2050

$code
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
Definition hooks.txt:895

$ret
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses & $ret
Definition hooks.txt:2054

$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition hooks.txt:894

$link
usually copyright or history_copyright This message must be in HTML not wikitext & $link
Definition hooks.txt:3106

$name
Allows to change the fields on the form that will be generated $name
Definition hooks.txt:302

$response
this hook is for auditing only $response
Definition hooks.txt:813

false
processing should stop and the error should be shown to the user * false
Definition hooks.txt:187

$e
returning false will NOT prevent logging $e
Definition hooks.txt:2226

ILocalizedException
Interface for MediaWiki-localized exceptions.
Definition LocalizedException.php:27

MessageSpecifier
Definition MessageSpecifier.php:21

$help
$help
Definition mcc.php:32

array
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))

$s
$s
Definition mergeMessageFileList.php:187

MediaWiki
A helper class for throttling authentication attempts.

$value
$value
Definition styleTest.css.php:49

$params
$params
Definition styleTest.css.php:44

$t
$t
Definition testCompression.php:69

$type
$type
Definition testCompression.php:48

$header
$header
Definition updateCredits.php:35