MediaWiki REL1_32
SpecialPage.php
Go to the documentation of this file.
1<?php
27
36class SpecialPage implements MessageLocalizer {
37 // The canonical name of this special page
38 // Also used for the default <h1> heading, @see getDescription()
39 protected $mName;
40
41 // The local name of this special page
42 private $mLocalName;
43
44 // Minimum user level required to access this page, or "" for anyone.
45 // Also used to categorise the pages in Special:Specialpages
46 protected $mRestriction;
47
48 // Listed in Special:Specialpages?
49 private $mListed;
50
51 // Whether or not this special page is being included from an article
52 protected $mIncluding;
53
54 // Whether the special page can be included in an article
55 protected $mIncludable;
56
61 protected $mContext;
62
67
82 public static function getTitleFor( $name, $subpage = false, $fragment = '' ) {
83 return Title::newFromTitleValue(
84 self::getTitleValueFor( $name, $subpage, $fragment )
85 );
86 }
87
97 public static function getTitleValueFor( $name, $subpage = false, $fragment = '' ) {
98 $name = MediaWikiServices::getInstance()->getSpecialPageFactory()->
99 getLocalNameFor( $name, $subpage );
100
101 return new TitleValue( NS_SPECIAL, $name, $fragment );
102 }
103
111 public static function getSafeTitleFor( $name, $subpage = false ) {
112 $name = MediaWikiServices::getInstance()->getSpecialPageFactory()->
113 getLocalNameFor( $name, $subpage );
114 if ( $name ) {
115 return Title::makeTitleSafe( NS_SPECIAL, $name );
116 } else {
117 return null;
118 }
119 }
120
138 public function __construct(
139 $name = '', $restriction = '', $listed = true,
140 $function = false, $file = '', $includable = false
141 ) {
142 $this->mName = $name;
143 $this->mRestriction = $restriction;
144 $this->mListed = $listed;
145 $this->mIncludable = $includable;
146 }
147
152 function getName() {
153 return $this->mName;
154 }
155
160 function getRestriction() {
161 return $this->mRestriction;
162 }
163
164 // @todo FIXME: Decide which syntax to use for this, and stick to it
170 function isListed() {
171 return $this->mListed;
172 }
173
180 function setListed( $listed ) {
181 return wfSetVar( $this->mListed, $listed );
182 }
183
190 function listed( $x = null ) {
191 return wfSetVar( $this->mListed, $x );
192 }
193
198 public function isIncludable() {
199 return $this->mIncludable;
200 }
201
212 public function maxIncludeCacheTime() {
213 return $this->getConfig()->get( 'MiserMode' ) ? $this->getCacheTTL() : 0;
214 }
215
219 protected function getCacheTTL() {
220 return 60 * 60;
221 }
222
228 function including( $x = null ) {
229 return wfSetVar( $this->mIncluding, $x );
230 }
231
236 function getLocalName() {
237 if ( !isset( $this->mLocalName ) ) {
238 $this->mLocalName = MediaWikiServices::getInstance()->getSpecialPageFactory()->
239 getLocalNameFor( $this->mName );
240 }
241
242 return $this->mLocalName;
243 }
244
253 public function isExpensive() {
254 return false;
255 }
256
266 public function isCached() {
267 return false;
268 }
269
277 public function isRestricted() {
278 // DWIM: If anons can do something, then it is not restricted
279 return $this->mRestriction != '' && !User::groupHasPermission( '*', $this->mRestriction );
280 }
281
290 public function userCanExecute( User $user ) {
291 return $user->isAllowed( $this->mRestriction );
292 }
293
299 throw new PermissionsError( $this->mRestriction );
300 }
301
309 public function checkPermissions() {
310 if ( !$this->userCanExecute( $this->getUser() ) ) {
312 }
313 }
314
322 public function checkReadOnly() {
323 if ( wfReadOnly() ) {
324 throw new ReadOnlyError;
325 }
326 }
327
339 public function requireLogin(
340 $reasonMsg = 'exception-nologin-text', $titleMsg = 'exception-nologin'
341 ) {
342 if ( $this->getUser()->isAnon() ) {
343 throw new UserNotLoggedIn( $reasonMsg, $titleMsg );
344 }
345 }
346
354 protected function getLoginSecurityLevel() {
355 return false;
356 }
357
372 protected function setReauthPostData( array $data ) {
373 }
374
400 protected function checkLoginSecurityLevel( $level = null ) {
401 $level = $level ?: $this->getName();
402 $key = 'SpecialPage:reauth:' . $this->getName();
403 $request = $this->getRequest();
404
405 $securityStatus = AuthManager::singleton()->securitySensitiveOperationStatus( $level );
406 if ( $securityStatus === AuthManager::SEC_OK ) {
407 $uniqueId = $request->getVal( 'postUniqueId' );
408 if ( $uniqueId ) {
409 $key = $key . ':' . $uniqueId;
410 $session = $request->getSession();
411 $data = $session->getSecret( $key );
412 if ( $data ) {
413 $session->remove( $key );
414 $this->setReauthPostData( $data );
415 }
416 }
417 return true;
418 } elseif ( $securityStatus === AuthManager::SEC_REAUTH ) {
419 $title = self::getTitleFor( 'Userlogin' );
420 $queryParams = $request->getQueryValues();
421
422 if ( $request->wasPosted() ) {
423 $data = array_diff_assoc( $request->getValues(), $request->getQueryValues() );
424 if ( $data ) {
425 // unique ID in case the same special page is open in multiple browser tabs
426 $uniqueId = MWCryptRand::generateHex( 6 );
427 $key = $key . ':' . $uniqueId;
428 $queryParams['postUniqueId'] = $uniqueId;
429 $session = $request->getSession();
430 $session->persist(); // Just in case
431 $session->setSecret( $key, $data );
432 }
433 }
434
435 $query = [
436 'returnto' => $this->getFullTitle()->getPrefixedDBkey(),
437 'returntoquery' => wfArrayToCgi( array_diff_key( $queryParams, [ 'title' => true ] ) ),
438 'force' => $level,
439 ];
440 $url = $title->getFullURL( $query, false, PROTO_HTTPS );
441
442 $this->getOutput()->redirect( $url );
443 return false;
444 }
445
446 $titleMessage = wfMessage( 'specialpage-securitylevel-not-allowed-title' );
447 $errorMessage = wfMessage( 'specialpage-securitylevel-not-allowed' );
448 throw new ErrorPageError( $titleMessage, $errorMessage );
449 }
450
467 public function prefixSearchSubpages( $search, $limit, $offset ) {
468 $subpages = $this->getSubpagesForPrefixSearch();
469 if ( !$subpages ) {
470 return [];
471 }
472
473 return self::prefixSearchArray( $search, $limit, $subpages, $offset );
474 }
475
484 protected function getSubpagesForPrefixSearch() {
485 return [];
486 }
487
495 protected function prefixSearchString( $search, $limit, $offset ) {
496 $title = Title::newFromText( $search );
497 if ( !$title || !$title->canExist() ) {
498 // No prefix suggestion in special and media namespace
499 return [];
500 }
501
502 $searchEngine = MediaWikiServices::getInstance()->newSearchEngine();
503 $searchEngine->setLimitOffset( $limit, $offset );
504 $searchEngine->setNamespaces( [] );
505 $result = $searchEngine->defaultPrefixSearch( $search );
506 return array_map( function ( Title $t ) {
507 return $t->getPrefixedText();
508 }, $result );
509 }
510
522 protected static function prefixSearchArray( $search, $limit, array $subpages, $offset ) {
523 $escaped = preg_quote( $search, '/' );
524 return array_slice( preg_grep( "/^$escaped/i",
525 array_slice( $subpages, $offset ) ), 0, $limit );
526 }
527
531 function setHeaders() {
532 $out = $this->getOutput();
533 $out->setArticleRelated( false );
534 $out->setRobotPolicy( $this->getRobotPolicy() );
535 $out->setPageTitle( $this->getDescription() );
536 if ( $this->getConfig()->get( 'UseMediaWikiUIEverywhere' ) ) {
537 $out->addModuleStyles( [
538 'mediawiki.ui.input',
539 'mediawiki.ui.radio',
540 'mediawiki.ui.checkbox',
541 ] );
542 }
543 }
544
552 final public function run( $subPage ) {
562 if ( !Hooks::run( 'SpecialPageBeforeExecute', [ $this, $subPage ] ) ) {
563 return;
564 }
565
566 if ( $this->beforeExecute( $subPage ) === false ) {
567 return;
568 }
569 $this->execute( $subPage );
570 $this->afterExecute( $subPage );
571
580 Hooks::run( 'SpecialPageAfterExecute', [ $this, $subPage ] );
581 }
582
592 protected function beforeExecute( $subPage ) {
593 // No-op
594 }
595
603 protected function afterExecute( $subPage ) {
604 // No-op
605 }
606
615 public function execute( $subPage ) {
616 $this->setHeaders();
617 $this->checkPermissions();
618 $securityLevel = $this->getLoginSecurityLevel();
619 if ( $securityLevel !== false && !$this->checkLoginSecurityLevel( $securityLevel ) ) {
620 return;
621 }
622 $this->outputHeader();
623 }
624
633 function outputHeader( $summaryMessageKey = '' ) {
634 if ( $summaryMessageKey == '' ) {
635 $msg = MediaWikiServices::getInstance()->getContentLanguage()->lc( $this->getName() ) .
636 '-summary';
637 } else {
638 $msg = $summaryMessageKey;
639 }
640 if ( !$this->msg( $msg )->isDisabled() && !$this->including() ) {
641 $this->getOutput()->wrapWikiMsg(
642 "<div class='mw-specialpage-summary'>\n$1\n</div>", $msg );
643 }
644 }
645
655 function getDescription() {
656 return $this->msg( strtolower( $this->mName ) )->text();
657 }
658
666 function getTitle( $subpage = false ) {
667 wfDeprecated( __METHOD__, '1.23' );
668 return $this->getPageTitle( $subpage );
669 }
670
678 function getPageTitle( $subpage = false ) {
679 return self::getTitleFor( $this->mName, $subpage );
680 }
681
688 public function setContext( $context ) {
689 $this->mContext = $context;
690 }
691
698 public function getContext() {
699 if ( $this->mContext instanceof IContextSource ) {
700 return $this->mContext;
701 } else {
702 wfDebug( __METHOD__ . " called and \$mContext is null. " .
703 "Return RequestContext::getMain(); for sanity\n" );
704
705 return RequestContext::getMain();
706 }
707 }
708
715 public function getRequest() {
716 return $this->getContext()->getRequest();
717 }
718
725 public function getOutput() {
726 return $this->getContext()->getOutput();
727 }
728
735 public function getUser() {
736 return $this->getContext()->getUser();
737 }
738
745 public function getSkin() {
746 return $this->getContext()->getSkin();
747 }
748
755 public function getLanguage() {
756 return $this->getContext()->getLanguage();
757 }
758
764 public function getConfig() {
765 return $this->getContext()->getConfig();
766 }
767
774 public function getFullTitle() {
775 return $this->getContext()->getTitle();
776 }
777
785 protected function getRobotPolicy() {
786 return 'noindex,nofollow';
787 }
788
796 public function msg( $key /* $args */ ) {
797 $message = $this->getContext()->msg( ...func_get_args() );
798 // RequestContext passes context to wfMessage, and the language is set from
799 // the context, but setting the language for Message class removes the
800 // interface message status, which breaks for example usernameless gender
801 // invocations. Restore the flag when not including special page in content.
802 if ( $this->including() ) {
803 $message->setInterfaceMessageFlag( false );
804 }
805
806 return $message;
807 }
808
814 protected function addFeedLinks( $params ) {
815 $feedTemplate = wfScript( 'api' );
816
817 foreach ( $this->getConfig()->get( 'FeedClasses' ) as $format => $class ) {
818 $theseParams = $params + [ 'feedformat' => $format ];
819 $url = wfAppendQuery( $feedTemplate, $theseParams );
820 $this->getOutput()->addFeedLink( $format, $url );
821 }
822 }
823
832 public function addHelpLink( $to, $overrideBaseUrl = false ) {
833 if ( $this->including() ) {
834 return;
835 }
836
837 $msg = $this->msg(
838 MediaWikiServices::getInstance()->getContentLanguage()->lc( $this->getName() ) .
839 '-helppage' );
840
841 if ( !$msg->isDisabled() ) {
842 $helpUrl = Skin::makeUrl( $msg->plain() );
843 $this->getOutput()->addHelpLink( $helpUrl, true );
844 } else {
845 $this->getOutput()->addHelpLink( $to, $overrideBaseUrl );
846 }
847 }
848
857 public function getFinalGroupName() {
858 $name = $this->getName();
859
860 // Allow overriding the group from the wiki side
861 $msg = $this->msg( 'specialpages-specialpagegroup-' . strtolower( $name ) )->inContentLanguage();
862 if ( !$msg->isBlank() ) {
863 $group = $msg->text();
864 } else {
865 // Than use the group from this object
866 $group = $this->getGroupName();
867 }
868
869 return $group;
870 }
871
878 public function doesWrites() {
879 return false;
880 }
881
890 protected function getGroupName() {
891 return 'other';
892 }
893
898 protected function useTransactionalTimeLimit() {
899 if ( $this->getRequest()->wasPosted() ) {
901 }
902 }
903
908 public function getLinkRenderer() {
909 if ( $this->linkRenderer ) {
910 return $this->linkRenderer;
911 } else {
912 return MediaWikiServices::getInstance()->getLinkRenderer();
913 }
914 }
915
921 $this->linkRenderer = $linkRenderer;
922 }
923}
within a display generated by the Derivative if and wherever such third party notices normally appear The contents of the NOTICE file are for informational purposes only and do not modify the License You may add Your own attribution notices within Derivative Works that You alongside or as an addendum to the NOTICE text from the provided that such additional attribution notices cannot be construed as modifying the License You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for or distribution of Your or for any such Derivative Works as a provided Your and distribution of the Work otherwise complies with the conditions stated in this License Submission of Contributions Unless You explicitly state any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this without any additional terms or conditions Notwithstanding the nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions Trademarks This License does not grant permission to use the trade service or product names of the except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file Disclaimer of Warranty Unless required by applicable law or agreed to in Licensor provides the WITHOUT WARRANTIES OR CONDITIONS OF ANY either express or including
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfReadOnly()
Check whether the wiki is in read-only mode.
wfSetVar(&$dest, $source, $force=false)
Sets dest to source and returns the original value of dest If source is NULL, it just returns the val...
wfTransactionalTimeLimit()
Set PHP's time limit to the larger of php.ini or $wgTransactionalTimeLimit.
wfAppendQuery( $url, $query)
Append a query string to an existing URL, which may or may not already have query string parameters a...
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e....
wfScript( $script='index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
wfDeprecated( $function, $version=false, $component=false, $callerOffset=2)
Throws a warning that $function is deprecated.
getContext()
An error page which can definitely be safely rendered using the OutputPage.
Some internal bits split of from Skin.php.
Definition Linker.php:34
static generateHex( $chars)
Generate a run of cryptographically random data and return it in hexadecimal string format.
This serves as the entry point to the authentication system.
Class that generates HTML links for pages.
MediaWikiServices is the service locator for the application scope of MediaWiki.
Show an error when a user tries to do something they do not have the necessary permissions for.
Show an error when the wiki is locked/read-only and the user tries to do something that requires writ...
Parent class for all special pages.
__construct( $name='', $restriction='', $listed=true, $function=false, $file='', $includable=false)
Default constructor for special pages Derivative classes should call this from their constructor Note...
outputHeader( $summaryMessageKey='')
Outputs a summary message on top of special pages Per default the message key is the canonical name o...
setContext( $context)
Sets the context this SpecialPage is executed in.
getGroupName()
Under which header this special page is listed in Special:SpecialPages See messages 'specialpages-gro...
getName()
Get the name of this Special Page.
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
static getSafeTitleFor( $name, $subpage=false)
Get a localised Title object for a page name with a possibly unvalidated subpage.
getLocalName()
Get the localised name of the special page.
afterExecute( $subPage)
Gets called after.
getRestriction()
Get the permission that a user must have to execute this page.
getDescription()
Returns the name that goes in the <h1> in the special page itself, and also the name that will be l...
run( $subPage)
Entry point.
getOutput()
Get the OutputPage being used for this instance.
requireLogin( $reasonMsg='exception-nologin-text', $titleMsg='exception-nologin')
If the user is not logged in, throws UserNotLoggedIn error.
beforeExecute( $subPage)
Gets called before.
checkLoginSecurityLevel( $level=null)
Verifies that the user meets the security level, possibly reauthenticating them in the process.
getUser()
Shortcut to get the User executing this instance.
static prefixSearchArray( $search, $limit, array $subpages, $offset)
Helper function for implementations of prefixSearchSubpages() that filter the values in memory (as op...
setListed( $listed)
Set whether this page is listed in Special:Specialpages, at run-time.
isListed()
Whether this special page is listed in Special:SpecialPages.
getSkin()
Shortcut to get the skin being used for this instance.
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
execute( $subPage)
Default execute method Checks user permissions.
static getTitleFor( $name, $subpage=false, $fragment='')
Get a localised Title object for a specified special page name If you don't need a full Title object,...
isCached()
Is this page cached? Expensive pages are cached or disabled in miser mode.
addFeedLinks( $params)
Adds RSS/atom links.
setReauthPostData(array $data)
Record preserved POST data after a reauthentication.
getContext()
Gets the context this SpecialPage is executed in.
msg( $key)
Wrapper around wfMessage that sets the current context.
getConfig()
Shortcut to get main config object.
listed( $x=null)
Get or set whether this special page is listed in Special:SpecialPages.
doesWrites()
Indicates whether this special page may perform database writes.
getRequest()
Get the WebRequest being used for this instance.
getFinalGroupName()
Get the group that the special page belongs in on Special:SpecialPage Use this method,...
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
displayRestrictionError()
Output an error message telling the user what access level they have to have.
static getTitleValueFor( $name, $subpage=false, $fragment='')
Get a localised TitleValue object for a specified special page name.
getSubpagesForPrefixSearch()
Return an array of subpages that this special page will accept for prefix searches.
getPageTitle( $subpage=false)
Get a self-referential title object.
useTransactionalTimeLimit()
Call wfTransactionalTimeLimit() if this request was POSTed.
getLanguage()
Shortcut to get user's language.
addHelpLink( $to, $overrideBaseUrl=false)
Adds help link with an icon via page indicators.
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
setLinkRenderer(LinkRenderer $linkRenderer)
IContextSource $mContext
Current request context.
including( $x=null)
Whether the special page is being evaluated via transclusion.
maxIncludeCacheTime()
How long to cache page when it is being included.
prefixSearchString( $search, $limit, $offset)
Perform a regular substring search for prefixSearchSubpages.
isRestricted()
Can be overridden by subclasses with more complicated permissions schemes.
MediaWiki Linker LinkRenderer null $linkRenderer
prefixSearchSubpages( $search, $limit, $offset)
Return an array of subpages beginning with $search that this special page will accept.
userCanExecute(User $user)
Checks if the given user (identified by an object) can execute this special page (as defined by $mRes...
getTitle( $subpage=false)
Get a self-referential title object.
getFullTitle()
Return the full title, including $par.
getRobotPolicy()
Return the robot policy.
isExpensive()
Is this page expensive (for some definition of expensive)? Expensive pages are disabled or cached in ...
isIncludable()
Whether it's allowed to transclude the special page via {{Special:Foo/params}}.
Represents a page (or page fragment) title within MediaWiki.
Represents a title within MediaWiki.
Definition Title.php:39
Redirect a user to the login page.
The User object encapsulates all of the user-specific settings (user_id, name, rights,...
Definition User.php:47
static groupHasPermission( $group, $role)
Check, if the given group has the given permission.
Definition User.php:5013
namespace being checked & $result
Definition hooks.txt:2385
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on $request
Definition hooks.txt:2880
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on and they can depend only on the ResourceLoaderContext $context
Definition hooks.txt:2885
either a unescaped string or a HtmlArmor object after in associative array form externallinks including delete and has completed for all link tables whether this was an auto creation use $formDescriptor instead default is conds Array Extra conditions for the No matching items in log is displayed if loglist is empty msgKey Array If you want a nice box with a set this to the key of the message First element is the message additional optional elements are parameters for the key that are processed with wfMessage() -> params() ->parseAsBlock() - offset Set to overwrite offset parameter in $wgRequest set to '' to unset offset - wrap String Wrap the message in html(usually something like "&lt;div ...>$1&lt;/div>"). - flags Integer display flags(NO_ACTION_LINK, NO_EXTRA_USER_LINKS) 'LogException':Called before an exception(or PHP error) is logged. This is meant for integration with external error aggregation services
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that probably a stub it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition hooks.txt:894
Allows to change the fields on the form that will be generated $name
Definition hooks.txt:302
null for the local wiki Added should default to null in handler for backwards compatibility add a value to it if you want to add a cookie that have to vary cache options can modify $query
Definition hooks.txt:1656
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return an< a > element with HTML attributes $attribs and contents $html will be returned If you return $ret will be returned and may include noclasses after processing after in associative array form before processing starts Return false to skip default processing and return $ret $linkRenderer
Definition hooks.txt:2105
const PROTO_HTTPS
Definition Defines.php:220
const NS_SPECIAL
Definition Defines.php:53
Interface for objects which can provide a MediaWiki context on request.
Interface for localizing messages in MediaWiki.
$batch execute()
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
A helper class for throttling authentication attempts.
$params