MediaWiki REL1_33
UploadForm.php
Go to the documentation of this file.
1<?php
21use MediaWiki\Linker\LinkRenderer;
22use MediaWiki\MediaWikiServices;
23
27class UploadForm extends HTMLForm {
28 protected $mWatch;
29 protected $mForReUpload;
30 protected $mSessionKey;
31 protected $mHideIgnoreWarning;
32 protected $mDestWarningAck;
33 protected $mDestFile;
34
35 protected $mComment;
36 protected $mTextTop;
37 protected $mTextAfterSummary;
38
39 protected $mSourceIds;
40
41 protected $mMaxFileSize = [];
42
43 protected $mMaxUploadSize = [];
44
45 public function __construct( array $options = [], IContextSource $context = null,
46 LinkRenderer $linkRenderer = null
47 ) {
48 if ( $context instanceof IContextSource ) {
49 $this->setContext( $context );
50 }
51
52 if ( !$linkRenderer ) {
53 $linkRenderer = MediaWikiServices::getInstance()->getLinkRenderer();
54 }
55
56 $this->mWatch = !empty( $options['watch'] );
57 $this->mForReUpload = !empty( $options['forreupload'] );
58 $this->mSessionKey = $options['sessionkey'] ?? '';
59 $this->mHideIgnoreWarning = !empty( $options['hideignorewarning'] );
60 $this->mDestWarningAck = !empty( $options['destwarningack'] );
61 $this->mDestFile = $options['destfile'] ?? '';
62
63 $this->mComment = $options['description'] ?? '';
64
65 $this->mTextTop = $options['texttop'] ?? '';
66
67 $this->mTextAfterSummary = $options['textaftersummary'] ?? '';
68
69 $sourceDescriptor = $this->getSourceSection();
70 $descriptor = $sourceDescriptor
71 + $this->getDescriptionSection()
72 + $this->getOptionsSection();
73
74 Hooks::run( 'UploadFormInitDescriptor', [ &$descriptor ] );
75 parent::__construct( $descriptor, $context, 'upload' );
76
77 # Add a link to edit MediaWiki:Licenses
78 if ( $this->getUser()->isAllowed( 'editinterface' ) ) {
79 $this->getOutput()->addModuleStyles( 'mediawiki.special' );
80 $licensesLink = $linkRenderer->makeKnownLink(
81 $this->msg( 'licenses' )->inContentLanguage()->getTitle(),
82 $this->msg( 'licenses-edit' )->text(),
83 [],
84 [ 'action' => 'edit' ]
85 );
86 $editLicenses = '<p class="mw-upload-editlicenses">' . $licensesLink . '</p>';
87 $this->addFooterText( $editLicenses, 'description' );
88 }
89
90 # Set some form properties
91 $this->setSubmitText( $this->msg( 'uploadbtn' )->text() );
92 $this->setSubmitName( 'wpUpload' );
93 # Used message keys: 'accesskey-upload', 'tooltip-upload'
94 $this->setSubmitTooltip( 'upload' );
95 $this->setId( 'mw-upload-form' );
96
97 # Build a list of IDs for javascript insertion
98 $this->mSourceIds = [];
99 foreach ( $sourceDescriptor as $field ) {
100 if ( !empty( $field['id'] ) ) {
101 $this->mSourceIds[] = $field['id'];
102 }
103 }
104 }
105
112 protected function getSourceSection() {
113 if ( $this->mSessionKey ) {
114 return [
115 'SessionKey' => [
116 'type' => 'hidden',
117 'default' => $this->mSessionKey,
118 ],
119 'SourceType' => [
120 'type' => 'hidden',
121 'default' => 'Stash',
122 ],
123 ];
124 }
125
126 $canUploadByUrl = UploadFromUrl::isEnabled()
127 && ( UploadFromUrl::isAllowed( $this->getUser() ) === true )
128 && $this->getConfig()->get( 'CopyUploadsFromSpecialUpload' );
129 $radio = $canUploadByUrl;
130 $selectedSourceType = strtolower( $this->getRequest()->getText( 'wpSourceType', 'File' ) );
131
132 $descriptor = [];
133 if ( $this->mTextTop ) {
134 $descriptor['UploadFormTextTop'] = [
135 'type' => 'info',
136 'section' => 'source',
137 'default' => $this->mTextTop,
138 'raw' => true,
139 ];
140 }
141
142 $this->mMaxUploadSize['file'] = min(
143 UploadBase::getMaxUploadSize( 'file' ),
144 UploadBase::getMaxPhpUploadSize()
145 );
146
147 $help = $this->msg( 'upload-maxfilesize',
148 $this->getContext()->getLanguage()->formatSize( $this->mMaxUploadSize['file'] )
149 )->parse();
150
151 // If the user can also upload by URL, there are 2 different file size limits.
152 // This extra message helps stress which limit corresponds to what.
153 if ( $canUploadByUrl ) {
154 $help .= $this->msg( 'word-separator' )->escaped();
155 $help .= $this->msg( 'upload_source_file' )->parse();
156 }
157
158 $descriptor['UploadFile'] = [
159 'class' => UploadSourceField::class,
160 'section' => 'source',
161 'type' => 'file',
162 'id' => 'wpUploadFile',
163 'radio-id' => 'wpSourceTypeFile',
164 'label-message' => 'sourcefilename',
165 'upload-type' => 'File',
166 'radio' => &$radio,
167 'help' => $help,
168 'checked' => $selectedSourceType == 'file',
169 ];
170
171 if ( $canUploadByUrl ) {
172 $this->mMaxUploadSize['url'] = UploadBase::getMaxUploadSize( 'url' );
173 $descriptor['UploadFileURL'] = [
174 'class' => UploadSourceField::class,
175 'section' => 'source',
176 'id' => 'wpUploadFileURL',
177 'radio-id' => 'wpSourceTypeurl',
178 'label-message' => 'sourceurl',
179 'upload-type' => 'url',
180 'radio' => &$radio,
181 'help' => $this->msg( 'upload-maxfilesize',
182 $this->getContext()->getLanguage()->formatSize( $this->mMaxUploadSize['url'] )
183 )->parse() .
184 $this->msg( 'word-separator' )->escaped() .
185 $this->msg( 'upload_source_url' )->parse(),
186 'checked' => $selectedSourceType == 'url',
187 ];
188 }
189 Hooks::run( 'UploadFormSourceDescriptors', [ &$descriptor, &$radio, $selectedSourceType ] );
190
191 $descriptor['Extensions'] = [
192 'type' => 'info',
193 'section' => 'source',
194 'default' => $this->getExtensionsMessage(),
195 'raw' => true,
196 ];
197
198 return $descriptor;
199 }
200
206 protected function getExtensionsMessage() {
207 # Print a list of allowed file extensions, if so configured. We ignore
208 # MIME type here, it's incomprehensible to most people and too long.
209 $config = $this->getConfig();
210
211 if ( $config->get( 'CheckFileExtensions' ) ) {
212 $fileExtensions = array_unique( $config->get( 'FileExtensions' ) );
213 if ( $config->get( 'StrictFileExtensions' ) ) {
214 # Everything not permitted is banned
215 $extensionsList =
216 '<div id="mw-upload-permitted">' .
217 $this->msg( 'upload-permitted' )
218 ->params( $this->getLanguage()->commaList( $fileExtensions ) )
219 ->numParams( count( $fileExtensions ) )
220 ->parseAsBlock() .
221 "</div>\n";
222 } else {
223 # We have to list both preferred and prohibited
224 $fileBlacklist = array_unique( $config->get( 'FileBlacklist' ) );
225 $extensionsList =
226 '<div id="mw-upload-preferred">' .
227 $this->msg( 'upload-preferred' )
228 ->params( $this->getLanguage()->commaList( $fileExtensions ) )
229 ->numParams( count( $fileExtensions ) )
230 ->parseAsBlock() .
231 "</div>\n" .
232 '<div id="mw-upload-prohibited">' .
233 $this->msg( 'upload-prohibited' )
234 ->params( $this->getLanguage()->commaList( $fileBlacklist ) )
235 ->numParams( count( $fileBlacklist ) )
236 ->parseAsBlock() .
237 "</div>\n";
238 }
239 } else {
240 # Everything is permitted.
241 $extensionsList = '';
242 }
243
244 return $extensionsList;
245 }
246
253 protected function getDescriptionSection() {
254 $config = $this->getConfig();
255 if ( $this->mSessionKey ) {
256 $stash = RepoGroup::singleton()->getLocalRepo()->getUploadStash( $this->getUser() );
257 try {
258 $file = $stash->getFile( $this->mSessionKey );
259 } catch ( Exception $e ) {
260 $file = null;
261 }
262 if ( $file ) {
263 $mto = $file->transform( [ 'width' => 120 ] );
264 if ( $mto ) {
265 $this->addHeaderText(
266 '<div class="thumb t' .
267 MediaWikiServices::getInstance()->getContentLanguage()->alignEnd() . '">' .
268 Html::element( 'img', [
269 'src' => $mto->getUrl(),
270 'class' => 'thumbimage',
271 ] ) . '</div>', 'description' );
272 }
273 }
274 }
275
276 $descriptor = [
277 'DestFile' => [
278 'type' => 'text',
279 'section' => 'description',
280 'id' => 'wpDestFile',
281 'label-message' => 'destfilename',
282 'size' => 60,
283 'default' => $this->mDestFile,
284 # @todo FIXME: Hack to work around poor handling of the 'default' option in HTMLForm
285 'nodata' => strval( $this->mDestFile ) !== '',
286 ],
287 'UploadDescription' => [
288 'type' => 'textarea',
289 'section' => 'description',
290 'id' => 'wpUploadDescription',
291 'label-message' => $this->mForReUpload
292 ? 'filereuploadsummary'
293 : 'fileuploadsummary',
294 'default' => $this->mComment,
295 'cols' => 80,
296 'rows' => 8,
297 ]
298 ];
299 if ( $this->mTextAfterSummary ) {
300 $descriptor['UploadFormTextAfterSummary'] = [
301 'type' => 'info',
302 'section' => 'description',
303 'default' => $this->mTextAfterSummary,
304 'raw' => true,
305 ];
306 }
307
308 $descriptor += [
309 'EditTools' => [
310 'type' => 'edittools',
311 'section' => 'description',
312 'message' => 'edittools-upload',
313 ]
314 ];
315
316 if ( $this->mForReUpload ) {
317 $descriptor['DestFile']['readonly'] = true;
318 } else {
319 $descriptor['License'] = [
320 'type' => 'select',
321 'class' => Licenses::class,
322 'section' => 'description',
323 'id' => 'wpLicense',
324 'label-message' => 'license',
325 ];
326 }
327
328 if ( $config->get( 'UseCopyrightUpload' ) ) {
329 $descriptor['UploadCopyStatus'] = [
330 'type' => 'text',
331 'section' => 'description',
332 'id' => 'wpUploadCopyStatus',
333 'label-message' => 'filestatus',
334 ];
335 $descriptor['UploadSource'] = [
336 'type' => 'text',
337 'section' => 'description',
338 'id' => 'wpUploadSource',
339 'label-message' => 'filesource',
340 ];
341 }
342
343 return $descriptor;
344 }
345
352 protected function getOptionsSection() {
353 $user = $this->getUser();
354 if ( $user->isLoggedIn() ) {
355 $descriptor = [
356 'Watchthis' => [
357 'type' => 'check',
358 'id' => 'wpWatchthis',
359 'label-message' => 'watchthisupload',
360 'section' => 'options',
361 'default' => $this->mWatch,
362 ]
363 ];
364 }
365 if ( !$this->mHideIgnoreWarning ) {
366 $descriptor['IgnoreWarning'] = [
367 'type' => 'check',
368 'id' => 'wpIgnoreWarning',
369 'label-message' => 'ignorewarnings',
370 'section' => 'options',
371 ];
372 }
373
374 $descriptor['DestFileWarningAck'] = [
375 'type' => 'hidden',
376 'id' => 'wpDestFileWarningAck',
377 'default' => $this->mDestWarningAck ? '1' : '',
378 ];
379
380 if ( $this->mForReUpload ) {
381 $descriptor['ForReUpload'] = [
382 'type' => 'hidden',
383 'id' => 'wpForReUpload',
384 'default' => '1',
385 ];
386 }
387
388 return $descriptor;
389 }
390
394 public function show() {
395 $this->addUploadJS();
396 return parent::show();
397 }
398
402 protected function addUploadJS() {
403 $config = $this->getConfig();
404
405 $this->mMaxUploadSize['*'] = UploadBase::getMaxUploadSize();
406
407 $scriptVars = [
408 'wgAjaxUploadDestCheck' => $config->get( 'AjaxUploadDestCheck' ),
409 'wgAjaxLicensePreview' => $config->get( 'AjaxLicensePreview' ),
410 'wgUploadAutoFill' => !$this->mForReUpload &&
411 // If we received mDestFile from the request, don't autofill
412 // the wpDestFile textbox
413 $this->mDestFile === '',
414 'wgUploadSourceIds' => $this->mSourceIds,
415 'wgCheckFileExtensions' => $config->get( 'CheckFileExtensions' ),
416 'wgStrictFileExtensions' => $config->get( 'StrictFileExtensions' ),
417 'wgFileExtensions' => array_values( array_unique( $config->get( 'FileExtensions' ) ) ),
418 'wgCapitalizeUploads' => MWNamespace::isCapitalized( NS_FILE ),
419 'wgMaxUploadSize' => $this->mMaxUploadSize,
420 'wgFileCanRotate' => SpecialUpload::rotationEnabled(),
421 ];
422
423 $out = $this->getOutput();
424 $out->addJsConfigVars( $scriptVars );
425
426 $out->addModules( [
427 'mediawiki.special.upload', // Extras for thumbnail and license preview.
428 ] );
429 }
430
436 function trySubmit() {
437 return false;
438 }
439}
use
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
Definition APACHE-LICENSE-2.0.txt:10
text
This list may contain false positives That usually means there is additional text with links below the first Each row contains links to the first and second as well as the first line of the second redirect text
Definition All_system_messages.txt:1267
ContextSource\msg
msg( $key)
Get a Message object with context set Parameters are the same as wfMessage()
Definition ContextSource.php:168
ContextSource\$context
IContextSource $context
Definition ContextSource.php:33
ContextSource\getContext
getContext()
Get the base IContextSource object.
Definition ContextSource.php:40
ContextSource\setContext
setContext(IContextSource $context)
Definition ContextSource.php:55
HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms.
Definition HTMLForm.php:133
HTMLForm\setSubmitName
setSubmitName( $name)
Definition HTMLForm.php:1393
HTMLForm\setId
setId( $id)
Definition HTMLForm.php:1503
HTMLForm\addFooterText
addFooterText( $msg, $section=null)
Add footer text, inside the form.
Definition HTMLForm.php:827
HTMLForm\addHeaderText
addHeaderText( $msg, $section=null)
Add HTML to the header, inside the form.
Definition HTMLForm.php:772
HTMLForm\getTitle
getTitle()
Get the title.
Definition HTMLForm.php:1586
HTMLForm\setSubmitTooltip
setSubmitTooltip( $name)
Definition HTMLForm.php:1404
HTMLForm\setSubmitText
setSubmitText( $t)
Set the text for the submit button.
Definition HTMLForm.php:1330
MediaWiki\Linker\LinkRenderer
Class that generates HTML links for pages.
Definition LinkRenderer.php:41
MediaWiki\MediaWikiServices
MediaWikiServices is the service locator for the application scope of MediaWiki.
Definition MediaWikiServices.php:103
RepoGroup\singleton
static singleton()
Get a RepoGroup instance.
Definition RepoGroup.php:61
SpecialUpload\rotationEnabled
static rotationEnabled()
Should we rotate images in the preview on Special:Upload.
Definition SpecialUpload.php:860
UploadBase\getMaxUploadSize
static getMaxUploadSize( $forType=null)
Get the MediaWiki maximum uploaded file size for given type of upload, based on $wgMaxUploadSize.
Definition UploadBase.php:2167
UploadBase\getMaxPhpUploadSize
static getMaxPhpUploadSize()
Get the PHP maximum uploaded file size, based on ini settings.
Definition UploadBase.php:2188
UploadForm
Sub class of HTMLForm that provides the form section of SpecialUpload.
Definition UploadForm.php:27
UploadForm\show
show()
Add the upload JS and show the form.
Definition UploadForm.php:394
UploadForm\trySubmit
trySubmit()
Empty function; submission is handled elsewhere.
Definition UploadForm.php:436
UploadForm\__construct
__construct(array $options=[], IContextSource $context=null, LinkRenderer $linkRenderer=null)
Definition UploadForm.php:45
UploadForm\getDescriptionSection
getDescriptionSection()
Get the descriptor of the fieldset that contains the file description input.
Definition UploadForm.php:253
UploadForm\getOptionsSection
getOptionsSection()
Get the descriptor of the fieldset that contains the upload options, such as "watch this file".
Definition UploadForm.php:352
UploadForm\addUploadJS
addUploadJS()
Add upload JS to the OutputPage.
Definition UploadForm.php:402
UploadForm\getSourceSection
getSourceSection()
Get the descriptor of the fieldset that contains the file source selection.
Definition UploadForm.php:112
UploadForm\getExtensionsMessage
getExtensionsMessage()
Get the messages indicating which extensions are preferred and prohibitted.
Definition UploadForm.php:206
UploadFromUrl\isAllowed
static isAllowed( $user)
Checks if the user is allowed to use the upload-by-URL feature.
Definition UploadFromUrl.php:47
UploadFromUrl\isEnabled
static isEnabled()
Checks if the upload from URL feature is enabled.
Definition UploadFromUrl.php:59
as
This document is intended to provide useful advice for parties seeking to redistribute MediaWiki to end users It s targeted particularly at maintainers for Linux since it s been observed that distribution packages of MediaWiki often break We ve consistently had to recommend that users seeking support use official tarballs instead of their distribution s and this often solves whatever problem the user is having It would be nice if this could such as
Definition distributors.txt:22
NS_FILE
const NS_FILE
Definition Defines.php:79
$out
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not it can be in the form of< username >< more info > e g for bot passwords intended to be added to log contexts Fields it might only if the login was with a bot password it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output $out
Definition hooks.txt:855
$options
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped & $options
Definition hooks.txt:1999
true
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition hooks.txt:2004
$linkRenderer
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return an< a > element with HTML attributes $attribs and contents $html will be returned If you return $ret will be returned and may include noclasses after processing after in associative array form before processing starts Return false to skip default processing and return $ret $linkRenderer
Definition hooks.txt:2054
$user
return true to allow those checks to and false if checking is done & $user
Definition hooks.txt:1510
$e
returning false will NOT prevent logging $e
Definition hooks.txt:2175
php
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition injection.txt:37
IContextSource
Interface for objects which can provide a MediaWiki context on request.
Definition IContextSource.php:53
$help
$help
Definition mcc.php:32
array
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
$file
if(PHP_SAPI !='cli-server') if(!isset( $_SERVER['SCRIPT_FILENAME'])) $file
Definition router.php:42