MediaWiki  fundraising/REL1_31
api.php
Go to the documentation of this file.
1 <?php
34 
35 // So extensions (and other code) can check whether they're running in API mode
36 define( 'MW_API', true );
37 
38 require __DIR__ . '/includes/WebStart.php';
39 
40 $starttime = microtime( true );
41 
42 // URL safety checks
43 if ( !$wgRequest->checkUrlExtension() ) {
44  return;
45 }
46 
47 // Pathinfo can be used for stupid things. We don't support it for api.php at
48 // all, so error out if it's present.
49 if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
50  $correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValues() );
51  $correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL );
52  header( "Location: $correctUrl", true, 301 );
53  echo 'This endpoint does not support "path info", i.e. extra text between "api.php"'
54  . 'and the "?". Remove any such text and try again.';
55  die( 1 );
56 }
57 
58 // Verify that the API has not been disabled
59 if ( !$wgEnableAPI ) {
60  header( $_SERVER['SERVER_PROTOCOL'] . ' 500 MediaWiki configuration Error', true, 500 );
61  echo 'MediaWiki API is not enabled for this site. Add the following line to your LocalSettings.php'
62  . '<pre><b>$wgEnableAPI=true;</b></pre>';
63  die( 1 );
64 }
65 
66 // Set a dummy $wgTitle, because $wgTitle == null breaks various things
67 // In a perfect world this wouldn't be necessary
68 $wgTitle = Title::makeTitle( NS_SPECIAL, 'Badtitle/dummy title for API calls set in api.php' );
69 
70 // RequestContext will read from $wgTitle, but it will also whine about it.
71 // In a perfect world this wouldn't be necessary either.
72 RequestContext::getMain()->setTitle( $wgTitle );
73 
74 try {
75  /* Construct an ApiMain with the arguments passed via the URL. What we get back
76  * is some form of an ApiMain, possibly even one that produces an error message,
77  * but we don't care here, as that is handled by the constructor.
78  */
79  $processor = new ApiMain( RequestContext::getMain(), $wgEnableWriteAPI );
80 
81  // Last chance hook before executing the API
82  Hooks::run( 'ApiBeforeMain', [ &$processor ] );
83  if ( !$processor instanceof ApiMain ) {
84  throw new MWException( 'ApiBeforeMain hook set $processor to a non-ApiMain class' );
85  }
86 } catch ( Exception $e ) {
87  // Crap. Try to report the exception in API format to be friendly to clients.
89  $processor = false;
90 }
91 
92 // Process data & print results
93 if ( $processor ) {
94  $processor->execute();
95 }
96 
97 // Log what the user did, for book-keeping purposes.
98 $endtime = microtime( true );
99 
100 // Log the request
101 if ( $wgAPIRequestLog ) {
102  $items = [
103  wfTimestamp( TS_MW ),
105  $wgRequest->getIP(),
106  $wgRequest->getHeader( 'User-agent' )
107  ];
108  $items[] = $wgRequest->wasPosted() ? 'POST' : 'GET';
109  if ( $processor ) {
110  try {
111  $manager = $processor->getModuleManager();
112  $module = $manager->getModule( $wgRequest->getVal( 'action' ), 'action' );
113  } catch ( Exception $ex ) {
114  $module = null;
115  }
116  if ( !$module || $module->mustBePosted() ) {
117  $items[] = "action=" . $wgRequest->getVal( 'action' );
118  } else {
119  $items[] = wfArrayToCgi( $wgRequest->getValues() );
120  }
121  } else {
122  $items[] = "failed in ApiBeforeMain";
123  }
124  LegacyLogger::emit( implode( ',', $items ) . "\n", $wgAPIRequestLog );
125  wfDebug( "Logged API request to $wgAPIRequestLog\n" );
126 }
127 
129 $mediawiki->doPostOutputShutdown( 'fast' );
$wgEnableWriteAPI
Allow the API to be used to perform write operations (page edits, rollback, etc.) when an authorised ...
$wgAPIRequestLog
Log file or URL (TCP or UDP) to log API requests to, or false to disable API request logging.
$wgEnableAPI
Enable the MediaWiki API for convenient access to machine-readable data via api.php.
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
wfExpandUrl( $url, $defaultProto=PROTO_CURRENT)
Expand a potentially local URL to a fully-qualified URL.
wfAppendQuery( $url, $query)
Append a query string to an existing URL, which may or may not already have query string parameters a...
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e....
wfScript( $script='index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
if(! $wgDBerrorLogTZ) $wgRequest
Definition: Setup.php:737
if( $wgAPIRequestLog) $mediawiki
Definition: api.php:128
if(! $wgRequest->checkUrlExtension()) if(isset( $_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] !='') if(! $wgEnableAPI) $wgTitle
Definition: api.php:68
if(! $processor instanceof ApiMain) catch(Exception $e) if( $processor) $endtime
Definition: api.php:98
$starttime
Definition: api.php:40
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:43
static handleApiBeforeMainException(Exception $e)
Handle an exception from the ApiBeforeMain hook.
Definition: ApiMain.php:643
static run( $event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:203
MediaWiki exception.
Definition: MWException.php:26
static getMain()
Get the RequestContext object associated with the main request.
static makeTitle( $ns, $title, $fragment='', $interwiki='')
Create a new Title from a namespace index and a DB key.
Definition: Title.php:534
returning false will NOT prevent logging $e
Definition: hooks.txt:2176
The MIT free of to any person obtaining a copy of this software and associated documentation to deal in the Software without including without limitation the rights to use
Definition: LICENSE.txt:7
const PROTO_CANONICAL
Definition: Defines.php:233
const NS_SPECIAL
Definition: Defines.php:63
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:37
MediaWiki Logger LegacyLogger
Definition: logger.txt:54
This document describes the state of Postgres support in MediaWiki
Definition: postgres.txt:3