master/php/FormSpecialPage_8php_source.html

<?php

namespace MediaWiki\SpecialPage;


use MediaWiki\Context\DerivativeContext;

use MediaWiki\Debug\MWDebug;

use MediaWiki\HTMLForm\HTMLForm;

use MediaWiki\Request\DerivativeRequest;

use MediaWiki\Status\Status;

use MediaWiki\User\User;

use UserBlockedError;


abstract class FormSpecialPage extends SpecialPage {

    protected $par = null;


    protected $reauthPostData = null;


    abstract protected function getFormFields();


    protected function preHtml() {

        return '';

    }


    protected function postHtml() {

        return '';

    }


    protected function preText() {

        wfDeprecated( __METHOD__, '1.38' );

        return $this->preHtml();

    }


    protected function postText() {

        wfDeprecated( __METHOD__, '1.38' );

        return $this->postHtml();

    }


    protected function alterForm( HTMLForm $form ) {

    }


    protected function getMessagePrefix() {

        return strtolower( $this->getName() );

    }


    protected function getDisplayFormat() {

        return 'table';

    }


    protected function getForm() {

        $context = $this->getContext();

        $onSubmit = [ $this, 'onSubmit' ];


        if ( $this->reauthPostData ) {

            // Restore POST data

            $context = new DerivativeContext( $context );

            $oldRequest = $this->getRequest();

            $context->setRequest( new DerivativeRequest(

                $oldRequest, $this->reauthPostData + $oldRequest->getQueryValues(), true

            ) );


            // But don't treat it as a "real" submission just in case of some

            // crazy kind of CSRF.

            $onSubmit = static function () {

                return false;

            };

        }


        $form = HTMLForm::factory(

            $this->getDisplayFormat(),

            $this->getFormFields(),

            $context,

            $this->getMessagePrefix()

        );

        if ( !$this->requiresPost() ) {

            $form->setMethod( 'get' );

        }

        $form->setSubmitCallback( $onSubmit );

        if ( $this->getDisplayFormat() !== 'ooui' ) {

            // No legend and wrapper by default in OOUI forms, but can be set manually

            // from alterForm()

            $form->setWrapperLegendMsg( $this->getMessagePrefix() . '-legend' );

        }


        $headerMsg = $this->msg( $this->getMessagePrefix() . '-text' );

        if ( !$headerMsg->isDisabled() ) {

            $form->addHeaderHtml( $headerMsg->parseAsBlock() );

        }


        // preText / postText are deprecated, but we need to keep calling them until the end of

        // the deprecation process so a subclass overriding *Text and *Html both work

        $form->addPreHtml( MWDebug::detectDeprecatedOverride( $this, __CLASS__, 'preText', '1.38' )

            ? $this->preText()

            : $this->preHtml()

        );

        $form->addPostHtml( MWDebug::detectDeprecatedOverride( $this, __CLASS__, 'postText', '1.38' )

            ? $this->postText()

            : $this->postHtml()

        );


        // Give precedence to subpage syntax

        $field = $this->getSubpageField();

        // cast to string so that "0" is not thrown away

        if ( strval( $this->par ) !== '' && $field ) {

            $this->getRequest()->setVal( $form->getField( $field )->getName(), $this->par );

            $form->setTitle( $this->getPageTitle() );

        }

        $this->alterForm( $form );

        if ( $form->getMethod() == 'post' ) {

            // Retain query parameters (uselang etc) on POST requests

            $params = array_diff_key(

                $this->getRequest()->getQueryValues(), [ 'title' => null ] );

            $form->addHiddenField( 'redirectparams', wfArrayToCgi( $params ) );

        }


        // Give hooks a chance to alter the form, adding extra fields or text etc

        $this->getHookRunner()->onSpecialPageBeforeFormDisplay( $this->getName(), $form );


        return $form;

    }


    abstract public function onSubmit( array $data /* HTMLForm $form = null */ );


    public function onSuccess() {

    }


    public function execute( $par ) {

        $this->setParameter( $par );

        $this->setHeaders();

        $this->outputHeader();


        // This will throw exceptions if there's a problem

        $this->checkExecutePermissions( $this->getUser() );


        $securityLevel = $this->getLoginSecurityLevel();

        if ( $securityLevel !== false && !$this->checkLoginSecurityLevel( $securityLevel ) ) {

            return;

        }


        $form = $this->getForm();

        // GET forms can be set as includable

        if ( !$this->including() ) {

            $result = $this->getShowAlways() ? $form->showAlways() : $form->show();

        } else {

            $result = $form->prepareForm()->tryAuthorizedSubmit();

        }

        if ( $result === true || ( $result instanceof Status && $result->isGood() ) ) {

            $this->onSuccess();

        }

    }


    protected function getShowAlways() {

        return false;

    }


    protected function setParameter( $par ) {

        $this->par = $par;

    }


    protected function getSubpageField() {

        return false;

    }


    protected function checkExecutePermissions( User $user ) {

        $this->checkPermissions();


        if ( $this->requiresUnblock() ) {

            $block = $user->getBlock();

            if ( $block && $block->isSitewide() ) {

                throw new UserBlockedError(

                    $block,

                    $user,

                    $this->getLanguage(),

                    $this->getRequest()->getIP()

                );

            }

        }


        if ( $this->requiresWrite() ) {

            $this->checkReadOnly();

        }

    }


    public function requiresPost() {

        return true;

    }


    public function requiresWrite() {

        return $this->requiresPost();

    }


    public function requiresUnblock() {

        return $this->requiresPost();

    }


    protected function setReauthPostData( array $data ) {

        $this->reauthPostData = $data;

    }


}


class_alias( FormSpecialPage::class, 'FormSpecialPage' );

wfArrayToCgi
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e....
Definition GlobalFunctions.php:344

wfDeprecated
wfDeprecated( $function, $version=false, $component=false, $callerOffset=2)
Logs a warning that a deprecated feature was used.
Definition GlobalFunctions.php:763

$params
array $params
The job parameters.
Definition UploadJobTrait.php:46

MediaWiki\Context\DerivativeContext
An IContextSource implementation which will inherit context from another source but allow individual ...
Definition DerivativeContext.php:47

MediaWiki\Debug\MWDebug
Debug toolbar.
Definition MWDebug.php:48

MediaWiki\HTMLForm\HTMLForm
Object handling generic submission, CSRF protection, layout and other logic for UI forms in a reusabl...
Definition HTMLForm.php:209

MediaWiki\Request\DerivativeRequest
Similar to MediaWiki\Request\FauxRequest, but only fakes URL parameters and method (POST or GET) and ...
Definition DerivativeRequest.php:40

MediaWiki\SpecialPage\FormSpecialPage
Special page which uses an HTMLForm to handle processing.
Definition FormSpecialPage.php:41

MediaWiki\SpecialPage\FormSpecialPage\getMessagePrefix
getMessagePrefix()
Get message prefix for HTMLForm.
Definition FormSpecialPage.php:111

MediaWiki\SpecialPage\FormSpecialPage\requiresUnblock
requiresUnblock()
Whether this action cannot be executed by a blocked user, default to requiresPost()
Definition FormSpecialPage.php:323

MediaWiki\SpecialPage\FormSpecialPage\onSuccess
onSuccess()
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
Definition FormSpecialPage.php:217

MediaWiki\SpecialPage\FormSpecialPage\requiresPost
requiresPost()
Whether this action should using POST method to submit, default to true.
Definition FormSpecialPage.php:307

MediaWiki\SpecialPage\FormSpecialPage\getShowAlways
getShowAlways()
Whether the form should always be shown despite the success of submission.
Definition FormSpecialPage.php:255

MediaWiki\SpecialPage\FormSpecialPage\getForm
getForm()
Get the HTMLForm to control behavior.
Definition FormSpecialPage.php:129

MediaWiki\SpecialPage\FormSpecialPage\postText
postText()
Add post-text to the form.
Definition FormSpecialPage.php:93

MediaWiki\SpecialPage\FormSpecialPage\setParameter
setParameter( $par)
Maybe do something interesting with the subpage parameter.
Definition FormSpecialPage.php:263

MediaWiki\SpecialPage\FormSpecialPage\execute
execute( $par)
Basic SpecialPage workflow: get a form, send it to the user; get some data back,.
Definition FormSpecialPage.php:225

MediaWiki\SpecialPage\FormSpecialPage\requiresWrite
requiresWrite()
Whether this action requires the wiki not to be locked, default to requiresPost()
Definition FormSpecialPage.php:315

MediaWiki\SpecialPage\FormSpecialPage\alterForm
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
Definition FormSpecialPage.php:102

MediaWiki\SpecialPage\FormSpecialPage\setReauthPostData
setReauthPostData(array $data)
Preserve POST data across reauthentication.
Definition FormSpecialPage.php:333

MediaWiki\SpecialPage\FormSpecialPage\$par
string null $par
The subpage of the special page.
Definition FormSpecialPage.php:46

MediaWiki\SpecialPage\FormSpecialPage\$reauthPostData
array null $reauthPostData
POST data preserved across re-authentication.
Definition FormSpecialPage.php:52

MediaWiki\SpecialPage\FormSpecialPage\getSubpageField
getSubpageField()
Override this function to set the field name used in the subpage syntax.
Definition FormSpecialPage.php:272

MediaWiki\SpecialPage\FormSpecialPage\preText
preText()
Add pre-text to the form.
Definition FormSpecialPage.php:83

MediaWiki\SpecialPage\FormSpecialPage\checkExecutePermissions
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Definition FormSpecialPage.php:282

MediaWiki\SpecialPage\FormSpecialPage\getFormFields
getFormFields()
Get an HTMLForm descriptor array.

MediaWiki\SpecialPage\FormSpecialPage\preHtml
preHtml()
Add pre-HTML to the form.
Definition FormSpecialPage.php:65

MediaWiki\SpecialPage\FormSpecialPage\onSubmit
onSubmit(array $data)
Process the form on submission.

MediaWiki\SpecialPage\FormSpecialPage\getDisplayFormat
getDisplayFormat()
Get display format for the form.
Definition FormSpecialPage.php:121

MediaWiki\SpecialPage\FormSpecialPage\postHtml
postHtml()
Add post-HTML to the form.
Definition FormSpecialPage.php:74

MediaWiki\SpecialPage\SpecialPage
Parent class for all special pages.
Definition SpecialPage.php:66

MediaWiki\SpecialPage\SpecialPage\setHeaders
setHeaders()
Sets headers - this should be called from the execute() method of all derived classes!
Definition SpecialPage.php:700

MediaWiki\SpecialPage\SpecialPage\getUser
getUser()
Shortcut to get the User executing this instance.
Definition SpecialPage.php:901

MediaWiki\SpecialPage\SpecialPage\getPageTitle
getPageTitle( $subpage=false)
Get a self-referential title object.
Definition SpecialPage.php:845

MediaWiki\SpecialPage\SpecialPage\checkPermissions
checkPermissions()
Checks if userCanExecute, and if not throws a PermissionsError.
Definition SpecialPage.php:402

MediaWiki\SpecialPage\SpecialPage\checkReadOnly
checkReadOnly()
If the wiki is currently in readonly mode, throws a ReadOnlyError.
Definition SpecialPage.php:415

MediaWiki\SpecialPage\SpecialPage\getContext
getContext()
Gets the context this SpecialPage is executed in.
Definition SpecialPage.php:865

MediaWiki\SpecialPage\SpecialPage\getRequest
getRequest()
Get the WebRequest being used for this instance.
Definition SpecialPage.php:881

MediaWiki\SpecialPage\SpecialPage\msg
msg( $key,... $params)
Wrapper around wfMessage that sets the current context.
Definition SpecialPage.php:1000

MediaWiki\SpecialPage\SpecialPage\getLoginSecurityLevel
getLoginSecurityLevel()
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
Definition SpecialPage.php:470

MediaWiki\SpecialPage\SpecialPage\including
including( $x=null)
Whether the special page is being evaluated via transclusion.
Definition SpecialPage.php:287

MediaWiki\SpecialPage\SpecialPage\getLanguage
getLanguage()
Shortcut to get user's language.
Definition SpecialPage.php:931

MediaWiki\SpecialPage\SpecialPage\outputHeader
outputHeader( $summaryMessageKey='')
Outputs a summary message on top of special pages By default the message key is the canonical name of...
Definition SpecialPage.php:790

MediaWiki\SpecialPage\SpecialPage\getName
getName()
Get the canonical, unlocalized name of this special page without namespace.
Definition SpecialPage.php:226

MediaWiki\SpecialPage\SpecialPage\checkLoginSecurityLevel
checkLoginSecurityLevel( $level=null)
Verifies that the user meets the security level, possibly reauthenticating them in the process.
Definition SpecialPage.php:519

MediaWiki\SpecialPage\SpecialPage\getHookRunner
getHookRunner()
Definition SpecialPage.php:1209

MediaWiki\Status\Status
Generic operation result class Has warning/error list, boolean status and arbitrary value.
Definition Status.php:54

MediaWiki\User\User
internal since 1.36
Definition User.php:93

MediaWiki\User\User\getBlock
getBlock( $freshness=IDBAccessObject::READ_NORMAL, $disableIpBlockExemptChecking=false)
Get the block affecting the user, or null if the user is not blocked.
Definition User.php:1418

StatusValue\isGood
isGood()
Returns whether the operation completed and didn't have any error or warnings.
Definition StatusValue.php:142

UserBlockedError
Show an error when the user tries to do something whilst blocked.
Definition UserBlockedError.php:34

MediaWiki\SpecialPage
Definition AuthManagerSpecialPage.php:3