MediaWiki  master
Go to the documentation of this file.
1 <?php
31 abstract class FormSpecialPage extends SpecialPage {
36  protected $par = null;
42  protected $reauthPostData = null;
48  abstract protected function getFormFields();
54  protected function preText() {
55  return '';
56  }
62  protected function postText() {
63  return '';
64  }
70  protected function alterForm( HTMLForm $form ) {
71  }
79  protected function getMessagePrefix() {
80  return strtolower( $this->getName() );
81  }
89  protected function getDisplayFormat() {
90  return 'table';
91  }
97  protected function getForm() {
98  $context = $this->getContext();
99  $onSubmit = [ $this, 'onSubmit' ];
101  if ( $this->reauthPostData ) {
102  // Restore POST data
104  $oldRequest = $this->getRequest();
105  $context->setRequest( new DerivativeRequest(
106  $oldRequest, $this->reauthPostData + $oldRequest->getQueryValues(), true
107  ) );
109  // But don't treat it as a "real" submission just in case of some
110  // crazy kind of CSRF.
111  $onSubmit = function () {
112  return false;
113  };
114  }
116  $form = HTMLForm::factory(
117  $this->getDisplayFormat(),
118  $this->getFormFields(),
119  $context,
120  $this->getMessagePrefix()
121  );
122  $form->setSubmitCallback( $onSubmit );
123  if ( $this->getDisplayFormat() !== 'ooui' ) {
124  // No legend and wrapper by default in OOUI forms, but can be set manually
125  // from alterForm()
126  $form->setWrapperLegendMsg( $this->getMessagePrefix() . '-legend' );
127  }
129  $headerMsg = $this->msg( $this->getMessagePrefix() . '-text' );
130  if ( !$headerMsg->isDisabled() ) {
131  $form->addHeaderText( $headerMsg->parseAsBlock() );
132  }
134  $form->addPreText( $this->preText() );
135  $form->addPostText( $this->postText() );
136  $this->alterForm( $form );
137  if ( $form->getMethod() == 'post' ) {
138  // Retain query parameters (uselang etc) on POST requests
139  $params = array_diff_key(
140  $this->getRequest()->getQueryValues(), [ 'title' => null ] );
141  $form->addHiddenField( 'redirectparams', wfArrayToCgi( $params ) );
142  }
144  // Give hooks a chance to alter the form, adding extra fields or text etc
145  Hooks::run( 'SpecialPageBeforeFormDisplay', [ $this->getName(), &$form ] );
147  return $form;
148  }
156  abstract public function onSubmit( array $data /* $form = null */ );
163  public function onSuccess() {
164  }
171  public function execute( $par ) {
172  $this->setParameter( $par );
173  $this->setHeaders();
175  // This will throw exceptions if there's a problem
176  $this->checkExecutePermissions( $this->getUser() );
178  $securityLevel = $this->getLoginSecurityLevel();
179  if ( $securityLevel !== false && !$this->checkLoginSecurityLevel( $securityLevel ) ) {
180  return;
181  }
183  $form = $this->getForm();
184  if ( $form->show() ) {
185  $this->onSuccess();
186  }
187  }
193  protected function setParameter( $par ) {
194  $this->par = $par;
195  }
203  protected function checkExecutePermissions( User $user ) {
204  $this->checkPermissions();
206  if ( $this->requiresUnblock() ) {
207  $block = $user->getBlock();
208  if ( $block && $block->isSitewide() ) {
209  throw new UserBlockedError( $block );
210  }
211  }
213  if ( $this->requiresWrite() ) {
214  $this->checkReadOnly();
215  }
216  }
222  public function requiresWrite() {
223  return true;
224  }
230  public function requiresUnblock() {
231  return true;
232  }
240  protected function setReauthPostData( array $data ) {
241  $this->reauthPostData = $data;
242  }
243 }
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("", 2))
Tells if the special page does something security-sensitive and needs extra defense against a stolen ...
Utility to generate mapping file used in mw.Title (phpCharToUpper.json)
Gets the context this SpecialPage is executed in.
setParameter( $par)
Maybe do something interesting with the subpage parameter.
array null $reauthPostData
POST data preserved across re-authentication.
Add pre-text to the form.
execute( $par)
Basic SpecialPage workflow: get a form, send it to the user; get some data back,. ...
onSubmit(array $data)
Process the form on POST submission.
An IContextSource implementation which will inherit context from another source but allow individual ...
Similar to FauxRequest, but only fakes URL parameters and method (POST or GET) and use the base reque...
getBlock( $fromReplica=true)
Get the block affecting the user, or null if the user is not blocked.
Definition: User.php:2280
static factory( $displayFormat)
Construct a HTMLForm object for given display type.
Definition: HTMLForm.php:301
Get display format for the form.
Special page which uses an HTMLForm to handle processing.
checkExecutePermissions(User $user)
Called from execute() to check if the given user can perform this action.
Get an HTMLForm descriptor array.
alterForm(HTMLForm $form)
Play with the HTMLForm if you need to more substantially.
The User object encapsulates all of the user-specific settings (user_id, name, rights, email address, options, last login time).
Definition: User.php:48
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e.g.
null means default in associative array with keys and values unescaped Should be merged with default with a value of false meaning to suppress the attribute in associative array with keys and values unescaped noclasses just before the function returns a value If you return true
Definition: hooks.txt:1982
Add post-text to the form.
Sets headers - this should be called from the execute() method of all derived classes! ...
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
Definition: hooks.txt:780
Show an error when the user tries to do something whilst blocked.
setReauthPostData(array $data)
Preserve POST data across reauthentication.
Get message prefix for HTMLForm.
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
string null $par
The sub-page of the special page.
Get the name of this Special Page.
Whether this action cannot be executed by a blocked user.
Shortcut to get the User executing this instance.
Get the HTMLForm to control behavior.
msg( $key)
Wrapper around wfMessage that sets the current context.
do that in ParserLimitReportFormat instead use this to modify the parameters of the image all existing parser cache entries will be invalid To avoid you ll need to handle that somehow(e.g. with the RejectParserCacheValue hook) because MediaWiki won 't do it for you. & $defaults also a ContextSource after deleting those rows but within the same transaction you ll probably need to make sure the header is varied on and they can depend only on the ResourceLoaderContext $context
Definition: hooks.txt:2633
checkLoginSecurityLevel( $level=null)
Verifies that the user meets the security level, possibly reauthenticating them in the process...
Checks if userCanExecute, and if not throws a PermissionsError.
Get the WebRequest being used for this instance.
Do something exciting on successful processing of the form, most likely to show a confirmation messag...
Whether this action requires the wiki not to be locked.
If the wiki is currently in readonly mode, throws a ReadOnlyError.
return true to allow those checks to and false if checking is done & $user
Definition: hooks.txt:1473
static run( $event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:200