MediaWiki  master
TemplateParser.php
Go to the documentation of this file.
1 <?php
3 
29  protected $templateDir;
30 
34  protected $renderers;
35 
39  protected $forceRecompile = false;
40 
44  protected $compileFlags;
45 
50  public function __construct( $templateDir = null, $forceRecompile = false ) {
51  $this->templateDir = $templateDir ?: __DIR__ . '/templates';
52  $this->forceRecompile = $forceRecompile;
53 
54  // Do not add more flags here without discussion.
55  // If you do add more flags, be sure to update unit tests as well.
56  $this->compileFlags = LightnCandy::FLAG_ERROR_EXCEPTION | LightnCandy::FLAG_MUSTACHELOOKUP;
57  }
58 
63  public function enableRecursivePartials( $enable ) {
64  if ( $enable ) {
65  $this->compileFlags |= LightnCandy::FLAG_RUNTIMEPARTIAL;
66  } else {
67  $this->compileFlags &= ~LightnCandy::FLAG_RUNTIMEPARTIAL;
68  }
69  }
70 
77  protected function getTemplateFilename( $templateName ) {
78  // Prevent path traversal. Based on Language::isValidCode().
79  // This is for paranoia. The $templateName should never come from
80  // untrusted input.
81  if (
82  strcspn( $templateName, ":/\\\000&<>'\"%" ) !== strlen( $templateName )
83  ) {
84  throw new UnexpectedValueException( "Malformed \$templateName: $templateName" );
85  }
86 
87  return "{$this->templateDir}/{$templateName}.mustache";
88  }
89 
96  protected function getTemplate( $templateName ) {
97  $templateKey = $templateName . '|' . $this->compileFlags;
98 
99  // If a renderer has already been defined for this template, reuse it
100  if ( isset( $this->renderers[$templateKey] ) &&
101  is_callable( $this->renderers[$templateKey] )
102  ) {
103  return $this->renderers[$templateKey];
104  }
105 
106  $filename = $this->getTemplateFilename( $templateName );
107 
108  if ( !file_exists( $filename ) ) {
109  throw new RuntimeException( "Could not locate template: {$filename}" );
110  }
111 
112  // Read the template file
113  $fileContents = file_get_contents( $filename );
114 
115  // Generate a quick hash for cache invalidation
116  $fastHash = md5( $this->compileFlags . '|' . $fileContents );
117 
118  // Fetch a secret key for building a keyed hash of the PHP code
119  $config = MediaWikiServices::getInstance()->getMainConfig();
120  $secretKey = $config->get( 'SecretKey' );
121 
122  if ( $secretKey ) {
123  // See if the compiled PHP code is stored in cache.
125  $key = $cache->makeKey( 'template', $templateName, $fastHash );
126  $code = $this->forceRecompile ? null : $cache->get( $key );
127 
128  if ( $code ) {
129  // Verify the integrity of the cached PHP code
130  $keyedHash = substr( $code, 0, 64 );
131  $code = substr( $code, 64 );
132  if ( $keyedHash !== hash_hmac( 'sha256', $code, $secretKey ) ) {
133  // If the integrity check fails, don't use the cached code
134  // We'll update the invalid cache below
135  $code = null;
136  }
137  }
138  if ( !$code ) {
139  $code = $this->compileForEval( $fileContents, $filename );
140 
141  // Prefix the cached code with a keyed hash (64 hex chars) as an integrity check
142  $cache->set( $key, hash_hmac( 'sha256', $code, $secretKey ) . $code );
143  }
144  // If there is no secret key available, don't use cache
145  } else {
146  $code = $this->compileForEval( $fileContents, $filename );
147  }
148 
149  $renderer = eval( $code );
150  if ( !is_callable( $renderer ) ) {
151  throw new RuntimeException( "Requested template, {$templateName}, is not callable" );
152  }
153  $this->renderers[$templateKey] = $renderer;
154  return $renderer;
155  }
156 
165  protected function compileForEval( $fileContents, $filename ) {
166  // Compile the template into PHP code
167  $code = $this->compile( $fileContents );
168 
169  if ( !$code ) {
170  throw new RuntimeException( "Could not compile template: {$filename}" );
171  }
172 
173  // Strip the "<?php" added by lightncandy so that it can be eval()ed
174  if ( substr( $code, 0, 5 ) === '<?php' ) {
175  $code = substr( $code, 5 );
176  }
177 
178  return $code;
179  }
180 
187  protected function compile( $code ) {
188  if ( !class_exists( 'LightnCandy' ) ) {
189  throw new RuntimeException( 'LightnCandy class not defined' );
190  }
191  return LightnCandy::compile(
192  $code,
193  [
194  'flags' => $this->compileFlags,
195  'basedir' => $this->templateDir,
196  'fileext' => '.mustache',
197  ]
198  );
199  }
200 
221  public function processTemplate( $templateName, $args, array $scopes = [] ) {
222  $template = $this->getTemplate( $templateName );
223  return $template( $args, $scopes );
224  }
225 }
string $templateDir
The path to the Mustache templates.
The wiki should then use memcached to cache various data To use multiple just add more items to the array To increase the weight of a make its entry a array("192.168.0.1:11211", 2))
Apache License January AND DISTRIBUTION Definitions License shall mean the terms and conditions for use
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency MediaWikiServices
Definition: injection.txt:23
processTemplate( $templateName, $args, array $scopes=[])
Returns HTML for a given template by calling the template function with the given args...
if( $line===false) $args
Definition: cdb.php:64
enableRecursivePartials( $enable)
Enable/disable the use of recursive partials.
compileForEval( $fileContents, $filename)
Wrapper for compile() function that verifies successful compilation and strips out the &#39;<...
int $compileFlags
Compilation flags passed to LightnCandy.
$cache
Definition: mcc.php:33
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not null
Definition: hooks.txt:780
callable [] $renderers
Array of cached rendering functions.
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not it can be in the form of< username >< more info > e g for bot passwords intended to be added to log contexts Fields it might only if the login was with a bot password it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping see BaseTemplate::getToolbox and BaseTemplate::makeListItem for details on the format of individual items inside of this array or by returning and letting standard HTTP rendering take place modifiable or by returning false and taking over the output modifiable & $code
Definition: hooks.txt:780
bool $forceRecompile
Always compile template files.
injection txt This is an overview of how MediaWiki makes use of dependency injection The design described here grew from the discussion of RFC T384 The term dependency this means that anything an object needs to operate should be injected from the the object itself should only know narrow no concrete implementation of the logic it relies on The requirement to inject everything typically results in an architecture that based on two main types of and essentially stateless service objects that use other service objects to operate on the value objects As of the beginning MediaWiki is only starting to use the DI approach Much of the code still relies on global state or direct resulting in a highly cyclical dependency which acts as the top level factory for services in MediaWiki which can be used to gain access to default instances of various services MediaWikiServices however also allows new services to be defined and default services to be redefined Services are defined or redefined by providing a callback the instantiator that will return a new instance of the service When it will create an instance of MediaWikiServices and populate it with the services defined in the files listed by thereby bootstrapping the DI framework Per $wgServiceWiringFiles lists includes ServiceWiring php
Definition: injection.txt:35
this hook is for auditing only or null if authentication failed before getting that far or null if we can t even determine that When $user is not it can be in the form of< username >< more info > e g for bot passwords intended to be added to log contexts Fields it might only if the login was with a bot password it is not rendered in wiki pages or galleries in category pages allow injecting custom HTML after the section Any uses of the hook need to handle escaping $template
Definition: hooks.txt:780
compile( $code)
Compile the Mustache code into PHP code using LightnCandy.
const CACHE_ANYTHING
Definition: Defines.php:101
static getLocalServerInstance( $fallback=CACHE_NONE)
Factory function for CACHE_ACCEL (referenced from DefaultSettings.php)
getTemplate( $templateName)
Returns a given template function if found, otherwise throws an exception.
getTemplateFilename( $templateName)
Constructs the location of the source Mustache template.
__construct( $templateDir=null, $forceRecompile=false)