MediaWiki  master
api.php
Go to the documentation of this file.
1 <?php
31 
32 // So extensions (and other code) can check whether they're running in API mode
33 define( 'MW_API', true );
34 define( 'MW_ENTRY_POINT', 'api' );
35 
36 require __DIR__ . '/includes/WebStart.php';
37 
38 $starttime = microtime( true );
39 
40 // URL safety checks
41 if ( !$wgRequest->checkUrlExtension() ) {
42  return;
43 }
44 
45 // PATH_INFO can be used for stupid things. We don't support it for api.php at
46 // all, so error out if it's present.
47 if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
48  $correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValuesOnly() );
49  $correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL );
50  header( "Location: $correctUrl", true, 301 );
51  echo 'This endpoint does not support "path info", i.e. extra text between "api.php"'
52  . 'and the "?". Remove any such text and try again.';
53  die( 1 );
54 }
55 
56 // Set a dummy $wgTitle, because $wgTitle == null breaks various things
57 // In a perfect world this wouldn't be necessary
58 $wgTitle = Title::makeTitle( NS_SPECIAL, 'Badtitle/dummy title for API calls set in api.php' );
59 
60 // RequestContext will read from $wgTitle, but it will also whine about it.
61 // In a perfect world this wouldn't be necessary either.
62 RequestContext::getMain()->setTitle( $wgTitle );
63 
64 try {
65  // Construct an ApiMain with the arguments passed via the URL. What we get back
66  // is some form of an ApiMain, possibly even one that produces an error message,
67  // but we don't care here, as that is handled by the constructor.
68  $processor = new ApiMain( RequestContext::getMain(), true );
69 
70  // Last chance hook before executing the API
71  Hooks::run( 'ApiBeforeMain', [ &$processor ] );
72  if ( !$processor instanceof ApiMain ) {
73  throw new MWException( 'ApiBeforeMain hook set $processor to a non-ApiMain class' );
74  }
75 } catch ( Exception $e ) { // @todo Remove this block when HHVM is no longer supported
76  // Crap. Try to report the exception in API format to be friendly to clients.
78  $processor = false;
79 } catch ( Throwable $e ) {
80  // Crap. Try to report the exception in API format to be friendly to clients.
82  $processor = false;
83 }
84 
85 // Process data & print results
86 if ( $processor ) {
87  $processor->execute();
88 }
89 
90 // Log what the user did, for book-keeping purposes.
91 $endtime = microtime( true );
92 
93 // Log the request
94 if ( $wgAPIRequestLog ) {
95  $items = [
96  wfTimestamp( TS_MW ),
98  $wgRequest->getIP(),
99  $wgRequest->getHeader( 'User-agent' )
100  ];
101  $items[] = $wgRequest->wasPosted() ? 'POST' : 'GET';
102  if ( $processor ) {
103  try {
104  $manager = $processor->getModuleManager();
105  $module = $manager->getModule( $wgRequest->getVal( 'action' ), 'action' );
106  } catch ( Exception $ex ) { // @todo Remove this block when HHVM is no longer supported
107  $module = null;
108  } catch ( Throwable $ex ) {
109  $module = null;
110  }
111  if ( !$module || $module->mustBePosted() ) {
112  $items[] = "action=" . $wgRequest->getVal( 'action' );
113  } else {
114  $items[] = wfArrayToCgi( $wgRequest->getValues() );
115  }
116  } else {
117  $items[] = "failed in ApiBeforeMain";
118  }
119  LegacyLogger::emit( implode( ',', $items ) . "\n", $wgAPIRequestLog );
120  wfDebug( "Logged API request to $wgAPIRequestLog\n" );
121 }
122 
124 $mediawiki->doPostOutputShutdown( 'fast' );
wfExpandUrl( $url, $defaultProto=PROTO_CURRENT)
Expand a potentially local URL to a fully-qualified URL.
const NS_SPECIAL
Definition: Defines.php:49
A helper class for throttling authentication attempts.
wfScript( $script='index')
Get the path to a specified script file, respecting file extensions; this is a wrapper around $wgScri...
wfArrayToCgi( $array1, $array2=null, $prefix='')
This function takes one or two arrays as input, and returns a CGI-style string, e.g.
wfAppendQuery( $url, $query)
Append a query string to an existing URL, which may or may not already have query string parameters a...
wfTimestamp( $outputtype=TS_UNIX, $ts=0)
Get a timestamp string in one of various formats.
if( $wgAPIRequestLog) $mediawiki
Definition: api.php:123
static getMain()
Get the RequestContext object associated with the main request.
wfDebug( $text, $dest='all', array $context=[])
Sends a line to the debug log if enabled or, optionally, to a comment in output.
This is the main API class, used for both external and internal processing.
Definition: ApiMain.php:41
$wgAPIRequestLog
Log file or URL (TCP or UDP) to log API requests to, or false to disable API request logging...
static makeTitle( $ns, $title, $fragment='', $interwiki='')
Create a new Title from a namespace index and a DB key.
Definition: Title.php:586
if(! $processor instanceof ApiMain) catch(Exception $e) catch(Throwable $e) if( $processor) $endtime
Definition: api.php:91
const PROTO_CANONICAL
Definition: Defines.php:203
static handleApiBeforeMainException( $e)
Handle an exception from the ApiBeforeMain hook.
Definition: ApiMain.php:647
if(! $wgDBerrorLogTZ) $wgRequest
Definition: Setup.php:742
if(! $wgRequest->checkUrlExtension()) if(isset( $_SERVER['PATH_INFO']) && $_SERVER['PATH_INFO'] !='') $wgTitle
Definition: api.php:58
static run( $event, array $args=[], $deprecatedVersion=null)
Call hook functions defined in Hooks::register and $wgHooks.
Definition: Hooks.php:200
$starttime
Definition: api.php:38