<?php
+/**
+ * HTML form generation and submission handling.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License along
+ * with this program; if not, write to the Free Software Foundation, Inc.,
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ * http://www.gnu.org/copyleft/gpl.html
+ *
+ * @file
+ */
+
/**
* Object handling generic submission, CSRF protection, layout and
* other logic for UI forms. in a reusable manner.
* the message.
* 'label' -- alternatively, a raw text message. Overridden by
* label-message
+ * 'help' -- message text for a message to use as a help text.
* 'help-message' -- message key for a message to use as a help text.
* can be an array of msg key and then parameters to
* the message.
- * Overwrites 'help-messages'.
+ * Overwrites 'help-messages' and 'help'.
* 'help-messages' -- array of message key. As above, each item can
* be an array of msg key and then parameters.
- * Overwrites 'help-message'.
+ * Overwrites 'help'.
* 'required' -- passed through to the object, indicating that it
* is a required field.
* 'size' -- the length of text fields
*/
class HTMLForm extends ContextSource {
- # A mapping of 'type' inputs onto standard HTMLFormField subclasses
+ // A mapping of 'type' inputs onto standard HTMLFormField subclasses
static $typeMappings = array(
'text' => 'HTMLTextField',
'textarea' => 'HTMLTextAreaField',
'hidden' => 'HTMLHiddenField',
'edittools' => 'HTMLEditTools',
- # HTMLTextField will output the correct type="" attribute automagically.
- # There are about four zillion other HTML5 input types, like url, but
- # we don't use those at the moment, so no point in adding all of them.
+ // HTMLTextField will output the correct type="" attribute automagically.
+ // There are about four zillion other HTML5 input types, like url, but
+ // we don't use those at the moment, so no point in adding all of them.
'email' => 'HTMLTextField',
'password' => 'HTMLTextField',
);
protected $mTitle;
protected $mMethod = 'post';
+ /**
+ * Form action URL. false means we will use the URL to set Title
+ * @since 1.19
+ * @var bool|string
+ */
+ protected $mAction = false;
+
protected $mUseMultipart = false;
protected $mHiddenFields = array();
protected $mButtons = array();
* done already.
* @deprecated since 1.18 load modules with ResourceLoader instead
*/
- static function addJS() { }
+ static function addJS() { wfDeprecated( __METHOD__, '1.18' ); }
/**
* Initialise a new Object for the field
$descriptor['fieldname'] = $fieldname;
+ # TODO
+ # This will throw a fatal error whenever someone try to use
+ # 'class' to feed a CSS class instead of 'cssclass'. Would be
+ # great to avoid the fatal error and show a nice error.
$obj = new $class( $descriptor );
return $obj;
* @return Status|boolean
*/
function tryAuthorizedSubmit() {
- $editToken = $this->getRequest()->getVal( 'wpEditToken' );
-
$result = false;
- if ( $this->getMethod() != 'post' || $this->getUser()->matchEditToken( $editToken ) ) {
+
+ $submit = false;
+ if ( $this->getMethod() != 'post' ) {
+ $submit = true; // no session check needed
+ } elseif ( $this->getRequest()->wasPosted() ) {
+ $editToken = $this->getRequest()->getVal( 'wpEditToken' );
+ if ( $this->getUser()->isLoggedIn() || $editToken != null ) {
+ // Session tokens for logged-out users have no security value.
+ // However, if the user gave one, check it in order to give a nice
+ // "session expired" error instead of "permission denied" or such.
+ $submit = $this->getUser()->matchEditToken( $editToken );
+ } else {
+ $submit = true;
+ }
+ }
+
+ if ( $submit ) {
$result = $this->trySubmit();
}
+
return $result;
}
/**
* The here's-one-I-made-earlier option: do the submission if
- * posted, or display the form with or without funky valiation
+ * posted, or display the form with or without funky validation
* errors
* @return Bool or Status whether submission was successful.
*/
$this->prepareForm();
$result = $this->tryAuthorizedSubmit();
- if ( $result === true || ( $result instanceof Status && $result->isGood() ) ){
+ if ( $result === true || ( $result instanceof Status && $result->isGood() ) ) {
return $result;
}
}
$callback = $this->mSubmitCallback;
+ if ( !is_callable( $callback ) ) {
+ throw new MWException( 'HTMLForm: no submit callback provided. Use setSubmitCallback() to set one.' );
+ }
$data = $this->filterDataForSubmit( $this->mFieldData );
/**
* Add header text, inside the form.
* @param $msg String complete text of message to display
- * @param $section The section to add the header to
+ * @param $section string The section to add the header to
*/
function addHeaderText( $msg, $section = null ) {
if ( is_null( $section ) ) {
}
/**
- * Display the form (sending to wgOut), with an appropriate error
+ * Display the form (sending to $wgOut), with an appropriate error
* message or stack of messages, and any validation errors, etc.
* @param $submitResult Mixed output from HTMLForm::trySubmit()
*/
: 'application/x-www-form-urlencoded';
# Attributes
$attribs = array(
- 'action' => $this->getTitle()->getFullURL(),
+ 'action' => $this->mAction === false ? $this->getTitle()->getFullURL() : $this->mAction,
'method' => $this->mMethod,
'class' => 'visualClear',
'enctype' => $encType,
* @return String HTML.
*/
function getHiddenFields() {
- global $wgUsePathInfo;
+ global $wgArticlePath;
$html = '';
if( $this->getMethod() == 'post' ){
- $html .= Html::hidden( 'wpEditToken', $this->getUser()->editToken(), array( 'id' => 'wpEditToken' ) ) . "\n";
+ $html .= Html::hidden( 'wpEditToken', $this->getUser()->getEditToken(), array( 'id' => 'wpEditToken' ) ) . "\n";
$html .= Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n";
}
- if ( !$wgUsePathInfo && $this->getMethod() == 'get' ) {
+ if ( strpos( $wgArticlePath, '?' ) !== false && $this->getMethod() == 'get' ) {
$html .= Html::hidden( 'title', $this->getTitle()->getPrefixedText() ) . "\n";
}
* @param $msg String message key
*/
public function setSubmitTextMsg( $msg ) {
- return $this->setSubmitText( $this->msg( $msg )->escaped() );
+ return $this->setSubmitText( $this->msg( $msg )->text() );
}
/**
* Get the text for the submit button, either customised or a default.
- * @return unknown_type
+ * @return string
*/
function getSubmitText() {
return $this->mSubmitText
* Set the method used to submit the form
* @param $method String
*/
- public function setMethod( $method='post' ){
+ public function setMethod( $method = 'post' ) {
$this->mMethod = $method;
}
- public function getMethod(){
+ public function getMethod() {
return $this->mMethod;
}
* to the form as a whole, after it's submitted but before it's
* processed.
* @param $data
- * @return unknown_type
+ * @return
*/
function filterDataForSubmit( $data ) {
return $data;
public function getLegend( $key ) {
return wfMsg( "{$this->mMessagePrefix}-$key" );
}
+
+ /**
+ * Set the value for the action attribute of the form.
+ * When set to false (which is the default state), the set title is used.
+ *
+ * @since 1.19
+ *
+ * @param string|bool $action
+ */
+ public function setAction( $action ) {
+ $this->mAction = $action;
+ }
+
}
/**
}
if ( isset( $this->mValidationCallback ) ) {
- return call_user_func( $this->mValidationCallback, $value, $alldata );
+ return call_user_func( $this->mValidationCallback, $value, $alldata, $this->mParent );
}
return true;
function filter( $value, $alldata ) {
if ( isset( $this->mFilterCallback ) ) {
- $value = call_user_func( $this->mFilterCallback, $value, $alldata );
+ $value = call_user_func( $this->mFilterCallback, $value, $alldata, $this->mParent );
}
return $value;
if ( isset( $params['filter-callback'] ) ) {
$this->mFilterCallback = $params['filter-callback'];
}
+
+ if ( isset( $params['flatlist'] ) ){
+ $this->mClass .= ' mw-htmlform-flatlist';
+ }
}
/**
$helptext = null;
if ( isset( $this->mParams['help-message'] ) ) {
- $msg = wfMessage( $this->mParams['help-message'] );
- if ( $msg->exists() ) {
- $helptext = $msg->parse();
- }
- } elseif ( isset( $this->mParams['help-messages'] ) ) {
- # help-message can be passed a message key (string) or an array containing
- # a message key and additional parameters. This makes it impossible to pass
- # an array of message key
+ $this->mParams['help-messages'] = array( $this->mParams['help-message'] );
+ }
+
+ if ( isset( $this->mParams['help-messages'] ) ) {
foreach( $this->mParams['help-messages'] as $name ) {
- $msg = wfMessage( $name );
+ $helpMessage = (array)$name;
+ $msg = wfMessage( array_shift( $helpMessage ), $helpMessage );
+
if( $msg->exists() ) {
- $helptext .= $msg->parse(); // append message
+ if( is_null( $helptext ) ) {
+ $helptext = '';
+ } else {
+ $helptext .= wfMessage( 'word-separator' )->escaped(); // some space
+ }
+ $helptext .= $msg->parse(); // Append message
}
}
- } elseif ( isset( $this->mParams['help'] ) ) {
+ }
+ elseif ( isset( $this->mParams['help'] ) ) {
$helptext = $this->mParams['help'];
}
if ( !is_null( $helptext ) ) {
- $row = Html::rawElement( 'td', array( 'colspan' => 2, 'class' => 'htmlform-tip' ),
- $helptext );
+ $row = Html::rawElement(
+ 'td',
+ array( 'colspan' => 2, 'class' => 'htmlform-tip' ),
+ $helptext
+ );
$row = Html::rawElement( 'tr', array(), $row );
$html .= "$row\n";
}
/**
* flatten an array of options to a single array, for instance,
* a set of <options> inside <optgroups>.
- * @param $options Associative Array with values either Strings
+ * @param $options array Associative Array with values either Strings
* or Arrays
* @return Array flattened input
*/
'value' => $value,
) + $this->getTooltipAndAccessKey();
+ if ( $this->mClass !== '' ) {
+ $attribs['class'] = $this->mClass;
+ }
+
if ( isset( $this->mParams['maxlength'] ) ) {
$attribs['maxlength'] = $this->mParams['maxlength'];
}
'rows' => $this->getRows(),
) + $this->getTooltipAndAccessKey();
-
+ if ( $this->mClass !== '' ) {
+ $attribs['class'] = $this->mClass;
+ }
+
if ( !empty( $this->mParams['disabled'] ) ) {
$attribs['disabled'] = 'disabled';
}
$attribs['readonly'] = 'readonly';
}
+ if ( isset( $this->mParams['placeholder'] ) ) {
+ $attribs['placeholder'] = $this->mParams['placeholder'];
+ }
+
foreach ( array( 'required', 'autofocus' ) as $param ) {
if ( isset( $this->mParams[$param] ) ) {
$attribs[$param] = '';
if ( !empty( $this->mParams['disabled'] ) ) {
$attr['disabled'] = 'disabled';
}
+
+ if ( $this->mClass !== '' ) {
+ $attr['class'] = $this->mClass;
+ }
return Xml::check( $this->mName, $value, $attr ) . ' ' .
Html::rawElement( 'label', array( 'for' => $this->mID ), $this->mLabel );
if ( !empty( $this->mParams['disabled'] ) ) {
$select->setAttribute( 'disabled', 'disabled' );
}
+
+ if ( $this->mClass !== '' ) {
+ $select->setAttribute( 'class', $this->mClass );
+ }
$select->addOptions( $this->mParams['options'] );
if ( isset( $this->mParams['maxlength'] ) ) {
$tbAttribs['maxlength'] = $this->mParams['maxlength'];
}
+
+ if ( $this->mClass !== '' ) {
+ $tbAttribs['class'] = $this->mClass;
+ }
$textbox = Html::input(
$this->mName . '-other',
*/
class HTMLMultiSelectField extends HTMLFormField {
- public function __construct( $params ){
- parent::__construct( $params );
- if( isset( $params['flatlist'] ) ){
- $this->mClass .= ' mw-htmlform-multiselect-flatlist';
- }
- }
-
function validate( $value, $alldata ) {
$p = parent::validate( $value, $alldata );
$attribs + $thisAttribs );
$checkbox .= ' ' . Html::rawElement( 'label', array( 'for' => "{$this->mID}-$info" ), $label );
- $html .= ' ' . Html::rawElement( 'div', array( 'class' => 'mw-htmlform-multiselect-item' ), $checkbox );
+ $html .= ' ' . Html::rawElement( 'div', array( 'class' => 'mw-htmlform-flatlist-item' ), $checkbox );
}
}
'id' => $this->mID . '-other',
'size' => $this->getSize(),
);
+
+ if ( $this->mClass !== '' ) {
+ $textAttribs['class'] = $this->mClass;
+ }
foreach ( array( 'required', 'autofocus', 'multiple', 'disabled' ) as $param ) {
if ( isset( $this->mParams[$param] ) ) {
* Radio checkbox fields.
*/
class HTMLRadioField extends HTMLFormField {
- function __construct( $params ) {
- parent::__construct( $params );
- if ( isset( $params['flatlist'] ) ) {
- $this->mClass .= ' mw-htmlform-radio-flatlist';
- }
- }
function validate( $value, $alldata ) {
$radio .= ' ' .
Html::rawElement( 'label', array( 'for' => $id ), $label );
- $html .= ' ' . Html::rawElement( 'div', array( 'class' => 'mw-htmlform-radio-item' ), $radio );
+ $html .= ' ' . Html::rawElement( 'div', array( 'class' => 'mw-htmlform-flatlist-item' ), $radio );
}
}
return Xml::submitButton(
$value,
array(
- 'class' => 'mw-htmlform-submit',
+ 'class' => 'mw-htmlform-submit ' . $this->mClass,
'name' => $this->mName,
'id' => $this->mID,
)