dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Throw an exception for invalid data in expandAttributes() so we get a backtrace and...
[lhc/web/wiklou.git] / includes / FileDeleteForm.php
1 <?php
2
3 /**
4 * File deletion user interface
5 *
6 * @addtogroup Media
7 * @author Rob Church <robchur@gmail.com>
8 */
9 class FileDeleteForm {
10
11 private $title = null;
12 private $file = null;
13 private $oldimage = '';
14
15 /**
16 * Constructor
17 *
18 * @param File $file File we're deleting
19 */
20 public function __construct( $file ) {
21 $this->title = $file->getTitle();
22 $this->file = $file;
23 }
24
25 /**
26 * Fulfil the request; shows the form or deletes the file,
27 * pending authentication, confirmation, etc.
28 */
29 public function execute() {
30 global $wgOut, $wgRequest, $wgUser, $wgLang, $wgServer;
31 $this->setHeaders();
32
33 if( wfReadOnly() ) {
34 $wgOut->readOnlyPage();
35 return;
36 } elseif( !$wgUser->isLoggedIn() ) {
37 $wgOut->showErrorPage( 'uploadnologin', 'uploadnologintext' );
38 return;
39 } elseif( !$wgUser->isAllowed( 'delete' ) ) {
40 $wgOut->permissionError( 'delete' );
41 return;
42 } elseif( $wgUser->isBlocked() ) {
43 $wgOut->blockedPage();
44 return;
45 }
46
47 $this->oldimage = $wgRequest->getText( 'oldimage', false );
48 $token = $wgRequest->getText( 'wpEditToken' );
49 if( $this->oldimage && !$this->isValidOldSpec() ) {
50 $wgOut->showUnexpectedValueError( 'oldimage', htmlspecialchars( $this->oldimage ) );
51 return;
52 }
53
54 if( !$this->haveDeletableFile() ) {
55 $wgOut->addHtml( $this->prepareMessage( 'filedelete-nofile' ) );
56 $wgOut->addReturnTo( $this->title );
57 return;
58 }
59
60 // Don't allow accidental deletion of a single file revision
61 // if this is, in fact, the current revision; things might break
62 if( $this->oldimage && $this->file->getTimestamp() == $this->getTimestamp() ) {
63 $wgOut->addHtml( wfMsgExt( 'filedelete-iscurrent', 'parse' ) );
64 $wgOut->addReturnTo( $this->title );
65 return;
66 }
67
68 // Perform the deletion if appropriate
69 if( $wgRequest->wasPosted() && $wgUser->matchEditToken( $token, $this->oldimage ) ) {
70 $comment = $wgRequest->getText( 'wpComment' );
71 if( $this->oldimage ) {
72 $status = $this->file->deleteOld( $this->oldimage, $comment );
73 if( $status->ok ) {
74 // Need to do a log item
75 $log = new LogPage( 'delete' );
76 $log->addEntry( 'delete', $this->title, wfMsg( 'deletedrevision' , $this->oldimage ) );
77 }
78 } else {
79 $status = $this->file->delete( $comment );
80 if( $status->ok ) {
81 // Need to delete the associated article
82 $article = new Article( $this->title );
83 $article->doDeleteArticle( $comment );
84 }
85 }
86 if( !$status->isGood() )
87 $wgOut->addWikiText( $status->getWikiText( 'filedeleteerror-short', 'filedeleteerror-long' ) );
88 if( $status->ok ) {
89 $wgOut->addHtml( $this->prepareMessage( 'filedelete-success' ) );
90 // Return to the main page if we just deleted all versions of the
91 // file, otherwise go back to the description page
92 $wgOut->addReturnTo( $this->oldimage ? $this->title : Title::newMainPage() );
93 }
94 return;
95 }
96
97 // Show the form
98 $this->showForm();
99 }
100
101 /**
102 * Show the confirmation form
103 */
104 private function showForm() {
105 global $wgOut, $wgUser;
106
107 $form = Xml::openElement( 'form', array( 'method' => 'post', 'action' => $this->getAction() ) );
108 $form .= Xml::hidden( 'wpEditToken', $wgUser->editToken( $this->oldimage ) );
109 $form .= '<fieldset><legend>' . wfMsgHtml( 'filedelete-legend' ) . '</legend>';
110 $form .= $this->prepareMessage( 'filedelete-intro' );
111
112 $form .= '<p>' . Xml::inputLabel( wfMsg( 'filedelete-comment' ), 'wpComment', 'wpComment', 60 ) . '</p>';
113 $form .= '<p>' . Xml::submitButton( wfMsg( 'filedelete-submit' ) ) . '</p>';
114 $form .= '</fieldset>';
115 $form .= '</form>';
116
117 $wgOut->addHtml( $form );
118 }
119
120 /**
121 * Prepare a message referring to the file being deleted,
122 * showing an appropriate message depending upon whether
123 * it's a current file or an old version
124 *
125 * @param string $message Message base
126 * @return string
127 */
128 private function prepareMessage( $message ) {
129 global $wgLang, $wgServer;
130 if( $this->oldimage ) {
131 return wfMsgExt(
132 "{$message}-old",
133 'parse',
134 $this->title->getText(),
135 $wgLang->date( $this->getTimestamp() ),
136 $wgLang->time( $this->getTimestamp() ),
137 $wgServer . $this->file->getArchiveUrl( $this->oldimage )
138 );
139 } else {
140 return wfMsgExt(
141 $message,
142 'parse',
143 $this->title->getText()
144 );
145 }
146 }
147
148 /**
149 * Set headers, titles and other bits
150 */
151 private function setHeaders() {
152 global $wgOut;
153 $wgOut->setPageTitle( wfMsg( 'filedelete', $this->title->getText() ) );
154 $wgOut->setRobotPolicy( 'noindex,nofollow' );
155 }
156
157 /**
158 * Is the provided `oldimage` value valid?
159 *
160 * @return bool
161 */
162 private function isValidOldSpec() {
163 return strlen( $this->oldimage ) >= 16
164 && strpos( $this->oldimage, '/' ) === false
165 && strpos( $this->oldimage, '\\' ) === false;
166 }
167
168 /**
169 * Could we delete the file specified? If an `oldimage`
170 * value was provided, does it correspond to an
171 * existing, local, old version of this file?
172 *
173 * @return bool
174 */
175 private function haveDeletableFile() {
176 $file = wfFindFile( $this->title, $this->oldimage );
177 return $file && $file->exists() && $file->isLocal();
178 }
179
180 /**
181 * Prepare the form action
182 *
183 * @return string
184 */
185 private function getAction() {
186 $q = array();
187 $q[] = 'action=delete';
188 if( $this->oldimage )
189 $q[] = 'oldimage=' . urlencode( $this->oldimage );
190 return $this->title->getLocalUrl( implode( '&', $q ) );
191 }
192
193 /**
194 * Extract the timestamp of the old version
195 *
196 * @return string
197 */
198 private function getTimestamp() {
199 return substr( $this->oldimage, 0, 14 );
200 }
201
202 }
Wiklou, le Wiki du Wiklou