dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix dodgy uses of wfMsgHtml() and related HTML escaping
[lhc/web/wiklou.git] / includes / LogPage.php
1 <?php
2 #
3 # Copyright (C) 2002, 2004 Brion Vibber <brion@pobox.com>
4 # http://www.mediawiki.org/
5 #
6 # This program is free software; you can redistribute it and/or modify
7 # it under the terms of the GNU General Public License as published by
8 # the Free Software Foundation; either version 2 of the License, or
9 # (at your option) any later version.
10 #
11 # This program is distributed in the hope that it will be useful,
12 # but WITHOUT ANY WARRANTY; without even the implied warranty of
13 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 # GNU General Public License for more details.
15 #
16 # You should have received a copy of the GNU General Public License along
17 # with this program; if not, write to the Free Software Foundation, Inc.,
18 # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
19 # http://www.gnu.org/copyleft/gpl.html
20
21 /**
22 * Contain log classes
23 * @file
24 */
25
26 /**
27 * Class to simplify the use of log pages.
28 * The logs are now kept in a table which is easier to manage and trim
29 * than ever-growing wiki pages.
30 *
31 */
32 class LogPage {
33 const DELETED_ACTION = 1;
34 const DELETED_COMMENT = 2;
35 const DELETED_USER = 4;
36 const DELETED_RESTRICTED = 8;
37 /* @access private */
38 var $type, $action, $comment, $params, $target, $doer;
39 /* @acess public */
40 var $updateRecentChanges, $sendToUDP;
41
42 /**
43 * Constructor
44 *
45 * @param string $type One of '', 'block', 'protect', 'rights', 'delete',
46 * 'upload', 'move'
47 * @param bool $rc Whether to update recent changes as well as the logging table
48 * @param bool $udp Whether to send to the UDP feed if NOT sent to RC
49 */
50 public function __construct( $type, $rc = true, $udp = 'skipUDP' ) {
51 $this->type = $type;
52 $this->updateRecentChanges = $rc;
53 $this->sendToUDP = ($udp == 'UDP');
54 }
55
56 protected function saveContent() {
57 global $wgLogRestrictions;
58
59 $dbw = wfGetDB( DB_MASTER );
60 $log_id = $dbw->nextSequenceValue( 'log_log_id_seq' );
61
62 $this->timestamp = $now = wfTimestampNow();
63 $data = array(
64 'log_id' => $log_id,
65 'log_type' => $this->type,
66 'log_action' => $this->action,
67 'log_timestamp' => $dbw->timestamp( $now ),
68 'log_user' => $this->doer->getId(),
69 'log_user_text' => $this->doer->getName(),
70 'log_namespace' => $this->target->getNamespace(),
71 'log_title' => $this->target->getDBkey(),
72 'log_comment' => $this->comment,
73 'log_params' => $this->params
74 );
75 $dbw->insert( 'logging', $data, __METHOD__ );
76 $newId = !is_null($log_id) ? $log_id : $dbw->insertId();
77
78 # And update recentchanges
79 if( $this->updateRecentChanges ) {
80 $titleObj = SpecialPage::getTitleFor( 'Log', $this->type );
81 RecentChange::notifyLog( $now, $titleObj, $this->doer, $this->getRcComment(), '', $this->type,
82 $this->action, $this->target, $this->comment, $this->params, $newId );
83 } else if( $this->sendToUDP ) {
84 # Don't send private logs to UDP
85 if( isset($wgLogRestrictions[$this->type]) && $wgLogRestrictions[$this->type] !='*' ) {
86 return true;
87 }
88 # Notify external application via UDP.
89 # We send this to IRC but do not want to add it the RC table.
90 $titleObj = SpecialPage::getTitleFor( 'Log', $this->type );
91 $rc = RecentChange::newLogEntry( $now, $titleObj, $this->doer, $this->getRcComment(), '',
92 $this->type, $this->action, $this->target, $this->comment, $this->params, $newId );
93 $rc->notifyRC2UDP();
94 }
95 return $newId;
96 }
97
98 /**
99 * Get the RC comment from the last addEntry() call
100 */
101 public function getRcComment() {
102 $rcComment = $this->actionText;
103 if( '' != $this->comment ) {
104 if ($rcComment == '')
105 $rcComment = $this->comment;
106 else
107 $rcComment .= wfMsgForContent( 'colon-separator' ) . $this->comment;
108 }
109 return $rcComment;
110 }
111
112 /**
113 * Get the comment from the last addEntry() call
114 */
115 public function getComment() {
116 return $this->comment;
117 }
118
119 /**
120 * @static
121 */
122 public static function validTypes() {
123 global $wgLogTypes;
124 return $wgLogTypes;
125 }
126
127 /**
128 * @static
129 */
130 public static function isLogType( $type ) {
131 return in_array( $type, LogPage::validTypes() );
132 }
133
134 /**
135 * @static
136 */
137 public static function logName( $type ) {
138 global $wgLogNames, $wgMessageCache;
139
140 if( isset( $wgLogNames[$type] ) ) {
141 $wgMessageCache->loadAllMessages();
142 return str_replace( '_', ' ', wfMsg( $wgLogNames[$type] ) );
143 } else {
144 // Bogus log types? Perhaps an extension was removed.
145 return $type;
146 }
147 }
148
149 /**
150 * @todo handle missing log types
151 * @param string $type logtype
152 * @return string Headertext of this logtype
153 */
154 public static function logHeader( $type ) {
155 global $wgLogHeaders, $wgMessageCache;
156 $wgMessageCache->loadAllMessages();
157 return wfMsgExt($wgLogHeaders[$type],array('parseinline'));
158 }
159
160 /**
161 * @static
162 * @return HTML string
163 */
164 public static function actionText( $type, $action, $title = NULL, $skin = NULL,
165 $params = array(), $filterWikilinks = false )
166 {
167 global $wgLang, $wgContLang, $wgLogActions, $wgMessageCache;
168
169 $wgMessageCache->loadAllMessages();
170 $key = "$type/$action";
171 # Defer patrol log to PatrolLog class
172 if( $key == 'patrol/patrol' ) {
173 return PatrolLog::makeActionText( $title, $params, $skin );
174 }
175 if( isset( $wgLogActions[$key] ) ) {
176 if( is_null( $title ) ) {
177 $rv = wfMsgHtml( $wgLogActions[$key] );
178 } else {
179 $titleLink = self::getTitleLink( $type, $skin, $title, $params );
180 if( $key == 'rights/rights' ) {
181 if( $skin ) {
182 $rightsnone = wfMsg( 'rightsnone' );
183 foreach ( $params as &$param ) {
184 $groupArray = array_map( 'trim', explode( ',', $param ) );
185 $groupArray = array_map( array( 'User', 'getGroupName' ), $groupArray );
186 $param = $wgLang->listToText( $groupArray );
187 }
188 } else {
189 $rightsnone = wfMsgForContent( 'rightsnone' );
190 }
191 if( !isset( $params[0] ) || trim( $params[0] ) == '' )
192 $params[0] = $rightsnone;
193 if( !isset( $params[1] ) || trim( $params[1] ) == '' )
194 $params[1] = $rightsnone;
195 }
196 if( count( $params ) == 0 ) {
197 if ( $skin ) {
198 $rv = wfMsgHtml( $wgLogActions[$key], $titleLink );
199 } else {
200 $rv = wfMsgExt( $wgLogActions[$key], array( 'parsemag', 'escape', 'replaceafter', 'content' ), $titleLink );
201 }
202 } else {
203 $details = '';
204 array_unshift( $params, $titleLink );
205 // User suppression
206 if ( preg_match( '/^(block|suppress)\/(block|reblock)$/', $key ) ) {
207 if ( $skin ) {
208 $params[1] = '<span title="' . htmlspecialchars( $params[1] ). '">' .
209 $wgLang->translateBlockExpiry( $params[1] ) . '</span>';
210 } else {
211 $params[1] = $wgContLang->translateBlockExpiry( $params[1] );
212 }
213 $params[2] = isset( $params[2] ) ?
214 self::formatBlockFlags( $params[2], is_null( $skin ) ) : '';
215 // Page protections
216 } else if ( $type == 'protect' && count($params) == 3 ) {
217 if( $params[2] ) {
218 if ( $skin ) {
219 $details .= htmlspecialchars( " {$params[1]}" ); // restrictions and expiries
220 $details .= ' ['.wfMsg('protect-summary-cascade').']';
221 } else {
222 $details .= " {$params[1]}";
223 $details .= ' ['.wfMsgForContent('protect-summary-cascade').']';
224 }
225 }
226 // Page moves
227 } else if ( $type == 'move' && count( $params ) == 3 ) {
228 if( $params[2] ) {
229 if ( $skin ) {
230 $details .= ' [' . wfMsg( 'move-redirect-suppressed' ) . ']';
231 } else {
232 $details .= ' [' . wfMsgForContent( 'move-redirect-suppressed' ) . ']';
233 }
234 }
235 // Revision deletion
236 } else if ( preg_match( '/^(delete|suppress)\/revision$/', $key ) && count( $params ) == 5 ) {
237 $count = substr_count( $params[2], ',' ) + 1; // revisions
238 $ofield = intval( substr( $params[3], 7 ) ); // <ofield=x>
239 $nfield = intval( substr( $params[4], 7 ) ); // <nfield=x>
240 $details .= ': '.RevisionDeleter::getLogMessage( $count, $nfield, $ofield, false );
241 // Log deletion
242 } else if ( preg_match( '/^(delete|suppress)\/event$/', $key ) && count( $params ) == 4 ) {
243 $count = substr_count( $params[1], ',' ) + 1; // log items
244 $ofield = intval( substr( $params[2], 7 ) ); // <ofield=x>
245 $nfield = intval( substr( $params[3], 7 ) ); // <nfield=x>
246 $details .= ': '.RevisionDeleter::getLogMessage( $count, $nfield, $ofield, true );
247 }
248 if ( $skin ) {
249 $rv = htmlspecialchars( wfMsg( $wgLogActions[$key], $params ) ) . $details;
250 } else {
251 $rv = wfMsgExt( $wgLogActions[$key], array( 'parsemag', 'escape', 'replaceafter', 'content' ), $params ) . $details;
252 }
253 }
254 }
255 } else {
256 global $wgLogActionsHandlers;
257 if( isset( $wgLogActionsHandlers[$key] ) ) {
258 $args = func_get_args();
259 $rv = call_user_func_array( $wgLogActionsHandlers[$key], $args );
260 } else {
261 wfDebug( "LogPage::actionText - unknown action $key\n" );
262 $rv = "$action";
263 }
264 }
265
266 // For the perplexed, this feature was added in r7855 by Erik.
267 // The feature was added because we liked adding [[$1]] in our log entries
268 // but the log entries are parsed as Wikitext on RecentChanges but as HTML
269 // on Special:Log. The hack is essentially that [[$1]] represented a link
270 // to the title in question. The first parameter to the HTML version (Special:Log)
271 // is that link in HTML form, and so this just gets rid of the ugly [[]].
272 // However, this is a horrible hack and it doesn't work like you expect if, say,
273 // you want to link to something OTHER than the title of the log entry.
274 // The real problem, which Erik was trying to fix (and it sort-of works now) is
275 // that the same messages are being treated as both wikitext *and* HTML.
276 if( $filterWikilinks ) {
277 $rv = str_replace( "[[", "", $rv );
278 $rv = str_replace( "]]", "", $rv );
279 }
280 return $rv;
281 }
282
283 protected static function getTitleLink( $type, $skin, $title, &$params ) {
284 global $wgLang, $wgContLang;
285 if( !$skin ) {
286 return $title->getPrefixedText();
287 }
288 switch( $type ) {
289 case 'move':
290 $titleLink = $skin->link(
291 $title,
292 htmlspecialchars( $title->getPrefixedText() ),
293 array(),
294 array( 'redirect' => 'no' )
295 );
296 $targetTitle = Title::newFromText( $params[0] );
297 if ( !$targetTitle ) {
298 # Workaround for broken database
299 $params[0] = htmlspecialchars( $params[0] );
300 } else {
301 $params[0] = $skin->link(
302 $targetTitle,
303 htmlspecialchars( $params[0] )
304 );
305 }
306 break;
307 case 'block':
308 if( substr( $title->getText(), 0, 1 ) == '#' ) {
309 $titleLink = $title->getText();
310 } else {
311 // TODO: Store the user identifier in the parameters
312 // to make this faster for future log entries
313 $id = User::idFromName( $title->getText() );
314 $titleLink = $skin->userLink( $id, $title->getText() )
315 . $skin->userToolLinks( $id, $title->getText(), false, Linker::TOOL_LINKS_NOBLOCK );
316 }
317 break;
318 case 'rights':
319 $text = $wgContLang->ucfirst( $title->getText() );
320 $titleLink = $skin->link( Title::makeTitle( NS_USER, $text ) );
321 break;
322 case 'merge':
323 $titleLink = $skin->link(
324 $title,
325 $title->getPrefixedText(),
326 array(),
327 array( 'redirect' => 'no' )
328 );
329 $params[0] = $skin->link(
330 Title::newFromText( $params[0] ),
331 htmlspecialchars( $params[0] )
332 );
333 $params[1] = $wgLang->timeanddate( $params[1] );
334 break;
335 default:
336 if( $title->getNamespace() == NS_SPECIAL ) {
337 list( $name, $par ) = SpecialPage::resolveAliasWithSubpage( $title->getDBkey() );
338 # Use the language name for log titles, rather than Log/X
339 if( $name == 'Log' ) {
340 $titleLink = '('.$skin->link( $title, LogPage::logName( $par ) ).')';
341 } else {
342 $titleLink = $skin->link( $title );
343 }
344 } else {
345 $titleLink = $skin->link( $title );
346 }
347 }
348 return $titleLink;
349 }
350
351 /**
352 * Add a log entry
353 * @param string $action one of '', 'block', 'protect', 'rights', 'delete', 'upload', 'move', 'move_redir'
354 * @param object &$target A title object.
355 * @param string $comment Description associated
356 * @param array $params Parameters passed later to wfMsg.* functions
357 * @param User $doer The user doing the action
358 */
359 public function addEntry( $action, $target, $comment, $params = array(), $doer = null ) {
360 if ( !is_array( $params ) ) {
361 $params = array( $params );
362 }
363
364 $this->action = $action;
365 $this->target = $target;
366 $this->comment = $comment;
367 $this->params = LogPage::makeParamBlob( $params );
368
369 if ($doer === null) {
370 global $wgUser;
371 $doer = $wgUser;
372 } elseif (!is_object( $doer ) ) {
373 $doer = User::newFromId( $doer );
374 }
375
376 $this->doer = $doer;
377
378 $this->actionText = LogPage::actionText( $this->type, $action, $target, NULL, $params );
379
380 return $this->saveContent();
381 }
382
383 /**
384 * Add relations to log_search table
385 * @static
386 */
387 public function addRelations( $field, $values, $logid ) {
388 if( !strlen($field) || empty($values) )
389 return false; // nothing
390 $data = array();
391 foreach( $values as $value ) {
392 $data[] = array('ls_field' => $field,'ls_value' => $value,'ls_log_id' => $logid);
393 }
394 $dbw = wfGetDB( DB_MASTER );
395 $dbw->insert( 'log_search', $data, __METHOD__, 'IGNORE' );
396 return true;
397 }
398
399 /**
400 * Create a blob from a parameter array
401 * @static
402 */
403 public static function makeParamBlob( $params ) {
404 return implode( "\n", $params );
405 }
406
407 /**
408 * Extract a parameter array from a blob
409 * @static
410 */
411 public static function extractParams( $blob ) {
412 if ( $blob === '' ) {
413 return array();
414 } else {
415 return explode( "\n", $blob );
416 }
417 }
418
419 /**
420 * Convert a comma-delimited list of block log flags
421 * into a more readable (and translated) form
422 *
423 * @param $flags Flags to format
424 * @param $forContent Whether to localize the message depending of the user
425 * language
426 * @return string
427 */
428 public static function formatBlockFlags( $flags, $forContent = false ) {
429 global $wgLang;
430
431 $flags = explode( ',', trim( $flags ) );
432 if( count( $flags ) > 0 ) {
433 for( $i = 0; $i < count( $flags ); $i++ )
434 $flags[$i] = self::formatBlockFlag( $flags[$i], $forContent );
435 return '(' . $wgLang->commaList( $flags ) . ')';
436 } else {
437 return '';
438 }
439 }
440
441 /**
442 * Translate a block log flag if possible
443 *
444 * @param $flag Flag to translate
445 * @param $forContent Whether to localize the message depending of the user
446 * language
447 * @return string
448 */
449 public static function formatBlockFlag( $flag, $forContent = false ) {
450 static $messages = array();
451 if( !isset( $messages[$flag] ) ) {
452 $k = 'block-log-flags-' . $flag;
453 if( $forContent )
454 $msg = wfMsgForContent( $k );
455 else
456 $msg = wfMsg( $k );
457 $messages[$flag] = htmlspecialchars( wfEmptyMsg( $k, $msg ) ? $flag : $msg );
458 }
459 return $messages[$flag];
460 }
461 }
462
463 /**
464 * Aliases for backwards compatibility with 1.6
465 */
466 define( 'MW_LOG_DELETED_ACTION', LogPage::DELETED_ACTION );
467 define( 'MW_LOG_DELETED_USER', LogPage::DELETED_USER );
468 define( 'MW_LOG_DELETED_COMMENT', LogPage::DELETED_COMMENT );
469 define( 'MW_LOG_DELETED_RESTRICTED', LogPage::DELETED_RESTRICTED );
Wiklou, le Wiki du Wiklou