dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
API: Security update - deleted rev/rc/log entries are no longer shown.
[lhc/web/wiklou.git] / includes / api / ApiQueryRecentChanges.php
1 <?php
2
3 /*
4 * Created on Oct 19, 2006
5 *
6 * API for MediaWiki 1.8+
7 *
8 * Copyright (C) 2006 Yuri Astrakhan <Firstname><Lastname>@gmail.com
9 *
10 * This program is free software; you can redistribute it and/or modify
11 * it under the terms of the GNU General Public License as published by
12 * the Free Software Foundation; either version 2 of the License, or
13 * (at your option) any later version.
14 *
15 * This program is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
18 * GNU General Public License for more details.
19 *
20 * You should have received a copy of the GNU General Public License along
21 * with this program; if not, write to the Free Software Foundation, Inc.,
22 * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
23 * http://www.gnu.org/copyleft/gpl.html
24 */
25
26 if (!defined('MEDIAWIKI')) {
27 // Eclipse helper - will be ignored in production
28 require_once ('ApiQueryBase.php');
29 }
30
31 /**
32 * A query action to enumerate the recent changes that were done to the wiki.
33 * Various filters are supported.
34 *
35 * @addtogroup API
36 */
37 class ApiQueryRecentChanges extends ApiQueryBase {
38
39 public function __construct($query, $moduleName) {
40 parent :: __construct($query, $moduleName, 'rc');
41 }
42
43 private $fld_comment = false, $fld_user = false, $fld_flags = false,
44 $fld_timestamp = false, $fld_title = false, $fld_ids = false,
45 $fld_sizes = false;
46
47 public function execute() {
48 $limit = $prop = $namespace = $show = $dir = $start = $end = null;
49 extract($this->extractRequestParams());
50
51 $this->addTables('recentchanges');
52 $this->addWhereRange('rc_timestamp', $dir, $start, $end);
53 $this->addWhereFld('rc_namespace', $namespace);
54 $this->addWhereFld('rc_deleted', 0);
55
56 if (!is_null($show)) {
57 $show = array_flip($show);
58 if ((isset ($show['minor']) && isset ($show['!minor'])) || (isset ($show['bot']) && isset ($show['!bot'])) || (isset ($show['anon']) && isset ($show['!anon'])))
59 $this->dieUsage("Incorrect parameter - mutually exclusive values may not be supplied", 'show');
60
61 $this->addWhereIf('rc_minor = 0', isset ($show['!minor']));
62 $this->addWhereIf('rc_minor != 0', isset ($show['minor']));
63 $this->addWhereIf('rc_bot = 0', isset ($show['!bot']));
64 $this->addWhereIf('rc_bot != 0', isset ($show['bot']));
65 $this->addWhereIf('rc_user = 0', isset ($show['anon']));
66 $this->addWhereIf('rc_user != 0', isset ($show['!anon']));
67 }
68
69 $this->addFields(array (
70 'rc_timestamp',
71 'rc_namespace',
72 'rc_title',
73 'rc_type',
74 'rc_moved_to_ns',
75 'rc_moved_to_title'
76 ));
77
78 if (!is_null($prop)) {
79 $prop = array_flip($prop);
80
81 $this->fld_comment = isset ($prop['comment']);
82 $this->fld_user = isset ($prop['user']);
83 $this->fld_flags = isset ($prop['flags']);
84 $this->fld_timestamp = isset ($prop['timestamp']);
85 $this->fld_title = isset ($prop['title']);
86 $this->fld_ids = isset ($prop['ids']);
87 $this->fld_sizes = isset ($prop['sizes']);
88
89 $this->addFieldsIf('rc_cur_id', $this->fld_ids);
90 $this->addFieldsIf('rc_this_oldid', $this->fld_ids);
91 $this->addFieldsIf('rc_last_oldid', $this->fld_ids);
92 $this->addFieldsIf('rc_comment', $this->fld_comment);
93 $this->addFieldsIf('rc_user', $this->fld_user);
94 $this->addFieldsIf('rc_user_text', $this->fld_user);
95 $this->addFieldsIf('rc_minor', $this->fld_flags);
96 $this->addFieldsIf('rc_bot', $this->fld_flags);
97 $this->addFieldsIf('rc_new', $this->fld_flags);
98 $this->addFieldsIf('rc_old_len', $this->fld_sizes);
99 $this->addFieldsIf('rc_new_len', $this->fld_sizes);
100 }
101
102 $this->addOption('LIMIT', $limit +1);
103 $this->addOption('USE INDEX', 'rc_timestamp');
104
105 $data = array ();
106 $count = 0;
107 $db = $this->getDB();
108 $res = $this->select(__METHOD__);
109
110 while ($row = $db->fetchObject($res)) {
111 if (++ $count > $limit) {
112 // We've reached the one extra which shows that there are additional pages to be had. Stop here...
113 $this->setContinueEnumParameter('start', $row->rc_timestamp);
114 break;
115 }
116
117 $vals = $this->extractRowInfo($row);
118 if($vals)
119 $data[] = $vals;
120 }
121 $db->freeResult($res);
122
123 $result = $this->getResult();
124 $result->setIndexedTagName($data, 'rc');
125 $result->addValue('query', $this->getModuleName(), $data);
126 }
127
128 /**
129 * Security overview: As implemented, any change to a restricted page (userCanRead() == false)
130 * is hidden from the client, except when a page is being moved to a non-restricted name,
131 * or when a non-restricted becomes restricted. When shown, all other fields are shown as well.
132 */
133 private function extractRowInfo($row) {
134 $title = Title :: makeTitle($row->rc_namespace, $row->rc_title);
135 $movedToTitle = false;
136 if (!empty($row->rc_moved_to_title))
137 $movedToTitle = Title :: makeTitle($row->rc_moved_to_ns, $row->rc_moved_to_title);
138
139 // If either this is an edit of a restricted page,
140 // or a move where both to and from names are restricted, skip
141 if (!$title->userCanRead() && (!$movedToTitle ||
142 ($movedToTitle && !$movedToTitle->userCanRead())))
143 return false;
144
145 $vals = array ();
146
147 $vals['type'] = intval($row->rc_type);
148
149 if ($this->fld_title) {
150 ApiQueryBase :: addTitleInfo($vals, $title);
151 if ($movedToTitle)
152 ApiQueryBase :: addTitleInfo($vals, $movedToTitle, false, "new_");
153 }
154
155 if ($this->fld_ids) {
156 $vals['pageid'] = intval($row->rc_cur_id);
157 $vals['revid'] = intval($row->rc_this_oldid);
158 $vals['old_revid'] = intval( $row->rc_last_oldid );
159 }
160
161 if ($this->fld_user) {
162 $vals['user'] = $row->rc_user_text;
163 if(!$row->rc_user)
164 $vals['anon'] = '';
165 }
166
167 if ($this->fld_flags) {
168 if ($row->rc_bot)
169 $vals['bot'] = '';
170 if ($row->rc_new)
171 $vals['new'] = '';
172 if ($row->rc_minor)
173 $vals['minor'] = '';
174 }
175
176 if ($this->fld_sizes) {
177 $vals['oldlen'] = intval($row->rc_old_len);
178 $vals['newlen'] = intval($row->rc_new_len);
179 }
180
181 if ($this->fld_timestamp)
182 $vals['timestamp'] = wfTimestamp(TS_ISO_8601, $row->rc_timestamp);
183
184 if ($this->fld_comment && !empty ($row->rc_comment)) {
185 $vals['comment'] = $row->rc_comment;
186 }
187
188 return $vals;
189 }
190
191 protected function getAllowedParams() {
192 return array (
193 'start' => array (
194 ApiBase :: PARAM_TYPE => 'timestamp'
195 ),
196 'end' => array (
197 ApiBase :: PARAM_TYPE => 'timestamp'
198 ),
199 'dir' => array (
200 ApiBase :: PARAM_DFLT => 'older',
201 ApiBase :: PARAM_TYPE => array (
202 'newer',
203 'older'
204 )
205 ),
206 'namespace' => array (
207 ApiBase :: PARAM_ISMULTI => true,
208 ApiBase :: PARAM_TYPE => 'namespace'
209 ),
210 'prop' => array (
211 ApiBase :: PARAM_ISMULTI => true,
212 ApiBase :: PARAM_DFLT => 'title|timestamp|ids',
213 ApiBase :: PARAM_TYPE => array (
214 'user',
215 'comment',
216 'flags',
217 'timestamp',
218 'title',
219 'ids',
220 'sizes'
221 )
222 ),
223 'show' => array (
224 ApiBase :: PARAM_ISMULTI => true,
225 ApiBase :: PARAM_TYPE => array (
226 'minor',
227 '!minor',
228 'bot',
229 '!bot',
230 'anon',
231 '!anon'
232 )
233 ),
234 'limit' => array (
235 ApiBase :: PARAM_DFLT => 10,
236 ApiBase :: PARAM_TYPE => 'limit',
237 ApiBase :: PARAM_MIN => 1,
238 ApiBase :: PARAM_MAX => ApiBase :: LIMIT_BIG1,
239 ApiBase :: PARAM_MAX2 => ApiBase :: LIMIT_BIG2
240 )
241 );
242 }
243
244 protected function getParamDescription() {
245 return array (
246 'start' => 'The timestamp to start enumerating from.',
247 'end' => 'The timestamp to end enumerating.',
248 'dir' => 'In which direction to enumerate.',
249 'namespace' => 'Filter log entries to only this namespace(s)',
250 'prop' => 'Include additional pieces of information',
251 'show' => array (
252 'Show only items that meet this criteria.',
253 'For example, to see only minor edits done by logged-in users, set show=minor|!anon'
254 ),
255 'limit' => 'How many total pages to return.'
256 );
257 }
258
259 protected function getDescription() {
260 return 'Enumerate recent changes';
261 }
262
263 protected function getExamples() {
264 return array (
265 'api.php?action=query&list=recentchanges'
266 );
267 }
268
269 public function getVersion() {
270 return __CLASS__ . ': $Id$';
271 }
272 }
273 ?>
Wiklou, le Wiki du Wiklou