dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
* Recognize Special:Search consistently so read whitelist works
[lhc/web/wiklou.git] / index.php
1 <?php
2 /**
3 * Main wiki script; see docs/design.txt
4 * @package MediaWiki
5 */
6
7 $wgRequestTime = microtime();
8
9 unset( $IP );
10 @ini_set( 'allow_url_fopen', 0 ); # For security...
11
12 if ( isset( $_REQUEST['GLOBALS'] ) ) {
13 die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
14 }
15
16 # Valid web server entry point, enable includes.
17 # Please don't move this line to includes/Defines.php. This line essentially defines
18 # a valid entry point. If you put it in includes/Defines.php, then any script that includes
19 # it becomes an entry point, thereby defeating its purpose.
20 define( 'MEDIAWIKI', true );
21 require_once( './includes/Defines.php' );
22
23 if( !file_exists( 'LocalSettings.php' ) ) {
24 $IP = "." ;
25 require_once( 'includes/DefaultSettings.php' ); # used for printing the version
26 ?>
27 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
28 <html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en' lang='en'>
29 <head>
30 <title>MediaWiki <?php echo $wgVersion ?></title>
31 <meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
32 <style type='text/css' media='screen, projection'>
33 html, body {
34 color: #000;
35 background-color: #fff;
36 font-family: sans-serif;
37 text-align: center;
38 }
39
40 h1 {
41 font-size: 150%;
42 }
43 </style>
44 </head>
45 <body>
46 <img src='skins/common/images/mediawiki.png' alt='The MediaWiki logo' />
47
48 <h1>MediaWiki <?php echo $wgVersion ?></h1>
49 <div class='error'>
50 <?php
51 if ( file_exists( 'config/LocalSettings.php' ) ) {
52 echo( "To complete the installation, move <tt>config/LocalSettings.php</tt> to the parent directory." );
53 } else {
54 echo( "Please <a href='config/index.php' title='setup'>setup the wiki</a> first." );
55 }
56 ?>
57
58 </div>
59 </body>
60 </html>
61 <?php
62 die();
63 }
64
65 require_once( './LocalSettings.php' );
66 require_once( 'includes/Setup.php' );
67
68 wfProfileIn( 'main-misc-setup' );
69 OutputPage::setEncodings(); # Not really used yet
70
71 # Query string fields
72 $action = $wgRequest->getVal( 'action', 'view' );
73 $title = $wgRequest->getVal( 'title' );
74
75 if ($wgRequest->getVal( 'printable' ) == 'yes') {
76 $wgOut->setPrintable();
77 }
78
79 if ( '' == $title && 'delete' != $action ) {
80 $wgTitle = Title::newFromText( wfMsgForContent( 'mainpage' ) );
81 } elseif ( $curid = $wgRequest->getInt( 'curid' ) ) {
82 # URLs like this are generated by RC, because rc_title isn't always accurate
83 $wgTitle = Title::newFromID( $curid );
84 } else {
85 $wgTitle = Title::newFromURL( $title );
86 /* check variant links so that interwiki links don't have to worry about
87 the possible different language variants
88 */
89 if( count($wgContLang->getVariants()) > 1 && !is_null($wgTitle) && $wgTitle->getArticleID() == 0 )
90 $wgContLang->findVariantLink( $title, $wgTitle );
91
92 }
93 wfProfileOut( 'main-misc-setup' );
94
95 # Debug statement for user levels
96 // print_r($wgUser);
97
98 $search = $wgRequest->getText( 'search' );
99 if( !is_null( $search ) && $search !== '' ) {
100 // Compatibility with old search URLs which didn't use Special:Search
101 // Do this above the read whitelist check for security...
102 $wgTitle = Title::makeTitle( NS_SPECIAL, 'Search' );
103 }
104
105 # If the user is not logged in, the Namespace:title of the article must be in
106 # the Read array in order for the user to see it. (We have to check here to
107 # catch special pages etc. We check again in Article::view())
108 if ( !is_null( $wgTitle ) && !$wgTitle->userCanRead() ) {
109 $wgOut->loginToUse();
110 $wgOut->output();
111 exit;
112 }
113
114 wfProfileIn( 'main-action' );
115
116 if( !$wgDisableInternalSearch && !is_null( $search ) && $search !== '' ) {
117 require_once( 'includes/SpecialSearch.php' );
118 $wgTitle = Title::makeTitle( NS_SPECIAL, 'Search' );
119 wfSpecialSearch();
120 } else if( !$wgTitle or $wgTitle->getDBkey() == '' ) {
121 $wgTitle = Title::newFromText( wfMsgForContent( 'badtitle' ) );
122 $wgOut->errorpage( 'badtitle', 'badtitletext' );
123 } else if ( $wgTitle->getInterwiki() != '' ) {
124 if( $rdfrom = $wgRequest->getVal( 'rdfrom' ) ) {
125 $url = $wgTitle->getFullURL( 'rdfrom=' . urlencode( $rdfrom ) );
126 } else {
127 $url = $wgTitle->getFullURL();
128 }
129 # Check for a redirect loop
130 if ( !preg_match( '/^' . preg_quote( $wgServer, '/' ) . '/', $url ) && $wgTitle->isLocal() ) {
131 $wgOut->redirect( $url );
132 } else {
133 $wgTitle = Title::newFromText( wfMsgForContent( 'badtitle' ) );
134 $wgOut->errorpage( 'badtitle', 'badtitletext' );
135 }
136 } else if ( ( $action == 'view' ) &&
137 (!isset( $_GET['title'] ) || $wgTitle->getPrefixedDBKey() != $_GET['title'] ) &&
138 !count( array_diff( array_keys( $_GET ), array( 'action', 'title' ) ) ) )
139 {
140 /* redirect to canonical url, make it a 301 to allow caching */
141 $wgOut->setSquidMaxage( 1200 );
142 $wgOut->redirect( $wgTitle->getFullURL(), '301');
143 } else if ( NS_SPECIAL == $wgTitle->getNamespace() ) {
144 # actions that need to be made when we have a special pages
145 SpecialPage::executePath( $wgTitle );
146 } else {
147 if ( NS_MEDIA == $wgTitle->getNamespace() ) {
148 $wgTitle = Title::makeTitle( NS_IMAGE, $wgTitle->getDBkey() );
149 }
150
151 $ns = $wgTitle->getNamespace();
152
153 // Namespace might change when using redirects
154 if($action == 'view' && !$wgRequest->getVal( 'oldid' ) ) {
155 $wgArticle = new Article( $wgTitle );
156 $rTitle = Title::newFromRedirect( $wgArticle->fetchContent() );
157 if($rTitle) {
158 # Reload from the page pointed to later
159 $wgArticle->mContentLoaded = false;
160 $ns = $rTitle->getNamespace();
161 }
162 }
163
164 // Categories and images are handled by a different class
165 if ( $ns == NS_IMAGE ) {
166 unset($wgArticle);
167 require_once( 'includes/ImagePage.php' );
168 $wgArticle = new ImagePage( $wgTitle );
169 } elseif ( $wgUseCategoryMagic && $ns == NS_CATEGORY ) {
170 unset($wgArticle);
171 require_once( 'includes/CategoryPage.php' );
172 $wgArticle = new CategoryPage( $wgTitle );
173 }
174
175 if ( in_array( $action, $wgDisabledActions ) ) {
176 $wgOut->errorpage( 'nosuchaction', 'nosuchactiontext' );
177 } else {
178 switch( $action ) {
179 case 'view':
180 $wgOut->setSquidMaxage( $wgSquidMaxage );
181 $wgArticle->view();
182 break;
183 case 'watch':
184 case 'unwatch':
185 case 'delete':
186 case 'revert':
187 case 'rollback':
188 case 'protect':
189 case 'unprotect':
190 case 'info':
191 case 'markpatrolled':
192 case 'validate':
193 case 'render':
194 case 'deletetrackback':
195 case 'purge':
196 $wgArticle->$action();
197 break;
198 case 'print':
199 $wgArticle->view();
200 break;
201 case 'dublincore':
202 if( !$wgEnableDublinCoreRdf ) {
203 wfHttpError( 403, 'Forbidden', wfMsg( 'nodublincore' ) );
204 } else {
205 require_once( 'includes/Metadata.php' );
206 wfDublinCoreRdf( $wgArticle );
207 }
208 break;
209 case 'creativecommons':
210 if( !$wgEnableCreativeCommonsRdf ) {
211 wfHttpError( 403, 'Forbidden', wfMsg('nocreativecommons') );
212 } else {
213 require_once( 'includes/Metadata.php' );
214 wfCreativeCommonsRdf( $wgArticle );
215 }
216 break;
217 case 'credits':
218 require_once( 'includes/Credits.php' );
219 showCreditsPage( $wgArticle );
220 break;
221 case 'submit':
222 if( !$wgCommandLineMode && !$wgRequest->checkSessionCookie() ) {
223 # Send a cookie so anons get talk message notifications
224 User::SetupSession();
225 }
226 # Continue...
227 case 'edit':
228 $internal = $wgRequest->getVal( 'internaledit' );
229 $external = $wgRequest->getVal( 'externaledit' );
230 $section = $wgRequest->getVal( 'section' );
231 $oldid = $wgRequest->getVal( 'oldid' );
232 if(!$wgUseExternalEditor || $action=='submit' || $internal ||
233 $section || $oldid || (!$wgUser->getOption('externaleditor') && !$external)) {
234 require_once( 'includes/EditPage.php' );
235 $editor = new EditPage( $wgArticle );
236 $editor->submit();
237 } elseif($wgUseExternalEditor && ($external || $wgUser->getOption('externaleditor'))) {
238 require_once( 'includes/ExternalEdit.php' );
239 $mode = $wgRequest->getVal( 'mode' );
240 $extedit = new ExternalEdit( $wgArticle, $mode );
241 $extedit->edit();
242 }
243 break;
244 case 'history':
245 if ($_SERVER['REQUEST_URI'] == $wgTitle->getInternalURL('action=history')) {
246 $wgOut->setSquidMaxage( $wgSquidMaxage );
247 }
248 require_once( 'includes/PageHistory.php' );
249 $history = new PageHistory( $wgArticle );
250 $history->history();
251 break;
252 case 'raw':
253 require_once( 'includes/RawPage.php' );
254 $raw = new RawPage( $wgArticle );
255 $raw->view();
256 break;
257 default:
258 if (wfRunHooks('UnknownAction', array($action, $wgArticle))) {
259 $wgOut->errorpage( 'nosuchaction', 'nosuchactiontext' );
260 }
261 }
262 }
263 }
264 wfProfileOut( 'main-action' );
265
266 # Deferred updates aren't really deferred anymore. It's important to report errors to the
267 # user, and that means doing this before OutputPage::output(). Note that for page saves,
268 # the client will wait until the script exits anyway before following the redirect.
269 wfProfileIn( 'main-updates' );
270 foreach ( $wgDeferredUpdateList as $up ) {
271 $up->doUpdate();
272 }
273 wfProfileOut( 'main-updates' );
274
275 wfProfileIn( 'main-cleanup' );
276 $wgLoadBalancer->saveMasterPos();
277
278 # Now commit any transactions, so that unreported errors after output() don't roll back the whole thing
279 $wgLoadBalancer->commitAll();
280
281 $wgOut->output();
282
283 foreach ( $wgPostCommitUpdateList as $up ) {
284 $up->doUpdate();
285 }
286
287 wfProfileOut( 'main-cleanup' );
288
289 logProfilingData();
290 $wgLoadBalancer->closeAll();
291 wfDebug( "Request ended normally\n" );
292 ?>
Wiklou, le Wiki du Wiklou