* Handle ajax requests and send them to the proper handler.
*/
-if ( !( defined( 'MEDIAWIKI' ) && $wgUseAjax ) ) {
- die( 1 );
-}
-
-require_once( 'AjaxFunctions.php' );
-
/**
* Object-Oriented Ajax functions.
* @ingroup Ajax
* request.
*/
function performAction() {
- global $wgAjaxExportList, $wgOut;
+ global $wgAjaxExportList, $wgOut, $wgUser;
if ( empty( $this->mode ) ) {
return;
'Bad Request',
"unknown function " . (string) $this->func_name
);
+ } elseif ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true )
+ && !$wgUser->isAllowed( 'read' ) )
+ {
+ wfHttpError(
+ 403,
+ 'Forbidden',
+ 'You must log in to view pages.' );
} else {
wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" );
}
}
- wfProfileOut( __METHOD__ );
$wgOut = null;
+ wfProfileOut( __METHOD__ );
}
}