* Handle ajax requests and send them to the proper handler.
*/
-if ( !( defined( 'MEDIAWIKI' ) && $wgUseAjax ) ) {
- die( 1 );
-}
-
-require_once( 'AjaxFunctions.php' );
-
/**
* Object-Oriented Ajax functions.
* @ingroup Ajax
*/
class AjaxDispatcher {
+ /** The way the request was made, either a 'get' or a 'post' */
+ private $mode;
+
/** Name of the requested handler */
- private $func_name = null;
+ private $func_name;
/** Arguments passed */
- private $args = array();
+ private $args;
/** Load up our object with user supplied data */
- public function __construct( WebRequest $req ) {
+ function __construct() {
wfProfileIn( __METHOD__ );
- $rs = $req->getVal( 'rs' );
- if( $rs !== null ) {
- $this->func_name = $rs;
+ $this->mode = "";
+
+ if ( ! empty( $_GET["rs"] ) ) {
+ $this->mode = "get";
}
- $rsargs = $req->getVal( 'rsargs' );
- if( $rsargs !== null ) {
- $this->args = $rsargs;
+
+ if ( !empty( $_POST["rs"] ) ) {
+ $this->mode = "post";
+ }
+
+ switch( $this->mode ) {
+ case 'get':
+ $this->func_name = isset( $_GET["rs"] ) ? $_GET["rs"] : '';
+ if ( ! empty( $_GET["rsargs"] ) ) {
+ $this->args = $_GET["rsargs"];
+ } else {
+ $this->args = array();
+ }
+ break;
+ case 'post':
+ $this->func_name = isset( $_POST["rs"] ) ? $_POST["rs"] : '';
+ if ( ! empty( $_POST["rsargs"] ) ) {
+ $this->args = $_POST["rsargs"];
+ } else {
+ $this->args = array();
+ }
+ break;
+ default:
+ wfProfileOut( __METHOD__ );
+ return;
+ # Or we could throw an exception:
+ # throw new MWException( __METHOD__ . ' called without any data (mode empty).' );
}
wfProfileOut( __METHOD__ );
* request.
*/
function performAction() {
- global $wgAjaxExportList, $wgOut;
+ global $wgAjaxExportList, $wgOut, $wgUser;
- if ( is_null( $this->func_name ) ) {
+ if ( empty( $this->mode ) ) {
return;
}
'Bad Request',
"unknown function " . (string) $this->func_name
);
+ } elseif ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true )
+ && !$wgUser->isAllowed( 'read' ) )
+ {
+ wfHttpError(
+ 403,
+ 'Forbidden',
+ 'You must log in to view pages.' );
} else {
wfDebug( __METHOD__ . ' dispatching ' . $this->func_name . "\n" );
}
}
- wfProfileOut( __METHOD__ );
$wgOut = null;
+ wfProfileOut( __METHOD__ );
}
}
dépôts / lhc / web / wiklou.git / blobdiff