Merge "Added new MWTimestamp::getRelativeTimestamp for pure relative."

[lhc/web/wiklou.git] / includes / WebRequest.php

diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index dbd0740..23eee04 100644 (file)
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -568,6 +568,44 @@ class WebRequest {
                return $_GET;
        }
 
+       /**
+        * Return the contents of the Query with no decoding. Use when you need to
+        * know exactly what was sent, e.g. for an OAuth signature over the elements.
+        *
+        * @return String
+        */
+       public function getRawQueryString() {
+               return $_SERVER['QUERY_STRING'];
+       }
+
+       /**
+        * Return the contents of the POST with no decoding. Use when you need to
+        * know exactly what was sent, e.g. for an OAuth signature over the elements.
+        *
+        * @return String
+        */
+       public function getRawPostString() {
+               if ( !$this->wasPosted() ) {
+                       return '';
+               }
+               return $this->getRawInput();
+       }
+
+       /**
+        * Return the raw request body, with no processing. Cached since some methods
+        * disallow reading the stream more than once. As stated in the php docs, this
+        * does not work with enctype="multipart/form-data".
+        *
+        * @return String
+        */
+       public function getRawInput() {
+               static $input = false;
+               if ( $input === false ) {
+                       $input = file_get_contents( 'php://input' );
+               }
+               return $input;
+       }
+
        /**
         * Get the HTTP method used for this request.
         *
@@ -843,8 +881,9 @@ class WebRequest {
                        return;
                }
 
-               if ( function_exists( 'apache_request_headers' ) ) {
-                       foreach ( apache_request_headers() as $tempName => $tempValue ) {
+               $apacheHeaders = function_exists( 'apache_request_headers' ) ? apache_request_headers() : false;
+               if ( $apacheHeaders ) {
+                       foreach ( $apacheHeaders as $tempName => $tempValue ) {
                                $this->headers[strtoupper( $tempName )] = $tempValue;
                        }
                } else {
@@ -1103,7 +1142,7 @@ HTML;
                        # unless the address is not sensible (e.g. private). However, prefer private
                        # IP addresses over proxy servers controlled by this site (more sensible).
                        foreach ( $ipchain as $i => $curIP ) {
-                               $curIP = IP::canonicalize( $curIP );
+                               $curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
                                if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) {
                                        if ( wfIsConfiguredProxy( $curIP ) || // bug 48919
                                                ( IP::isPublic( $ipchain[$i + 1] ) || $wgUsePrivateIPs )
@@ -1391,6 +1430,30 @@ class FauxRequest extends WebRequest {
                return false;
        }
 
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawQueryString() {
+               return '';
+       }
+
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawPostString() {
+               return '';
+       }
+
+       /**
+        * FauxRequests shouldn't depend on raw request data (but that could be implemented here)
+        * @return String
+        */
+       public function getRawInput() {
+               return '';
+       }
+
        /**
         * @param array $extWhitelist
         * @return bool