<?php
-/*
+/**
* Created on Aug 21, 2008
* API for MediaWiki 1.8+
*
- * Copyright (C) 2008 - 2009 Bryan Tong Minh <Bryan.TongMinh@Gmail.com>
+ * Copyright © 2008 - 2010 Bryan Tong Minh <Bryan.TongMinh@Gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
*
* You should have received a copy of the GNU General Public License along
* with this program; if not, write to the Free Software Foundation, Inc.,
- * 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
* http://www.gnu.org/copyleft/gpl.html
*/
if ( !defined( 'MEDIAWIKI' ) ) {
// Eclipse helper - will be ignored in production
- require_once("ApiBase.php");
+ require_once( "ApiBase.php" );
}
/**
public function execute() {
global $wgUser;
- $this->getMain()->isWriteMode();
+ // Check whether upload is enabled
+ if ( !UploadBase::isEnabled() ) {
+ $this->dieUsageMsg( array( 'uploaddisabled' ) );
+ }
+
+ // Parameter handling
$this->mParams = $this->extractRequestParams();
$request = $this->getMain()->getRequest();
-
- // Do token checks:
- if ( is_null( $this->mParams['token'] ) )
- $this->dieUsageMsg( array( 'missingparam', 'token' ) );
- if ( !$wgUser->matchEditToken( $this->mParams['token'] ) )
- $this->dieUsageMsg( array( 'sessionfailure' ) );
-
-
// Add the uploaded file to the params array
$this->mParams['file'] = $request->getFileName( 'file' );
- // Check whether upload is enabled
- if ( !UploadBase::isEnabled() )
- $this->dieUsageMsg( array( 'uploaddisabled' ) );
+ // Select an upload module
+ $this->selectUploadModule();
+ if ( !isset( $this->mUpload ) ) {
+ $this->dieUsage( 'No upload module set', 'nomodule' );
+ }
- // One and only one of the following parameters is needed
- $this->requireOnlyOneParameter( $this->mParams,
- 'sessionkey', 'file', 'url', 'enablechunks' );
-
- if ( $this->mParams['enablechunks'] ) {
- /**
- * Chunked upload mode
- */
+ // First check permission to upload
+ $this->checkPermissions( $wgUser );
+
+ // Fetch the file
+ $status = $this->mUpload->fetchFile();
+ if ( !$status->isGood() ) {
+ $errors = $status->getErrorsArray();
+ $error = array_shift( $errors[0] );
+ $this->dieUsage( 'Error fetching file from remote source', $error, 0, $errors[0] );
+ }
- $this->mUpload = new UploadFromChunks();
- $status = $this->mUpload->initializeFromParams( $this->mParams, $request );
+ // Check if the uploaded file is sane
+ $this->verifyUpload();
+
+ // Check permission to upload this file
+ $permErrors = $this->mUpload->verifyPermissions( $wgUser );
+ if ( $permErrors !== true ) {
+ // Todo: stash the upload and allow choosing a new name
+ $this->dieUsageMsg( array( 'badaccess-groups' ) );
+ }
- if( isset( $status['error'] ) )
- $this->dieUsageMsg( $status['error'] );
+ // Check warnings if necessary
+ $warnings = $this->checkForWarnings();
+ if ( $warnings ) {
+ $this->getResult()->addValue( null, $this->getModuleName(), $warnings );
+ } else {
+ // Perform the upload
+ $result = $this->performUpload();
+ $this->getResult()->addValue( null, $this->getModuleName(), $result );
+ }
- } elseif ( isset( $this->mParams['internalhttpsession'] ) && $this->mParams['internalhttpsession'] ) {
- $sd = & $_SESSION['wsDownload'][ $this->mParams['internalhttpsession'] ];
+ // Cleanup any temporary mess
+ $this->mUpload->cleanupTempFile();
+ }
+
+ /**
+ * Select an upload module and set it to mUpload. Dies on failure.
+ */
+ protected function selectUploadModule() {
+ $request = $this->getMain()->getRequest();
+
+ // One and only one of the following parameters is needed
+ $this->requireOnlyOneParameter( $this->mParams,
+ 'sessionkey', 'file', 'url' );
- //wfDebug("InternalHTTP:: " . print_r($this->mParams, true));
- // get the params from the init session:
- $this->mUpload = new UploadFromFile();
+ if ( $this->mParams['sessionkey'] ) {
+ // Upload stashed in a previous request
+ $sessionData = $request->getSessionData( UploadBase::getSessionKeyName() );
+ if ( !UploadFromStash::isValidSessionKey( $this->mParams['sessionkey'], $sessionData ) ) {
+ $this->dieUsageMsg( array( 'invalid-session-key' ) );
+ }
+ $this->mUpload = new UploadFromStash();
$this->mUpload->initialize( $this->mParams['filename'],
- $sd['target_file_path'],
- filesize( $sd['target_file_path'] )
- );
- } elseif ( $this->mParams['httpstatus'] && $this->mParams['sessionkey'] ) {
- /**
- * Return the status of the given background upload session_key:
- */
+ $this->mParams['sessionkey'],
+ $sessionData[$this->mParams['sessionkey']] );
- // Check the session key
- if( !isset( $_SESSION['wsDownload'][$this->mParams['sessionkey']] ) )
- return $this->dieUsageMsg( array( 'invalid-session-key' ) );
- $sd =& $_SESSION['wsDownload'][$this->mParams['sessionkey']];
- // Keep passing down the upload sessionkey
- $statusResult = array(
- 'upload_session_key' => $this->mParams['sessionkey']
- );
-
- // put values into the final apiResult if available
- if( isset( $sd['apiUploadResult'] ) )
- $statusResult['apiUploadResult'] = $sd['apiUploadResult'];
- if( isset( $sd['loaded'] ) )
- $statusResult['loaded'] = $sd['loaded'];
- if( isset( $sd['content_length'] ) )
- $statusResult['content_length'] = $sd['content_length'];
-
- return $this->getResult()->addValue( null,
- $this->getModuleName(), $statusResult );
+ } elseif ( isset( $this->mParams['file'] ) ) {
+ $this->mUpload = new UploadFromFile();
+ $this->mUpload->initialize(
+ $this->mParams['filename'],
+ $request->getUpload( 'file' )
+ );
+ } elseif ( isset( $this->mParams['url'] ) ) {
+ // Make sure upload by URL is enabled:
+ if ( !UploadFromUrl::isEnabled() ) {
+ $this->dieUsageMsg( array( 'copyuploaddisabled' ) );
+ }
- } elseif( $this->mParams['sessionkey'] ) {
- /**
- * Upload stashed in a previous request
- */
- $this->mUpload = new UploadFromStash();
- $this->mUpload->initialize( $this->mParams['filename'],
- $_SESSION['wsUploadData'][$this->mParams['sessionkey']] );
- } else {
- /**
- * Upload from url or file
- * Parameter filename is required
- */
- if ( !isset( $this->mParams['filename'] ) )
- $this->dieUsageMsg( array( 'missingparam', 'filename' ) );
-
- // Initialize $this->mUpload
- if ( isset( $this->mParams['file'] ) ) {
- $this->mUpload = new UploadFromFile();
- $this->mUpload->initialize(
- $request->getFileName( 'file' ),
- $request->getFileTempName( 'file' ),
- $request->getFileSize( 'file' )
- );
- } elseif ( isset( $this->mParams['url'] ) ) {
- $this->mUpload = new UploadFromUrl();
- $this->mUpload->initialize( $this->mParams['filename'],
- $this->mParams['url'], $this->mParams['asyncdownload'] );
-
- $status = $this->mUpload->fetchFile();
- if( !$status->isOK() ) {
- return $this->dieUsage( 'fetchfileerror', $status->getWikiText() );
- }
-
- // check if we doing a async request set session info and return the upload_session_key)
- if( $this->mUpload->isAsync() ){
- $upload_session_key = $status->value;
- // update the session with anything with the params we will need to finish up the upload later on:
- if( !isset( $_SESSION['wsDownload'][$upload_session_key] ) )
- $_SESSION['wsDownload'][$upload_session_key] = array();
-
- $sd =& $_SESSION['wsDownload'][$upload_session_key];
-
- // copy mParams for finishing up after:
- $sd['mParams'] = $this->mParams;
-
- return $this->getResult()->addValue( null, $this->getModuleName(),
- array( 'upload_session_key' => $upload_session_key
- ));
+ $async = false;
+ if ( $this->mParams['asyncdownload'] ) {
+ if ( $this->mParams['leavemessage'] ) {
+ $async = 'async-leavemessage';
+ } else {
+ $async = 'async';
}
}
- }
-
- if( !isset( $this->mUpload ) )
- $this->dieUsage( 'No upload module set', 'nomodule' );
-
-
- // Finish up the exec command:
- $this->doExecUpload();
+ $this->mUpload = new UploadFromUrl;
+ $this->mUpload->initialize( $this->mParams['filename'],
+ $this->mParams['url'], $async );
+ }
}
- protected function doExecUpload(){
- global $wgUser;
+ /**
+ * Checks that the user has permissions to perform this upload.
+ * Dies with usage message on inadequate permissions.
+ * @param $user User The user to check.
+ */
+ protected function checkPermissions( $user ) {
// Check whether the user has the appropriate permissions to upload anyway
- $permission = $this->mUpload->isAllowed( $wgUser );
+ $permission = $this->mUpload->isAllowed( $user );
- if( $permission !== true ) {
- if( !$wgUser->isLoggedIn() )
+ if ( $permission !== true ) {
+ if ( !$user->isLoggedIn() ) {
$this->dieUsageMsg( array( 'mustbeloggedin', 'upload' ) );
- else
+ } else {
$this->dieUsageMsg( array( 'badaccess-groups' ) );
+ }
}
- // Perform the upload
- $result = $this->performUpload();
- // Cleanup any temporary mess
- $this->mUpload->cleanupTempFile();
- $this->getResult()->addValue( null, $this->getModuleName(), $result );
}
- protected function performUpload() {
- global $wgUser;
- $result = array();
- $permErrors = $this->mUpload->verifyPermissions( $wgUser );
- if( $permErrors !== true ) {
- $this->dieUsageMsg( array( 'baddaccess-groups' ) );
+ /**
+ * Performs file verification, dies on error.
+ */
+ protected function verifyUpload( ) {
+ $verification = $this->mUpload->verifyUpload( );
+ if ( $verification['status'] === UploadBase::OK ) {
+ return;
}
-
+
// TODO: Move them to ApiBase's message map
- $verification = $this->mUpload->verifyUpload();
- if( $verification['status'] !== UploadBase::OK ) {
- $result['result'] = 'Failure';
- switch( $verification['status'] ) {
- case UploadBase::EMPTY_FILE:
- $this->dieUsage( 'The file you submitted was empty', 'empty-file' );
- break;
- case UploadBase::FILETYPE_MISSING:
- $this->dieUsage( 'The file is missing an extension', 'filetype-missing' );
- break;
- case UploadBase::FILETYPE_BADTYPE:
- global $wgFileExtensions;
- $this->dieUsage( 'This type of file is banned', 'filetype-banned',
- 0, array(
- 'filetype' => $verification['finalExt'],
- 'allowed' => $wgFileExtensions
- ) );
- break;
- case UploadBase::MIN_LENGHT_PARTNAME:
- $this->dieUsage( 'The filename is too short', 'filename-tooshort' );
- break;
- case UploadBase::ILLEGAL_FILENAME:
- $this->dieUsage( 'The filename is not allowed', 'illegal-filename',
- 0, array( 'filename' => $verification['filtered'] ) );
- break;
- case UploadBase::OVERWRITE_EXISTING_FILE:
- $this->dieUsage( 'Overwriting an existing file is not allowed', 'overwrite' );
- break;
- case UploadBase::VERIFICATION_ERROR:
- $this->getResult()->setIndexedTagName( $verification['details'], 'detail' );
- $this->dieUsage( 'This file did not pass file verification', 'verification-error',
- 0, array( 'details' => $verification['details'] ) );
- break;
- case UploadBase::UPLOAD_VERIFICATION_ERROR:
- $this->dieUsage( "The modification you tried to make was aborted by an extension hook",
- 'hookaborted', 0, array( 'error' => $verification['error'] ) );
- break;
- default:
- $this->dieUsage( 'An unknown error occurred', 'unknown-error',
- 0, array( 'code' => $verification['status'] ) );
- break;
- }
- return $result;
+ switch( $verification['status'] ) {
+ case UploadBase::EMPTY_FILE:
+ $this->dieUsage( 'The file you submitted was empty', 'empty-file' );
+ break;
+ case UploadBase::FILE_TOO_LARGE:
+ $this->dieUsage( 'The file you submitted was too large', 'file-too-large' );
+ break;
+ case UploadBase::FILETYPE_MISSING:
+ $this->dieUsage( 'The file is missing an extension', 'filetype-missing' );
+ break;
+ case UploadBase::FILETYPE_BADTYPE:
+ global $wgFileExtensions;
+ $this->dieUsage( 'This type of file is banned', 'filetype-banned',
+ 0, array(
+ 'filetype' => $verification['finalExt'],
+ 'allowed' => $wgFileExtensions
+ ) );
+ break;
+ case UploadBase::MIN_LENGTH_PARTNAME:
+ $this->dieUsage( 'The filename is too short', 'filename-tooshort' );
+ break;
+ case UploadBase::ILLEGAL_FILENAME:
+ $this->dieUsage( 'The filename is not allowed', 'illegal-filename',
+ 0, array( 'filename' => $verification['filtered'] ) );
+ break;
+ case UploadBase::VERIFICATION_ERROR:
+ $this->getResult()->setIndexedTagName( $verification['details'], 'detail' );
+ $this->dieUsage( 'This file did not pass file verification', 'verification-error',
+ 0, array( 'details' => $verification['details'] ) );
+ break;
+ case UploadBase::HOOK_ABORTED:
+ $this->dieUsage( "The modification you tried to make was aborted by an extension hook",
+ 'hookaborted', 0, array( 'error' => $verification['error'] ) );
+ break;
+ default:
+ $this->dieUsage( 'An unknown error occurred', 'unknown-error',
+ 0, array( 'code' => $verification['status'] ) );
+ break;
}
+ }
- if( !$this->mParams['ignorewarnings'] ) {
+ /**
+ * Check warnings if ignorewarnings is not set.
+ * Returns a suitable result array if there were warnings
+ */
+ protected function checkForWarnings() {
+ $result = array();
+
+ if ( !$this->mParams['ignorewarnings'] ) {
$warnings = $this->mUpload->checkWarnings();
- if( $warnings ) {
-
+ if ( $warnings ) {
// Add indices
$this->getResult()->setIndexedTagName( $warnings, 'warning' );
-
- if( isset( $warnings['duplicate'] ) ) {
+
+ if ( isset( $warnings['duplicate'] ) ) {
$dupes = array();
- foreach( $warnings['duplicate'] as $key => $dupe )
+ foreach ( $warnings['duplicate'] as $key => $dupe )
$dupes[] = $dupe->getName();
- $this->getResult()->setIndexedTagName( $dupes, 'duplicate');
+ $this->getResult()->setIndexedTagName( $dupes, 'duplicate' );
$warnings['duplicate'] = $dupes;
}
-
- if( isset( $warnings['exists'] ) ) {
+ if ( isset( $warnings['exists'] ) ) {
$warning = $warnings['exists'];
unset( $warnings['exists'] );
- $warnings[$warning[0]] = $warning[1]->getName();
+ $warnings[$warning['warning']] = $warning['file']->getName();
}
-
- if( isset( $warnings['filewasdeleted'] ) )
- $warnings['filewasdeleted'] = $warnings['filewasdeleted']->getName();
-
+
$result['result'] = 'Warning';
$result['warnings'] = $warnings;
$sessionKey = $this->mUpload->stashSession();
- if ( !$sessionKey )
+ if ( !$sessionKey ) {
$this->dieUsage( 'Stashing temporary file failed', 'stashfailed' );
+ }
+
$result['sessionkey'] = $sessionKey;
+
return $result;
}
}
+ return;
+ }
+
+ /**
+ * Perform the actual upload. Returns a suitable result array on success;
+ * dies on failure.
+ */
+ protected function performUpload() {
+ global $wgUser;
+
+ // Use comment as initial page text by default
+ if ( is_null( $this->mParams['text'] ) ) {
+ $this->mParams['text'] = $this->mParams['comment'];
+ }
+
+ $file = $this->mUpload->getLocalFile();
+ $watch = $this->getWatchlistValue( $this->mParams['watchlist'], $file->getTitle() );
+
+ // Deprecated parameters
+ if ( $this->mParams['watch'] ) {
+ $watch = true;
+ }
// No errors, no warnings: do the upload
$status = $this->mUpload->performUpload( $this->mParams['comment'],
- $this->mParams['comment'], $this->mParams['watch'], $wgUser );
+ $this->mParams['text'], $watch, $wgUser );
- if( !$status->isGood() ) {
+ if ( !$status->isGood() ) {
$error = $status->getErrorsArray();
- $this->getResult()->setIndexedTagName( $result['details'], 'error' );
- $this->dieUsage( 'An internal error occurred', 'internal-error', 0, $error );
+ if ( count( $error ) == 1 && $error[0][0] == 'async' ) {
+ // The upload can not be performed right now, because the user
+ // requested so
+ return array(
+ 'result' => 'Queued',
+ 'sessionkey' => $error[0][1],
+ );
+ } else {
+ $this->getResult()->setIndexedTagName( $error, 'error' );
+
+ $this->dieUsage( 'An internal error occurred', 'internal-error', 0, $error );
+ }
}
$file = $this->mUpload->getLocalFile();
+
$result['result'] = 'Success';
$result['filename'] = $file->getName();
-
- // Append imageinfo to the result
- $imParam = ApiQueryImageInfo::getPropertyNames();
- $result['imageinfo'] = ApiQueryImageInfo::getInfo( $file,
- array_flip( $imParam ), $this->getResult() );
+ $result['imageinfo'] = $this->mUpload->getImageInfo( $this->getResult() );
return $result;
}
}
public function getAllowedParams() {
- global $wgEnableAsyncDownload;
$params = array(
- 'filename' => null,
+ 'filename' => array(
+ ApiBase::PARAM_TYPE => 'string',
+ ApiBase::PARAM_REQUIRED => true
+ ),
'comment' => array(
ApiBase::PARAM_DFLT => ''
),
+ 'text' => null,
'token' => null,
- 'watch' => false,
+ 'watch' => array(
+ ApiBase::PARAM_DFLT => false,
+ ApiBase::PARAM_DEPRECATED => true,
+ ),
+ 'watchlist' => array(
+ ApiBase::PARAM_DFLT => 'preferences',
+ ApiBase::PARAM_TYPE => array(
+ 'watch',
+ 'preferences',
+ 'nochange'
+ ),
+ ),
'ignorewarnings' => false,
'file' => null,
- 'enablechunks' => null,
- 'chunksessionkey' => null,
- 'chunk' => null,
- 'done' => false,
'url' => null,
- 'httpstatus' => false,
+
'sessionkey' => null,
);
-
- if ( $this->getMain()->isInternalMode() )
- $params['internalhttpsession'] = null;
- if($wgEnableAsyncDownload){
- $params['asyncdownload'] = false;
+
+ global $wgAllowAsyncCopyUploads;
+ if ( $wgAllowAsyncCopyUploads ) {
+ $params += array(
+ 'asyncdownload' => false,
+ 'leavemessage' => false,
+ );
}
return $params;
-
}
public function getParamDescription() {
- return array(
+ $params = array(
'filename' => 'Target filename',
'token' => 'Edit token. You can get one of these through prop=info',
- 'comment' => 'Upload comment. Also used as the initial page text for new files',
+ 'comment' => 'Upload comment. Also used as the initial page text for new files if "text" is not specified',
+ 'text' => 'Initial page text for new files',
'watch' => 'Watch the page',
+ 'watchlist' => 'Unconditionally add or remove the page from your watchlist, use preferences or do not change watch',
'ignorewarnings' => 'Ignore any warnings',
'file' => 'File contents',
- 'enablechunks' => 'Set to use chunk mode; see http://firefogg.org/dev/chunk_post.html for protocol',
- 'chunksessionkey' => 'Used to sync uploading of chunks',
- 'chunk' => 'Chunk contents',
- 'done' => 'Set when the last chunk is being uploaded',
'url' => 'Url to fetch the file from',
- 'asyncdownload' => 'Set to download the url asynchronously. Useful for large files that will take more than php max_execution_time to download',
- 'httpstatus' => 'Set to return the status of an asynchronous upload (specify the key in sessionkey)',
- 'sessionkey' => array(
- 'Session key returned by a previous upload that failed due to warnings, or',
- '(with httpstatus) The upload_session_key of an asynchronous upload',
- ),
- 'internalhttpsession' => 'Used internally',
+ 'sessionkey' => 'Session key returned by a previous upload that failed due to warnings',
);
+
+ global $wgAllowAsyncCopyUploads;
+ if ( $wgAllowAsyncCopyUploads ) {
+ $params += array(
+ 'asyncdownload' => 'Make fetching a URL asynchronous',
+ 'leavemessage' => 'If asyncdownload is used, leave a message on the user talk page if finished',
+ );
+ }
+
+ return $params;
+
}
public function getDescription() {
return array(
'Upload a file, or get the status of pending uploads. Several methods are available:',
' * Upload file contents directly, using the "file" parameter',
- ' * Upload a file in chunks, using the "enablechunks", "chunk", and "chunksessionkey", and "done" parameters',
- ' * Have the MediaWiki server fetch a file from a URL, using the "url" and "asyncdownload" parameters',
- ' * Retrieve the status of an asynchronous upload, using the "httpstatus" and "sessionkey" parameters',
+ ' * Have the MediaWiki server fetch a file from a URL, using the "url" parameter',
' * Complete an earlier upload that failed due to warnings, using the "sessionkey" parameter',
'Note that the HTTP POST must be done as a file upload (i.e. using multipart/form-data) when',
- 'sending the "file" or "chunk" parameters. Note also that queries using session keys must be',
+ 'sending the "file". Note also that queries using session keys must be',
'done in the same login session as the query that originally returned the key (i.e. do not',
- 'log out and then log back in). Also you must get and send an edit token before doing any upload stuff.'
+ 'log out and then log back in). Also you must get and send an edit token before doing any upload stuff'
);
}
+ public function getPossibleErrors() {
+ return array_merge( parent::getPossibleErrors(), array(
+ array( 'uploaddisabled' ),
+ array( 'invalid-session-key' ),
+ array( 'uploaddisabled' ),
+ array( 'badaccess-groups' ),
+ array( 'mustbeloggedin', 'upload' ),
+ array( 'badaccess-groups' ),
+ array( 'badaccess-groups' ),
+ array( 'code' => 'fetchfileerror', 'info' => '' ),
+ array( 'code' => 'nomodule', 'info' => 'No upload module set' ),
+ array( 'code' => 'empty-file', 'info' => 'The file you submitted was empty' ),
+ array( 'code' => 'filetype-missing', 'info' => 'The file is missing an extension' ),
+ array( 'code' => 'filename-tooshort', 'info' => 'The filename is too short' ),
+ array( 'code' => 'overwrite', 'info' => 'Overwriting an existing file is not allowed' ),
+ array( 'code' => 'stashfailed', 'info' => 'Stashing temporary file failed' ),
+ array( 'code' => 'internal-error', 'info' => 'An internal error occurred' ),
+ ) );
+ }
+
+ public function getTokenSalt() {
+ return '';
+ }
+
protected function getExamples() {
return array(
'Upload from a URL:',
' api.php?action=upload&filename=Wiki.png&url=http%3A//upload.wikimedia.org/wikipedia/en/b/bc/Wiki.png',
- 'Get the status of an asynchronous upload:',
- ' api.php?action=upload&filename=Wiki.png&httpstatus=1&sessionkey=upload_session_key',
'Complete an upload that failed due to warnings:',
' api.php?action=upload&filename=Wiki.png&sessionkey=sessionkey&ignorewarnings=1',
- 'Begin a chunked upload:',
- ' api.php?action=upload&filename=Wiki.png&enablechunks=1'
);
}
return __CLASS__ . ': $Id: ApiUpload.php 51812 2009-06-12 23:45:20Z dale $';
}
}
-
-
dépôts / lhc / web / wiklou.git / blobdiff