dépôts / lhc / web / wiklou.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
parser: Validate $length in padleft/padright parser functions
[lhc/web/wiklou.git] / includes / Setup.php
1 <?php
2 /**
3 * Include most things that are needed to make MediaWiki work.
4 *
5 * This file is included by WebStart.php and doMaintenance.php so that both
6 * web and maintenance scripts share a final set up phase to include necessary
7 * files and create global object variables.
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
23 *
24 * @file
25 */
26 use MediaWiki\MediaWikiServices;
27 use Wikimedia\Rdbms\LBFactory;
28 use Wikimedia\Rdbms\ChronologyProtector;
29
30 /**
31 * This file is not a valid entry point, perform no further processing unless
32 * MEDIAWIKI is defined
33 */
34 if ( !defined( 'MEDIAWIKI' ) ) {
35 exit( 1 );
36 }
37
38 /**
39 * Pre-config setup: Before loading LocalSettings.php
40 */
41
42 // Sanity check (T5782, T122807)
43 if ( ini_get( 'mbstring.func_overload' ) ) {
44 die( 'MediaWiki does not support installations where mbstring.func_overload is non-zero.' );
45 }
46
47 // Start the autoloader, so that extensions can derive classes from core files
48 require_once "$IP/includes/AutoLoader.php";
49
50 // Load up some global defines
51 require_once "$IP/includes/Defines.php";
52
53 // Load default settings
54 require_once "$IP/includes/DefaultSettings.php";
55
56 // Load global functions
57 require_once "$IP/includes/GlobalFunctions.php";
58
59 // Load composer's autoloader if present
60 if ( is_readable( "$IP/vendor/autoload.php" ) ) {
61 require_once "$IP/vendor/autoload.php";
62 }
63
64 // Assert that composer dependencies were successfully loaded
65 // Purposely no leading \ due to it breaking HHVM RepoAuthorative mode
66 // PHP works fine with both versions
67 // See https://github.com/facebook/hhvm/issues/5833
68 if ( !interface_exists( 'Psr\Log\LoggerInterface' ) ) {
69 $message = (
70 'MediaWiki requires the <a href="https://github.com/php-fig/log">PSR-3 logging ' .
71 "library</a> to be present. This library is not embedded directly in MediaWiki's " .
72 "git repository and must be installed separately by the end user.\n\n" .
73 'Please see <a href="https://www.mediawiki.org/wiki/Download_from_Git' .
74 '#Fetch_external_libraries">mediawiki.org</a> for help on installing ' .
75 'the required components.'
76 );
77 echo $message;
78 trigger_error( $message, E_USER_ERROR );
79 die( 1 );
80 }
81
82 // Install a header callback
83 MediaWiki\HeaderCallback::register();
84
85 /**
86 * Load LocalSettings.php
87 */
88
89 if ( is_readable( "$IP/StartProfiler.php" ) ) {
90 // @deprecated since 1.32: Use LocalSettings.php instead.
91 require "$IP/StartProfiler.php";
92 }
93
94 if ( defined( 'MW_CONFIG_CALLBACK' ) ) {
95 call_user_func( MW_CONFIG_CALLBACK );
96 } else {
97 if ( !defined( 'MW_CONFIG_FILE' ) ) {
98 define( 'MW_CONFIG_FILE', "$IP/LocalSettings.php" );
99 }
100 require_once MW_CONFIG_FILE;
101 }
102
103 /**
104 * Customization point after all loading (constants, functions, classes,
105 * DefaultSettings, LocalSettings). Specifically, this is before usage of
106 * settings, before instantiation of Profiler (and other singletons), and
107 * before any setup functions or hooks run.
108 */
109
110 if ( defined( 'MW_SETUP_CALLBACK' ) ) {
111 call_user_func( MW_SETUP_CALLBACK );
112 }
113
114 /**
115 * Main setup
116 */
117
118 $fname = 'Setup.php';
119 $ps_setup = Profiler::instance()->scopedProfileIn( $fname );
120
121 // Load queued extensions
122 ExtensionRegistry::getInstance()->loadFromQueue();
123 // Don't let any other extensions load
124 ExtensionRegistry::getInstance()->finish();
125
126 // Check to see if we are at the file scope
127 if ( !isset( $wgVersion ) ) {
128 echo "Error, Setup.php must be included from the file scope, after DefaultSettings.php\n";
129 die( 1 );
130 }
131
132 mb_internal_encoding( 'UTF-8' );
133
134 // Set the configured locale on all requests for consisteny
135 putenv( "LC_ALL=$wgShellLocale" );
136 setlocale( LC_ALL, $wgShellLocale );
137
138 // Set various default paths sensibly...
139 $ps_default = Profiler::instance()->scopedProfileIn( $fname . '-defaults' );
140
141 if ( $wgScript === false ) {
142 $wgScript = "$wgScriptPath/index.php";
143 }
144 if ( $wgLoadScript === false ) {
145 $wgLoadScript = "$wgScriptPath/load.php";
146 }
147
148 if ( $wgArticlePath === false ) {
149 if ( $wgUsePathInfo ) {
150 $wgArticlePath = "$wgScript/$1";
151 } else {
152 $wgArticlePath = "$wgScript?title=$1";
153 }
154 }
155
156 if ( !empty( $wgActionPaths ) && !isset( $wgActionPaths['view'] ) ) {
157 // 'view' is assumed the default action path everywhere in the code
158 // but is rarely filled in $wgActionPaths
159 $wgActionPaths['view'] = $wgArticlePath;
160 }
161
162 if ( $wgResourceBasePath === null ) {
163 $wgResourceBasePath = $wgScriptPath;
164 }
165 if ( $wgStylePath === false ) {
166 $wgStylePath = "$wgResourceBasePath/skins";
167 }
168 if ( $wgLocalStylePath === false ) {
169 // Avoid wgResourceBasePath here since that may point to a different domain (e.g. CDN)
170 $wgLocalStylePath = "$wgScriptPath/skins";
171 }
172 if ( $wgExtensionAssetsPath === false ) {
173 $wgExtensionAssetsPath = "$wgResourceBasePath/extensions";
174 }
175
176 if ( $wgLogo === false ) {
177 $wgLogo = "$wgResourceBasePath/resources/assets/wiki.png";
178 }
179
180 if ( $wgUploadPath === false ) {
181 $wgUploadPath = "$wgScriptPath/images";
182 }
183 if ( $wgUploadDirectory === false ) {
184 $wgUploadDirectory = "$IP/images";
185 }
186 if ( $wgReadOnlyFile === false ) {
187 $wgReadOnlyFile = "{$wgUploadDirectory}/lock_yBgMBwiR";
188 }
189 if ( $wgFileCacheDirectory === false ) {
190 $wgFileCacheDirectory = "{$wgUploadDirectory}/cache";
191 }
192 if ( $wgDeletedDirectory === false ) {
193 $wgDeletedDirectory = "{$wgUploadDirectory}/deleted";
194 }
195
196 if ( $wgGitInfoCacheDirectory === false && $wgCacheDirectory !== false ) {
197 $wgGitInfoCacheDirectory = "{$wgCacheDirectory}/gitinfo";
198 }
199
200 if ( $wgEnableParserCache === false ) {
201 $wgParserCacheType = CACHE_NONE;
202 }
203
204 // Fix path to icon images after they were moved in 1.24
205 if ( $wgRightsIcon ) {
206 $wgRightsIcon = str_replace(
207 "{$wgStylePath}/common/images/",
208 "{$wgResourceBasePath}/resources/assets/licenses/",
209 $wgRightsIcon
210 );
211 }
212
213 if ( isset( $wgFooterIcons['copyright']['copyright'] )
214 && $wgFooterIcons['copyright']['copyright'] === []
215 ) {
216 if ( $wgRightsIcon || $wgRightsText ) {
217 $wgFooterIcons['copyright']['copyright'] = [
218 'url' => $wgRightsUrl,
219 'src' => $wgRightsIcon,
220 'alt' => $wgRightsText,
221 ];
222 }
223 }
224
225 if ( isset( $wgFooterIcons['poweredby'] )
226 && isset( $wgFooterIcons['poweredby']['mediawiki'] )
227 && $wgFooterIcons['poweredby']['mediawiki']['src'] === null
228 ) {
229 $wgFooterIcons['poweredby']['mediawiki']['src'] =
230 "$wgResourceBasePath/resources/assets/poweredby_mediawiki_88x31.png";
231 $wgFooterIcons['poweredby']['mediawiki']['srcset'] =
232 "$wgResourceBasePath/resources/assets/poweredby_mediawiki_132x47.png 1.5x, " .
233 "$wgResourceBasePath/resources/assets/poweredby_mediawiki_176x62.png 2x";
234 }
235
236 /**
237 * Unconditional protection for NS_MEDIAWIKI since otherwise it's too easy for a
238 * sysadmin to set $wgNamespaceProtection incorrectly and leave the wiki insecure.
239 *
240 * Note that this is the definition of editinterface and it can be granted to
241 * all users if desired.
242 */
243 $wgNamespaceProtection[NS_MEDIAWIKI] = 'editinterface';
244
245 /**
246 * The canonical names of namespaces 6 and 7 are, as of v1.14, "File"
247 * and "File_talk". The old names "Image" and "Image_talk" are
248 * retained as aliases for backwards compatibility.
249 */
250 $wgNamespaceAliases['Image'] = NS_FILE;
251 $wgNamespaceAliases['Image_talk'] = NS_FILE_TALK;
252
253 /**
254 * Initialise $wgLockManagers to include basic FS version
255 */
256 $wgLockManagers[] = [
257 'name' => 'fsLockManager',
258 'class' => FSLockManager::class,
259 'lockDirectory' => "{$wgUploadDirectory}/lockdir",
260 ];
261 $wgLockManagers[] = [
262 'name' => 'nullLockManager',
263 'class' => NullLockManager::class,
264 ];
265
266 /**
267 * Default parameters for the "<gallery>" tag.
268 * @see DefaultSettings.php for description of the fields.
269 */
270 $wgGalleryOptions += [
271 'imagesPerRow' => 0,
272 'imageWidth' => 120,
273 'imageHeight' => 120,
274 'captionLength' => true,
275 'showBytes' => true,
276 'showDimensions' => true,
277 'mode' => 'traditional',
278 ];
279
280 /**
281 * Initialise $wgLocalFileRepo from backwards-compatible settings
282 */
283 if ( !$wgLocalFileRepo ) {
284 $wgLocalFileRepo = [
285 'class' => LocalRepo::class,
286 'name' => 'local',
287 'directory' => $wgUploadDirectory,
288 'scriptDirUrl' => $wgScriptPath,
289 'url' => $wgUploadBaseUrl ? $wgUploadBaseUrl . $wgUploadPath : $wgUploadPath,
290 'hashLevels' => $wgHashedUploadDirectory ? 2 : 0,
291 'thumbScriptUrl' => $wgThumbnailScriptPath,
292 'transformVia404' => !$wgGenerateThumbnailOnParse,
293 'deletedDir' => $wgDeletedDirectory,
294 'deletedHashLevels' => $wgHashedUploadDirectory ? 3 : 0
295 ];
296 }
297 /**
298 * Initialise shared repo from backwards-compatible settings
299 */
300 if ( $wgUseSharedUploads ) {
301 if ( $wgSharedUploadDBname ) {
302 $wgForeignFileRepos[] = [
303 'class' => ForeignDBRepo::class,
304 'name' => 'shared',
305 'directory' => $wgSharedUploadDirectory,
306 'url' => $wgSharedUploadPath,
307 'hashLevels' => $wgHashedSharedUploadDirectory ? 2 : 0,
308 'thumbScriptUrl' => $wgSharedThumbnailScriptPath,
309 'transformVia404' => !$wgGenerateThumbnailOnParse,
310 'dbType' => $wgDBtype,
311 'dbServer' => $wgDBserver,
312 'dbUser' => $wgDBuser,
313 'dbPassword' => $wgDBpassword,
314 'dbName' => $wgSharedUploadDBname,
315 'dbFlags' => ( $wgDebugDumpSql ? DBO_DEBUG : 0 ) | DBO_DEFAULT,
316 'tablePrefix' => $wgSharedUploadDBprefix,
317 'hasSharedCache' => $wgCacheSharedUploads,
318 'descBaseUrl' => $wgRepositoryBaseUrl,
319 'fetchDescription' => $wgFetchCommonsDescriptions,
320 ];
321 } else {
322 $wgForeignFileRepos[] = [
323 'class' => FileRepo::class,
324 'name' => 'shared',
325 'directory' => $wgSharedUploadDirectory,
326 'url' => $wgSharedUploadPath,
327 'hashLevels' => $wgHashedSharedUploadDirectory ? 2 : 0,
328 'thumbScriptUrl' => $wgSharedThumbnailScriptPath,
329 'transformVia404' => !$wgGenerateThumbnailOnParse,
330 'descBaseUrl' => $wgRepositoryBaseUrl,
331 'fetchDescription' => $wgFetchCommonsDescriptions,
332 ];
333 }
334 }
335 if ( $wgUseInstantCommons ) {
336 $wgForeignFileRepos[] = [
337 'class' => ForeignAPIRepo::class,
338 'name' => 'wikimediacommons',
339 'apibase' => 'https://commons.wikimedia.org/w/api.php',
340 'url' => 'https://upload.wikimedia.org/wikipedia/commons',
341 'thumbUrl' => 'https://upload.wikimedia.org/wikipedia/commons/thumb',
342 'hashLevels' => 2,
343 'transformVia404' => true,
344 'fetchDescription' => true,
345 'descriptionCacheExpiry' => 43200,
346 'apiThumbCacheExpiry' => 0,
347 ];
348 }
349 /*
350 * Add on default file backend config for file repos.
351 * FileBackendGroup will handle initializing the backends.
352 */
353 if ( !isset( $wgLocalFileRepo['backend'] ) ) {
354 $wgLocalFileRepo['backend'] = $wgLocalFileRepo['name'] . '-backend';
355 }
356 foreach ( $wgForeignFileRepos as &$repo ) {
357 if ( !isset( $repo['directory'] ) && $repo['class'] === ForeignAPIRepo::class ) {
358 $repo['directory'] = $wgUploadDirectory; // b/c
359 }
360 if ( !isset( $repo['backend'] ) ) {
361 $repo['backend'] = $repo['name'] . '-backend';
362 }
363 }
364 unset( $repo ); // no global pollution; destroy reference
365
366 $rcMaxAgeDays = $wgRCMaxAge / ( 3600 * 24 );
367 if ( $wgRCFilterByAge ) {
368 // Trim down $wgRCLinkDays so that it only lists links which are valid
369 // as determined by $wgRCMaxAge.
370 // Note that we allow 1 link higher than the max for things like 56 days but a 60 day link.
371 sort( $wgRCLinkDays );
372
373 // phpcs:ignore Generic.CodeAnalysis.ForLoopWithTestFunctionCall
374 for ( $i = 0; $i < count( $wgRCLinkDays ); $i++ ) {
375 if ( $wgRCLinkDays[$i] >= $rcMaxAgeDays ) {
376 $wgRCLinkDays = array_slice( $wgRCLinkDays, 0, $i + 1, false );
377 break;
378 }
379 }
380 }
381 // Ensure that default user options are not invalid, since that breaks Special:Preferences
382 $wgDefaultUserOptions['rcdays'] = min(
383 $wgDefaultUserOptions['rcdays'],
384 ceil( $rcMaxAgeDays )
385 );
386 $wgDefaultUserOptions['watchlistdays'] = min(
387 $wgDefaultUserOptions['watchlistdays'],
388 ceil( $rcMaxAgeDays )
389 );
390 unset( $rcMaxAgeDays );
391
392 if ( $wgSkipSkin ) {
393 $wgSkipSkins[] = $wgSkipSkin;
394 }
395
396 $wgSkipSkins[] = 'fallback';
397 $wgSkipSkins[] = 'apioutput';
398
399 if ( $wgLocalInterwiki ) {
400 array_unshift( $wgLocalInterwikis, $wgLocalInterwiki );
401 }
402
403 // Set default shared prefix
404 if ( $wgSharedPrefix === false ) {
405 $wgSharedPrefix = $wgDBprefix;
406 }
407
408 // Set default shared schema
409 if ( $wgSharedSchema === false ) {
410 $wgSharedSchema = $wgDBmwschema;
411 }
412
413 if ( !$wgCookiePrefix ) {
414 if ( $wgSharedDB && $wgSharedPrefix && in_array( 'user', $wgSharedTables ) ) {
415 $wgCookiePrefix = $wgSharedDB . '_' . $wgSharedPrefix;
416 } elseif ( $wgSharedDB && in_array( 'user', $wgSharedTables ) ) {
417 $wgCookiePrefix = $wgSharedDB;
418 } elseif ( $wgDBprefix ) {
419 $wgCookiePrefix = $wgDBname . '_' . $wgDBprefix;
420 } else {
421 $wgCookiePrefix = $wgDBname;
422 }
423 }
424 $wgCookiePrefix = strtr( $wgCookiePrefix, '=,; +."\'\\[', '__________' );
425
426 if ( $wgEnableEmail ) {
427 $wgUseEnotif = $wgEnotifUserTalk || $wgEnotifWatchlist;
428 } else {
429 // Disable all other email settings automatically if $wgEnableEmail
430 // is set to false. - T65678
431 $wgAllowHTMLEmail = false;
432 $wgEmailAuthentication = false; // do not require auth if you're not sending email anyway
433 $wgEnableUserEmail = false;
434 $wgEnotifFromEditor = false;
435 $wgEnotifImpersonal = false;
436 $wgEnotifMaxRecips = 0;
437 $wgEnotifMinorEdits = false;
438 $wgEnotifRevealEditorAddress = false;
439 $wgEnotifUseRealName = false;
440 $wgEnotifUserTalk = false;
441 $wgEnotifWatchlist = false;
442 unset( $wgGroupPermissions['user']['sendemail'] );
443 $wgUseEnotif = false;
444 $wgUserEmailUseReplyTo = false;
445 $wgUsersNotifiedOnAllChanges = [];
446 }
447
448 if ( $wgMetaNamespace === false ) {
449 $wgMetaNamespace = str_replace( ' ', '_', $wgSitename );
450 }
451
452 // Default value is 2000 or the suhosin limit if it is between 1 and 2000
453 if ( $wgResourceLoaderMaxQueryLength === false ) {
454 $suhosinMaxValueLength = (int)ini_get( 'suhosin.get.max_value_length' );
455 if ( $suhosinMaxValueLength > 0 && $suhosinMaxValueLength < 2000 ) {
456 $wgResourceLoaderMaxQueryLength = $suhosinMaxValueLength;
457 } else {
458 $wgResourceLoaderMaxQueryLength = 2000;
459 }
460 unset( $suhosinMaxValueLength );
461 }
462
463 // Ensure the minimum chunk size is less than PHP upload limits or the maximum
464 // upload size.
465 $wgMinUploadChunkSize = min(
466 $wgMinUploadChunkSize,
467 UploadBase::getMaxUploadSize( 'file' ),
468 UploadBase::getMaxPhpUploadSize(),
469 ( wfShorthandToInteger(
470 ini_get( 'post_max_size' ) ?: ini_get( 'hhvm.server.max_post_size' ),
471 PHP_INT_MAX
472 ) ?: PHP_INT_MAX ) - 1024 // Leave some room for other POST parameters
473 );
474
475 /**
476 * Definitions of the NS_ constants are in Defines.php
477 * @private
478 */
479 $wgCanonicalNamespaceNames = [
480 NS_MEDIA => 'Media',
481 NS_SPECIAL => 'Special',
482 NS_TALK => 'Talk',
483 NS_USER => 'User',
484 NS_USER_TALK => 'User_talk',
485 NS_PROJECT => 'Project',
486 NS_PROJECT_TALK => 'Project_talk',
487 NS_FILE => 'File',
488 NS_FILE_TALK => 'File_talk',
489 NS_MEDIAWIKI => 'MediaWiki',
490 NS_MEDIAWIKI_TALK => 'MediaWiki_talk',
491 NS_TEMPLATE => 'Template',
492 NS_TEMPLATE_TALK => 'Template_talk',
493 NS_HELP => 'Help',
494 NS_HELP_TALK => 'Help_talk',
495 NS_CATEGORY => 'Category',
496 NS_CATEGORY_TALK => 'Category_talk',
497 ];
498
499 /// @todo UGLY UGLY
500 if ( is_array( $wgExtraNamespaces ) ) {
501 $wgCanonicalNamespaceNames = $wgCanonicalNamespaceNames + $wgExtraNamespaces;
502 }
503
504 // Merge in the legacy language codes, incorporating overrides from the config
505 $wgDummyLanguageCodes += [
506 'qqq' => 'qqq', // Used for message documentation
507 'qqx' => 'qqx', // Used for viewing message keys
508 ] + $wgExtraLanguageCodes + LanguageCode::getDeprecatedCodeMapping();
509
510 // These are now the same, always
511 // To determine the user language, use $wgLang->getCode()
512 $wgContLanguageCode = $wgLanguageCode;
513
514 // Easy to forget to falsify $wgDebugToolbar for static caches.
515 // If file cache or CDN cache is on, just disable this (DWIMD).
516 if ( $wgUseFileCache || $wgUseSquid ) {
517 $wgDebugToolbar = false;
518 }
519
520 // We always output HTML5 since 1.22, overriding these is no longer supported
521 // we set them here for extensions that depend on its value.
522 $wgHtml5 = true;
523 $wgXhtmlDefaultNamespace = 'http://www.w3.org/1999/xhtml';
524 $wgJsMimeType = 'text/javascript';
525
526 // Blacklisted file extensions shouldn't appear on the "allowed" list
527 $wgFileExtensions = array_values( array_diff( $wgFileExtensions, $wgFileBlacklist ) );
528
529 if ( $wgInvalidateCacheOnLocalSettingsChange ) {
530 Wikimedia\suppressWarnings();
531 $wgCacheEpoch = max( $wgCacheEpoch, gmdate( 'YmdHis', filemtime( "$IP/LocalSettings.php" ) ) );
532 Wikimedia\restoreWarnings();
533 }
534
535 if ( $wgNewUserLog ) {
536 // Add new user log type
537 $wgLogTypes[] = 'newusers';
538 $wgLogNames['newusers'] = 'newuserlogpage';
539 $wgLogHeaders['newusers'] = 'newuserlogpagetext';
540 $wgLogActionsHandlers['newusers/newusers'] = NewUsersLogFormatter::class;
541 $wgLogActionsHandlers['newusers/create'] = NewUsersLogFormatter::class;
542 $wgLogActionsHandlers['newusers/create2'] = NewUsersLogFormatter::class;
543 $wgLogActionsHandlers['newusers/byemail'] = NewUsersLogFormatter::class;
544 $wgLogActionsHandlers['newusers/autocreate'] = NewUsersLogFormatter::class;
545 }
546
547 if ( $wgPageCreationLog ) {
548 // Add page creation log type
549 $wgLogTypes[] = 'create';
550 $wgLogActionsHandlers['create/create'] = LogFormatter::class;
551 }
552
553 if ( $wgPageLanguageUseDB ) {
554 $wgLogTypes[] = 'pagelang';
555 $wgLogActionsHandlers['pagelang/pagelang'] = PageLangLogFormatter::class;
556 }
557
558 if ( $wgCookieSecure === 'detect' ) {
559 $wgCookieSecure = ( WebRequest::detectProtocol() === 'https' );
560 }
561
562 if ( $wgProfileOnly ) {
563 $wgDebugLogGroups['profileoutput'] = $wgDebugLogFile;
564 $wgDebugLogFile = '';
565 }
566
567 // Backwards compatibility with old password limits
568 if ( $wgMinimalPasswordLength !== false ) {
569 $wgPasswordPolicy['policies']['default']['MinimalPasswordLength'] = $wgMinimalPasswordLength;
570 }
571
572 if ( $wgMaximalPasswordLength !== false ) {
573 $wgPasswordPolicy['policies']['default']['MaximalPasswordLength'] = $wgMaximalPasswordLength;
574 }
575
576 // Backwards compatibility warning
577 if ( !$wgSessionsInObjectCache ) {
578 wfDeprecated( '$wgSessionsInObjectCache = false', '1.27' );
579 if ( $wgSessionHandler ) {
580 wfDeprecated( '$wgSessionsHandler', '1.27' );
581 }
582 $cacheType = get_class( ObjectCache::getInstance( $wgSessionCacheType ) );
583 wfDebugLog(
584 'caches',
585 "Session data will be stored in \"$cacheType\" cache with " .
586 "expiry $wgObjectCacheSessionExpiry seconds"
587 );
588 }
589 $wgSessionsInObjectCache = true;
590
591 if ( $wgPHPSessionHandling !== 'enable' &&
592 $wgPHPSessionHandling !== 'warn' &&
593 $wgPHPSessionHandling !== 'disable'
594 ) {
595 $wgPHPSessionHandling = 'warn';
596 }
597 if ( defined( 'MW_NO_SESSION' ) ) {
598 // If the entry point wants no session, force 'disable' here unless they
599 // specifically set it to the (undocumented) 'warn'.
600 $wgPHPSessionHandling = MW_NO_SESSION === 'warn' ? 'warn' : 'disable';
601 }
602
603 Profiler::instance()->scopedProfileOut( $ps_default );
604
605 // Disable MWDebug for command line mode, this prevents MWDebug from eating up
606 // all the memory from logging SQL queries on maintenance scripts
607 global $wgCommandLineMode;
608 if ( $wgDebugToolbar && !$wgCommandLineMode ) {
609 MWDebug::init();
610 }
611
612 // Reset the global service locator, so any services that have already been created will be
613 // re-created while taking into account any custom settings and extensions.
614 MediaWikiServices::resetGlobalInstance( new GlobalVarConfig(), 'quick' );
615
616 if ( $wgSharedDB && $wgSharedTables ) {
617 // Apply $wgSharedDB table aliases for the local LB (all non-foreign DB connections)
618 MediaWikiServices::getInstance()->getDBLoadBalancer()->setTableAliases(
619 array_fill_keys(
620 $wgSharedTables,
621 [
622 'dbname' => $wgSharedDB,
623 'schema' => $wgSharedSchema,
624 'prefix' => $wgSharedPrefix
625 ]
626 )
627 );
628 }
629
630 // Define a constant that indicates that the bootstrapping of the service locator
631 // is complete.
632 define( 'MW_SERVICE_BOOTSTRAP_COMPLETE', 1 );
633
634 MWExceptionHandler::installHandler();
635
636 // T48998: Bail out early if $wgArticlePath is non-absolute
637 foreach ( [ 'wgArticlePath', 'wgVariantArticlePath' ] as $varName ) {
638 if ( $$varName && !preg_match( '/^(https?:\/\/|\/)/', $$varName ) ) {
639 throw new FatalError(
640 "If you use a relative URL for \$$varName, it must start " .
641 'with a slash (<code>/</code>).<br><br>See ' .
642 "<a href=\"https://www.mediawiki.org/wiki/Manual:\$$varName\">" .
643 "https://www.mediawiki.org/wiki/Manual:\$$varName</a>."
644 );
645 }
646 }
647
648 $ps_default2 = Profiler::instance()->scopedProfileIn( $fname . '-defaults2' );
649
650 if ( $wgCanonicalServer === false ) {
651 $wgCanonicalServer = wfExpandUrl( $wgServer, PROTO_HTTP );
652 }
653
654 // Set server name
655 $serverParts = wfParseUrl( $wgCanonicalServer );
656 if ( $wgServerName !== false ) {
657 wfWarn( '$wgServerName should be derived from $wgCanonicalServer, '
658 . 'not customized. Overwriting $wgServerName.' );
659 }
660 $wgServerName = $serverParts['host'];
661 unset( $serverParts );
662
663 // Set defaults for configuration variables
664 // that are derived from the server name by default
665 // Note: $wgEmergencyContact and $wgPasswordSender may be false or empty string (T104142)
666 if ( !$wgEmergencyContact ) {
667 $wgEmergencyContact = 'wikiadmin@' . $wgServerName;
668 }
669 if ( !$wgPasswordSender ) {
670 $wgPasswordSender = 'apache@' . $wgServerName;
671 }
672 if ( !$wgNoReplyAddress ) {
673 $wgNoReplyAddress = $wgPasswordSender;
674 }
675
676 if ( $wgSecureLogin && substr( $wgServer, 0, 2 ) !== '//' ) {
677 $wgSecureLogin = false;
678 wfWarn( 'Secure login was enabled on a server that only supports '
679 . 'HTTP or HTTPS. Disabling secure login.' );
680 }
681
682 $wgVirtualRestConfig['global']['domain'] = $wgCanonicalServer;
683
684 // Now that GlobalFunctions is loaded, set defaults that depend on it.
685 if ( $wgTmpDirectory === false ) {
686 $wgTmpDirectory = wfTempDir();
687 }
688
689 // We don't use counters anymore. Left here for extensions still
690 // expecting this to exist. Should be removed sometime 1.26 or later.
691 if ( !isset( $wgDisableCounters ) ) {
692 $wgDisableCounters = true;
693 }
694
695 if ( $wgMainWANCache === false ) {
696 // Setup a WAN cache from $wgMainCacheType with no relayer.
697 // Sites using multiple datacenters can configure a relayer.
698 $wgMainWANCache = 'mediawiki-main-default';
699 $wgWANObjectCaches[$wgMainWANCache] = [
700 'class' => WANObjectCache::class,
701 'cacheId' => $wgMainCacheType,
702 'channels' => [ 'purge' => 'wancache-main-default-purge' ]
703 ];
704 }
705
706 Profiler::instance()->scopedProfileOut( $ps_default2 );
707
708 $ps_misc = Profiler::instance()->scopedProfileIn( $fname . '-misc' );
709
710 // Raise the memory limit if it's too low
711 wfMemoryLimit();
712
713 /**
714 * Set up the timezone, suppressing the pseudo-security warning in PHP 5.1+
715 * that happens whenever you use a date function without the timezone being
716 * explicitly set. Inspired by phpMyAdmin's treatment of the problem.
717 */
718 if ( is_null( $wgLocaltimezone ) ) {
719 Wikimedia\suppressWarnings();
720 $wgLocaltimezone = date_default_timezone_get();
721 Wikimedia\restoreWarnings();
722 }
723
724 date_default_timezone_set( $wgLocaltimezone );
725 if ( is_null( $wgLocalTZoffset ) ) {
726 $wgLocalTZoffset = date( 'Z' ) / 60;
727 }
728 // The part after the System| is ignored, but rest of MW fills it
729 // out as the local offset.
730 $wgDefaultUserOptions['timecorrection'] = "System|$wgLocalTZoffset";
731
732 if ( !$wgDBerrorLogTZ ) {
733 $wgDBerrorLogTZ = $wgLocaltimezone;
734 }
735
736 // Initialize the request object in $wgRequest
737 $wgRequest = RequestContext::getMain()->getRequest(); // BackCompat
738 // Set user IP/agent information for agent session consistency purposes
739 $cpPosInfo = LBFactory::getCPInfoFromCookieValue(
740 // The cookie has no prefix and is set by MediaWiki::preOutputCommit()
741 $wgRequest->getCookie( 'cpPosIndex', '' ),
742 // Mitigate broken client-side cookie expiration handling (T190082)
743 time() - ChronologyProtector::POSITION_COOKIE_TTL
744 );
745 MediaWikiServices::getInstance()->getDBLoadBalancerFactory()->setRequestInfo( [
746 'IPAddress' => $wgRequest->getIP(),
747 'UserAgent' => $wgRequest->getHeader( 'User-Agent' ),
748 'ChronologyProtection' => $wgRequest->getHeader( 'ChronologyProtection' ),
749 'ChronologyPositionIndex' => $wgRequest->getInt( 'cpPosIndex', $cpPosInfo['index'] ),
750 'ChronologyClientId' => $cpPosInfo['clientId']
751 ] );
752 unset( $cpPosInfo );
753 // Make sure that object caching does not undermine the ChronologyProtector improvements
754 if ( $wgRequest->getCookie( 'UseDC', '' ) === 'master' ) {
755 // The user is pinned to the primary DC, meaning that they made recent changes which should
756 // be reflected in their subsequent web requests. Avoid the use of interim cache keys because
757 // they use a blind TTL and could be stale if an object changes twice in a short time span.
758 MediaWikiServices::getInstance()->getMainWANObjectCache()->useInterimHoldOffCaching( false );
759 }
760
761 // Useful debug output
762 if ( $wgCommandLineMode ) {
763 wfDebug( "\n\nStart command line script $self\n" );
764 } else {
765 $debug = "\n\nStart request {$wgRequest->getMethod()} {$wgRequest->getRequestURL()}\n";
766
767 if ( $wgDebugPrintHttpHeaders ) {
768 $debug .= "HTTP HEADERS:\n";
769
770 foreach ( $wgRequest->getAllHeaders() as $name => $value ) {
771 $debug .= "$name: $value\n";
772 }
773 }
774 wfDebug( $debug );
775 }
776
777 $wgMemc = wfGetMainCache();
778 $messageMemc = wfGetMessageCacheStorage();
779
780 wfDebugLog( 'caches',
781 'cluster: ' . get_class( $wgMemc ) .
782 ', WAN: ' . ( $wgMainWANCache === CACHE_NONE ? 'CACHE_NONE' : $wgMainWANCache ) .
783 ', stash: ' . $wgMainStash .
784 ', message: ' . get_class( $messageMemc ) .
785 ', session: ' . get_class( ObjectCache::getInstance( $wgSessionCacheType ) )
786 );
787
788 Profiler::instance()->scopedProfileOut( $ps_misc );
789
790 // Most of the config is out, some might want to run hooks here.
791 Hooks::run( 'SetupAfterCache' );
792
793 $ps_globals = Profiler::instance()->scopedProfileIn( $fname . '-globals' );
794
795 /**
796 * @var Language $wgContLang
797 */
798 $wgContLang = Language::factory( $wgLanguageCode );
799 $wgContLang->initContLang();
800
801 // Now that variant lists may be available...
802 $wgRequest->interpolateTitle();
803
804 if ( !is_object( $wgAuth ) ) {
805 $wgAuth = new MediaWiki\Auth\AuthManagerAuthPlugin;
806 Hooks::run( 'AuthPluginSetup', [ &$wgAuth ] );
807 }
808 if ( $wgAuth && !$wgAuth instanceof MediaWiki\Auth\AuthManagerAuthPlugin ) {
809 MediaWiki\Auth\AuthManager::singleton()->forcePrimaryAuthenticationProviders( [
810 new MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider( [
811 'authoritative' => false,
812 ] ),
813 new MediaWiki\Auth\AuthPluginPrimaryAuthenticationProvider( $wgAuth ),
814 new MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider( [
815 'authoritative' => true,
816 ] ),
817 ], '$wgAuth is ' . get_class( $wgAuth ) );
818 }
819
820 /**
821 * @var MediaWiki\Session\SessionId|null $wgInitialSessionId The persistent
822 * session ID (if any) loaded at startup
823 */
824 $wgInitialSessionId = null;
825 if ( !defined( 'MW_NO_SESSION' ) && !$wgCommandLineMode ) {
826 // If session.auto_start is there, we can't touch session name
827 if ( $wgPHPSessionHandling !== 'disable' && !wfIniGetBool( 'session.auto_start' ) ) {
828 session_name( $wgSessionName ? $wgSessionName : $wgCookiePrefix . '_session' );
829 }
830
831 // Create the SessionManager singleton and set up our session handler,
832 // unless we're specifically asked not to.
833 if ( !defined( 'MW_NO_SESSION_HANDLER' ) ) {
834 MediaWiki\Session\PHPSessionHandler::install(
835 MediaWiki\Session\SessionManager::singleton()
836 );
837 }
838
839 // Initialize the session
840 try {
841 $session = MediaWiki\Session\SessionManager::getGlobalSession();
842 } catch ( OverflowException $ex ) {
843 if ( isset( $ex->sessionInfos ) && count( $ex->sessionInfos ) >= 2 ) {
844 // The exception is because the request had multiple possible
845 // sessions tied for top priority. Report this to the user.
846 $list = [];
847 foreach ( $ex->sessionInfos as $info ) {
848 $list[] = $info->getProvider()->describe( $wgContLang );
849 }
850 $list = $wgContLang->listToText( $list );
851 throw new HttpError( 400,
852 Message::newFromKey( 'sessionmanager-tie', $list )->inLanguage( $wgContLang )->plain()
853 );
854 }
855
856 // Not the one we want, rethrow
857 throw $ex;
858 }
859
860 if ( $session->isPersistent() ) {
861 $wgInitialSessionId = $session->getSessionId();
862 }
863
864 $session->renew();
865 if ( MediaWiki\Session\PHPSessionHandler::isEnabled() &&
866 ( $session->isPersistent() || $session->shouldRememberUser() )
867 ) {
868 // Start the PHP-session for backwards compatibility
869 session_id( $session->getId() );
870 Wikimedia\quietCall( 'session_start' );
871 }
872
873 unset( $session );
874 } else {
875 // Even if we didn't set up a global Session, still install our session
876 // handler unless specifically requested not to.
877 if ( !defined( 'MW_NO_SESSION_HANDLER' ) ) {
878 MediaWiki\Session\PHPSessionHandler::install(
879 MediaWiki\Session\SessionManager::singleton()
880 );
881 }
882 }
883
884 /**
885 * @var User $wgUser
886 */
887 $wgUser = RequestContext::getMain()->getUser(); // BackCompat
888
889 /**
890 * @var Language $wgLang
891 */
892 $wgLang = new StubUserLang;
893
894 /**
895 * @var OutputPage $wgOut
896 */
897 $wgOut = RequestContext::getMain()->getOutput(); // BackCompat
898
899 /**
900 * @var Parser $wgParser
901 */
902 $wgParser = new StubObject( 'wgParser', function () {
903 return MediaWikiServices::getInstance()->getParser();
904 } );
905
906 /**
907 * @var Title $wgTitle
908 */
909 $wgTitle = null;
910
911 Profiler::instance()->scopedProfileOut( $ps_globals );
912 $ps_extensions = Profiler::instance()->scopedProfileIn( $fname . '-extensions' );
913
914 // Extension setup functions
915 // Entries should be added to this variable during the inclusion
916 // of the extension file. This allows the extension to perform
917 // any necessary initialisation in the fully initialised environment
918 foreach ( $wgExtensionFunctions as $func ) {
919 call_user_func( $func );
920 }
921
922 // If the session user has a 0 id but a valid name, that means we need to
923 // autocreate it.
924 if ( !defined( 'MW_NO_SESSION' ) && !$wgCommandLineMode ) {
925 $sessionUser = MediaWiki\Session\SessionManager::getGlobalSession()->getUser();
926 if ( $sessionUser->getId() === 0 && User::isValidUserName( $sessionUser->getName() ) ) {
927 $res = MediaWiki\Auth\AuthManager::singleton()->autoCreateUser(
928 $sessionUser,
929 MediaWiki\Auth\AuthManager::AUTOCREATE_SOURCE_SESSION,
930 true
931 );
932 \MediaWiki\Logger\LoggerFactory::getInstance( 'authevents' )->info( 'Autocreation attempt', [
933 'event' => 'autocreate',
934 'status' => $res,
935 ] );
936 unset( $res );
937 }
938 unset( $sessionUser );
939 }
940
941 if ( !$wgCommandLineMode ) {
942 Pingback::schedulePingback();
943 }
944
945 $wgFullyInitialised = true;
946
947 Profiler::instance()->scopedProfileOut( $ps_extensions );
948 Profiler::instance()->scopedProfileOut( $ps_setup );
Wiklou, le Wiki du Wiklou