X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=api.php;h=9c5ac957160260207b2c292b45a26dfaee75c127;hp=a6ce3b25e317d114b7f382ce4e73002dc2b959d1;hb=0e6f6b592df4e513648fb1114f80e6b10387b7cf;hpb=944b93ee740d491ec6353f3fa5a439db41de97b8 diff --git a/api.php b/api.php index a6ce3b25e3..9c5ac95716 100644 --- a/api.php +++ b/api.php @@ -2,13 +2,10 @@ /** * This file is the entry point for all API queries. * - * It begins by checking whether the API is enabled on this wiki; if not, - * it informs the user that s/he should set $wgEnableAPI to true and exits. - * Otherwise, it constructs a new ApiMain using the parameter passed to it - * as an argument in the URL ('?action=') and with write-enabled set to the - * value of $wgEnableWriteAPI as specified in LocalSettings.php. - * It then invokes "execute()" on the ApiMain object instance, which - * produces output in the format specified in the URL. + * It begins by constructing a new ApiMain using the parameter passed to it + * as an argument in the URL ('?action='). It then invokes "execute()" on the + * ApiMain object instance, which produces output in the format specified in + * the URL. * * Copyright © 2006 Yuri Astrakhan @gmail.com * @@ -44,11 +41,14 @@ if ( !$wgRequest->checkUrlExtension() ) { return; } -// Verify that the API has not been disabled -if ( !$wgEnableAPI ) { - header( $_SERVER['SERVER_PROTOCOL'] . ' 500 MediaWiki configuration Error', true, 500 ); - echo 'MediaWiki API is not enabled for this site. Add the following line to your LocalSettings.php' - . '
$wgEnableAPI=true;
'; +// Pathinfo can be used for stupid things. We don't support it for api.php at +// all, so error out if it's present. +if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) { + $correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValues() ); + $correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL ); + header( "Location: $correctUrl", true, 301 ); + echo 'This endpoint does not support "path info", i.e. extra text between "api.php"' + . 'and the "?". Remove any such text and try again.'; die( 1 ); } @@ -65,7 +65,7 @@ try { * is some form of an ApiMain, possibly even one that produces an error message, * but we don't care here, as that is handled by the constructor. */ - $processor = new ApiMain( RequestContext::getMain(), $wgEnableWriteAPI ); + $processor = new ApiMain( RequestContext::getMain(), true ); // Last chance hook before executing the API Hooks::run( 'ApiBeforeMain', [ &$processor ] );