/** * Internal implementation for self::getEditToken() and * self::matchEditToken(). * * @param string|array $salt * @param WebRequest $request * @param string|int $timestamp * @return string */ private function getEditTokenAtTimestamp($salt, $request, $timestamp) { if ($this->isAnon()) { return self::EDIT_TOKEN_SUFFIX; } else { $token = $request->getSessionData('wsEditToken'); if ($token === null) { $token = MWCryptRand::generateHex(32); $request->setSessionData('wsEditToken', $token); } if (is_array($salt)) { $salt = implode('|', $salt); } return hash_hmac('md5', $timestamp . $salt, $token, false) . dechex($timestamp) . self::EDIT_TOKEN_SUFFIX; } }
private function evaluateForm(WebRequest &$request) { global $wgOut, $wgUser, $spsgIterators; $requestValues = $_POST; if (array_key_exists('iteratordata', $requestValues)) { $iteratorData = FormatJson::decode($requestValues['iteratordata'], true); unset($requestValues['iteratordata']); } else { throw new SPSException(SPSUtils::buildMessage('spserror-noiteratordata')); } $iteratorName = null; $targetFormName = null; $targetFieldName = null; $originPageId = null; foreach ($iteratorData as $param => $value) { switch ($param) { case 'iterator': // iteratorName $iteratorName = $value; break; case 'target_form': $targetFormName = $value; break; case 'target_field': $targetFieldName = $value; break; case 'origin': $originPageId = $value; break; default: $iteratorParams[$param] = $this->getAndRemoveFromArray($requestValues, $value); } } if (is_null($iteratorName) || $iteratorName === '') { throw new SPSException(SPSUtils::buildMessage('spserror-noiteratorname')); } if (!array_key_exists($iteratorName, $spsgIterators)) { throw new SPSException(SPSUtils::buildMessage('spserror-iteratorunknown', $iteratorName)); } // iterator $iterator = new $spsgIterators[$iteratorName](); $iteratorValues = $iterator->getValues($iteratorParams); $iteratorValuesCount = count($iteratorValues); $userlimit = $this->getPageGenerationLimit(); // check userlimit if ($iteratorValuesCount > $userlimit) { throw new SPSException(SPSUtils::buildMessage('spserror-pagegenerationlimitexeeded', $iteratorValuesCount, $userlimit)); } $targetFormTitle = Title::makeTitleSafe(SF_NS_FORM, $targetFormName); $targetFormPageId = $targetFormTitle->getArticleID(); $requestValues['user'] = $wgUser->getId(); foreach ($iteratorValues as $value) { SFAutoeditAPI::addToArray($requestValues, $targetFieldName, $value, true); wfDebugLog('sps', 'Insert SPSPageCreationJob'); $job = new SPSPageCreationJob($targetFormTitle, $requestValues); $job->insert(); } // if given origin page does not exist use Main page if (Title::newFromID($originPageId) === null) { $originPageId = Title::newMainPage()->getArticleID(); } if (isset($_SESSION)) { // cookies enabled $request->setSessionData('spsResult', $iteratorValuesCount); $request->setSessionData('spsForm', $targetFormPageId); $request->setSessionData('spsOrigin', $originPageId); header('Location: ' . $this->getTitle()->getFullURL()); } else { // cookies disabled, write result data to URL header('Location: ' . $this->getTitle()->getFullURL() . "?{$targetFormPageId};{$iteratorValuesCount};{$originPageId}"); } return null; }