public static function AjaxReview() { global $wgUser, $wgOut, $wgRequest; $args = func_get_args(); if (wfReadOnly()) { return '<err#>' . wfMsgExt('revreview-failed', 'parseinline') . wfMsgExt('revreview-submission-invalid', 'parseinline'); } $tags = FlaggedRevs::getTags(); // Make review interface object $form = new RevisionReviewForm($wgUser); $title = null; // target page $editToken = ''; // edit token // Each ajax url argument is of the form param|val. // This means that there is no ugly order dependance. foreach ($args as $arg) { $set = explode('|', $arg, 2); if (count($set) != 2) { return '<err#>' . wfMsgExt('revreview-failed', 'parseinline') . wfMsgExt('revreview-submission-invalid', 'parseinline'); } list($par, $val) = $set; switch ($par) { case "target": $title = Title::newFromURL($val); break; case "oldid": $form->setOldId($val); break; case "refid": $form->setRefId($val); break; case "validatedParams": $form->setValidatedParams($val); break; case "templateParams": $form->setTemplateParams($val); break; case "imageParams": $form->setFileParams($val); break; case "fileVersion": $form->setFileVersion($val); break; case "wpApprove": $form->setApprove($val); break; case "wpUnapprove": $form->setUnapprove($val); break; case "wpReject": $form->setReject($val); break; case "wpReason": $form->setComment($val); break; case "changetime": $form->setLastChangeTime($val); break; case "wpEditToken": $editToken = $val; break; default: $p = preg_replace('/^wp/', '', $par); // kill any "wp" prefix if (in_array($p, $tags)) { $form->setDim($p, $val); } break; } } # Valid target title? if (!$title) { return '<err#>' . wfMsgExt('notargettext', 'parseinline'); } $form->setPage($title); $form->setSessionKey($wgRequest->getSessionData('wsFlaggedRevsKey')); $status = $form->ready(); // all params loaded # Check session via user token if (!$wgUser->matchEditToken($editToken)) { return '<err#>' . wfMsgExt('sessionfailure', 'parseinline'); } # Basic permission checks... $permErrors = $title->getUserPermissionsErrors('review', $wgUser, false); if (!$permErrors) { $permErrors = $title->getUserPermissionsErrors('edit', $wgUser, false); } if ($permErrors) { return '<err#>' . $wgOut->parse($wgOut->formatPermissionsErrorMessage($permErrors, 'review')); } # Try submission... $status = $form->submit(); # Success... if ($status === true) { # Sent new lastChangeTime TS to client for later submissions... $changeTime = $form->getNewLastChangeTime(); if ($form->getAction() === 'approve') { // approve return "<suc#><lct#{$changeTime}>"; } elseif ($form->getAction() === 'unapprove') { // de-approve return "<suc#><lct#{$changeTime}>"; } elseif ($form->getAction() === 'reject') { // revert return "<suc#><lct#{$changeTime}>"; } # Failure... } else { return '<err#>' . wfMsgExt('revreview-failed', 'parse') . '<p>' . wfMsgHtml($status) . '</p>'; } }