/**
  * Invocation of hook SpecialPageBeforeExecute
  *
  * We use this hook to ensure that login/account creation pages
  * are redirected to HTTPS if they are not accessed via HTTPS and
  * $wgSecureLogin == true - but only when using the
  * mobile site.
  *
  * @param SpecialPage $special
  * @param string $subpage
  * @return bool
  */
 public static function onSpecialPageBeforeExecute(SpecialPage $special, $subpage)
 {
     $mobileContext = MobileContext::singleton();
     $isMobileView = $mobileContext->shouldDisplayMobileView();
     $context = $special->getContext();
     $out = $context->getOutput();
     $secureLogin = $context->getConfig()->get('SecureLogin');
     $request = $special->getContext()->getRequest();
     $skin = $out->getSkin()->getSkinName();
     $name = $special->getName();
     // Ensure desktop version of Special:Preferences page gets mobile targeted modules
     // FIXME: Upstream to core (?)
     if ($skin === 'minerva') {
         if ($name === 'Preferences') {
             $out->addModules('skins.minerva.special.preferences.scripts');
         }
         // Add default warning message to Special:UserLogin and Special:UserCreate
         // if no warning message set.
         if ($name === 'Userlogin' && !$request->getVal('warning', null) && !$context->getUser()->isLoggedIn()) {
             $request->setVal('warning', 'mobile-frontend-generic-login-new');
         }
     }
     if ($isMobileView) {
         if ($name === 'Search') {
             $out->addModuleStyles('skins.minerva.special.search.styles');
         } elseif ($name === 'Userlogin') {
             $out->addModuleStyles('skins.minerva.special.userlogin.styles');
             $out->addModules('mobile.special.userlogin.scripts');
             // make sure we're on https if we're supposed to be and currently aren't.
             // most of this is lifted from https redirect code in SpecialUserlogin::execute()
             // also, checking for 'https' in $wgServer is a little funky, but this is what
             // is done on the WMF cluster (see config in CommonSettings.php)
             if ($secureLogin && WebRequest::detectProtocol() != 'https') {
                 // get the https url and redirect
                 $query = $special->getContext()->getRequest()->getQueryValues();
                 if (isset($query['title'])) {
                     unset($query['title']);
                 }
                 $url = $mobileContext->getMobileUrl($special->getFullTitle()->getFullURL($query), true);
                 $special->getContext()->getOutput()->redirect($url);
             }
         }
     }
     return true;
 }
コード例 #2
0
 /**
  * Fetch informations about the user uploading, prepare prefixes list content, and
  * set the default item to select. It also updates the special page DestFileName 
  * attribute. Attached to hooks:
  * <ul>
  * <li>$wgHooks['UploadForm:initial']</li>
  * <li>$wgHooks['UploadForm:BeforeProcessing']</li>
  * </ul>
  * @param SpecialPage $specialUploadObj current SpecialUpload page object
  * @todo if the user cannot upload a new file, maybe this function should
  * however return true, as seen in SpecialUpload page code comments (but if
  * true returned, the form is displayed with our error message on top)
  */
 public static function fetchRequestInformations($specialUploadObj)
 {
     $user = $specialUploadObj->getUser();
     self::$USER_IS_WP_ADMIN = $user->isAllowed(WP_ADMIN_RIGHT);
     if (self::$USER_IS_WP_ADMIN || !self::$DISPLAY_UPLOAD_MOD) {
         return true;
         // no informations to fetch and nothing to prepare, using standard form
     }
     $full_title = $specialUploadObj->getFullTitle();
     $request = $specialUploadObj->getRequest();
     // update special page DestFileName attribute
     $final_wp_filename = self::getDestinationFileName($request);
     if ($final_wp_filename != null) {
         $specialUploadObj->mDesiredDestName = $final_wp_filename;
         wfDebugLog('wikiplaces-debug', 'fetchRequestInformations, mDesiredDestName set to "' . $final_wp_filename . '"');
     }
     $final_wp_file_title = Title::newFromText($final_wp_filename, NS_FILE);
     // is the user re uploading a new version of an existing file or followed a "upload a file with this name" link ?
     if ($request->getText('wpDestFile') && !$request->getText('wpDestFileMainPart')) {
         $result = true;
         wfRunHooks('userCan', array(&$final_wp_file_title, &$user, 'upload', &$result));
         if ($result !== true) {
             wfDebugLog('wikiplaces-debug', 'WikiplaceUpload::fetchRequestInformations userCan returned ' . print_r($result, true));
             $specialUploadObj->getOutput()->showErrorPage('sorry', wfMessage('badaccess-group0'));
             // not allowed
             return false;
             // break SpecialUpload page init/processing
         }
         // Check getUserPermissionsErrors hook (this behavior is suitable for nonessential UI
         // controls because it skips potentially expensive cascading permission checks, but may
         // provide false positives)
         wfRunHooks('getUserPermissionsErrors', array(&$final_wp_file_title, &$user, 'upload', &$result));
         if ($result !== true) {
             wfDebugLog('wikiplaces-debug', print_r($result, true));
             // WikiplacesHooks::getUserPermissionsErrors($final_wp_file_title, $user, 'upload', $result);
             if (is_array($result) && !empty($result)) {
                 $key = array_shift($result);
                 $specialUploadObj->getOutput()->showErrorPage('sorry', wfMessage($key, $result));
                 return false;
                 // break SpecialUpload page init/processing
             } else {
                 $specialUploadObj->getOutput()->showErrorPage('sorry', wfMessage('badaccess-group0'));
                 // not allowed
                 return false;
                 // break SpecialUpload page init/processing
             }
         }
         // she is reuploading or has followed a "upload a file with this name" link
         wfDebugLog('wikiplaces-debug', 'fetchRequestInformations: reuploading, so disabling mod');
         self::$WPDESTFILE_READONLY = true;
         // ensure that the filename field is readonly when create link followed
         self::$DISPLAY_UPLOAD_MOD = false;
         return true;
         // no informations to fetch and nothing to prepare
     }
     // ( if we arrive here, we are uploading a new file )
     // is there a wikiplace specified in the url ?
     // search a GET parameter, as seen in SpecialPageFactory around line 408
     $db_key = $full_title->getDBkey();
     $bits = explode('/', $db_key, 2);
     $param = null;
     if (isset($bits[1])) {
         $param = $bits[1];
     }
     // is the user trying to upload a public file ?
     if ($param === WP_PUBLIC_FILE_PREFIX || $final_wp_file_title instanceof Title && WpPage::isPublic(NS_FILE, $final_wp_file_title->getDBkey())) {
         // there is a "Public" param, there will be only one choice in the listbox
         wfDebugLog('wikiplaces-debug', 'fetchRequestInformations: only public prefix will be visible');
         self::$FILE_PREFIXES[$param] = WP_PUBLIC_FILE_PREFIX;
         self::$FILE_PREFIXES_DEFAULT = $param;
     } else {
         // get all wikiplaces the user has access to
         $wikiplacesOwner = WpWikiplace::factoryAllOwnedByUserId($user->getId());
         $wikiplacesMember = WpWikiplace::factoryAllWhereUserIsMember($user->getId());
         // check if the user has access to at least one wikiplace
         if (count($wikiplacesOwner) + count($wikiplacesMember) == 0) {
             $specialUploadObj->getOutput()->showErrorPage('sorry', wfMessage('wp-create-wp-first'));
             return false;
             // break SpecialUpload page init/processing
         }
         // multiple choice: prepare full prefixes list
         foreach ($wikiplacesOwner as $wikiplace) {
             $wpw_name = $wikiplace->getName();
             self::$FILE_PREFIXES[$wpw_name] = $wpw_name;
         }
         foreach ($wikiplacesMember as $wikiplace) {
             $wpw_name = $wikiplace->getName();
             self::$FILE_PREFIXES[$wpw_name] = $wpw_name;
         }
         // do we have to set a default value ?
         if ($param != null && array_key_exists($param, self::$FILE_PREFIXES)) {
             if (!self::$FILE_PREFIXES_DEFAULT) {
                 self::$FILE_PREFIXES_DEFAULT = $param;
             }
         }
     }
     return true;
     // continue hook processing
 }