/** * Concatenate categories on EditPage POST * * @param EditPage $editPage * @param WebRequest $request * * @return Boolean because it's a hook */ public static function onEditPageImportFormData($editPage, $request) { $app = F::app(); if ($request->wasPosted()) { $categories = $editPage->safeUnicodeInput($request, 'categories'); $categories = CategoryHelper::changeFormat($categories, 'json', 'array'); // Concatenate categories to article wikitext (if there are any). if (!empty($categories)) { if (!empty($app->wg->EnableAnswers)) { // don't add categories if the page is a redirect $magicWords = $app->wg->ContLang->getMagicWords(); $redirects = $magicWords['redirect']; // first element doesn't interest us array_shift($redirects); // check for localized versions of #REDIRECT foreach ($redirects as $alias) { if (stripos($editPage->textbox1, $alias) === 0) { return true; } } } // Extract categories from the article, merge them with those passed in, weed out // duplicates and finally append them back to the article (BugId:99348). $data = CategoryHelper::extractCategoriesFromWikitext($editPage->textbox1, true); $categories = CategoryHelper::getUniqueCategories($data['categories'], $categories); $categories = CategoryHelper::changeFormat($categories, 'array', 'wikitext'); // Remove trailing whitespace (BugId:11238) $editPage->textbox1 = $data['wikitext'] . rtrim($categories); } } return true; }
private function showEditRoomPage() { if (WebRequest::wasPosted()) { try { // get variables $rname = WebRequest::post("rname"); $rtype = WebRequest::postInt("rtype"); $rmin = WebRequest::postInt("rmin"); $rmax = WebRequest::postInt("rmax"); $rprice = WebRequest::postFloat("rprice"); $id = WebRequest::getInt("id"); // data validation if ($rname == "") { throw new CreateRoomException("blank-roomname"); } if ($rtype == 0) { throw new CreateRoomException("blank-roomtype"); } if ($rmax < 1 || $rmin < 0) { throw new CreateRoomException("room-capacity-too-small"); } if ($rmin > $rmax) { throw new CreateRoomException("room-capacity-min-gt-max"); } if ($rprice != abs($rprice)) { throw new CreateRoomException("room-price-negative"); } $room = Room::getById($id); if ($room == null) { throw new Exception("Room does not exist"); } // set values $room->setName($rname); $room->setType($rtype); $room->setMinPeople($rmin); $room->setMaxPeople($rmax); $room->setPrice($rprice); $room->save(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}/Rooms"; } catch (CreateRoomException $ex) { $this->mBasePage = "mgmt/roomEdit.tpl"; $this->error($ex->getMessage()); } } else { $this->mBasePage = "mgmt/roomEdit.tpl"; $room = Room::getById(WebRequest::getInt("id")); if ($room == null) { throw new Exception("Room does not exist"); } $this->mSmarty->assign("roomid", $room->getId()); $this->mSmarty->assign("rname", $room->getName()); $this->mSmarty->assign("rmin", $room->getMinPeople()); $this->mSmarty->assign("rmax", $room->getMaxPeople()); $this->mSmarty->assign("rprice", $room->getPrice()); $this->mSmarty->assign("rtype", $room->getType()->getId()); } $this->mSmarty->assign("rtlist", RoomType::$data); }
/** * Main execution point * * @param User $user * @param OutputPage $output * @param WebRequest $request * @param int $mode */ public function execute($user, $output, $request, $mode) { global $wgUser; if (wfReadOnly()) { $output->readOnlyPage(); return; } switch ($mode) { case self::EDIT_CLEAR: // The "Clear" link scared people too much. // Pass on to the raw editor, from which it's very easy to clear. // The "Clear" link scared people too much. // Pass on to the raw editor, from which it's very easy to clear. case self::EDIT_RAW: $output->setPageTitle(wfMsg('watchlistedit-raw-title')); if ($request->wasPosted() && $this->checkToken($request, $wgUser)) { $wanted = $this->extractTitles($request->getText('titles')); $current = $this->getWatchlist($user); if (count($wanted) > 0) { $toWatch = array_diff($wanted, $current); $toUnwatch = array_diff($current, $wanted); $this->watchTitles($toWatch, $user); $this->unwatchTitles($toUnwatch, $user); $user->invalidateCache(); if (count($toWatch) > 0 || count($toUnwatch) > 0) { $output->addHtml(wfMsgExt('watchlistedit-raw-done', 'parse')); } if (($count = count($toWatch)) > 0) { $output->addHtml(wfMsgExt('watchlistedit-raw-added', 'parse', $count)); $this->showTitles($toWatch, $output, $wgUser->getSkin()); } if (($count = count($toUnwatch)) > 0) { $output->addHtml(wfMsgExt('watchlistedit-raw-removed', 'parse', $count)); $this->showTitles($toUnwatch, $output, $wgUser->getSkin()); } } else { $this->clearWatchlist($user); $user->invalidateCache(); $output->addHtml(wfMsgExt('watchlistedit-raw-removed', 'parse', count($current))); $this->showTitles($current, $output, $wgUser->getSkin()); } } $this->showRawForm($output, $user); break; case self::EDIT_NORMAL: $output->setPageTitle(wfMsg('watchlistedit-normal-title')); if ($request->wasPosted() && $this->checkToken($request, $wgUser)) { $titles = $this->extractTitles($request->getArray('titles')); $this->unwatchTitles($titles, $user); $user->invalidateCache(); $output->addHtml(wfMsgExt('watchlistedit-normal-done', 'parse', $GLOBALS['wgLang']->formatNum(count($titles)))); $this->showTitles($titles, $output, $wgUser->getSkin()); } $this->showNormalForm($output, $user); } }
protected function runPage() { global $gLogger; $gLogger->log("Login page initialising"); if (WebRequest::wasPosted()) { $this->handleLogin(); } else { $this->showLoginForm(); } }
/** * Initializes language-related variables. */ public function setupLanguage() { global $wgLang, $wgContLang, $wgLanguageCode; if ($this->getSession('test') === null && !$this->request->wasPosted()) { $wgLanguageCode = $this->getAcceptLanguage(); $wgLang = $wgContLang = Language::factory($wgLanguageCode); $this->setVar('wgLanguageCode', $wgLanguageCode); $this->setVar('_UserLang', $wgLanguageCode); } else { $wgLanguageCode = $this->getVar('wgLanguageCode'); $wgContLang = Language::factory($wgLanguageCode); } }
private function showAddBillItemPage() { $rt = WebRequest::getInt("id"); if (WebRequest::wasPosted()) { $bi = new Bill_item(); $bi->setBooking(Booking::getById($rt)); $bi->setName(WebRequest::post("billname")); $bi->setPrice(WebRequest::post("billprice")); $bi->save(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}/Billing?action=view&id={$rt}"; } else { $this->mSmarty->assign("bid", $rt); $this->mBasePage = "mgmt/billcreate.tpl"; } }
/** * Constructor * @param WebRequest $request A WebRequest object passed by reference */ function LoginForm(&$request, $par = '') { global $wgLang, $wgAllowRealName, $wgEnableEmail; global $wgAuth; $this->mType = $par == 'signup' ? $par : $request->getText('type'); # Check for [[Special:Userlogin/signup]] $this->mName = $request->getText('wpName'); $this->mPassword = $request->getText('wpPassword'); $this->mRetype = $request->getText('wpRetype'); $this->mRetypeEmail = $request->getText('wpRetypeEmail'); $this->mDomain = $request->getText('wpDomain'); $this->mReturnTo = $request->getVal('returnto'); $this->mAutoRedirect = $request->getVal('autoredirect'); $this->mFromSite = $request->getVal('sitelogin'); $this->mCookieCheck = $request->getVal('wpCookieCheck'); $this->mPosted = $request->wasPosted(); $this->mCreateaccount = $request->getCheck('wpCreateaccount'); $this->mCreateaccountMail = $request->getCheck('wpCreateaccountMail') && $wgEnableEmail; $this->mMailmypassword = $request->getCheck('wpMailmypassword') && $wgEnableEmail; $this->mLoginattempt = $request->getCheck('wpLoginattempt'); $this->mAction = $request->getVal('action'); $this->mRemember = $request->getCheck('wpRemember'); $this->mLanguage = $request->getText('uselang'); if ($wgEnableEmail) { $this->mEmail = $request->getText('wpEmail'); } else { $this->mEmail = ''; } if ($wgAllowRealName && $request->getText('wpUseRealNameAsDisplay') == "on") { $this->mRealName = @strip_tags($request->getText('wpRealName')); } else { $this->mRealName = ''; } if (!$wgAuth->validDomain($this->mDomain)) { $this->mDomain = 'invaliddomain'; } $wgAuth->setDomain($this->mDomain); # When switching accounts, it sucks to get automatically logged out if ($this->mReturnTo == $wgLang->specialPage('Userlogout')) { $this->mReturnTo = ''; } if ($this->mAutoRedirect == $wgLang->specialPage('Userlogout')) { $this->mAutoRedirect = ''; } }
protected function runPage() { try { self::checkAccess('edit-access-levels'); $this->mSmarty->assign("readonly", ''); } catch (AccessDeniedException $ex) { // caution: if you're copying this, this is a hack to make sure // users know they don't have the access to do this, not // to actually stop them from doing it, though it will have // that effect to the non-tech-savvy. $this->mSmarty->assign("readonly", 'disabled="disabled"'); } if (WebRequest::wasPosted()) { // make SURE we have the right access level for this operation self::checkAccess('edit-access-levels'); foreach (WebRequest::getPostKeys() as $k) { $entry = StaffAccess::getById($k); if ($entry == null) { continue; } if ($entry->getLevel() != WebRequest::postInt($k)) { $entry->setLevel(WebRequest::postInt($k)); $entry->save(); } } global $cWebPath; $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/management.php/Access"; return; } $this->mBasePage = "mgmt/access.tpl"; $accesslist = array(); $accessKeys = StaffAccess::getKnownActions(); foreach ($accessKeys as $k) { $accessEntry = StaffAccess::getByAction($k); global $gLogger; $gLogger->log("Access entry {$accessEntry->getAction()}({$accessEntry->getLevel()}) found!"); $accesslist[] = array(id => $accessEntry->getId(), name => $accessEntry->getAction(), value => $accessEntry->getLevel()); } $this->mSmarty->assign("accesslist", $accesslist); }
protected function runPage() { $this->mBasePage = "book.tpl"; global $cWebPath; $this->mStyles[] = $cWebPath . '/style/jsDatePick_ltr.min.css'; $this->mScripts[] = $cWebPath . '/scripts/jsDatePick.full.1.3.js'; // set up the default values for the if (WebRequest::wasPosted()) { $this->mSmarty->assign("valQbCheckin", WebRequest::postString("qbCheckin")); $this->mSmarty->assign("valQbCheckout", WebRequest::postString("qbCheckout")); $this->mSmarty->assign("valQbAdults", WebRequest::postInt("qbAdults")); $this->mSmarty->assign("valQbChildren", WebRequest::postInt("qbChildren")); $this->mSmarty->assign("valQbPromoCode", WebRequest::postString("qbPromoCode")); } else { $this->mSmarty->assign("valQbCheckin", ""); $this->mSmarty->assign("valQbCheckout", ""); $this->mSmarty->assign("valQbAdults", ""); $this->mSmarty->assign("valQbChildren", ""); $this->mSmarty->assign("valQbPromoCode", ""); } if (Session::isCustomerLoggedIn()) { $customer = Customer::getById(Session::getLoggedInCustomer()); $this->mSmarty->assign("qbTitle", $customer->getTitle()); $this->mSmarty->assign("qbFirstname", $customer->getFirstname()); $this->mSmarty->assign("qbLastname", $customer->getSurname()); $this->mSmarty->assign("qbAddress", $customer->getAddress()->getLine1()); $this->mSmarty->assign("qbCity", $customer->getAddress()->getCity()); $this->mSmarty->assign("qbPostcode", $customer->getAddress()->getPostcode()); $this->mSmarty->assign("qbCountry", $customer->getAddress()->getCountry()); $this->mSmarty->assign("qbEmail", $customer->getEmail()); } else { $this->mSmarty->assign("qbTitle", ""); $this->mSmarty->assign("qbFirstname", ""); $this->mSmarty->assign("qbLastname", ""); $this->mSmarty->assign("qbAddress", ""); $this->mSmarty->assign("qbCity", ""); $this->mSmarty->assign("qbPostcode", ""); $this->mSmarty->assign("qbEmail", ""); $this->mSmarty->assign("qbCountry", " "); } }
protected function runPage() { if (WebRequest::wasPosted()) { if (!($email = WebRequest::postString("lgEmail"))) { // no email address specified $this->redirect("noemail"); return; } if (!($password = WebRequest::postString("lgPasswd"))) { // no password specified $this->redirect("nopass"); return; } $cust = Customer::getByEmail($email); if ($cust == null) { // customer doesn't exist. offer to signup or retry? $this->redirect("invalid"); return; } if (!$cust->isMailConfirmed()) { // customer hasn't confirmed their email $this->redirect("noconfirm"); return; } if (!$cust->authenticate($password)) { // not a valid password $this->redirect("invalid"); return; } // seems to be ok. // set up the session Session::setLoggedInCustomer($cust->getId()); // redirect back to the main page. $this->redirect(); } else { // urm, something's not quite right here... // redirect back to the main page. $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/index.php"; } }
/** * @param WebRequest $request * * @return string */ function loadDataFromRequest($request) { if ($this->mParent->getMethod() == 'post') { if ($request->wasPosted()) { # Checkboxes are just not added to the request arrays if they're not checked, # so it's perfectly possible for there not to be an entry at all return $request->getArray($this->mName, array()); } else { # That's ok, the user has not yet submitted the form, so show the defaults return $this->getDefault(); } } else { # This is the impossible case: if we look at $_GET and see no data for our # field, is it because the user has not yet submitted the form, or that they # have submitted it with all the options unchecked? We will have to assume the # latter, which basically means that you can't specify 'positive' defaults # for GET forms. # @todo FIXME... return $request->getArray($this->mName, array()); } }
/** * Constructor * @param WebRequest $request A WebRequest object passed by reference */ function LoginForm(&$request) { global $wgLang, $wgAllowRealName, $wgEnableEmail; global $wgAuth; $this->mType = $request->getText('type'); $this->mName = $request->getText('wpName'); $this->mPassword = $request->getText('wpPassword'); $this->mRetype = $request->getText('wpRetype'); $this->mDomain = $request->getText('wpDomain'); $this->mReturnTo = $request->getVal('returnto'); $this->mCookieCheck = $request->getVal('wpCookieCheck'); $this->mPosted = $request->wasPosted(); $this->mCreateaccount = $request->getCheck('wpCreateaccount'); $this->mCreateaccountMail = $request->getCheck('wpCreateaccountMail') && $wgEnableEmail; $this->mMailmypassword = $request->getCheck('wpMailmypassword') && $wgEnableEmail; $this->mLoginattempt = $request->getCheck('wpLoginattempt'); $this->mAction = $request->getVal('action'); $this->mRemember = $request->getCheck('wpRemember'); $this->mLanguage = $request->getText('uselang'); if ($wgEnableEmail) { $this->mEmail = $request->getText('wpEmail'); } else { $this->mEmail = ''; } if ($wgAllowRealName) { $this->mRealName = $request->getText('wpRealName'); } else { $this->mRealName = ''; } if (!$wgAuth->validDomain($this->mDomain)) { $this->mDomain = 'invaliddomain'; } $wgAuth->setDomain($this->mDomain); # When switching accounts, it sucks to get automatically logged out if ($this->mReturnTo == $wgLang->specialPage('Userlogout')) { $this->mReturnTo = ''; } }
/** * Concatenate categories on EditPage POST * * @param EditPage $editPage * @param WebRequest $request * * @author Maciej Błaszkowski <marooned at wikia-inc.com> * @author Lucas Garczewski <*****@*****.**> */ function CategorySelectImportFormData($editPage, $request) { global $wgCategorySelectCategoriesInWikitext, $wgContLang, $wgEnableAnswers; if ($request->wasPosted()) { $sourceType = $request->getVal('wpCategorySelectSourceType'); if ($sourceType == 'wiki') { $categories = "\n" . trim($editPage->safeUnicodeInput($request, 'csWikitext')); } else { //json $categories = $editPage->safeUnicodeInput($request, 'wpCategorySelectWikitext'); $categories = CategorySelectChangeFormat($categories, 'json', 'wiki'); if (trim($categories) == '') { $categories = ''; } } if ($editPage->preview || $editPage->diff) { $data = CategorySelect::SelectCategoryAPIgetData($editPage->textbox1 . $categories); $editPage->textbox1 = $data['wikitext']; $categories = CategorySelectChangeFormat($data['categories'], 'array', 'wiki'); } else { //saving article if (!empty($wgEnableAnswers)) { // don't add categories if the page is a redirect $magicWords = $wgContLang->getMagicWords(); $redirects = $magicWords['redirect']; array_shift($redirects); // first element doesn't interest us // check for localized versions of #REDIRECT foreach ($redirects as $alias) { if (stripos($editPage->textbox1, $alias) === 0) { return true; } } } // rtrim needed because of BugId:11238 $editPage->textbox1 .= rtrim($categories); } $wgCategorySelectCategoriesInWikitext = $categories; } return true; }
protected function runPage() { if (WebRequest::wasPosted()) { if (!WebRequest::postInt("calroom")) { $this->showCal(); return; } $startdate = new DateTime(WebRequest::post("qbCheckin")); $enddate = new DateTime(WebRequest::post("qbCheckout")); $room = Room::getById(WebRequest::postInt("calroom")); for ($date = $startdate; $date < $enddate; $date->modify("+1 day")) { if (!$room->isAvailable($date)) { $this->error("room-not-available"); $this->showCal(); return; } } // search for customer if (!($customer = Customer::getByEmail(WebRequest::post("qbEmail")))) { $customer = new Customer(); $suTitle = WebRequest::post("qbTitle"); $suFirstname = WebRequest::post("qbFirstname"); $suLastname = WebRequest::post("qbLastname"); $suAddress = WebRequest::post("qbAddress"); $suCity = WebRequest::post("qbCity"); $suPostcode = WebRequest::post("qbPostcode"); $suCountry = WebRequest::post("qbCountry"); $suEmail = WebRequest::post("qbEmail"); $customer->setPassword($suEmail); // set values $customer->setTitle($suTitle); $customer->setFirstname($suFirstname); $customer->setSurname($suLastname); $address = new Address(); $address->setLine1($suAddress); $address->setCity($suCity); $address->setPostCode($suPostcode); $address->setCountry($suCountry); $address->save(); $customer->setAddress($address); $customer->setEmail($suEmail); // save it $customer->save(); $customer->sendMailConfirm(); // save it again $customer->save(); } $booking = new Booking(); $booking->setStartDate(WebRequest::post("qbCheckin")); $booking->setEndDate(WebRequest::post("qbCheckout")); $booking->setAdults(WebRequest::post("qbAdults")); $booking->setChildren(WebRequest::post("qbChildren")); $booking->setPromocode(WebRequest::post("qbPromoCode")); $booking->setRoom($room->getId()); $booking->setCustomer($customer->getId()); $booking->save(); $msg = Message::getMessage("booking-confirmation"); $msg = str_replace("\$1", $booking->getStartDate(), $msg); $msg = str_replace("\$2", $booking->getEndDate(), $msg); $msg = str_replace("\$3", $booking->getAdults(), $msg); $msg = str_replace("\$4", $booking->getChildren(), $msg); $msg = str_replace("\$5", $booking->getRoom()->getName(), $msg); Mail::send($customer->getEmail(), Message::getMessage("booking-confimation-subject"), $msg); $this->mSmarty->assign("content", $msg); return; } throw new YouShouldntBeDoingThatException(); }
private function showEditBookingPage() { if (WebRequest::wasPosted()) { try { // get variables $bcust = WebRequest::postInt("bcust"); $badults = WebRequest::postInt("badults"); $bchildren = WebRequest::postInt("bchildren"); $bstart = WebRequest::post("bstart"); $bend = WebRequest::post("bend"); $bpromo = WebRequest::postInt("bpromo"); $broom = WebRequest::PostInt("broom"); $id = WebRequest::getInt("id"); // data validation if ($badults == 0) { throw new CreateBookingException("no-adults"); } if ($bstart == null) { throw new CreateBookingException("no-start-date"); } if ($bend == null) { throw new CreateBookingException("no-end-date"); } if ($bcust == null) { throw new CreateBookingException("no-customer-for-booking"); } $booking = Booking::getById($id); if ($booking == null) { throw new CreateBookingException("Booking does not exist"); } // set values $booking->setCustomer($bcust); $booking->setAdults($badults); $booking->setChildren($rmin); $booking->setStartDate($rmax); $booking->setEndDate($rprice); $booking->setPromocode($bpromo); $booking->setRoom($broom); $booking->save(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}/Bookings"; } catch (CreateBookingException $ex) { $this->mBasePage = "mgmt/bookingEdit.tpl"; $this->error($ex->getMessage()); } } else { try { $this->mBasePage = "mgmt/bookingEdit.tpl"; $booking = Booking::getById(WebRequest::getInt("id")); if ($booking == null) { throw new Exception("Booking does not exist"); } $this->mSmarty->assign("bookingid", $booking->getId()); $this->mSmarty->assign("bcust", $booking->getCustomer()->getId()); $this->mSmarty->assign("badults", $booking->getAdults()); $this->mSmarty->assign("bchildren", $booking->getChildren()); $this->mSmarty->assign("bstart", $booking->getStartDate()); $this->mSmarty->assign("bend", $booking->getEndDate()); $this->mSmarty->assign("bpromo", $booking->getPromocode()); $this->mSmarty->assign("broom", $booking->getRoom()->getId()); } catch (Exception $ex) { $this->mBasePage = "mgmt/bookingEdit.tpl"; $this->error($ex->getMessage()); } } }
/** * This function collects the form data and uses it to populate various member variables. * @param WebRequest $request * @throws ErrorPageError */ function importFormData(&$request) { global $wgContLang, $wgUser; wfProfileIn(__METHOD__); # Section edit can come from either the form or a link $this->section = $request->getVal('wpSection', $request->getVal('section')); if ($this->section !== null && $this->section !== '' && !$this->isSectionEditSupported()) { wfProfileOut(__METHOD__); throw new ErrorPageError('sectioneditnotsupported-title', 'sectioneditnotsupported-text'); } $this->isNew = !$this->mTitle->exists() || $this->section == 'new'; if ($request->wasPosted()) { # These fields need to be checked for encoding. # Also remove trailing whitespace, but don't remove _initial_ # whitespace from the text boxes. This may be significant formatting. $this->textbox1 = $this->safeUnicodeInput($request, 'wpTextbox1'); if (!$request->getCheck('wpTextbox2')) { // Skip this if wpTextbox2 has input, it indicates that we came // from a conflict page with raw page text, not a custom form // modified by subclasses wfProfileIn(get_class($this) . "::importContentFormData"); $textbox1 = $this->importContentFormData($request); if ($textbox1 !== null) { $this->textbox1 = $textbox1; } wfProfileOut(get_class($this) . "::importContentFormData"); } # Truncate for whole multibyte characters $this->summary = $wgContLang->truncate($request->getText('wpSummary'), 255); # If the summary consists of a heading, e.g. '==Foobar==', extract the title from the # header syntax, e.g. 'Foobar'. This is mainly an issue when we are using wpSummary for # section titles. $this->summary = preg_replace('/^\\s*=+\\s*(.*?)\\s*=+\\s*$/', '$1', $this->summary); # Treat sectiontitle the same way as summary. # Note that wpSectionTitle is not yet a part of the actual edit form, as wpSummary is # currently doing double duty as both edit summary and section title. Right now this # is just to allow API edits to work around this limitation, but this should be # incorporated into the actual edit form when EditPage is rewritten (Bugs 18654, 26312). $this->sectiontitle = $wgContLang->truncate($request->getText('wpSectionTitle'), 255); $this->sectiontitle = preg_replace('/^\\s*=+\\s*(.*?)\\s*=+\\s*$/', '$1', $this->sectiontitle); $this->edittime = $request->getVal('wpEdittime'); $this->starttime = $request->getVal('wpStarttime'); $undidRev = $request->getInt('wpUndidRevision'); if ($undidRev) { $this->undidRev = $undidRev; } $this->scrolltop = $request->getIntOrNull('wpScrolltop'); if ($this->textbox1 === '' && $request->getVal('wpTextbox1') === null) { // wpTextbox1 field is missing, possibly due to being "too big" // according to some filter rules such as Suhosin's setting for // suhosin.request.max_value_length (d'oh) $this->incompleteForm = true; } else { // If we receive the last parameter of the request, we can fairly // claim the POST request has not been truncated. // TODO: softened the check for cutover. Once we determine // that it is safe, we should complete the transition by // removing the "edittime" clause. $this->incompleteForm = !$request->getVal('wpUltimateParam') && is_null($this->edittime); } if ($this->incompleteForm) { # If the form is incomplete, force to preview. wfDebug(__METHOD__ . ": Form data appears to be incomplete\n"); wfDebug("POST DATA: " . var_export($_POST, true) . "\n"); $this->preview = true; } else { /* Fallback for live preview */ $this->preview = $request->getCheck('wpPreview') || $request->getCheck('wpLivePreview'); $this->diff = $request->getCheck('wpDiff'); // Remember whether a save was requested, so we can indicate // if we forced preview due to session failure. $this->mTriedSave = !$this->preview; if ($this->tokenOk($request)) { # Some browsers will not report any submit button # if the user hits enter in the comment box. # The unmarked state will be assumed to be a save, # if the form seems otherwise complete. wfDebug(__METHOD__ . ": Passed token check.\n"); } elseif ($this->diff) { # Failed token check, but only requested "Show Changes". wfDebug(__METHOD__ . ": Failed token check; Show Changes requested.\n"); } else { # Page might be a hack attempt posted from # an external site. Preview instead of saving. wfDebug(__METHOD__ . ": Failed token check; forcing preview\n"); $this->preview = true; } } $this->save = !$this->preview && !$this->diff; if (!preg_match('/^\\d{14}$/', $this->edittime)) { $this->edittime = null; } if (!preg_match('/^\\d{14}$/', $this->starttime)) { $this->starttime = null; } $this->recreate = $request->getCheck('wpRecreate'); $this->minoredit = $request->getCheck('wpMinoredit'); $this->watchthis = $request->getCheck('wpWatchthis'); # Don't force edit summaries when a user is editing their own user or talk page if (($this->mTitle->mNamespace == NS_USER || $this->mTitle->mNamespace == NS_USER_TALK) && $this->mTitle->getText() == $wgUser->getName()) { $this->allowBlankSummary = true; } else { $this->allowBlankSummary = $request->getBool('wpIgnoreBlankSummary') || !$wgUser->getOption('forceeditsummary'); } $this->autoSumm = $request->getText('wpAutoSummary'); $this->allowBlankArticle = $request->getBool('wpIgnoreBlankArticle'); } else { # Not a posted form? Start with nothing. wfDebug(__METHOD__ . ": Not a posted form.\n"); $this->textbox1 = ''; $this->summary = ''; $this->sectiontitle = ''; $this->edittime = ''; $this->starttime = wfTimestampNow(); $this->edit = false; $this->preview = false; $this->save = false; $this->diff = false; $this->minoredit = false; // Watch may be overridden by request parameters $this->watchthis = $request->getBool('watchthis', false); $this->recreate = false; // When creating a new section, we can preload a section title by passing it as the // preloadtitle parameter in the URL (Bug 13100) if ($this->section == 'new' && $request->getVal('preloadtitle')) { $this->sectiontitle = $request->getVal('preloadtitle'); // Once wpSummary isn't being use for setting section titles, we should delete this. $this->summary = $request->getVal('preloadtitle'); } elseif ($this->section != 'new' && $request->getVal('summary')) { $this->summary = $request->getText('summary'); if ($this->summary !== '') { $this->hasPresetSummary = true; } } if ($request->getVal('minor')) { $this->minoredit = true; } } $this->oldid = $request->getInt('oldid'); $this->bot = $request->getBool('bot', true); $this->nosummary = $request->getBool('nosummary'); // May be overridden by revision. $this->contentModel = $request->getText('model', $this->contentModel); // May be overridden by revision. $this->contentFormat = $request->getText('format', $this->contentFormat); if (!ContentHandler::getForModelID($this->contentModel)->isSupportedFormat($this->contentFormat)) { throw new ErrorPageError('editpage-notsupportedcontentformat-title', 'editpage-notsupportedcontentformat-text', array($this->contentFormat, ContentHandler::getLocalizedName($this->contentModel))); } /** * @todo Check if the desired model is allowed in this namespace, and if * a transition from the page's current model to the new model is * allowed. */ $this->live = $request->getCheck('live'); $this->editintro = $request->getText('editintro', $this->section === 'new' ? 'MediaWiki:addsection-editintro' : ''); // Allow extensions to modify form data wfRunHooks('EditPage::importFormData', array($this, $request)); wfProfileOut(__METHOD__); }
protected function runPage() { // try to get more access than we may have. try { self::checkAccess('edit-language-messages'); $this->mSmarty->assign("readonly", ''); } catch (AccessDeniedException $ex) { // caution: if you're copying this, this is a hack to make sure // users know they don't have the access to do this, not // to actually stop them from doing it, though it will have // that effect to the non-tech-savvy. $this->mSmarty->assign("readonly", 'disabled="disabled"'); } global $cWebPath; $this->mStyles[] = $cWebPath . "/style/pager.css"; if (WebRequest::wasPosted()) { self::checkAccess("edit-language-messages"); $this->save(); global $cWebPath; $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/management.php/Languages"; return; } $this->mBasePage = "mgmt/lang.tpl"; $keys = array(); $filterUnset = false; if (WebRequest::get("showall")) { if (WebRequest::get("showall") == "unset") { $filterUnset = true; } $keys = Message::getMessageKeys(); } else { if (WebRequest::get("prefix")) { $keys = Message::getMessageKeys(); $keys = array_filter($keys, function ($value) { $prefix = WebRequest::get("prefix"); return substr($value, 0, strlen($prefix)) == $prefix; }); } } if (count($keys) > 0) { $this->mSmarty->assign("showtable", 1); global $cAvailableLanguages; // retrieve the message table as an array (of message keys) of arrays // (of languages) of arrays (of id/current content) $messagetable = array(); foreach ($keys as $mkey) { $completelySet = true; $messagetable[$mkey] = array(); foreach ($cAvailableLanguages as $lang => $langname) { $message = Message::getByName($mkey, $lang); if ($message->getContent() == "<{$lang}:{$mkey}>") { if ($lang == Message::getActiveLanguage()) { $completelySet = false; } } $messagetable[$mkey][$lang] = array("id" => $message->getId(), "content" => $message->getContent()); } if ($filterUnset && $completelySet) { unset($messagetable[$mkey]); } } $this->mSmarty->assign("languagetable", $messagetable); $this->mSmarty->assign("languages", $cAvailableLanguages); } else { $this->mSmarty->assign("showtable", 0); } }
private function showAccount() { if (WebRequest::wasPosted()) { try { // get variables $suTitle = WebRequest::post("suTitle"); $suFirstname = WebRequest::post("suFirstname"); $suLastname = WebRequest::post("suLastname"); $suAddress = WebRequest::post("suAddress"); $suCity = WebRequest::post("suCity"); $suPostcode = WebRequest::post("suPostcode"); $suCountry = WebRequest::post("suCountry"); $suEmail = WebRequest::post("suEmail"); $suPassword = WebRequest::post("suPassword"); $suConfirm = WebRequest::post("suConfirm"); $id = Session::getLoggedInCustomer(); // data validation if ($suTitle == "") { throw new CreateCustomerException("suTitle not specified"); } if ($suFirstname == "") { throw new CreateCustomerException("suFirstname not specified"); } if ($suLastname == "") { throw new CreateCustomerException("suLastname not specified"); } if ($suAddress == "") { throw new CreateCustomerException("suAddress not specified"); } if ($suCity == "") { throw new CreateCustomerException("suCity not specified"); } if ($suPostcode == "") { throw new CreateCustomerException("suPostcode not specified"); } if ($suCountry == "") { throw new CreateCustomerException("suCountry not specified"); } if ($suEmail == "") { throw new CreateCustomerException("suEmail not specified"); } $customer = Customer::getById($id); if ($customer == null) { throw new Exception("Custoemr does not exist"); } if ($suPassword != "" && $suPassword == $suConfirm) { $customer->setPassword($suPassword); } // set values $customer->setTitle($suTitle); $customer->setFirstname($suFirstname); $customer->setSurname($suLastname); $address = $customer->getAddress(); $address->setLine1($suAddress); $address->setCity($suCity); $address->setPostcode($suPostcode); $address->setCountry($suCountry); if ($customer->getEmail() != $suEmail) { $customer->setEmail($suEmail); $customer->sendMailConfirm(); } // save it $address->save(); $customer->save(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}/Account"; } catch (CreateCustomerException $ex) { $this->mBasePage = "account.tpl"; $this->error($ex->getMessage()); } } else { $this->mBasePage = "account.tpl"; $customer = Customer::getById(Session::getLoggedInCustomer()); if ($customer == null) { throw new Exception("Customer does not exist"); } $this->mSmarty->assign("custid", $customer->getId()); $this->mSmarty->assign("suTitle", $customer->getTitle()); $this->mSmarty->assign("suFirstname", $customer->getFirstName()); $this->mSmarty->assign("suLastname", $customer->getSurname()); $this->mSmarty->assign("suAddress", $customer->getAddress()->getLine1()); $this->mSmarty->assign("suCity", $customer->getAddress()->getCity()); $this->mSmarty->assign("suPostcode", $customer->getAddress()->getPostcode()); $this->mSmarty->assign("suCountry", $customer->getAddress()->getCountry()); $this->mSmarty->assign("suEmail", $customer->getEmail()); } }
private function showChangePasswordPage() { $userid = WebRequest::getInt("id"); if ($userid < 1) { throw new Exception("UserID too small"); } if (InternalUser::getById($userid) == null) { throw new Exception("User does not exist"); } if (WebRequest::wasPosted()) { try { if (WebRequest::post("newpass") != WebRequest::post("newpass2")) { throw new CreateUserException("Passwords do not match"); } $password = WebRequest::post("newpass"); $user = InternalUser::getById($userid); $user->setPassword($password); $user->save(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}/SystemUsers"; } catch (CreateUserException $ex) { $this->error("password-nomatch"); $this->mSmarty->assign("userid", $userid); $this->mBasePage = "mgmt/iuserChangePw.tpl"; } } else { $this->mSmarty->assign("userid", $userid); $this->mBasePage = "mgmt/iuserChangePw.tpl"; } }
protected function runPage() { if (Session::isCustomerLoggedIn()) { global $cWebPath; // redirect to main page $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/index.php"; return; } if (WebRequest::wasPosted()) { if (WebRequest::get("id") && WebRequest::get("hash")) { // setting password $id = WebRequest::get("id"); $hash = WebRequest::get("hash"); $customer = Customer::getById($id); try { if ($customer->getMailChecksum() != $hash) { throw new InvalidChecksumException(); } $suPassword = WebRequest::post("suPassword"); $suConfirm = WebRequest::post("suConfirm"); // validation if ($suPassword == "") { throw new CreateCustomerException("Password not specified"); } if ($suConfirm == "") { throw new CreateCustomerException("Confirmed password not specified"); } if ($suPassword != $suConfirm) { throw new CreateCustomerException("Password mismatch"); } // validation if ($suPassword != "" && $suPassword == $suConfirm) { $customer->setPassword($suPassword); } $customer->save(); // log them in Session::setLoggedInCustomer($id); // redirect to main page global $cWebPath; $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/index.php"; } catch (CreateCustomerException $ex) { $this->mBasePage = "changePassword.tpl"; $this->error($ex->getMessage()); } catch (InvalidChecksumException $ex) { $this->mBasePage = "changePassword.tpl"; $this->error($ex->getMessage()); } } else { // requesting try { $suEmail = WebRequest::post("suEmail"); // validation if ($suEmail == "") { throw new CreateCustomerException("Email not specified"); } $customer = Customer::getByEmail($suEmail); if ($customer == null) { throw new NonexistantObjectException(); } $customer->sendPasswordReset(); $this->mBasePage = "forgotpassword.tpl"; // TODO: show some confirmation, check email, etc } catch (CreateCustomerException $ex) { $this->mBasePage = "forgottenpassword.tpl"; $this->error($ex->getMessage()); } catch (NonexistantObjectException $ex) { $this->mBasePage = "forgottenpassword.tpl"; $this->error("nonexistant object"); } } } else { if (WebRequest::get("id") && WebRequest::get("hash")) { // show reset password form try { $id = WebRequest::get("id"); $hash = WebRequest::get("hash"); $customer = Customer::getById($id); if ($customer->getMailChecksum() != $hash) { throw new InvalidChecksumException(); } $this->mBasePage = "changePassword.tpl"; $this->mSmarty->assign("cpid", $id); $this->mSmarty->assign("cphash", $hash); } catch (InvalidChecksumException $ex) { $this->mBasePage = "forgottenpassword.tpl"; $this->error("invalid checksum"); } } else { // show request form $this->mBasePage = "forgottenpassword.tpl"; return; } } }
/** * @param $thread Thread */ function showPostEditingForm($thread) { $submitted_nonce = $this->request->getVal('lqt_nonce'); $nonce_key = wfMemcKey('lqt-nonce', $submitted_nonce, $this->user->getName()); if (!$this->handleNonce($submitted_nonce, $nonce_key)) { return; } $html = Xml::openElement('div', array('class' => 'lqt-edit-form')); $this->output->addHTML($html); $subject = $this->request->getVal('lqt_subject_field', ''); if (!$subject) { $subject = $thread->subject(); } $t = null; $subjectOk = Thread::validateSubject($subject, $t, $thread->superthread(), $this->article); if (!$subjectOk) { $subject = false; } $article = $thread->root(); $talkpage = $thread->article(); Hooks::run('LiquidThreadsEditFormContent', array($thread, &$article, $talkpage)); LqtHooks::$editTalkpage = $talkpage; LqtHooks::$editArticle = $article; LqtHooks::$editThread = $thread; LqtHooks::$editType = 'edit'; LqtHooks::$editAppliesTo = $thread; $e = new EditPage($article); global $wgRequest; // Quietly force a preview if no subject has been specified. if (!$subjectOk) { // Dirty hack to prevent saving from going ahead $wgRequest->setVal('wpPreview', true); if ($this->request->wasPosted()) { $e->editFormPageTop .= Xml::tags('div', array('class' => 'error'), wfMessage('lqt_invalid_subject')->parse()); } } // Add an offset so it works if it's on the wrong page. $dbr = wfGetDB(DB_SLAVE); $offset = wfTimestamp(TS_UNIX, $thread->topmostThread()->sortkey()); $offset++; $offset = $dbr->timestamp($offset); $e->suppressIntro = true; $e->editFormTextBeforeContent .= $this->perpetuate('lqt_method', 'hidden') . $this->perpetuate('lqt_operand', 'hidden') . Html::hidden('lqt_nonce', MWCryptRand::generateHex(32)) . Html::hidden('offset', $offset); list($signatureEditor, $signatureHTML) = $this->getSignatureEditor($thread); $e->editFormTextAfterContent .= $signatureEditor; $e->previewTextAfterContent .= Xml::tags('p', null, $signatureHTML); if ($thread->isTopmostThread()) { $e->editFormTextBeforeContent .= $this->getSubjectEditor($thread->subject(), $subject); } $e->edit(); if ($e->didSave) { $bump = !$this->request->getCheck('wpBumpThread') || $this->request->getBool('wpBumpThread'); $signature = $this->request->getVal('wpLqtSignature', null); LqtView::editMetadataUpdates(array('thread' => $thread, 'text' => $e->textbox1, 'summary' => $e->summary, 'bump' => $bump, 'subject' => $subject, 'signature' => $signature, 'root' => $article)); if ($submitted_nonce && $nonce_key) { global $wgMemc; $wgMemc->set($nonce_key, 1, 3600); } } if ($this->output->getRedirect() != '') { $redirectTitle = clone $talkpage->getTitle(); $redirectTitle->setFragment('#' . $this->anchorName($thread)); $this->output->redirect($this->title->getLocalURL()); } $this->output->addHTML('</div>'); }
protected function runPage() { $showError = ""; $error = ""; global $cWebPath; $this->mBasePage = "signup.tpl"; if (Session::isCustomerLoggedIn()) { // why do you want another account? // redirect to main page $this->mHeaders[] = "HTTP/1.1 303 See Other"; $this->mHeaders[] = "Location: " . $cWebPath . "/index.php"; } if (WebRequest::wasPosted()) { try { $suTitle = WebRequest::post("suTitle"); $suFirstname = WebRequest::post("suFirstname"); $suLastname = WebRequest::post("suLastname"); $suAddress = WebRequest::post("suAddress"); $suCity = WebRequest::post("suCity"); $suPostcode = WebRequest::post("suPostcode"); $suCountry = WebRequest::post("suCountry"); $suEmail = WebRequest::post("suEmail"); $suPassword = WebRequest::post("suPassword"); $suConfirm = WebRequest::post("suConfirm"); // data validation if ($suTitle == "") { throw new CreateCustomerException("Title not specified"); } if ($suFirstname == "") { throw new CreateCustomerException("Firstname not specified"); } if ($suLastname == "") { throw new CreateCustomerException("Lastname not specified"); } if ($suAddress == "") { throw new CreateCustomerException("Address not specified"); } if ($suCity == "") { throw new CreateCustomerException("City not specified"); } if ($suPostcode == "") { throw new CreateCustomerException("Postcode not specified"); } if ($suCountry == "") { throw new CreateCustomerException("Country not specified"); } if ($suEmail == "") { throw new CreateCustomerException("Email not specified"); } if ($suPassword == "") { throw new CreateCustomerException("Password not specified"); } if ($suConfirm == "") { throw new CreateCustomerException("Confirmed password not specified"); } if ($suPassword != $suConfirm) { throw new CreateCustomerException("Password mismatch"); } $customer = new Customer(); if ($suPassword != "" && $suPassword == $suConfirm) { $customer->setPassword($suPassword); } // set values $customer->setTitle($suTitle); $customer->setFirstname($suFirstname); $customer->setSurname($suLastname); $address = new Address(); $address->setLine1($suAddress); $address->setCity($suCity); $address->setPostCode($suPostcode); $address->setCountry($suCountry); $address->save(); $customer->setAddress($address); $customer->setEmail($suEmail); // save it $customer->save(); $customer->sendMailConfirm(); global $cScriptPath; $this->mHeaders[] = "Location: {$cScriptPath}"; } catch (CreateCustomerException $ex) { $this->mBasePage = "signup.tpl"; $this->error($ex->getMessage()); } } else { $this->mBasePage = "signup.tpl"; } }