function execute() { global $wgOut; global $wgRequest, $wgUser; // get the parameters $from = trim($wgRequest->getText('from')); $to = trim($wgRequest->getText('to')); $reason = $wgRequest->getText('reason'); if ($from != "" and $to != "") { if ($wgRequest->getVal("wpPreview")) { // Preview batch move $wgOut->addHTML(wfMsg("batchmove-preview-header") . "<br/>"); $wgOut->addHTML(doBatchMove($from, $to, $reason, true)); $wgOut->addHTML("<form>"); $wgOut->addHTML("<input id='to' name='to' type='hidden' value='" . htmlentities($to, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='from' name='from' type='hidden' value='" . htmlentities($from, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='reason' name='reason' type='hidden' value='" . htmlentities($reason, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='wpConfirm' name='wpConfirm' type='submit' value='" . wfMsg("batchmove-confirm") . "'/>"); $wgOut->addHTML("<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>"); $wgOut->addHTML("</form>"); } else { if ($wgRequest->getVal("wpConfirm")) { // Do batch move $wgOut->addHTML(doBatchMove($from, $to, $reason)); $wgOut->addHTML("<i>" . wfMsg("batchmove-complete") . "</i>"); } else { $wgOut->setPageTitle(wfMsg("batchmove-title")); $wgOut->addHTML(sandboxParse(wfMsg("batchmove-confirm-msg", $from, $to))); $wgOut->addHTML("<form>"); $wgOut->addHTML("<input id='to' name='to' type='hidden' value='" . htmlentities($to, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='from' name='from' type='hidden' value='" . htmlentities($from, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='reason' name='reason' type='hidden' value='" . htmlentities($reason, ENT_QUOTES, "UTF-8") . "' />"); $wgOut->addHTML("<input id='wpConfirm' name='wpConfirm' type='submit' value='" . wfMsg("batchmove-confirm") . "'/>"); $wgOut->addHTML("<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>"); $wgOut->addHTML("</form>"); } } } else { $wgOut->setPageTitle(wfMsg("batchmove-title")); $wgOut->addHTML("" . wfMsg("batchmove-description") . "<br/><br/>" . "<form>" . wfMsg("batchmove-from") . ": <input type='edit' name='from' size=28/>" . " " . wfMsg("batchmove-to") . ": <input type='edit' name='to' size=28/>" . "<br/><br/>" . wfMsg("batchmove-reason") . ": <input type='edit' name='reason' size=60/>" . "<br/><br/>" . "<input type='submit'/>" . "<input id='wpPreview' name='wpPreview' type='submit' value='" . wfMsg("batchmove-preview") . "'/>" . "</form><br/>"); } }
function sendPage($request, $wgOut) { $SERVER_NAME = $_SERVER['SERVER_NAME']; // for compatibility with servers with register-globals off. // make sure there is a page specified if ($this->getPageName($request) == "") { $wgOut->addHTML("<div style='background-color:#ff8080'>" . wfMsg("staf-nopage") . "</div>"); $this->showForm($request, $wgOut); return; } // validate target email address $addr = $request->getText("addr"); if ($addr == "" or !$this->validateEmailAddress($addr)) { $wgOut->addHTML("<span style='background-color:#ff8080'>" . wfMsg("staf-invalidfriendemail") . "</span><br/>"); $this->showForm($request, $wgOut); return; } $myAddr = $request->getText("myAddr"); // validate sender address $from = "grapevine@{$SERVER_NAME}"; $myAddr = $request->getText("myAddr"); if ($this->validateEmailAddress($myAddr)) { $from = $myAddr; } // prevent exploiting headers to send spam $subject = $request->getText("subj"); $subject = $subject == "" ? wfMsg("staf-defaultsubject") : $subject; $subject = str_replace("@", " at ", $subject); // make the email body $body = $this->getMessageBody($request); if ($this->isSpam($body) || 0 < preg_match("/http:/si", $request->getText("msg"))) { //logEvent("Potential spam from IP ".$_SERVER['REMOTE_ADDR'].": \"$msg\""); $wgOut->addHTML("<div \tstyle='background-color:#ff8080'>" . wfMsg("staf-spamnotice") . "</div><br/>"); $this->showForm($request, $wgOut); } else { if ($this->sendEmail($addr, $from, $subject, $body)) { // log usage data $cache = new DurableCache(); $key = $request->getText("jsForm") ? "SEND_LYRICS_JS" : "SEND_LYRICS_NON_JS"; $res = $cache->fetch($key); $res = (!$res or $res == "") ? 1 : intval($res) + 1; $cache->store($key, $res); $pagename = $this->getPageName($request); $body = wfMsg("staf-emailsent", "[[" . str_replace("_", " ", $pagename) . "]]"); $wgOut->addHTML(sandboxParse($body)); // sandboxParse will convert the wiki-format link above into html return; } else { $wgOut->addHTML("<span style='background-color:#ff8080'>" . wfMsg("staf-emailfail") . "</span><br/>"); $this->showForm($request, $wgOut); } } }
function renderXML($input, $argv, $parser) { // parameters $feedURL = $argv["feed"]; $escapedFeedURL = urlencode($argv["feed"]); $maxItems = (int) $argv["maxitems"]; $addLineFeed = $argv["linefeed"]; // retrieve the xml source from the cache before trying to fetch it // limits possible stress on other people's servers, reduces chance of DOS attacks global $wgMemc; $cachedSource = false; if (debugSwitch("forceload")) { $wgMemc->get($escapedFeedURL); } if (!$cachedSource) { // Uses Http::get which is the prefered method to make requests from MediaWiki since it handles going through proxies, etc. $timeout = 5; // set to zero for no timeout $source = Http::get($feedURL, $timeout, array(CURLOPT_FOLLOWLOCATION => 1)); if (!$source) { return wfMsgExt("xml-feedfailed", array('parseinline')); } // only cache newly fetched sources $wgMemc->set($escapedFeedURL, $source, strtotime("+2 hour")); } else { $source = $cachedSource; } if (debugSwitch("source")) { echo $source . "\n"; } // parse $feed = new XmlDocument(); if (!$feed->parse($source)) { return wfMsg("xml-parseerror", $feed->getError()); } // fill in the template with the fields from the xml file preg_match_all("#<item path=\"(.*?)\">(.*?)</item>#", filter($input), $matches); $result = ""; foreach ($matches[0] as $i => $text) { $path = $matches[1][$i]; $template = filter(trim(unfilter($matches[2][$i]))); $items = $feed->getItem($path); $count = min(count($items), $maxItems); if (!$items) { $result .= wfMsg("xml-pathnotfound", $path); } for ($i = 0; $i < $count; ++$i) { $item = $items[$i]; // fill in the template (use standard template parameter format) $text = $template; if (preg_match_all("/{{{([a-zA-Z:]*)}}}/", $text, $fields)) { foreach (array_unique($fields[1]) as $field) { // SWC 20061113 - Broke the accessing into two lines so that it parses $tempArray = $item[strtoupper($field)]; $currValue = implode("", $tempArray[0]); $text = str_replace("{{{{$field}}}}", $currValue, $text); } } // conditially add a line feed to the end of each item if ($addLineFeed) { $result .= $text . "\n"; } else { $result .= $text; } } } return sandboxParse($result); }