}
}
+ if ( $this->getParameter( 'curtimestamp' ) ) {
+ $result->addValue( null, 'curtimestamp', wfTimestamp( TS_ISO_8601, time() ),
+ ApiResult::NO_SIZE_CHECK );
+ }
+
$params = $this->extractRequestParams();
$this->mAction = $params['action'];
}
$moduleParams = $module->extractRequestParams();
- // Die if token required, but not provided
- $salt = $module->getTokenSalt();
- if ( $salt !== false ) {
+ // Check token, if necessary
+ if ( $module->needsToken() === true ) {
+ throw new MWException(
+ "Module '{$module->getModuleName()}' must be updated for the new token handling. " .
+ "See documentation for ApiBase::needsToken for details."
+ );
+ }
+ if ( $module->needsToken() ) {
+ if ( !$module->mustBePosted() ) {
+ throw new MWException(
+ "Module '{$module->getModuleName()}' must require POST to use tokens."
+ );
+ }
+
if ( !isset( $moduleParams['token'] ) ) {
$this->dieUsageMsg( array( 'missingparam', 'token' ) );
}
- if ( !$this->getUser()->matchEditToken(
- $moduleParams['token'],
- $salt,
- $this->getContext()->getRequest() )
- ) {
+ if ( array_key_exists(
+ $module->encodeParamName( 'token' ),
+ $this->getRequest()->getQueryValues()
+ ) ) {
+ $this->dieUsage(
+ "The '{$module->encodeParamName( 'token' )}' parameter must be POSTed",
+ 'mustposttoken'
+ );
+ }
+
+ if ( !$module->validateToken( $moduleParams['token'], $moduleParams ) ) {
$this->dieUsageMsg( 'sessionfailure' );
}
}
/**
* Check POST for external response and setup result printer
* @param ApiBase $module An Api module
- * @param array $params an array with the request parameters
+ * @param array $params An array with the request parameters
*/
protected function setupExternalResponse( $module, $params ) {
if ( !$this->getRequest()->wasPosted() && $module->mustBePosted() ) {
return array(
'format' => array(
ApiBase::PARAM_DFLT => ApiMain::API_DEFAULT_FORMAT,
- ApiBase::PARAM_TYPE => $this->mModuleMgr->getNames( 'format' )
+ ApiBase::PARAM_TYPE => 'submodule',
),
'action' => array(
ApiBase::PARAM_DFLT => 'help',
- ApiBase::PARAM_TYPE => $this->mModuleMgr->getNames( 'action' )
+ ApiBase::PARAM_TYPE => 'submodule',
),
'maxlag' => array(
ApiBase::PARAM_TYPE => 'integer'
),
'requestid' => null,
'servedby' => false,
+ 'curtimestamp' => false,
'origin' => null,
);
}
'requestid' => 'Request ID to distinguish requests. This will just be output back to you',
'servedby' => 'Include the hostname that served the request in the ' .
'results. Unconditionally shown on error',
+ 'curtimestamp' => 'Include the current timestamp in the result.',
'origin' => array(
'When accessing the API using a cross-domain AJAX request (CORS), set this to the',
'originating domain. This must be included in any pre-flight request, and',
);
}
- /**
- * @return array
- */
- public function getPossibleErrors() {
- return array_merge( parent::getPossibleErrors(), array(
- array( 'readonlytext' ),
- array( 'code' => 'unknown_format', 'info' => 'Unrecognized format: format' ),
- array( 'code' => 'unknown_action', 'info' => 'The API requires a valid action parameter' ),
- array( 'code' => 'maxlag', 'info' => 'Waiting for host: x seconds lagged' ),
- array( 'code' => 'maxlag', 'info' => 'Waiting for a database server: x seconds lagged' ),
- array( 'code' => 'assertuserfailed', 'info' => 'Assertion that the user is logged in failed' ),
- array(
- 'code' => 'assertbotfailed',
- 'info' => 'Assertion that the user has the bot right failed'
- ),
- ) );
- }
-
/**
* Returns an array of strings with credits for the API
* @return array