5 * Created on Aug 21, 2008
7 * Copyright © 2008 - 2010 Bryan Tong Minh <Bryan.TongMinh@Gmail.com>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License along
20 * with this program; if not, write to the Free Software Foundation, Inc.,
21 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
22 * http://www.gnu.org/copyleft/gpl.html
30 class ApiUpload
extends ApiBase
{
35 protected $mUpload = null;
39 public function __construct( $main, $action ) {
40 parent
::__construct( $main, $action );
43 public function execute() {
44 // Check whether upload is enabled
45 if ( !UploadBase
::isEnabled() ) {
46 $this->dieUsageMsg( 'uploaddisabled' );
49 $user = $this->getUser();
52 $this->mParams
= $this->extractRequestParams();
53 $request = $this->getMain()->getRequest();
54 // Add the uploaded file to the params array
55 $this->mParams
['file'] = $request->getFileName( 'file' );
56 $this->mParams
['chunk'] = $request->getFileName( 'chunk' );
58 // Copy the session key to the file key, for backward compatibility.
59 if( !$this->mParams
['filekey'] && $this->mParams
['sessionkey'] ) {
60 $this->mParams
['filekey'] = $this->mParams
['sessionkey'];
63 // Select an upload module
64 if ( !$this->selectUploadModule() ) {
65 // This is not a true upload, but a status request or similar
68 if ( !isset( $this->mUpload
) ) {
69 $this->dieUsage( 'No upload module set', 'nomodule' );
72 // First check permission to upload
73 $this->checkPermissions( $user );
76 $status = $this->mUpload
->fetchFile();
77 if ( !$status->isGood() ) {
78 $errors = $status->getErrorsArray();
79 $error = array_shift( $errors[0] );
80 $this->dieUsage( 'Error fetching file from remote source', $error, 0, $errors[0] );
83 // Check if the uploaded file is sane
84 if ( $this->mParams
['chunk'] ) {
85 $maxSize = $this->mUpload
->getMaxUploadSize( );
86 if( $this->mParams
['filesize'] > $maxSize ) {
87 $this->dieUsage( 'The file you submitted was too large', 'file-too-large' );
90 $this->verifyUpload();
93 // Check if the user has the rights to modify or overwrite the requested title
94 // (This check is irrelevant if stashing is already requested, since the errors
95 // can always be fixed by changing the title)
96 if ( ! $this->mParams
['stash'] ) {
97 $permErrors = $this->mUpload
->verifyTitlePermissions( $user );
98 if ( $permErrors !== true ) {
99 $this->dieRecoverableError( $permErrors[0], 'filename' );
102 // Get the result based on the current upload context:
103 $result = $this->getContextResult();
105 if ( $result['result'] === 'Success' ) {
106 $result['imageinfo'] = $this->mUpload
->getImageInfo( $this->getResult() );
109 $this->getResult()->addValue( null, $this->getModuleName(), $result );
111 // Cleanup any temporary mess
112 $this->mUpload
->cleanupTempFile();
115 * Get an uplaod result based on upload context
118 private function getContextResult(){
119 $warnings = $this->getApiWarnings();
120 if ( $warnings && !$this->mParams
['ignorewarnings'] ) {
121 // Get warnings formated in result array format
122 return $this->getWarningsResult( $warnings );
123 } elseif ( $this->mParams
['chunk'] ) {
124 // Add chunk, and get result
125 return $this->getChunkResult( $warnings );
126 } elseif ( $this->mParams
['stash'] ) {
127 // Stash the file and get stash result
128 return $this->getStashResult( $warnings );
130 // This is the most common case -- a normal upload with no warnings
131 // performUpload will return a formatted properly for the API with status
132 return $this->performUpload( $warnings );
135 * Get Stash Result, throws an expetion if the file could not be stashed.
138 private function getStashResult( $warnings ){
140 // Some uploads can request they be stashed, so as not to publish them immediately.
141 // In this case, a failure to stash ought to be fatal
143 $result['result'] = 'Success';
144 $result['filekey'] = $this->performStash();
145 $result['sessionkey'] = $result['filekey']; // backwards compatibility
146 $result['warnings'] = $warnings;
147 } catch ( MWException
$e ) {
148 $this->dieUsage( $e->getMessage(), 'stashfailed' );
153 * Get Warnings Result
154 * @param $warnings Array of Api upload warnings
157 private function getWarningsResult( $warnings ){
159 $result['result'] = 'Warning';
160 $result['warnings'] = $warnings;
161 // in case the warnings can be fixed with some further user action, let's stash this upload
162 // and return a key they can use to restart it
164 $result['filekey'] = $this->performStash();
165 $result['sessionkey'] = $result['filekey']; // backwards compatibility
166 } catch ( MWException
$e ) {
167 $result['warnings']['stashfailed'] = $e->getMessage();
172 * Get the result of a chunk upload.
175 private function getChunkResult( $warnings ){
178 $result['result'] = 'Continue';
179 $result['warnings'] = $warnings;
180 $request = $this->getMain()->getRequest();
181 $chunkPath = $request->getFileTempname( 'chunk' );
182 $chunkSize = $request->getUpload( 'chunk' )->getSize();
183 if ($this->mParams
['offset'] == 0) {
184 $result['filekey'] = $this->performStash();
186 $status = $this->mUpload
->addChunk($chunkPath, $chunkSize,
187 $this->mParams
['offset']);
188 if ( !$status->isGood() ) {
189 $this->dieUsage( $status->getWikiText(), 'stashfailed' );
193 // Check we added the last chunk:
194 if( $this->mParams
['offset'] +
$chunkSize == $this->mParams
['filesize'] ) {
195 $status = $this->mUpload
->concatenateChunks();
197 if ( !$status->isGood() ) {
198 $this->dieUsage( $status->getWikiText(), 'stashfailed' );
202 // We have a new filekey for the fully concatenated file.
203 $result['filekey'] = $this->mUpload
->getLocalFile()->getFileKey();
205 // Remove chunk from stash. (Checks against user ownership of chunks.)
206 $this->mUpload
->stash
->removeFile( $this->mParams
['filekey'] );
208 $result['result'] = 'Success';
212 // Continue passing through the filekey for adding further chunks.
213 $result['filekey'] = $this->mParams
['filekey'];
216 $result['offset'] = $this->mParams
['offset'] +
$chunkSize;
221 * Stash the file and return the file key
222 * Also re-raises exceptions with slightly more informative message strings (useful for API)
223 * @throws MWException
224 * @return String file key
226 function performStash() {
228 $stashFile = $this->mUpload
->stashFile();
231 throw new MWException( 'Invalid stashed file' );
233 $fileKey = $stashFile->getFileKey();
234 } catch ( MWException
$e ) {
235 $message = 'Stashing temporary file failed: ' . get_class( $e ) . ' ' . $e->getMessage();
236 wfDebug( __METHOD__
. ' ' . $message . "\n");
237 throw new MWException( $message );
243 * Throw an error that the user can recover from by providing a better
244 * value for $parameter
246 * @param $error array Error array suitable for passing to dieUsageMsg()
247 * @param $parameter string Parameter that needs revising
248 * @param $data array Optional extra data to pass to the user
249 * @throws UsageException
251 function dieRecoverableError( $error, $parameter, $data = array() ) {
253 $data['filekey'] = $this->performStash();
254 $data['sessionkey'] = $data['filekey'];
255 } catch ( MWException
$e ) {
256 $data['stashfailed'] = $e->getMessage();
258 $data['invalidparameter'] = $parameter;
260 $parsed = $this->parseMsg( $error );
261 $this->dieUsage( $parsed['info'], $parsed['code'], 0, $data );
265 * Select an upload module and set it to mUpload. Dies on failure. If the
266 * request was a status request and not a true upload, returns false;
271 protected function selectUploadModule() {
272 $request = $this->getMain()->getRequest();
274 // chunk or one and only one of the following parameters is needed
275 if( !$this->mParams
['chunk'] ) {
276 $this->requireOnlyOneParameter( $this->mParams
,
277 'filekey', 'file', 'url', 'statuskey' );
280 if ( $this->mParams
['statuskey'] ) {
281 $this->checkAsyncDownloadEnabled();
283 // Status request for an async upload
284 $sessionData = UploadFromUrlJob
::getSessionData( $this->mParams
['statuskey'] );
285 if ( !isset( $sessionData['result'] ) ) {
286 $this->dieUsage( 'No result in session data', 'missingresult' );
288 if ( $sessionData['result'] == 'Warning' ) {
289 $sessionData['warnings'] = $this->transformWarnings( $sessionData['warnings'] );
290 $sessionData['sessionkey'] = $this->mParams
['statuskey'];
292 $this->getResult()->addValue( null, $this->getModuleName(), $sessionData );
297 // The following modules all require the filename parameter to be set
298 if ( is_null( $this->mParams
['filename'] ) ) {
299 $this->dieUsageMsg( array( 'missingparam', 'filename' ) );
302 if ( $this->mParams
['chunk'] ) {
304 $this->mUpload
= new UploadFromChunks();
305 if( isset( $this->mParams
['filekey'] ) ){
307 $this->mUpload
->continueChunks(
308 $this->mParams
['filename'],
309 $this->mParams
['filekey'],
310 $request->getUpload( 'chunk' )
313 // handle first chunk
314 $this->mUpload
->initialize(
315 $this->mParams
['filename'],
316 $request->getUpload( 'chunk' )
319 } elseif ( isset( $this->mParams
['filekey'] ) ) {
320 // Upload stashed in a previous request
321 if ( !UploadFromStash
::isValidKey( $this->mParams
['filekey'] ) ) {
322 $this->dieUsageMsg( 'invalid-file-key' );
325 $this->mUpload
= new UploadFromStash( $this->getUser() );
327 $this->mUpload
->initialize( $this->mParams
['filekey'], $this->mParams
['filename'] );
328 } elseif ( isset( $this->mParams
['file'] ) ) {
329 $this->mUpload
= new UploadFromFile();
330 $this->mUpload
->initialize(
331 $this->mParams
['filename'],
332 $request->getUpload( 'file' )
334 } elseif ( isset( $this->mParams
['url'] ) ) {
335 // Make sure upload by URL is enabled:
336 if ( !UploadFromUrl
::isEnabled() ) {
337 $this->dieUsageMsg( 'copyuploaddisabled' );
340 if ( !UploadFromUrl
::isAllowedHost( $this->mParams
['url'] ) ) {
341 $this->dieUsageMsg( 'copyuploadbaddomain' );
345 if ( $this->mParams
['asyncdownload'] ) {
346 $this->checkAsyncDownloadEnabled();
348 if ( $this->mParams
['leavemessage'] && !$this->mParams
['ignorewarnings'] ) {
349 $this->dieUsage( 'Using leavemessage without ignorewarnings is not supported',
350 'missing-ignorewarnings' );
353 if ( $this->mParams
['leavemessage'] ) {
354 $async = 'async-leavemessage';
359 $this->mUpload
= new UploadFromUrl
;
360 $this->mUpload
->initialize( $this->mParams
['filename'],
361 $this->mParams
['url'], $async );
368 * Checks that the user has permissions to perform this upload.
369 * Dies with usage message on inadequate permissions.
370 * @param $user User The user to check.
372 protected function checkPermissions( $user ) {
373 // Check whether the user has the appropriate permissions to upload anyway
374 $permission = $this->mUpload
->isAllowed( $user );
376 if ( $permission !== true ) {
377 if ( !$user->isLoggedIn() ) {
378 $this->dieUsageMsg( array( 'mustbeloggedin', 'upload' ) );
380 $this->dieUsageMsg( 'badaccess-groups' );
386 * Performs file verification, dies on error.
388 protected function verifyUpload( ) {
389 global $wgFileExtensions;
391 $verification = $this->mUpload
->verifyUpload( );
392 if ( $verification['status'] === UploadBase
::OK
) {
396 // TODO: Move them to ApiBase's message map
397 switch( $verification['status'] ) {
398 // Recoverable errors
399 case UploadBase
::MIN_LENGTH_PARTNAME
:
400 $this->dieRecoverableError( 'filename-tooshort', 'filename' );
402 case UploadBase
::ILLEGAL_FILENAME
:
403 $this->dieRecoverableError( 'illegal-filename', 'filename',
404 array( 'filename' => $verification['filtered'] ) );
406 case UploadBase
::FILENAME_TOO_LONG
:
407 $this->dieRecoverableError( 'filename-toolong', 'filename' );
409 case UploadBase
::FILETYPE_MISSING
:
410 $this->dieRecoverableError( 'filetype-missing', 'filename' );
412 case UploadBase
::WINDOWS_NONASCII_FILENAME
:
413 $this->dieRecoverableError( 'windows-nonascii-filename', 'filename' );
416 // Unrecoverable errors
417 case UploadBase
::EMPTY_FILE
:
418 $this->dieUsage( 'The file you submitted was empty', 'empty-file' );
420 case UploadBase
::FILE_TOO_LARGE
:
421 $this->dieUsage( 'The file you submitted was too large', 'file-too-large' );
424 case UploadBase
::FILETYPE_BADTYPE
:
425 $this->dieUsage( 'This type of file is banned', 'filetype-banned',
427 'filetype' => $verification['finalExt'],
428 'allowed' => $wgFileExtensions
431 case UploadBase
::VERIFICATION_ERROR
:
432 $this->getResult()->setIndexedTagName( $verification['details'], 'detail' );
433 $this->dieUsage( 'This file did not pass file verification', 'verification-error',
434 0, array( 'details' => $verification['details'] ) );
436 case UploadBase
::HOOK_ABORTED
:
437 $this->dieUsage( "The modification you tried to make was aborted by an extension hook",
438 'hookaborted', 0, array( 'error' => $verification['error'] ) );
441 $this->dieUsage( 'An unknown error occurred', 'unknown-error',
442 0, array( 'code' => $verification['status'] ) );
449 * Check warnings if ignorewarnings is not set.
450 * Returns a suitable array for inclusion into API results if there were warnings
451 * Returns the empty array if there were no warnings
455 protected function getApiWarnings() {
458 $warnings = $this->mUpload
->checkWarnings();
460 return $this->transformWarnings( $warnings );
463 protected function transformWarnings( $warnings ) {
466 $result = $this->getResult();
467 $result->setIndexedTagName( $warnings, 'warning' );
469 if ( isset( $warnings['duplicate'] ) ) {
471 foreach ( $warnings['duplicate'] as $dupe ) {
472 $dupes[] = $dupe->getName();
474 $result->setIndexedTagName( $dupes, 'duplicate' );
475 $warnings['duplicate'] = $dupes;
478 if ( isset( $warnings['exists'] ) ) {
479 $warning = $warnings['exists'];
480 unset( $warnings['exists'] );
481 $warnings[$warning['warning']] = $warning['file']->getName();
489 * Perform the actual upload. Returns a suitable result array on success;
494 protected function performUpload( $warnings ) {
495 // Use comment as initial page text by default
496 if ( is_null( $this->mParams
['text'] ) ) {
497 $this->mParams
['text'] = $this->mParams
['comment'];
500 $file = $this->mUpload
->getLocalFile();
501 $watch = $this->getWatchlistValue( $this->mParams
['watchlist'], $file->getTitle() );
503 // Deprecated parameters
504 if ( $this->mParams
['watch'] ) {
508 // No errors, no warnings: do the upload
509 $status = $this->mUpload
->performUpload( $this->mParams
['comment'],
510 $this->mParams
['text'], $watch, $this->getUser() );
512 if ( !$status->isGood() ) {
513 $error = $status->getErrorsArray();
515 if ( count( $error ) == 1 && $error[0][0] == 'async' ) {
516 // The upload can not be performed right now, because the user
519 'result' => 'Queued',
520 'statuskey' => $error[0][1],
523 $this->getResult()->setIndexedTagName( $error, 'error' );
525 $this->dieUsage( 'An internal error occurred', 'internal-error', 0, $error );
529 $file = $this->mUpload
->getLocalFile();
531 $result['result'] = 'Success';
532 $result['filename'] = $file->getName();
533 $result['warnings'] = $warnings;
539 * Checks if asynchronous copy uploads are enabled and throws an error if they are not.
541 protected function checkAsyncDownloadEnabled() {
542 global $wgAllowAsyncCopyUploads;
543 if ( !$wgAllowAsyncCopyUploads ) {
544 $this->dieUsage( 'Asynchronous copy uploads disabled', 'asynccopyuploaddisabled');
548 public function mustBePosted() {
552 public function isWriteMode() {
556 public function getAllowedParams() {
559 ApiBase
::PARAM_TYPE
=> 'string',
562 ApiBase
::PARAM_DFLT
=> ''
567 ApiBase
::PARAM_DFLT
=> false,
568 ApiBase
::PARAM_DEPRECATED
=> true,
570 'watchlist' => array(
571 ApiBase
::PARAM_DFLT
=> 'preferences',
572 ApiBase
::PARAM_TYPE
=> array(
578 'ignorewarnings' => false,
582 'sessionkey' => array(
583 ApiBase
::PARAM_DFLT
=> null,
584 ApiBase
::PARAM_DEPRECATED
=> true,
592 'asyncdownload' => false,
593 'leavemessage' => false,
600 public function getParamDescription() {
602 'filename' => 'Target filename',
603 'token' => 'Edit token. You can get one of these through prop=info',
604 'comment' => 'Upload comment. Also used as the initial page text for new files if "text" is not specified',
605 'text' => 'Initial page text for new files',
606 'watch' => 'Watch the page',
607 'watchlist' => 'Unconditionally add or remove the page from your watchlist, use preferences or do not change watch',
608 'ignorewarnings' => 'Ignore any warnings',
609 'file' => 'File contents',
610 'url' => 'URL to fetch the file from',
611 'filekey' => 'Key that identifies a previous upload that was stashed temporarily.',
612 'sessionkey' => 'Same as filekey, maintained for backward compatibility.',
613 'stash' => 'If set, the server will not add the file to the repository and stash it temporarily.',
615 'chunk' => 'Chunk contents',
616 'offset' => 'Offset of chunk in bytes',
617 'filesize' => 'Filesize of entire upload',
619 'asyncdownload' => 'Make fetching a URL asynchronous',
620 'leavemessage' => 'If asyncdownload is used, leave a message on the user talk page if finished',
621 'statuskey' => 'Fetch the upload status for this file key',
628 public function getDescription() {
630 'Upload a file, or get the status of pending uploads. Several methods are available:',
631 ' * Upload file contents directly, using the "file" parameter',
632 ' * Have the MediaWiki server fetch a file from a URL, using the "url" parameter',
633 ' * Complete an earlier upload that failed due to warnings, using the "filekey" parameter',
634 'Note that the HTTP POST must be done as a file upload (i.e. using multipart/form-data) when',
635 'sending the "file". Also you must get and send an edit token before doing any upload stuff'
639 public function getPossibleErrors() {
640 return array_merge( parent
::getPossibleErrors(),
641 $this->getRequireOnlyOneParameterErrorMessages( array( 'filekey', 'file', 'url', 'statuskey' ) ),
643 array( 'uploaddisabled' ),
644 array( 'invalid-file-key' ),
645 array( 'uploaddisabled' ),
646 array( 'mustbeloggedin', 'upload' ),
647 array( 'badaccess-groups' ),
648 array( 'code' => 'fetchfileerror', 'info' => '' ),
649 array( 'code' => 'nomodule', 'info' => 'No upload module set' ),
650 array( 'code' => 'empty-file', 'info' => 'The file you submitted was empty' ),
651 array( 'code' => 'filetype-missing', 'info' => 'The file is missing an extension' ),
652 array( 'code' => 'filename-tooshort', 'info' => 'The filename is too short' ),
653 array( 'code' => 'overwrite', 'info' => 'Overwriting an existing file is not allowed' ),
654 array( 'code' => 'stashfailed', 'info' => 'Stashing temporary file failed' ),
655 array( 'code' => 'internal-error', 'info' => 'An internal error occurred' ),
656 array( 'code' => 'asynccopyuploaddisabled', 'info' => 'Asynchronous copy uploads disabled' ),
661 public function needsToken() {
665 public function getTokenSalt() {
669 public function getExamples() {
671 'api.php?action=upload&filename=Wiki.png&url=http%3A//upload.wikimedia.org/wikipedia/en/b/bc/Wiki.png'
672 => 'Upload from a URL',
673 'api.php?action=upload&filename=Wiki.png&filekey=filekey&ignorewarnings=1'
674 => 'Complete an upload that failed due to warnings',
678 public function getHelpUrls() {
679 return 'https://www.mediawiki.org/wiki/API:Upload';
682 public function getVersion() {
683 return __CLASS__
. ': $Id$';