3 * Handle ajax requests and send them to the proper handler.
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
24 use MediaWiki\MediaWikiServices
;
26 // Use superglobals, but since it's deprecated, it's not worth fixing
27 // phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
34 * Object-Oriented Ajax functions.
37 class AjaxDispatcher
{
39 * The way the request was made, either a 'get' or a 'post'
45 * Name of the requested handler
46 * @var string $func_name
61 * Load up our object with user supplied data
62 * @param Config $config
64 function __construct( Config
$config ) {
65 $this->config
= $config;
69 if ( !empty( $_GET["rs"] ) ) {
73 if ( !empty( $_POST["rs"] ) ) {
77 switch ( $this->mode
) {
79 $this->func_name
= $_GET["rs"] ??
'';
80 if ( !empty( $_GET["rsargs"] ) ) {
81 $this->args
= $_GET["rsargs"];
87 $this->func_name
= $_POST["rs"] ??
'';
88 if ( !empty( $_POST["rsargs"] ) ) {
89 $this->args
= $_POST["rsargs"];
96 # Or we could throw an exception:
97 # throw new MWException( __METHOD__ . ' called without any data (mode empty).' );
102 * Pass the request to our internal function.
103 * BEWARE! Data are passed as they have been supplied by the user,
104 * they should be carefully handled in the function processing the
107 * phan-taint-check triggers as it is not smart enough to understand
108 * the early return if func_name not in AjaxExportList.
109 * @suppress SecurityCheck-XSS
112 function performAction( User
$user ) {
113 if ( empty( $this->mode
) ) {
117 if ( !in_array( $this->func_name
, $this->config
->get( 'AjaxExportList' ) ) ) {
118 wfDebug( __METHOD__
. ' Bad Request for unknown function ' . $this->func_name
. "\n" );
122 "unknown function " . $this->func_name
124 } elseif ( !User
::isEveryoneAllowed( 'read' ) && !$user->isAllowed( 'read' ) ) {
128 'You are not allowed to view pages.' );
130 wfDebug( __METHOD__
. ' dispatching ' . $this->func_name
. "\n" );
132 $result = call_user_func_array( $this->func_name
, $this->args
);
134 if ( $result === false ||
$result === null ) {
135 wfDebug( __METHOD__
. ' ERROR while dispatching ' .
136 $this->func_name
. "(" . var_export( $this->args
, true ) . "): " .
137 "no data returned\n" );
139 wfHttpError( 500, 'Internal Error',
140 "{$this->func_name} returned no data" );
142 if ( is_string( $result ) ) {
143 $result = new AjaxResponse( $result );
146 // Make sure DB commit succeeds before sending a response
147 $lbFactory = MediaWikiServices
::getInstance()->getDBLoadBalancerFactory();
148 $lbFactory->commitMasterChanges( __METHOD__
);
150 $result->sendHeaders();
151 $result->printText();
153 wfDebug( __METHOD__
. ' dispatch complete for ' . $this->func_name
. "\n" );
155 } catch ( Exception
$e ) {
156 wfDebug( __METHOD__
. ' ERROR while dispatching ' .
157 $this->func_name
. "(" . var_export( $this->args
, true ) . "): " .
158 get_class( $e ) . ": " . $e->getMessage() . "\n" );
160 if ( !headers_sent() ) {
161 wfHttpError( 500, 'Internal Error',
164 print $e->getMessage();