<exclude name="MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.SingleSpaceBeforeSingleLineComment" />
<exclude name="MediaWiki.Usage.DbrQueryUsage.DbrQueryFound" />
<exclude name="MediaWiki.Usage.ExtendClassUsage.FunctionVarUsage" />
- <exclude name="MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals" />
<exclude name="MediaWiki.Files.ClassMatchesFilename.WrongCase" />
<exclude name="MediaWiki.Files.ClassMatchesFilename.NotMatch" />
<exclude name="MediaWiki.VariableAnalysis.ForbiddenGlobalVariables.ForbiddenGlobal$wgTitle" />
use MediaWiki\MediaWikiServices;
+// Use superglobals, but since it's deprecated, it's not worth fixing
+// phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
+
/**
* @defgroup Ajax Ajax
*/
if ( $this->incompleteForm ) {
# If the form is incomplete, force to preview.
wfDebug( __METHOD__ . ": Form data appears to be incomplete\n" );
- wfDebug( "POST DATA: " . var_export( $_POST, true ) . "\n" );
+ wfDebug( "POST DATA: " . var_export( $request->getPostValues(), true ) . "\n" );
$this->preview = true;
} else {
$this->preview = $request->getCheck( 'wpPreview' );
if ( $cache !== null ) {
return $cache;
}
- # Check for raw action using $_GET not $wgRequest, since the latter might not be initialised yet
+ // Check for raw action using $_GET not $wgRequest, since the latter might not be initialised yet
+ // phpcs:ignore MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
if ( ( isset( $_GET['action'] ) && $_GET['action'] == 'raw' )
|| (
isset( $_SERVER['SCRIPT_NAME'] )
use MediaWiki\Session\SessionId;
use MediaWiki\Session\SessionManager;
+// The point of this class is to be a wrapper around super globals
+// phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
+
/**
* The WebRequest class encapsulates getting at data passed in the
* URL or via a POSTed form stripping illegal input characters and
return $_GET;
}
+ /**
+ * Get the values passed via POST.
+ * No transformation is performed on the values.
+ *
+ * @since 1.32
+ * @codeCoverageIgnore
+ * @return array
+ */
+ public function getPostValues() {
+ return $_POST;
+ }
+
/**
* Return the contents of the Query with no decoding. Use when you need to
* know exactly what was sent, e.g. for an OAuth signature over the elements.
'IPAddress' => isset( $_SERVER[ 'REMOTE_ADDR' ] ) ? $_SERVER[ 'REMOTE_ADDR' ] : '',
'UserAgent' => isset( $_SERVER['HTTP_USER_AGENT'] ) ? $_SERVER['HTTP_USER_AGENT'] : '',
'ChronologyProtection' => 'true',
+ // phpcs:ignore MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals -- library can't use $wgRequest
'ChronologyPositionIndex' => isset( $_GET['cpPosIndex'] ) ? $_GET['cpPosIndex'] : null
];
* @author Lupo
* @since 1.20
*/
+
+// This file doesn't run as part of MediaWiki
+// phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
+
header( 'Content-Type: text/javascript; charset=utf-8' );
$moduleImplementations = [
* @author Timo Tijhof
* @since 1.20
*/
+
+// This file doesn't run as part of MediaWiki
+// phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
+
header( 'Content-Type: text/css; charset=utf-8' );
/**
wfThumbHandle404();
} else {
// Called directly, use $_GET params
- wfStreamThumb( $_GET );
+ wfStreamThumb( $wgRequest->getQueryValues() );
}
$mediawiki = new MediaWiki();