dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge "(bug 36938) XSS in uselang parameter"
[lhc/web/wiklou.git] / skins / common / upload.js
diff --git a/skins/common/upload.js b/skins/common/upload.js
index 3d79209..8e08af3 100644 (file)
--- a/skins/common/upload.js
+++ b/skins/common/upload.js
@@ -1,4 +1,8 @@
-function licenseSelectorCheck() {
+( function () {
+var    ajaxUploadDestCheck = mw.config.get( 'wgAjaxUploadDestCheck' ),
+       fileExtensions = mw.config.get( 'wgFileExtensions' );
+
+window.licenseSelectorCheck = function() {
        var selector = document.getElementById( "wpLicense" );
        var selection = selector.options[selector.selectedIndex].value;
        if( selector.selectedIndex > 0 ) {
@@ -9,11 +13,11 @@ function licenseSelectorCheck() {
        }
        // We might show a preview
        wgUploadLicenseObj.fetchPreview( selection );
-}
+};
 
-function wgUploadSetup() {
+function uploadSetup() {
        // Disable URL box if the URL copy upload source type is not selected
-       var e = document.getElementById( 'wpSourceTypeURL' );
+       var e = document.getElementById( 'wpSourceTypeurl' );
        if( e ) {
                if( !e.checked ) {
                        var ein = document.getElementById( 'wpUploadFileURL' );
@@ -34,78 +38,57 @@ function wgUploadSetup() {
                        }
                }
        }
-       
-       // Toggle source type
-       var sourceTypeCheckboxes = document.getElementsByName( 'wpSourceType' );
-       for ( var i = 0; i < sourceTypeCheckboxes.length; i++ ) {
-               sourceTypeCheckboxes[i].onchange = toggleUploadInputs;
-       }
-       
+
        // AJAX wpDestFile warnings
-       if ( wgAjaxUploadDestCheck ) {
-               document.getElementById( 'wpDestFile' ).onchange = function ( e ) { 
+       if ( ajaxUploadDestCheck ) {
+               // Insert an event handler that fetches upload warnings when wpDestFile
+               // has been changed
+               document.getElementById( 'wpDestFile' ).onchange = function ( e ) {
                        wgUploadWarningObj.checkNow(this.value);
                };
-               var optionsTable = document.getElementById( 'mw-htmlform-options' ).tBodies[0];
-               var row = document.createElement( 'tr' );
+               // Insert a row where the warnings will be displayed just below the
+               // wpDestFile row
+               var optionsTable = document.getElementById( 'mw-htmlform-description' ).tBodies[0];
+               var row = optionsTable.insertRow( 1 );
                var td = document.createElement( 'td' );
                td.id = 'wpDestFile-warning';
                td.colSpan = 2;
+
                row.appendChild( td );
-               optionsTable.appendChild( row );
        }
-       
-       // License selector check
-       document.getElementById( 'wpLicense' ).onchange = licenseSelectorCheck;
-       
+
+       var wpLicense = document.getElementById( 'wpLicense' );
+       if ( mw.config.get( 'wgAjaxLicensePreview' ) && wpLicense ) {
+               // License selector check
+               wpLicense.onchange = licenseSelectorCheck;
+
+               // License selector table row
+               var wpLicenseRow = wpLicense.parentNode.parentNode;
+               var wpLicenseTbody = wpLicenseRow.parentNode;
+
+               var row = document.createElement( 'tr' );
+               var td = document.createElement( 'td' );
+               row.appendChild( td );
+               td = document.createElement( 'td' );
+               td.id = 'mw-license-preview';
+               row.appendChild( td );
+
+               wpLicenseTbody.insertBefore( row, wpLicenseRow.nextSibling );
+       }
+
+
        // fillDestFile setup
-       for ( var i = 0; i < wgUploadSourceIds.length; i++ )
-               document.getElementById( wgUploadSourceIds[i] ).onchange = function (e) {
+       var     i,
+               uploadSourceIds = mw.config.get( 'wgUploadSourceIds' ),
+               len = uploadSourceIds.length;
+       for ( i = 0; i < len; i += 1 )
+               document.getElementById( uploadSourceIds[i] ).onchange = function (e) {
                        fillDestFilename( this.id );
                };
-}
-
-/**
- * Iterate over all upload source fields and disable all except the selected one.
- * 
- * @param enabledId The id of the selected radio button 
- * @return emptiness
- */
-function toggleUploadInputs() {
-       // Iterate over all rows with UploadSourceField
-       var rows;
-       if ( document.getElementsByClassName ) {
-               rows = document.getElementsByClassName( 'mw-htmlform-field-UploadSourceField' );
-       } else {
-               // Older browsers don't support getElementsByClassName
-               rows = new Array();
-               
-               var allRows = document.getElementsByTagName( 'tr' );
-               for ( var i = 0; i < allRows.length; i++ ) {
-                       if ( allRows[i].className == 'mw-htmlform-field-UploadSourceField' )
-                               rows.push( allRows[i] );
-               }
-       }
-       
-       for ( var i = 0; i < rows.length; i++ ) {
-               var inputs = rows[i].getElementsByTagName( 'input' );
-               
-               // Check if this row is selected
-               var isChecked = true; // Default true in case wpSourceType is not found
-               for ( var j = 0; j < inputs.length; j++ ) {
-                       if ( inputs[j].name == 'wpSourceType' )
-                               isChecked = inputs[j].checked;
-               }
-               
-               // Disable all unselected rows
-               for ( var j = 0; j < inputs.length; j++ ) {
-                       if ( inputs[j].type != 'radio')
-                               inputs[j].disabled = !isChecked;
-               }
-       }
-}
+};
 
-var wgUploadWarningObj = {
+
+window.wgUploadWarningObj = {
        'responseCache' : { '' : '&nbsp;' },
        'nameToCheck' : '',
        'typing': false,
@@ -113,7 +96,7 @@ var wgUploadWarningObj = {
        'timeoutID': false,
 
        'keypress': function () {
-               if ( !wgAjaxUploadDestCheck || !sajax_init_object() ) return;
+               if ( !ajaxUploadDestCheck || !sajax_init_object() ) return;
 
                // Find file to upload
                var destFile = document.getElementById('wpDestFile');
@@ -138,7 +121,7 @@ var wgUploadWarningObj = {
        },
 
        'checkNow': function (fname) {
-               if ( !wgAjaxUploadDestCheck || !sajax_init_object() ) return;
+               if ( !ajaxUploadDestCheck || !sajax_init_object() ) return;
                if ( this.timeoutID ) {
                        window.clearTimeout( this.timeoutID );
                }
@@ -147,7 +130,7 @@ var wgUploadWarningObj = {
        },
 
        'timeout' : function() {
-               if ( !wgAjaxUploadDestCheck || !sajax_init_object() ) return;
+               if ( !ajaxUploadDestCheck || !sajax_init_object() ) return;
                injectSpinner( document.getElementById( 'wpDestFile' ), 'destcheck' );
 
                // Get variables into local scope so that they will be preserved for the
@@ -170,7 +153,18 @@ var wgUploadWarningObj = {
 
        'setWarning' : function (warning) {
                var warningElt = document.getElementById( 'wpDestFile-warning' );
+               var ackElt = document.getElementsByName( 'wpDestFileWarningAck' );
+
                this.setInnerHTML(warningElt, warning);
+
+               // Set a value in the form indicating that the warning is acknowledged and
+               // doesn't need to be redisplayed post-upload
+               if ( warning == '' || warning == '&nbsp;' ) {
+                       ackElt[0].value = '';
+               } else {
+                       ackElt[0].value = '1';
+               }
+
        },
        'setInnerHTML' : function (element, text) {
                // Check for no change to avoid flicker in IE 7
@@ -178,10 +172,10 @@ var wgUploadWarningObj = {
                        element.innerHTML = text;
                }
        }
-}
+};
 
-function fillDestFilename(id) {
-       if (!wgUploadAutoFill) {
+window.fillDestFilename = function(id) {
+       if ( !mw.config.get( 'wgUploadAutoFill' ) ) {
                return;
        }
        if (!document.getElementById) {
@@ -208,14 +202,14 @@ function fillDestFilename(id) {
        }
 
        // Clear the filename if it does not have a valid extension.
-       // URLs are less likely to have a useful extension, so don't include them in the 
+       // URLs are less likely to have a useful extension, so don't include them in the
        // extension check.
-       if( wgFileExtensions && id != 'wpUploadFileURL' ) {
+       if ( mw.config.get( 'wgStrictFileExtensions' ) && fileExtensions && id !== 'wpUploadFileURL' ) {
                var found = false;
-               if( fname.lastIndexOf( '.' ) != -1 ) {
+               if ( fname.lastIndexOf( '.' ) !== -1 ) {
                        var ext = fname.substr( fname.lastIndexOf( '.' ) + 1 );
-                       for( var i = 0; i < wgFileExtensions.length; i++ ) {
-                               if( wgFileExtensions[i].toLowerCase() == ext.toLowerCase() ) {
+                       for ( var i = 0; i < fileExtensions.length; i += 1 ) {
+                               if ( fileExtensions[i].toLowerCase() === ext.toLowerCase() ) {
                                        found = true;
                                        break;
                                }
@@ -232,16 +226,19 @@ function fillDestFilename(id) {
                        if( e ) e.className = 'error';
 
                        // Clear wpDestFile as well
-                       var e = document.getElementById( 'wpDestFile' )
+                       var e = document.getElementById( 'wpDestFile' );
                        if( e ) e.value = '';
 
                        return false;
                }
        }
 
-       // Capitalise first letter and replace spaces by underscores
-       // FIXME: $wgCapitalizedNamespaces
-       fname = fname.charAt(0).toUpperCase().concat(fname.substring(1,10000)).replace(/ /g, '_');
+       // Replace spaces by underscores
+       fname = fname.replace( / /g, '_' );
+       // Capitalise first letter if needed
+       if ( mw.config.get( 'wgCapitalizeUploads' ) ) {
+               fname = fname.charAt( 0 ).toUpperCase().concat( fname.substring( 1, 10000 ) );
+       }
 
        // Output result
        var destFile = document.getElementById('wpDestFile');
@@ -249,25 +246,21 @@ function fillDestFilename(id) {
                destFile.value = fname;
                wgUploadWarningObj.checkNow(fname) ;
        }
-}
+};
 
-function toggleFilenameFiller() {
+window.toggleFilenameFiller = function() {
        if(!document.getElementById) return;
        var upfield = document.getElementById('wpUploadFile');
        var destName = document.getElementById('wpDestFile').value;
-       if (destName=='' || destName==' ') {
-               wgUploadAutoFill = true;
-       } else {
-               wgUploadAutoFill = false;
-       }
-}
+       wgUploadAutoFill = ( destName == '' || destName == ' ' );
+};
 
-var wgUploadLicenseObj = {
+window.wgUploadLicenseObj = {
 
        'responseCache' : { '' : '' },
 
        'fetchPreview': function( license ) {
-               if( !wgAjaxLicensePreview || !sajax_init_object() ) return;
+               if ( !mw.config.get( 'wgAjaxLicensePreview' ) ) return;
                for (cached in this.responseCache) {
                        if (cached == license) {
                                this.showPreview( this.responseCache[license] );
@@ -275,17 +268,28 @@ var wgUploadLicenseObj = {
                        }
                }
                injectSpinner( document.getElementById( 'wpLicense' ), 'license' );
-               sajax_do_call( 'SpecialUpload::ajaxGetLicensePreview', [license],
-                       function( result ) {
-                               wgUploadLicenseObj.processResult( result, license );
-                       }
-               );
+
+               var title = document.getElementById('wpDestFile').value;
+               if ( !title ) title = 'File:Sample.jpg';
+
+               var url = mw.util.wikiScript( 'api' )
+                       + '?action=parse&text={{' + encodeURIComponent( license ) + '}}'
+                       + '&title=' + encodeURIComponent( title )
+                       + '&prop=text&pst&format=json';
+
+               var req = sajax_init_object();
+               req.onreadystatechange = function() {
+                       if ( req.readyState == 4 && req.status == 200 )
+                               wgUploadLicenseObj.processResult( eval( '(' + req.responseText + ')' ), license );
+               };
+               req.open( 'GET', url, true );
+               req.send( '' );
        },
 
        'processResult' : function( result, license ) {
                removeSpinner( 'license' );
-               this.showPreview( result.responseText );
-               this.responseCache[license] = result.responseText;
+               this.responseCache[license] = result['parse']['text']['*'];
+               this.showPreview( this.responseCache[license] );
        },
 
        'showPreview' : function( preview ) {
@@ -294,6 +298,8 @@ var wgUploadLicenseObj = {
                        previewPanel.innerHTML = preview;
        }
 
-}
+};
+
+$( document ).ready( uploadSetup );
 
-addOnloadHook( wgUploadSetup );
+}() );
Wiklou, le Wiki du Wiklou