From 583ac8753232dea0ef8e2d79c64fdd77c3d9b714 Mon Sep 17 00:00:00 2001
From: Yuri Astrakhan <yurik@users.mediawiki.org>
Date: Mon, 25 Jun 2007 05:44:33 +0000
Subject: [PATCH] API: Fixed error codes encoding per bug 10308.

---
 includes/api/ApiBase.php           | 59 ++++++++++++++----------------
 includes/api/ApiQueryRevisions.php |  2 +-
 2 files changed, 29 insertions(+), 32 deletions(-)

diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php
index 723a6792f6..51276b5518 100644
--- a/includes/api/ApiBase.php
+++ b/includes/api/ApiBase.php
@@ -336,7 +336,7 @@ abstract class ApiBase {
 	protected function getParameterFromSettings($paramName, $paramSettings) {
 
 		// Some classes may decide to change parameter names
-		$paramName = $this->encodeParamName($paramName);
+		$encParamName = $this->encodeParamName($paramName);
 
 		if (!is_array($paramSettings)) {
 			$default = $paramSettings;
@@ -359,19 +359,19 @@ abstract class ApiBase {
 		if ($type == 'boolean') {
 			if (isset ($default) && $default !== false) {
 				// Having a default value of anything other than 'false' is pointless
-				ApiBase :: dieDebug(__METHOD__, "Boolean param $paramName's default is set to '$default'");
+				ApiBase :: dieDebug(__METHOD__, "Boolean param $encParamName's default is set to '$default'");
 			}
 
-			$value = $this->getMain()->getRequest()->getCheck($paramName);
+			$value = $this->getMain()->getRequest()->getCheck($encParamName);
 		} else {
-			$value = $this->getMain()->getRequest()->getVal($paramName, $default);
+			$value = $this->getMain()->getRequest()->getVal($encParamName, $default);
 
 			if (isset ($value) && $type == 'namespace')
 				$type = ApiBase :: getValidNamespaces();
 		}
 
 		if (isset ($value) && ($multi || is_array($type)))
-			$value = $this->parseMultiValue($paramName, $value, $multi, is_array($type) ? $type : null);
+			$value = $this->parseMultiValue($encParamName, $value, $multi, is_array($type) ? $type : null);
 
 		// More validation only when choices were not given
 		// choices were validated in parseMultiValue()
@@ -385,51 +385,45 @@ abstract class ApiBase {
 					case 'integer' : // Force everything using intval() and optionally validate limits
 
 						$value = is_array($value) ? array_map('intval', $value) : intval($value);
-						$checkMin = isset ($paramSettings[self :: PARAM_MIN]);
-						$checkMax = isset ($paramSettings[self :: PARAM_MAX]);
-						
-						if ($checkMin || $checkMax) {
-							$min = $checkMin ? $paramSettings[self :: PARAM_MIN] : false;
-							$max = $checkMax ? $paramSettings[self :: PARAM_MAX] : false;
+						$min = isset ($paramSettings[self :: PARAM_MIN]) ? $paramSettings[self :: PARAM_MIN] : null;
+						$max = isset ($paramSettings[self :: PARAM_MAX]) ? $paramSettings[self :: PARAM_MAX] : null;
 						
+						if (!is_null($min) || !is_null($max)) {
 							$values = is_array($value) ? $value : array($value);
 							foreach ($values as $v) {
-								if ($checkMin && $v < $min)
-									$this->dieUsage("$paramName may not be less than $min (set to $v)", $paramName);
-								if ($checkMax && $v > $max)
-									$this->dieUsage("$paramName may not be over $max (set to $v)", $paramName);
+								$this->validateLimit($paramName, $v, $min, $max);
 							}
 						}
 						break;
 					case 'limit' :
 						if (!isset ($paramSettings[self :: PARAM_MAX]) || !isset ($paramSettings[self :: PARAM_MAX2]))
-							ApiBase :: dieDebug(__METHOD__, "MAX1 or MAX2 are not defined for the limit $paramName");
+							ApiBase :: dieDebug(__METHOD__, "MAX1 or MAX2 are not defined for the limit $encParamName");
 						if ($multi)
-							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $paramName");
+							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $encParamName");
 						$min = isset ($paramSettings[self :: PARAM_MIN]) ? $paramSettings[self :: PARAM_MIN] : 0;
 						$value = intval($value);
 						$this->validateLimit($paramName, $value, $min, $paramSettings[self :: PARAM_MAX], $paramSettings[self :: PARAM_MAX2]);
 						break;
 					case 'boolean' :
 						if ($multi)
-							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $paramName");
+							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $encParamName");
 						break;
 					case 'timestamp' :
 						if ($multi)
-							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $paramName");
+							ApiBase :: dieDebug(__METHOD__, "Multi-values not supported for $encParamName");
 						$value = wfTimestamp(TS_UNIX, $value);
 						if ($value === 0)
-							$this->dieUsage("Invalid value '$value' for timestamp parameter $paramName", "badtimestamp_{$paramName}");
+							$this->dieUsage("Invalid value '$value' for timestamp parameter $encParamName", "badtimestamp_{$encParamName}");
 						$value = wfTimestamp(TS_MW, $value);
 						break;
 					case 'user' :
 						$title = Title::makeTitleSafe( NS_USER, $value );
 						if ( is_null( $title ) )
-							$this->dieUsage("Invalid value $user for user parameter $paramName", "baduser_{$paramName}");
+							$this->dieUsage("Invalid value $user for user parameter $encParamName", "baduser_{$encParamName}");
 						$value = $title->getText();
 						break;
 					default :
-						ApiBase :: dieDebug(__METHOD__, "Param $paramName's type is unknown - $type");
+						ApiBase :: dieDebug(__METHOD__, "Param $encParamName's type is unknown - $type");
 				}
 			}
 
@@ -470,19 +464,22 @@ abstract class ApiBase {
 	/**
 	* Validate the value against the minimum and user/bot maximum limits. Prints usage info on failure.
 	*/
-	function validateLimit($varname, $value, $min, $max, $botMax) {
-		if ($value < $min) {
-			$this->dieUsage("$varname may not be less than $min (set to $value)", $varname);
+	function validateLimit($paramName, $value, $min, $max, $botMax = null) {
+		if (!is_null($min) && $value < $min) {
+			$this->dieUsage($this->encodeParamName($paramName) . " may not be less than $min (set to $value)", $paramName);
 		}
 
-		if ($this->getMain()->isBot() || $this->getMain()->isSysop()) {
-			if ($value > $botMax) {
-				$this->dieUsage("$varname may not be over $botMax (set to $value) for bots or sysops", $varname);
+		// Optimization: do not check user's bot status unless really needed -- skips db query
+		// assumes $botMax >= $max
+		if (!is_null($max) && $value > $max) {
+			if (!is_null($botMax) && ($this->getMain()->isBot() || $this->getMain()->isSysop())) {
+				if ($value > $botMax) {
+					$this->dieUsage($this->encodeParamName($paramName) . " may not be over $botMax (set to $value) for bots or sysops", $paramName);
+				}
+			} else {
+				$this->dieUsage($this->encodeParamName($paramName) . " may not be over $max (set to $value) for users", $paramName);
 			}
 		}
-		elseif ($value > $max) {
-			$this->dieUsage("$varname may not be over $max (set to $value) for users", $varname);
-		}
 	}
 
 	/**
diff --git a/includes/api/ApiQueryRevisions.php b/includes/api/ApiQueryRevisions.php
index f070afd649..8ea3004c34 100644
--- a/includes/api/ApiQueryRevisions.php
+++ b/includes/api/ApiQueryRevisions.php
@@ -128,7 +128,7 @@ class ApiQueryRevisions extends ApiQueryBase {
 			// must manually initialize unset limit
 			if (is_null($limit))
 				$limit = 10;
-			$this->validateLimit($this->encodeParamName('limit'), $limit, 1, $userMax, $botMax);
+			$this->validateLimit('limit', $limit, 1, $userMax, $botMax);
 
 			// There is only one ID, use it
 			$this->addWhereFld('rev_page', current(array_keys($pageSet->getGoodTitles())));
-- 
2.20.1