* as an argument in the URL ('?action=') and with write-enabled set to the
* value of $wgEnableWriteAPI as specified in LocalSettings.php.
* It then invokes "execute()" on the ApiMain object instance, which
- * produces output in the format sepecified in the URL.
+ * produces output in the format specified in the URL.
*
* Copyright © 2006 Yuri Astrakhan <Firstname><Lastname>@gmail.com
*
// Bail if PHP is too low
if ( !function_exists( 'version_compare' ) || version_compare( phpversion(), '5.3.2' ) < 0 ) {
+ // We need to use dirname( __FILE__ ) here cause __DIR__ is PHP5.3+
require( dirname( __FILE__ ) . '/includes/PHPVersionError.php' );
wfPHPVersionError( 'api.php' );
}
if ( isset( $_SERVER['MW_COMPILED'] ) ) {
require ( 'core/includes/WebStart.php' );
} else {
- require ( dirname( __FILE__ ) . '/includes/WebStart.php' );
+ require ( __DIR__ . '/includes/WebStart.php' );
}
wfProfileIn( 'api.php' );
header( $_SERVER['SERVER_PROTOCOL'] . ' 500 MediaWiki configuration Error', true, 500 );
echo( 'MediaWiki API is not enabled for this site. Add the following line to your LocalSettings.php'
. '<pre><b>$wgEnableAPI=true;</b></pre>' );
- die(1);
-}
-
-// Selectively allow cross-site AJAX
-
-/**
- * Helper function to convert wildcard string into a regex
- * '*' => '.*?'
- * '?' => '.'
- *
- * @param $search string
- * @return string
- */
-function convertWildcard( $search ) {
- $search = preg_quote( $search, '/' );
- $search = str_replace(
- array( '\*', '\?' ),
- array( '.*?', '.' ),
- $search
- );
- return "/$search/";
-}
-
-if ( $wgCrossSiteAJAXdomains && isset( $_SERVER['HTTP_ORIGIN'] ) ) {
- $exceptions = array_map( 'convertWildcard', $wgCrossSiteAJAXdomainExceptions );
- $regexes = array_map( 'convertWildcard', $wgCrossSiteAJAXdomains );
- foreach ( $regexes as $regex ) {
- if ( preg_match( $regex, $_SERVER['HTTP_ORIGIN'] ) ) {
- foreach ( $exceptions as $exc ) { // Check against exceptions
- if ( preg_match( $exc, $_SERVER['HTTP_ORIGIN'] ) ) {
- break 2;
- }
- }
- header( "Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}" );
- header( 'Access-Control-Allow-Credentials: true' );
- break;
- }
- }
+ die( 1 );
}
// Set a dummy $wgTitle, because $wgTitle == null breaks various things
* is some form of an ApiMain, possibly even one that produces an error message,
* but we don't care here, as that is handled by the ctor.
*/
-$processor = new ApiMain( $wgRequest, $wgEnableWriteAPI );
+$processor = new ApiMain( RequestContext::getMain(), $wgEnableWriteAPI );
// Process data & print results
$processor->execute();
// Log the request
if ( $wgAPIRequestLog ) {
$items = array(
- wfTimestamp( TS_MW ),
- $endtime - $starttime,
- $wgRequest->getIP(),
- $_SERVER['HTTP_USER_AGENT']
+ wfTimestamp( TS_MW ),
+ $endtime - $starttime,
+ $wgRequest->getIP(),
+ $_SERVER['HTTP_USER_AGENT']
);
$items[] = $wgRequest->wasPosted() ? 'POST' : 'GET';
$module = $processor->getModule();
if ( $module->mustBePosted() ) {
$items[] = "action=" . $wgRequest->getVal( 'action' );
} else {
- $items[] = wfArrayToCGI( $wgRequest->getValues() );
+ $items[] = wfArrayToCgi( $wgRequest->getValues() );
}
wfErrorLog( implode( ',', $items ) . "\n", $wgAPIRequestLog );
wfDebug( "Logged API request to $wgAPIRequestLog\n" );
// get here to worry about whether this should be = or =&, but the file has to parse properly.
$lb = wfGetLBFactory();
$lb->shutdown();
-