\n
"; $editsummary = ''; $subjectpreview = $summarytext && $this->preview ? "\n" : ''; $summarypreview = ''; } else { $commentsubject = ''; $editsummary="{$summary}:\n"); $wgOut->addHtml( '' ); $wgOut->addHTML( $this->editFormTextAfterTools ); $wgOut->addHTML( " " ); /** * To make it harder for someone to slip a user a page * which submits an edit form to the wiki without their * knowledge, a random token is associated with the login * session. If it's not passed back with the submission, * we won't save the page, or render user JavaScript and * CSS previews. * * For anon editors, who may not have a session, we just * include the constant suffix to prevent editing from * broken text-mangling proxies. */ $token = htmlspecialchars( $wgUser->editToken() ); $wgOut->addHTML( "\n\n" ); # If a blank edit summary was previously provided, and the appropriate # user preference is active, pass a hidden tag here. This will stop the # user being bounced back more than once in the event that a summary # is not required. if( $this->missingSummary ) { $wgOut->addHTML( "\n" ); } # For a bit more sophisticated detection of blank summaries, hash the # automatic one and pass that in a hidden field. $autosumm = $this->autoSumm ? $this->autoSumm : md5( $this->summary ); $wgOut->addHtml( wfHidden( 'wpAutoSummary', $autosumm ) ); if ( $this->isConflict ) { $wgOut->addWikiText( '==' . wfMsg( "yourdiff" ) . '==' ); $de = new DifferenceEngine( $this->mTitle ); $de->setText( $this->textbox2, $this->textbox1 ); $de->showDiff( wfMsg( "yourtext" ), wfMsg( "storedversion" ) ); $wgOut->addWikiText( '==' . wfMsg( "yourtext" ) . '==' ); $wgOut->addHTML( "" . htmlspecialchars( $this->safeUnicodeOutput( $this->textbox2 ) ) . "\n" ); } $wgOut->addHTML( $this->editFormTextBottom ); $wgOut->addHTML( "\n" ); if ( !$wgUser->getOption( 'previewontop' ) ) { if ( $this->formtype == 'preview') { $this->showPreview( $previewOutput ); } else { $wgOut->addHTML( '' ); } if ( $this->formtype == 'diff') { $this->showDiff(); } } wfProfileOut( $fname ); } /** * Append preview output to $wgOut. * Includes category rendering if this is a category page. * * @param string $text The HTML to be output for the preview. */ private function showPreview( $text ) { global $wgOut; $wgOut->addHTML( '' ); } /** * Live Preview lets us fetch rendered preview page content and * add it to the page without refreshing the whole page. * If not supported by the browser it will fall through to the normal form * submission method. * * This function outputs a script tag to support live preview, and * returns an onclick handler which should be added to the attributes * of the preview button */ function doLivePreviewScript() { global $wgStylePath, $wgJsMimeType, $wgStyleVersion, $wgOut, $wgTitle; $wgOut->addHTML( '' . "\n" ); $liveAction = $wgTitle->getLocalUrl( 'action=submit&wpPreview=true&live=true' ); return "return !livePreview(" . "getElementById('wikiPreview')," . "editform.wpTextbox1.value," . '"' . $liveAction . '"' . ")"; } function getLastDelete() { $dbr = wfGetDB( DB_SLAVE ); $fname = 'EditPage::getLastDelete'; $res = $dbr->select( array( 'logging', 'user' ), array( 'log_type', 'log_action', 'log_timestamp', 'log_user', 'log_namespace', 'log_title', 'log_comment', 'log_params', 'user_name', ), array( 'log_namespace' => $this->mTitle->getNamespace(), 'log_title' => $this->mTitle->getDBkey(), 'log_type' => 'delete', 'log_action' => 'delete', 'user_id=log_user' ), $fname, array( 'LIMIT' => 1, 'ORDER BY' => 'log_timestamp DESC' ) ); if($dbr->numRows($res) == 1) { while ( $x = $dbr->fetchObject ( $res ) ) $data = $x; $dbr->freeResult ( $res ) ; } else { $data = null; } return $data; } /** * @todo document */ function getPreviewText() { global $wgOut, $wgUser, $wgTitle, $wgParser; $fname = 'EditPage::getPreviewText'; wfProfileIn( $fname ); if ( $this->mTriedSave && !$this->mTokenOk ) { if ( $this->mTokenOkExceptSuffix ) { $msg = 'token_suffix_mismatch'; } else { $msg = 'session_fail_preview'; } } else { $msg = 'previewnote'; } $previewhead = '

' . htmlspecialchars( wfMsg( 'preview' ) ) . "

\n" . "\n"; if ( $this->isConflict ) { $previewhead.='

' . htmlspecialchars( wfMsg( 'previewconflict' ) ) . "

\n"; } $parserOptions = ParserOptions::newFromUser( $wgUser ); $parserOptions->setEditSection( false ); global $wgRawHtml; if( $wgRawHtml && !$this->mTokenOk ) { // Could be an offsite preview attempt. This is very unsafe if // HTML is enabled, as it could be an attack. return $wgOut->parse( "" ); } # don't parse user css/js, show message about preview # XXX: stupid php bug won't let us use $wgTitle->isCssJsSubpage() here if ( $this->isCssJsSubpage ) { if(preg_match("/\\.css$/", $wgTitle->getText() ) ) { $previewtext = wfMsg('usercsspreview'); } else if(preg_match("/\\.js$/", $wgTitle->getText() ) ) { $previewtext = wfMsg('userjspreview'); } $parserOptions->setTidy(true); $parserOutput = $wgParser->parse( $previewtext , $wgTitle, $parserOptions ); $wgOut->addHTML( $parserOutput->mText ); wfProfileOut( $fname ); return $previewhead; } else { $toparse = $this->textbox1; # If we're adding a comment, we need to show the # summary as the headline if($this->section=="new" && $this->summary!="") { $toparse="== {$this->summary} ==\n\n".$toparse; } if ( $this->mMetaData != "" ) $toparse .= "\n" . $this->mMetaData ; $parserOptions->setTidy(true); $parserOutput = $wgParser->parse( $this->mArticle->preSaveTransform( $toparse ) ."\n\n", $wgTitle, $parserOptions ); $previewHTML = $parserOutput->getText(); $wgOut->addParserOutputNoText( $parserOutput ); # ParserOutput might have altered the page title, so reset it $wgOut->setPageTitle( wfMsg( 'editing', $this->mTitle->getPrefixedText() ) ); foreach ( $parserOutput->getTemplates() as $ns => $template) foreach ( array_keys( $template ) as $dbk) $this->mPreviewTemplates[] = Title::makeTitle($ns, $dbk); wfProfileOut( $fname ); return $previewhead . $previewHTML; } } /** * Call the stock "user is blocked" page */ function blockedPage() { global $wgOut, $wgUser; $wgOut->blockedPage( false ); # Standard block notice on the top, don't 'return' # If the user made changes, preserve them when showing the markup # (This happens when a user is blocked during edit, for instance) $first = $this->firsttime || ( !$this->save && $this->textbox1 == '' ); if( $first ) { $source = $this->mTitle->exists() ? $this->getContent() : false; } else { $source = $this->textbox1; } # Spit out the source or the user's modified version if( $source !== false ) { $rows = $wgUser->getOption( 'rows' ); $cols = $wgUser->getOption( 'cols' ); $attribs = array( 'id' => 'wpTextbox1', 'name' => 'wpTextbox1', 'cols' => $cols, 'rows' => $rows, 'readonly' => 'readonly' ); $wgOut->addHtml( '

---

' ); $wgOut->addWikiText( wfMsg( $first ? 'blockedoriginalsource' : 'blockededitsource', $this->mTitle->getPrefixedText() ) ); $wgOut->addHtml( wfOpenElement( 'textarea', $attribs ) . htmlspecialchars( $source ) . wfCloseElement( 'textarea' ) ); } } /** * Produce the stock "please login to edit pages" page */ function userNotLoggedInPage() { global $wgUser, $wgOut; $skin = $wgUser->getSkin(); $loginTitle = SpecialPage::getTitleFor( 'Userlogin' ); $loginLink = $skin->makeKnownLinkObj( $loginTitle, wfMsgHtml( 'loginreqlink' ), 'returnto=' . $this->mTitle->getPrefixedUrl() ); $wgOut->setPageTitle( wfMsg( 'whitelistedittitle' ) ); $wgOut->setRobotPolicy( 'noindex,nofollow' ); $wgOut->setArticleRelated( false ); $wgOut->addHtml( wfMsgWikiHtml( 'whitelistedittext', $loginLink ) ); $wgOut->returnToMain( false, $this->mTitle->getPrefixedUrl() ); } /** * Creates a basic error page which informs the user that * they have to validate their email address before being * allowed to edit. */ function userNotConfirmedPage() { global $wgOut; $wgOut->setPageTitle( wfMsg( 'confirmedittitle' ) ); $wgOut->setRobotPolicy( 'noindex,nofollow' ); $wgOut->setArticleRelated( false ); $wgOut->addWikiText( wfMsg( 'confirmedittext' ) ); $wgOut->returnToMain( false ); } /** * Creates a basic error page which informs the user that * they have attempted to edit a nonexistant section. */ function noSuchSectionPage() { global $wgOut; $wgOut->setPageTitle( wfMsg( 'nosuchsectiontitle' ) ); $wgOut->setRobotPolicy( 'noindex,nofollow' ); $wgOut->setArticleRelated( false ); $wgOut->addWikiText( wfMsg( 'nosuchsectiontext', $this->section ) ); $wgOut->returnToMain( false, $this->mTitle->getPrefixedUrl() ); } /** * Produce the stock "your edit contains spam" page * * @param $match Text which triggered one or more filters */ function spamPage( $match = false ) { global $wgOut; $wgOut->setPageTitle( wfMsg( 'spamprotectiontitle' ) ); $wgOut->setRobotPolicy( 'noindex,nofollow' ); $wgOut->setArticleRelated( false ); $wgOut->addWikiText( wfMsg( 'spamprotectiontext' ) ); if ( $match ) $wgOut->addWikiText( wfMsg( 'spamprotectionmatch', "{$match}" ) ); $wgOut->returnToMain( false ); } /** * @private * @todo document */ function mergeChangesInto( &$editText ){ $fname = 'EditPage::mergeChangesInto'; wfProfileIn( $fname ); $db = wfGetDB( DB_MASTER ); // This is the revision the editor started from $baseRevision = Revision::loadFromTimestamp( $db, $this->mArticle->mTitle, $this->edittime ); if( is_null( $baseRevision ) ) { wfProfileOut( $fname ); return false; } $baseText = $baseRevision->getText(); // The current state, we want to merge updates into it $currentRevision = Revision::loadFromTitle( $db, $this->mArticle->mTitle ); if( is_null( $currentRevision ) ) { wfProfileOut( $fname ); return false; } $currentText = $currentRevision->getText(); $result = ''; if( wfMerge( $baseText, $editText, $currentText, $result ) ){ $editText = $result; wfProfileOut( $fname ); return true; } else { wfProfileOut( $fname ); return false; } } /** * Check if the browser is on a blacklist of user-agents known to * mangle UTF-8 data on form submission. Returns true if Unicode * should make it through, false if it's known to be a problem. * @return bool * @private */ function checkUnicodeCompliantBrowser() { global $wgBrowserBlackList; if( empty( $_SERVER["HTTP_USER_AGENT"] ) ) { // No User-Agent header sent? Trust it by default... return true; } $currentbrowser = $_SERVER["HTTP_USER_AGENT"]; foreach ( $wgBrowserBlackList as $browser ) { if ( preg_match($browser, $currentbrowser) ) { return false; } } return true; } /** * Format an anchor fragment as it would appear for a given section name * @param string $text * @return string * @private */ function sectionAnchor( $text ) { $headline = Sanitizer::decodeCharReferences( $text ); # strip out HTML $headline = preg_replace( '/<.*?' . '>/', '', $headline ); $headline = trim( $headline ); $sectionanchor = '#' . urlencode( str_replace( ' ', '_', $headline ) ); $replacearray = array( '%3A' => ':', '%' => '.' ); return str_replace( array_keys( $replacearray ), array_values( $replacearray ), $sectionanchor ); } /** * Shows a bulletin board style toolbar for common editing functions. * It can be disabled in the user preferences. * The necessary JavaScript code can be found in style/wikibits.js. */ function getEditToolbar() { global $wgStylePath, $wgContLang, $wgJsMimeType; /** * toolarray an array of arrays which each include the filename of * the button image (without path), the opening tag, the closing tag, * and optionally a sample text that is inserted between the two when no * selection is highlighted. * The tip text is shown when the user moves the mouse over the button. * * Already here are accesskeys (key), which are not used yet until someone * can figure out a way to make them work in IE. However, we should make * sure these keys are not defined on the edit page. */ $toolarray = array( array( 'image' => 'button_bold.png', 'id' => 'mw-editbutton-bold', 'open' => '\\\'\\\'\\\'', 'close' => '\\\'\\\'\\\'', 'sample'=> wfMsg('bold_sample'), 'tip' => wfMsg('bold_tip'), 'key' => 'B' ), array( 'image' => 'button_italic.png', 'id' => 'mw-editbutton-italic', 'open' => '\\\'\\\'', 'close' => '\\\'\\\'', 'sample'=> wfMsg('italic_sample'), 'tip' => wfMsg('italic_tip'), 'key' => 'I' ), array( 'image' => 'button_link.png', 'id' => 'mw-editbutton-link', 'open' => '[[', 'close' => ']]', 'sample'=> wfMsg('link_sample'), 'tip' => wfMsg('link_tip'), 'key' => 'L' ), array( 'image' => 'button_extlink.png', 'id' => 'mw-editbutton-extlink', 'open' => '[', 'close' => ']', 'sample'=> wfMsg('extlink_sample'), 'tip' => wfMsg('extlink_tip'), 'key' => 'X' ), array( 'image' => 'button_headline.png', 'id' => 'mw-editbutton-headline', 'open' => "\\n== ", 'close' => " ==\\n", 'sample'=> wfMsg('headline_sample'), 'tip' => wfMsg('headline_tip'), 'key' => 'H' ), array( 'image' => 'button_image.png', 'id' => 'mw-editbutton-image', 'open' => '[['.$wgContLang->getNsText(NS_IMAGE).":", 'close' => ']]', 'sample'=> wfMsg('image_sample'), 'tip' => wfMsg('image_tip'), 'key' => 'D' ), array( 'image' => 'button_media.png', 'id' => 'mw-editbutton-media', 'open' => '[['.$wgContLang->getNsText(NS_MEDIA).':', 'close' => ']]', 'sample'=> wfMsg('media_sample'), 'tip' => wfMsg('media_tip'), 'key' => 'M' ), array( 'image' => 'button_math.png', 'id' => 'mw-editbutton-math', 'open' => ""; return $toolbar; } /** * Returns an array of html code of the following checkboxes: * minor and watch * * @param $tabindex Current tabindex * @param $skin Skin object * @param $checked Array of checkbox => bool, where bool indicates the checked * status of the checkbox * * @return array */ public static function getCheckboxes( &$tabindex, $skin, $checked ) { global $wgUser; $checkboxes = array(); $checkboxes['minor'] = ''; $minorLabel = wfMsgExt('minoredit', array('parseinline')); if ( $wgUser->isAllowed('minoredit') ) { $attribs = array( 'tabindex' => ++$tabindex, 'accesskey' => wfMsg( 'accesskey-minoredit' ), 'id' => 'wpMinoredit', ); $checkboxes['minor'] = Xml::check( 'wpMinoredit', $checked['minor'], $attribs ) . " tooltipAndAccesskey('minoredit').">{$minorLabel}"; } $watchLabel = wfMsgExt('watchthis', array('parseinline')); $checkboxes['watch'] = ''; if ( $wgUser->isLoggedIn() ) { $attribs = array( 'tabindex' => ++$tabindex, 'accesskey' => wfMsg( 'accesskey-watch' ), 'id' => 'wpWatchthis', ); $checkboxes['watch'] = Xml::check( 'wpWatchthis', $checked['watch'], $attribs ) . " tooltipAndAccesskey('watch').">{$watchLabel}"; } return $checkboxes; } /** * Returns an array of html code of the following buttons: * save, diff, preview and live * * @param $tabindex Current tabindex * * @return array */ public function getEditButtons(&$tabindex) { global $wgLivePreview, $wgUser; $buttons = array(); $temp = array( 'id' => 'wpSave', 'name' => 'wpSave', 'type' => 'submit', 'tabindex' => ++$tabindex, 'value' => wfMsg('savearticle'), 'accesskey' => wfMsg('accesskey-save'), 'title' => wfMsg( 'tooltip-save' ).' ['.wfMsg( 'accesskey-save' ).']', ); $buttons['save'] = wfElement('input', $temp, ''); ++$tabindex; // use the same for preview and live preview if ( $wgLivePreview && $wgUser->getOption( 'uselivepreview' ) ) { $temp = array( 'id' => 'wpPreview', 'name' => 'wpPreview', 'type' => 'submit', 'tabindex' => $tabindex, 'value' => wfMsg('showpreview'), 'accesskey' => '', 'title' => wfMsg( 'tooltip-preview' ).' ['.wfMsg( 'accesskey-preview' ).']', 'style' => 'display: none;', ); $buttons['preview'] = wfElement('input', $temp, ''); $temp = array( 'id' => 'wpLivePreview', 'name' => 'wpLivePreview', 'type' => 'submit', 'tabindex' => $tabindex, 'value' => wfMsg('showlivepreview'), 'accesskey' => wfMsg('accesskey-preview'), 'title' => '', 'onclick' => $this->doLivePreviewScript(), ); $buttons['live'] = wfElement('input', $temp, ''); } else { $temp = array( 'id' => 'wpPreview', 'name' => 'wpPreview', 'type' => 'submit', 'tabindex' => $tabindex, 'value' => wfMsg('showpreview'), 'accesskey' => wfMsg('accesskey-preview'), 'title' => wfMsg( 'tooltip-preview' ).' ['.wfMsg( 'accesskey-preview' ).']', ); $buttons['preview'] = wfElement('input', $temp, ''); $buttons['live'] = ''; } $temp = array( 'id' => 'wpDiff', 'name' => 'wpDiff', 'type' => 'submit', 'tabindex' => ++$tabindex, 'value' => wfMsg('showdiff'), 'accesskey' => wfMsg('accesskey-diff'), 'title' => wfMsg( 'tooltip-diff' ).' ['.wfMsg( 'accesskey-diff' ).']', ); $buttons['diff'] = wfElement('input', $temp, ''); return $buttons; } /** * Output preview text only. This can be sucked into the edit page * via JavaScript, and saves the server time rendering the skin as * well as theoretically being more robust on the client (doesn't * disturb the edit box's undo history, won't eat your text on * failure, etc). * * @todo This doesn't include category or interlanguage links. * Would need to enhance it a bit, maybe wrap them in XML * or something... that might also require more skin * initialization, so check whether that's a problem. */ function livePreview() { global $wgOut; $wgOut->disable(); header( 'Content-type: text/xml; charset=utf-8' ); header( 'Cache-control: no-cache' ); $s = '' . "\n" . Xml::openElement( 'livepreview' ) . Xml::element( 'preview', null, $this->getPreviewText() ) . Xml::element( 'br', array( 'style' => 'clear: both;' ) ) . Xml::closeElement( 'livepreview' ); echo $s; } /** * Get a diff between the current contents of the edit box and the * version of the page we're editing from. * * If this is a section edit, we'll replace the section as for final * save and then make a comparison. */ function showDiff() { $oldtext = $this->mArticle->fetchContent(); $newtext = $this->mArticle->replaceSection( $this->section, $this->textbox1, $this->summary, $this->edittime ); $newtext = $this->mArticle->preSaveTransform( $newtext ); $oldtitle = wfMsgExt( 'currentrev', array('parseinline') ); $newtitle = wfMsgExt( 'yourtext', array('parseinline') ); if ( $oldtext !== false || $newtext != '' ) { $de = new DifferenceEngine( $this->mTitle ); $de->setText( $oldtext, $newtext ); $difftext = $de->getDiff( $oldtitle, $newtitle ); $de->showDiffStyle(); } else { $difftext = ''; } global $wgOut; $wgOut->addHtml( '' ); } /** * Filter an input field through a Unicode de-armoring process if it * came from an old browser with known broken Unicode editing issues. * * @param WebRequest $request * @param string $field * @return string * @private */ function safeUnicodeInput( $request, $field ) { $text = rtrim( $request->getText( $field ) ); return $request->getBool( 'safemode' ) ? $this->unmakesafe( $text ) : $text; } /** * Filter an output field through a Unicode armoring process if it is * going to an old browser with known broken Unicode editing issues. * * @param string $text * @return string * @private */ function safeUnicodeOutput( $text ) { global $wgContLang; $codedText = $wgContLang->recodeForEdit( $text ); return $this->checkUnicodeCompliantBrowser() ? $codedText : $this->makesafe( $codedText ); } /** * A number of web browsers are known to corrupt non-ASCII characters * in a UTF-8 text editing environment. To protect against this, * detected browsers will be served an armored version of the text, * with non-ASCII chars converted to numeric HTML character references. * * Preexisting such character references will have a 0 added to them * to ensure that round-trips do not alter the original data. * * @param string $invalue * @return string * @private */ function makesafe( $invalue ) { // Armor existing references for reversability. $invalue = strtr( $invalue, array( "&#x" => "�" ) ); $bytesleft = 0; $result = ""; $working = 0; for( $i = 0; $i < strlen( $invalue ); $i++ ) { $bytevalue = ord( $invalue{$i} ); if( $bytevalue <= 0x7F ) { //0xxx xxxx $result .= chr( $bytevalue ); $bytesleft = 0; } elseif( $bytevalue <= 0xBF ) { //10xx xxxx $working = $working << 6; $working += ($bytevalue & 0x3F); $bytesleft--; if( $bytesleft <= 0 ) { $result .= "&#x" . strtoupper( dechex( $working ) ) . ";"; } } elseif( $bytevalue <= 0xDF ) { //110x xxxx $working = $bytevalue & 0x1F; $bytesleft = 1; } elseif( $bytevalue <= 0xEF ) { //1110 xxxx $working = $bytevalue & 0x0F; $bytesleft = 2; } else { //1111 0xxx $working = $bytevalue & 0x07; $bytesleft = 3; } } return $result; } /** * Reverse the previously applied transliteration of non-ASCII characters * back to UTF-8. Used to protect data from corruption by broken web browsers * as listed in $wgBrowserBlackList. * * @param string $invalue * @return string * @private */ function unmakesafe( $invalue ) { $result = ""; for( $i = 0; $i < strlen( $invalue ); $i++ ) { if( ( substr( $invalue, $i, 3 ) == "&#x" ) && ( $invalue{$i+3} != '0' ) ) { $i += 3; $hexstring = ""; do { $hexstring .= $invalue{$i}; $i++; } while( ctype_xdigit( $invalue{$i} ) && ( $i < strlen( $invalue ) ) ); // Do some sanity checks. These aren't needed for reversability, // but should help keep the breakage down if the editor // breaks one of the entities whilst editing. if ((substr($invalue,$i,1)==";") and (strlen($hexstring) <= 6)) { $codepoint = hexdec($hexstring); $result .= codepointToUtf8( $codepoint ); } else { $result .= "&#x" . $hexstring . substr( $invalue, $i, 1 ); } } else { $result .= substr( $invalue, $i, 1 ); } } // reverse the transform that we made for reversability reasons. return strtr( $result, array( "�" => "&#x" ) ); } function noCreatePermission() { global $wgOut; $wgOut->setPageTitle( wfMsg( 'nocreatetitle' ) ); $wgOut->addWikiText( wfMsg( 'nocreatetext' ) ); } /** * If there are rows in the deletion log for this page, show them, * along with a nice little note for the user * * @param OutputPage $out */ private function showDeletionLog( $out ) { $title = $this->mArticle->getTitle(); $reader = new LogReader( new FauxRequest( array( 'page' => $title->getPrefixedText(), 'type' => 'delete', ) ) ); if( $reader->hasRows() ) { $out->addHtml( '' ); } } }