Back to index

moin  1.9.0~rc2
Public Member Functions | Public Attributes | Static Public Attributes
AnyWikiDraw Class Reference


WARNING: This is an extension for MediaWiki 1.12 through 1.15 only. More...

List of all members.

Public Member Functions

 AnyWikiDraw ()
 execute ($par)
 processUpload ()
 echoDetails ($msg)
 AnyWikiDraw ()
 execute ($par)
 processUpload ()
 I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!
 processDownload ()
 Downloads the specified image to the applet, and disallows caching by the browser.
 showSuccess ()
 Show some text and linkage on successful upload.
 saveUploadedFile ($saveName, $tempName, $useRename=false)
 I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!
 loadMessages ()
 userCanOverwrite ($name)
 I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!
 verify ($tmpfile, $extension)
 Verifies that it's ok to include the uploaded file.
 verifyExtension ($mime, $extension)
 Checks if the mime type of the uploaded file matches the file extension.
 detectScript ($file, $mime, $extension)
 Heuristig for detecting files that could contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful.
 detectVirus ($file)
 Generic wrapper function for a virus scanner program.

Public Attributes

 $mUploadDescription
 

@+

private
 $mLicense
 $mUploadOldVersion
 $mUploadCopyStatus
 $mUploadSource
 $mWatchthis

Static Public Attributes

static $version = "0.13"

Detailed Description


WARNING: This is an extension for MediaWiki 1.12 through 1.15 only.


WARNING: This is an extension for MediaWiki 1.7 through 1.10 only.

Do not use it with other versions of MediaWiki without extensive testing!

This file contains the AnyWikiDraw special page.

The special page displays a description of AnyWikiDraw, and it is used by the applet to download and upload an image to the Wiki.

Author:
Werner Randelshofer
Version:
Id:
AnyWikiDraw.body.php 131 2009-07-08 20:24:04Z rawcoder

Do not use it with other versions of MediaWiki without extensive testing!

This file contains the AnyWikiDraw special page.

The special page displays a description of AnyWikiDraw, and it is used by the applet to download and upload an image to the Wiki.

Author:
Werner Randelshofer
Version:
Id:
AnyWikiDraw_body.php 120 2009-06-28 08:05:06Z rawcoder

Definition at line 31 of file AnyWikiDraw.body.php.


Member Function Documentation

Definition at line 40 of file AnyWikiDraw.body.php.

                              {
              SpecialPage::SpecialPage("AnyWikiDraw");
              wfLoadExtensionMessages('AnyWikiDraw');

              $this->mUploadDescription = '';
              $this->mLicense = '';
              $this->mUploadCopyStatus = '';
              $this->mUploadSource = '';
              $this->mWatchthis = false;
       }

Definition at line 40 of file AnyWikiDraw_body.php.

                              {
              SpecialPage::SpecialPage("AnyWikiDraw");
              self::loadMessages();

              $this->mUploadDescription = '';
              $this->mLicense = '';
              $this->mUploadCopyStatus = '';
              $this->mUploadSource = '';
              $this->mWatchthis = false;
       }

Here is the call graph for this function:

AnyWikiDraw::detectScript ( file,
mime,
extension 
)

Heuristig for detecting files that could contain JavaScript instructions or things that may look like HTML to a browser and are thus potentially harmful.

The present implementation will produce false positives in some situations.

Parameters:
string$filePathname to the temporary upload file
string$mimeThe mime type of the file
string$extensionThe extension of the file
Returns:
bool true if the file contains something looking like embedded scripts

Definition at line 577 of file AnyWikiDraw_body.php.

                                                       {
              return UploadForm::detectScript($file, $mime, $extension);
       }

Here is the caller graph for this function:

Generic wrapper function for a virus scanner program.

This relies on the $wgAntivirus and $wgAntivirusSetup variables. $wgAntivirusRequired may be used to deny upload if the scan fails.

Parameters:
string$filePathname to the temporary upload file
Returns:
mixed false if not virus is found, NULL if the scan fails or is disabled, or a string containing feedback from the virus scanner if a virus was found. If textual feedback is missing but a virus was found, this function returns true.

Definition at line 589 of file AnyWikiDraw_body.php.

                                   {
              return UploadForm::detectVirus($file);
       }

Here is the caller graph for this function:

Definition at line 278 of file AnyWikiDraw.body.php.

                                  {
              if (is_array($msg)) {
                     foreach ($msg as $submsg) {
                            $this->echoDetails($submsg);
                     }
              } else {
                     echo('</p>'.$msg.'</p>');
              }
       }

Here is the caller graph for this function:

Definition at line 51 of file AnyWikiDraw.body.php.

                                {
              global $wgRequest, $wgOut;
              
              if ($wgRequest->wasPosted()) {
                     $this->processUpload();
                     
              } else if (strlen($wgRequest->getVal("image","")) > 0) {
                     $this->processDownload();
              } else {
                     $this->setHeaders();
              
                     # Get request data from, e.g.
                     # $param = $wgRequest->getText('param');
                     $hasErrors = false;
                            
            # Check uploading enabled
            global $wgEnableUploads, $wgSitename;
              if( !$wgEnableUploads ) {
                            $hasErrors = true;
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_upload_disabled', $wgSitename)
                );
            } 

            # Check cookies available to Java
            global $wgCookieHttpOnly;
              if( $wgCookieHttpOnly ) {
                            $hasErrors = true;
                            $wgOut->addWikiText(
                            wfMsg('anywikidraw_cookie_http_only', $wgSitename)
                );
            } 


            # Check file extensions enabled
            global $wgFileExtensions;
            $requiredExtensions = array("svg",/*"svgz",*/"png","jpg");
            $missingExtensions = array();
            foreach ($requiredExtensions as $ext) {
                if (! in_array($ext, $wgFileExtensions)) {
                    $missingExtensions[] = $ext;
                }
            }
            if (count($missingExtensions) == 1) {
                            $hasErrors = true;
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_extension_disabled', $wgSitename, ".".implode(", .", $missingExtensions) )
                );
            } else if (count($missingExtensions) > 1) {
                            $hasErrors = true;
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_extensions_disabled', $wgSitename, ".".implode(", .", $missingExtensions) )
                );
            }
              
                     # Show information about AnyWikiDraw
                     if (! $hasErrors) {
               global $wgAnyWikiDrawVersion;
                            $wgOut->addWikiText(
                                   wfMsg('anywikidraw_about', AnyWikiDraw::$version)
                            );
                     }
                     // Output
                     // $wgOut->addHTML( $output );
              }
       }

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 51 of file AnyWikiDraw_body.php.

                                {
              global $wgRequest, $wgOut;
              
              if ($wgRequest->wasPosted()) {
                     $this->processUpload();
              } else if (strlen($wgRequest->getVal("image","")) > 0) {
                     $this->processDownload();
              } else {
                     $this->setHeaders();
              
                     # Get request data from, e.g.
                     # $param = $wgRequest->getText('param');
                            
                     # Show information about AnyWikiDraw
            global $wgAnyWikiDrawVersion;
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_about', $wgAnyWikiDrawVersion)
                     );

            # Check uploading enabled
            global $wgEnableUploads, $wgSitename;
              if( !$wgEnableUploads ) {
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_upload_disabled', $wgSitename)
                );
            } 

            # Check file extensions enabled
            global $wgFileExtensions;
            $requiredExtensions = array("svg","png","jpg");
            $missingExtensions = array();
            foreach ($requiredExtensions as $ext) {
                if (! in_array($ext, $wgFileExtensions)) {
                    $missingExtensions[] = $ext;
                }
            }
            if (count($missingExtensions) == 1) {
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_extension_disabled', $wgSitename, ".".implode(", .", $missingExtensions) )
                );
            } else if (count($missingExtensions) > 1) {
                     $wgOut->addWikiText(
                            wfMsg('anywikidraw_extensions_disabled', $wgSitename, ".".implode(", .", $missingExtensions) )
                );
            }
              

              
                     // Output
                     // $wgOut->addHTML( $output );
              }
       }

Here is the call graph for this function:

Here is the caller graph for this function:

Definition at line 452 of file AnyWikiDraw_body.php.

                               {
              static $messagesLoaded = false;
              global $wgMessageCache;
              if ( $messagesLoaded ) return;
              $messagesLoaded = true;

              require( dirname( __FILE__ ) . '/AnyWikiDraw.i18n.php' );
              foreach ( $messages as $lang => $msgs ) {
                            $wgMessageCache->addMessages( $msgs, $lang );
              }
        return true;
       }

Here is the caller graph for this function:

Downloads the specified image to the applet, and disallows caching by the browser.

We need this function, because if we retrieve an image using the MediaWiki image URL, the image gets cached by the browser. This is very bad for editing, because we wan't to edit the newest version of the image only.

Definition at line 355 of file AnyWikiDraw_body.php.

                                  {
              global $wgRequest;
       
              $name = $wgRequest->getVal("image","");
              $image = Image::newFromName($name);
              $imagePath = $image->getImagePath();
              if ($imagePath != null && file_exists($imagePath) && $filehandle=fopen($imagePath,'r')) {
                     header('Last-Modified: '.date(DATE_RFC822, filectime($imagePath)));
                     header('Cache-Control: no-cache');
                     if ($image->getMimeType() == 'image/svg') {
                            header('Content-Type: image/svg+xml');
                     } else {
                            header('Content-Type: '.$image->getMimeType());
                     }
                     header('Content-Length: '.filesize($imagePath));
                     fpassthru($filehandle);
                     fclose($filehandle);
                     exit;
              } else {
                     header('HTTP/1.0 404 Not Found');
                     echo 'image '.$name.' not found'; // do we need to i18n this? It's never displayed to a user.
                     exit;
              }
       }

Here is the caller graph for this function:

I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!

     

Filter out illegal characters, and try to make a legible name out of it. We'll strip some silently that Title would die on.

If the image is protected, non-sysop users won't be able to modify it by uploading a new revision.

In some cases we may forbid overwriting of existing files.

Check if the image directory is writeable, this is a common mistake

Upload the file into the temp directory, so that we can scrutinize its content

Look at the contents of the file; if we can recognize the type but it's corrupt or data of the wrong type, we should probably not accept it.

Provide an opportunity for extensions to add further checks

Try actually saving the thing... It will show an error form on failure.

Update the upload log and create the description page if it's a new file.

Save the rendered image, if one was provided

Save the image map, if one was provided

Definition at line 108 of file AnyWikiDraw_body.php.

                                {
              global $wgUser, $wgUploadDirectory, $wgRequest;
              
              $fname= "AnyWikiDraw_body::processUpload";

              // Retrieve form fields
              $drawingName = $wgRequest->getText('DrawingName');
              $drawingWidth = $wgRequest->getText('DrawingWidth');
              $drawingHeight = $wgRequest->getText('DrawingHeight');
              $drawingTempFile =  $wgRequest->getFileTempName('DrawingData');
              $drawingFileSize = $wgRequest->getFileSize( 'DrawingData' );
              $drawingUploadError = $wgRequest->getUploadError('DrawingData');
              $renderedTempFile =  $wgRequest->getFileTempName('RenderedImageData');
              $renderedFileSize = $wgRequest->getFileSize( 'RenderedImageData' );
              $renderedUploadError = $wgRequest->getUploadError('RenderedImageData');
              $imageMapTempFile =  $wgRequest->getFileTempName('ImageMapData');
              $imageMapFileSize = $wgRequest->getFileSize( 'ImageMapData' );
              $imageMapUploadError = $wgRequest->getUploadError('ImageMapData');
              $uploadSummary = $wgRequest->getText('UploadSummary');
              
              // validate image dimension
              if (! is_numeric($drawingWidth) || $drawingWidth < 1) {
                     $drawingWidth = null;
              }
              if (! is_numeric($drawingHeight) || $drawingHeight < 1) {
                     $drawingHeight = null;
              }

              # If there was no filename or no image data, give up quickly.
              if (strlen($drawingName) == 0 || $drawingFileSize == 0) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' received bad request [DrawingName='.$drawingName.']'.
                                   '[fileSize(DrawingData)='.$drawingFileSize.']'
                     );
                     header('HTTP/1.0 400 Bad Request');
                     exit("\n\n"+'<html><body>DrawingName and DrawingData must be supplied.</body></html>');
              }

              // Verify filename
              # Chop off any directories in the given filename.
              $drawingName = wfBaseName($drawingName);
              $imageExtension = substr(strrchr($drawingName, '.'), 1);
              
              # Only allow filenames with known extensions
              $allowedExtensions = array('svg', 'svgz', 'png', 'jpg');
              if (! in_array($imageExtension, $allowedExtensions)) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' Received bad image extension [DrawingName='.$drawingName.']');
                     header('HTTP/1.0 400 Bad Request');
                     exit("\n\n"+'<html><body>DrawingName must have one of the following extensions: '.
                                   implode(',', $allowedExtensions).
                            '.</body></html>');
              }

              $filtered = preg_replace ( "/[^".Title::legalChars()."]|:/", '-', $drawingName );
              $nt = Title::newFromText( $filtered );
              if( is_null( $nt ) ) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' Received bad image name [DrawingName='.$drawingName.']');
                     header('HTTP/1.0 400 Bad Request');
                     exit("\n\n"+'<html><body>DrawingName must contain legible characters only.</body></html>');
              }
              $nt =& Title::makeTitle( NS_IMAGE, $nt->getDBkey() );
              $uploadSaveName = $nt->getDBkey();
              
              
              if( !$nt->userCanEdit() ) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' image is protected [DrawingName='.$drawingName.']');
                     header('HTTP/1.0 403 Forbidden');
                     exit("\n\n"+'<html><body>You are not allowed to edit this image.</body></html>');
              }

              if( !$this->userCanOverwrite($uploadSaveName) ) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' image may not be overwritten [DrawingName='.$drawingName.']');
                     header('HTTP/1.0 403 Forbidden');
                     exit("\n\n"+'<html><body>You are not allowed to overwrite this image.</body></html>');
              }
              
              if( !is_writeable( $wgUploadDirectory ) ) {
                     header('HTTP/1.0 403 Forbidden');
                     exit("\n\n"+'<html><body>The upload directory on the server is read only.</body></html>');
              }
              
              $archive = wfImageArchiveDir( $uploadSaveName, 'temp' );
              
              $veri = $this->verify( $drawingTempFile, $imageExtension );
              if( $veri !== true ) { 
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' image failed verification [DrawingName='.$drawingName.'][DrawingTempFile='.$drawingTempFile.']');
                     unlink($drawingTempFile);
                     header('HTTP/1.0 400 Bad Request');
                     exit("\n\n"+'<html><body>The image data is corrupt.</body></html>');
              }

              $error = '';
              if( !wfRunHooks( 'UploadVerification',
                            array( $uploadSaveName, $drawingTempFile, &$error ) ) ) {
                     wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                   '[user '.$wgUser->getName().'] '.
                                   $fname.' image failed extended verification [DrawingName='.$drawingName.']');
                     unlink($drawingTempFile);
                     header('HTTP/1.0 400 Bad Request');
                     exit("\n\n"+'<html><body>The image data does not match the image name extension.</body></html>');
              }

       
              if( $this->saveUploadedFile( $uploadSaveName,
                                           $drawingTempFile,
                                           true ) ) {
                     $img = Image::newFromName( $uploadSaveName );
                     if ($drawingWidth != null) {
                            $img->width = $drawingWidth;
                     }
                     if ($drawingHeight != null) {
                            $img->height = $drawingHeight;
                     }
                     $this->mUploadDescription = $uploadSummary;

                     $success = $img->recordUpload( $this->mUploadOldVersion,
                                                     $this->mUploadDescription,
                                                     $this->mLicense,
                                                     $this->mUploadCopyStatus,
                                                     $this->mUploadSource,
                                                     $this->mWatchthis );
                                                     
                      if ($renderedTempFile != null && $drawingWidth != null)
                      {
                            $thumbName = $img->thumbName($drawingWidth, $img->fromSharedDirectory );
                            $thumbDir = wfImageThumbDir( $img->name, $img->fromSharedDirectory );
                            $thumbPath = $thumbDir.'/'.$thumbName;
                            wfDebug("we have a rendered image: ".$renderedTempFile.' width='.$drawingWidth.' height='.$drawingHeight.' thumbName='.$thumbPath );
                            if (!file_exists(dirname($thumbPath))) {
                                   mkdir(dirname($thumbPath), 0777, true);
                            }
                            // Look at the contents of the file; if we can recognize the
                            // type but it's corrupt or data of the wrong type, we should
                            // probably not accept it.
                            $veri = $this->verify( $renderedTempFile, 'png' );
                            if( $veri !== true ) { 
                                   wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                          '[user '.$wgUser->getName().'] '.
                                          $fname.' rendered image failed verification [DrawingName='.$drawingName.'][RenderedTempFile='.$renderedTempFile.']');
                                   unlink($renderedTempFile);
                            } else {
                                   move_uploaded_file($renderedTempFile, $thumbPath);
                            }
                      } else {
                            if ($renderedTempFile!= null) {
                                   unlink($renderedTempFile);
                            }
                      }

                      if ($imageMapTempFile != null && $drawingWidth != null)
                      {
                            $thumbName = $img->thumbName($drawingWidth, $img->fromSharedDirectory );
                            $thumbDir = wfImageThumbDir( $img->name, $img->fromSharedDirectory );
                            $imageMapPath = $thumbDir.'/'.$thumbName.'.map';
                            wfDebug("we have an image map: ".$imageMapTempFile);
                            if (!file_exists(dirname($imageMapPath))) {
                                   mkdir(dirname($imageMapPath), 0777, true);
                            }
                            // Look at the contents of the file; if we can recognize the
                            // type but it's corrupt or data of the wrong type, we should
                            // probably not accept it.
                            $hasScript = $this->detectScript( $imageMapTempFile, 'text/html', 'html' );
                            if( $hasScript !== false ) { 
                                   wfDebug('[client '.$_SERVER["REMOTE_ADDR"].']'.
                                          '[user '.$wgUser->getName().'] '.
                                          $fname.' image map failed verification [DrawingName='.$drawingName.'][ImageMapTempFile='.$imageMapTempFile.']');
                                   unlink($imageMapTempFile);
                            } else {
                                   move_uploaded_file($imageMapTempFile, $imageMapPath);
                            }
                      } else {
                            if ($imageMapTempFile!= null) {
                                   unlink($imageMapTempFile);
                            }
                      }


                     if ( $success ) {
                            $this->showSuccess();
                            wfRunHooks( 'UploadComplete', array( &$img ) );
                     } else {
                            // Image::recordUpload() fails if the image went missing, which is
                            // unlikely, hence the lack of a specialised message
                            $wgOut->showFileNotFoundError( $this->mUploadSaveName );
                     }
              }
              if ($renderedTempFile!= null) {
                     unlink($renderedTempFile);
              }
              if ($imageMapTempFile!= null) {
                     unlink($imageMapTempFile);
              }
       }

Here is the call graph for this function:

Definition at line 118 of file AnyWikiDraw.body.php.

                                {
              global $wgRequest, $wgOut;
              
              // Fill in the form data as needed by the upload form
              $wgRequest->data['wpDestFile'] = $wgRequest->data['DrawingName'];
              $wgRequest->data['wpIgnoreWarning'] = '1';
              $wgRequest->data['wpDestFileWarningAck'] ='1';
              $wgRequest->data['wpUploadDescription'] = $wgRequest->data['UploadSummary'];
              $wgRequest->data['wpUploadFile'] = $wgRequest->data['DrawingData'];
              $_FILES['wpUploadFile'] = $_FILES['DrawingData'];
              $wgRequest->data['action'] = $wgRequest->data['Action'];

              // Upload the drawing              
              $form = new UploadForm($wgRequest);
              $details = null;
              $outcome = $form->internalProcessUpload($details);
              

              $drawingTempFile = $wgRequest->getFileTempName('DrawingData');
              $renderedTempFile = $wgRequest->getFileTempName('RenderedImageData');
              $imageMapTempFile =  $wgRequest->getFileTempName('ImageMapData');
       
              // If we were successful so far, look whether a rendered image of the
              // drawing has been uploaded as well.
              if ($outcome == UploadForm::SUCCESS && $renderedTempFile != null) {
              
                     $img = $form->mLocalFile; 
                     $thumbDir = $img->getThumbPath();
                     $params = array( 'width' => $img->getWidth() );
                     $thumbName = $img->thumbName($params);
                     
                     if ($thumbName) {
                            // Look at the contents of the file; if we can recognize the
                            // type but it's corrupt or data of the wrong type, we should
                            // probably not accept it.
                            $veri = $form->verify( $renderedTempFile, 'png' );
                            if ($veri) {
                                   // Provide an opportunity for extensions to add further checks
                                   $error = '';
                                   if( !wfRunHooks( 'UploadVerification',
                                          array( $thumbName, $renderedTempFile, &$error ) ) ) {
                                          
                                          $veri = false;
                                   }
                            }
                            
                            
                            if ($veri) {
                                   if (!file_exists($thumbDir)) {
                                          $thumbDirExists = wfMkdirParents($thumbDir);
                                   } else {
                        $thumbDirExists = true;
                    }
                    if ($thumbDirExists) {
                        move_uploaded_file($renderedTempFile, $thumbDir.'/'.$thumbName);
                    }
                            }
                     }                           
              }
              
              // Get rid of uploaded files
              if (file_exists($drawingTempFile)) { unlink($drawingTempFile); }
              if (file_exists($renderedTempFile)) { unlink($renderedTempFile); }
              if (file_exists($imageMapTempFile)) { unlink($imageMapTempFile); }
                            
       
              // Return outcome along with an appropriate error message to the client      
              switch ($outcome) {
                     case  UploadForm::SUCCESS :
                            header('HTTP/1.0 200 OK');
                            echo('<html><body>Success.</body></html>');
                            break;
                            
                     case  UploadForm::BEFORE_PROCESSING :
                            header('HTTP/1.0 500 Internal Server Error');
                            echo('<html><body>Hook UploadForm:BeforeProcessing broke processing the file.</body></html>');
                            break;
                            
                     case  UploadForm::LARGE_FILE_SERVER :
                            header('HTTP/1.0 500 Internal Server Error');
                            echo('<html><body>'.wfMsgHtml( 'largefileserver' ).'</body></html>');
                            break;
                            
                     case  UploadForm::EMPTY_FILE :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>'.wfMsgHtml( 'emptyfile' ).'</body></html>');
                            break;
                            
                     case  UploadForm::MIN_LENGTH_PARTNAME :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>'.wfMsgHtml( 'minlength1' ).'</body></html>');
                            break;
                            
                     case  UploadForm::ILLEGAL_FILENAME :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>'.wfMsgHtml( 'illegalfilename', htmlspecialchars($wgRequest->data('DrawingName'))).'</body></html>');
                            break;
                            
                     case  UploadForm::PROTECTED_PAGE :
                            header('HTTP/1.0 403 Forbidden');
                            echo('<html><body>');
                            echo('<p>You are not allowed to change this drawing:</p>');
                            $this->echoDetails($details['permissionserrors']);
                            echo('</body></html>');
                            break;
                            
                     case  UploadForm::OVERWRITE_EXISTING_FILE :
                            header('HTTP/1.0 403 Forbidden');
                            echo('<html><body>You may not overwrite the existing drawing.</body></html>');
                            break;
                            
                     case  UploadForm::FILETYPE_MISSING :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>The type of the uploaded file is not explicitly allowed.</body></html>');
                            break;
                            
                     case  UploadForm::FILETYPE_BADTYPE :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>The type of the uploaded file is explicitly disallowed.</body></html>');
                            break;
                            
                     case  UploadForm::VERIFICATION_ERROR :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>');
                            echo('<p>The uploaded file did not pass server verification.</p>');
                            echo('</body></html>');
                            break;
                            
                     case  UploadForm::UPLOAD_VERIFICATION_ERROR :
                            header('HTTP/1.0 403 Bad Request');
                            echo('<html><body>');
                            echo('<p>The uploaded file did not pass server verification:</p>');
                            $this->echoDetails($details['error']);
                            echo('</body></html>');
                            break;
                            
                     case  UploadForm::UPLOAD_WARNING :
                            header('HTTP/1.0 400 Bad Request');
                            echo('<html><body>');
                            echo('<p>The server issued a warning for this file:</p>');
                            $this->echoDetails($details['warning']);
                            echo('</body></html>');
                            break;
                            
                     case  UploadForm::INTERNAL_ERROR :
                            header('HTTP/1.0 500 Internal Server Error');
                            echo('<html><body>');
                            echo('<p>Function UploadForm:internalProcessUpload encountered an internal error.</p>');
                            echo('<p>'.$details['internal'].'</p>');
                            echo('</body></html>');
                            break;
                            
                     default :
                            header('HTTP/1.0 500 Internal Server Error');
                            echo('<html><body>Function UploadForm:internalProcessUpload returned an unknown code: '.$outcome.'.</body></html>');
                            break;
              }
              exit();
       }

Here is the call graph for this function:

Here is the caller graph for this function:

AnyWikiDraw::saveUploadedFile ( saveName,
tempName,
useRename = false 
)

I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!

Move the uploaded file from its temporary location to the final destination. If a previous version of the file exists, move it into the archive subdirectory.

Todo:
If the later save fails, we may have disappeared the original file.
Parameters:
string$saveName
string$tempNamefull path to the temporary file
bool$useRenameif true, doesn't check that the source file is a PHP-managed upload temporary

Definition at line 402 of file AnyWikiDraw_body.php.

                                                                             {
              global $wgOut, $wgAllowCopyUploads;
              
              $fname= "SpecialUpload::saveUploadedFile";
              
              if ( !$useRename && $wgAllowCopyUploads && $this->mSourceType == 'web' ) {
                     $useRename = true;
              }

              $dest = wfImageDir( $saveName );
              $archive = wfImageArchiveDir( $saveName );
              if ( !is_dir( $dest ) ) wfMkdirParents( $dest );
              if ( !is_dir( $archive ) ) wfMkdirParents( $archive );
              
              $this->mSavedFile = "{$dest}/{$saveName}";

              if( is_file( $this->mSavedFile ) ) {
                     $this->mUploadOldVersion = gmdate( 'YmdHis' ) . "!{$saveName}";
                     wfSuppressWarnings();
                     $success = rename( $this->mSavedFile, "${archive}/{$this->mUploadOldVersion}" );
                     wfRestoreWarnings();

                     if( ! $success ) {
                            $wgOut->showFileRenameError( $this->mSavedFile,
                              "${archive}/{$this->mUploadOldVersion}" );
                            return false;
                     }
                     else wfDebug("$fname: moved file ".$this->mSavedFile." to ${archive}/{$this->mUploadOldVersion}\n");
              }
              else {
                     $this->mUploadOldVersion = '';
              }

              wfSuppressWarnings();
              $success = $useRename
                     ? rename( $tempName, $this->mSavedFile )
                     : move_uploaded_file( $tempName, $this->mSavedFile );
              wfRestoreWarnings();

              if( ! $success ) {
                     $wgOut->showFileCopyError( $tempName, $this->mSavedFile );
                     return false;
              } else {
                     wfDebug("$fname: wrote tempfile $tempName to ".$this->mSavedFile."\n");
              }

              chmod( $this->mSavedFile, 0644 );
              return true;
       }

Here is the call graph for this function:

Here is the caller graph for this function:

Show some text and linkage on successful upload.

private

Definition at line 383 of file AnyWikiDraw_body.php.

                              {
              header('HTTP/1.0 200 OK');
              exit;
       }

Here is the caller graph for this function:

I BORROWED THIS FUNCTION FROM SpecialUpload.php!! CHECK FOR EACH VERSION OF MEDIAWIKI, IF THIS FUNCTION STILL MAKES SENSE!

Check if there's an overwrite conflict and, if so, if restrictions forbid this user from performing the upload.

Returns:
true on success, false on failure private

Definition at line 474 of file AnyWikiDraw_body.php.

                                          {
              $img = Image::newFromName( $name );
              if( is_null( $img ) ) {
                     // Uh... this shouldn't happen ;)
                     // But if it does, fall through to previous behavior
                     return false;
              }

              if( $img->exists() ) {
                     global $wgUser, $wgOut;
                     if( $img->isLocal() ) {
                            if( !$wgUser->isAllowed( 'reupload' ) ) {
                                   return false;
                            }
                     } else {
                            if( !$wgUser->isAllowed( 'reupload' ) ||
                                !$wgUser->isAllowed( 'reupload-shared' ) ) {
                                return false;
                            }
                     }
              }

              // Rockin', go ahead and upload
              return true;
       }

Here is the caller graph for this function:

AnyWikiDraw::verify ( tmpfile,
extension 
)

Verifies that it's ok to include the uploaded file.

Parameters:
string$tmpfilethe full path of the temporary file to verify
string$extensionThe filename extension that the file is to be served with
Returns:
mixed true of the file is verified, a WikiError object otherwise.

Scan the uploaded file for viruses

Definition at line 507 of file AnyWikiDraw_body.php.

                                               {
              $fname= "AnyWikiDraw_body::verify";
              
              #magically determine mime type
              // BEGIN PATCH MediaWiki 1.7.1
              //$magic=& MimeMagic::singleton();
              //$mime= $magic->guessMimeType($tmpfile,false);
              $magic=& wfGetMimeMagic();
              $mime= $magic->guessMimeType($tmpfile,false);
              // END PATCH MediaWiki 1.7.1

              #check mime type, if desired
              global $wgVerifyMimeType;
              if ($wgVerifyMimeType) {

                     #check mime type against file extension
                     if( !$this->verifyExtension( $mime, $extension ) ) {
                            //return new WikiErrorMsg( 'uploadcorrupt' );
                            return false;
                     }
                     /*
                     #check mime type blacklist
                     global $wgMimeTypeBlacklist;
                     if( isset($wgMimeTypeBlacklist) && !is_null($wgMimeTypeBlacklist)
                            && $this->checkFileExtension( $mime, $wgMimeTypeBlacklist ) ) {
                            //return new WikiErrorMsg( 'badfiletype', htmlspecialchars( $mime ) );
                            wfDebug($fname.' badfiletype');
                            return false;
                     }*/
              }

              #check for htmlish code and javascript
              if( $this->detectScript ( $tmpfile, $mime, $extension ) ) {
                     //return new WikiErrorMsg( 'uploadscripted' );
                            wfDebug($fname.' uploadscripted');
                     return false;
              }

              $virus= $this->detectVirus($tmpfile);
              if ( $virus ) {
                     //return new WikiErrorMsg( 'uploadvirus', htmlspecialchars($virus) );
                            wfDebug($fname.' uploadvirus');
                     return false;
              }

              //wfDebug( "$fname: all clear; passing.\n" );
              return true;
       }

Here is the call graph for this function:

Here is the caller graph for this function:

AnyWikiDraw::verifyExtension ( mime,
extension 
)

Checks if the mime type of the uploaded file matches the file extension.

Parameters:
string$mimethe mime type of the uploaded file
string$extensionThe filename extension that the file is to be served with
Returns:
bool

Definition at line 565 of file AnyWikiDraw_body.php.

                                                     {
              return UploadForm::verifyExtension($mime, $extension);
       }

Here is the caller graph for this function:


Member Data Documentation

Definition at line 35 of file AnyWikiDraw.body.php.

Definition at line 36 of file AnyWikiDraw.body.php.

@+

private

Definition at line 35 of file AnyWikiDraw.body.php.

Definition at line 35 of file AnyWikiDraw.body.php.

Definition at line 36 of file AnyWikiDraw.body.php.

Definition at line 36 of file AnyWikiDraw.body.php.

AnyWikiDraw::$version = "0.13" [static]

Definition at line 38 of file AnyWikiDraw.body.php.


The documentation for this class was generated from the following files: