"I wouldn't object to stylizing the API code to bring it in line with
the rest of MW on principle, but I'm not gonna bother myself." --Roan
<http://www.mediawiki.org/wiki/Special:Code/MediaWiki/60657#c5108>
If you're seeing this commit in blames, tell your blame tool to ignore
whitespace, e.g., git blame -w or svn blame -x -w.
Here is a short overview of changes and associated default configuration variables (most everything is off by default) also see ~soon to be updated~: http://www.mediawiki.org/wiki/Media_Projects_Overview
= Upload Improvements =
==Upload API ==
* Based on the early work of Bryan Tong and others it adds the upload option to the api.
* We rewrite Special:Upload page to include use the new refactoring
* Added in token checks in both the SpecialUpload.php page so avoids DOS / xss copy-by-url JavaScript based cross site POST file submissions
== Copy by URL==
$wgAllowCopyUploads = false;
* http class rewrite includes a new http background download see: includes/HttpFunctions.php
* spins off a php process that calls: maintenance/http_session_download.php
* pushes updates to the session and gives the user a progress bar on http copy uploads from other server progress (using js2 upload interface) (if not using the js2 upload interface it does the request in-place but the download is limited to the php ini timeout time)
== Firefogg ==
* Firefogg enables resumable upload by chunks
* progress indicators and conditional invokation (js2 system)
* and of-course client side transcoding.
= Script Server =
$wgEnableScriptLoader = false;
* off by default if $wgEnableScriptLoader is turned on script files are grouped, gziped, cached etc.
for more info see: http://www.mediawiki.org/wiki/Extension:ScriptLoader
* Includes some early skin js include fixes (skin/script system still lots of love)
* Includes a "javascript class autoloader" this is packaged into mwEmbed so that the mwEmbed library can work in stand alone mode (while retaining localization and script serving) (one such application is the make page for firefogg.org : http://www.firefogg.org/make/index.html )
* The file that contains the autojavascript loading classes is: js2/php/jsAutoloadLocalClasses.php
* One can use this auto class loading dependency system with extensions and add-ons but I need to better document that.
= js2 system / mwEmbed=
$wgEnableJS2system = false
* includes initial rewrite towards more jquery based javascript code
* especially for the Special:Upload page.
* Also the edit page include support for the "add-media-wizard"
* includes dependency loader for javascript that optionally takes advantage of the script-loader
* remote embedding of javascript interfaces (like embedding video, or commons media searching)
* $wgDebugJavaScript = false; .. .this variable lets you always get "always fresh javascript". When used with the script-loader it does not minify the script-loader output.
= mwEmbed =
* Will commit a separate patch to oggHandler that conditionally outputs <video tag> to use the new javascript video player.
** mv_embed player includes: play-head, volume control, remote embedding, oggz-chop support across plugins.
* add-media-wizard adds easy inserts of media to pages (with import)
== jQuery==
* we include a base install of jQuery, jQuery ui and some plugins.
* all the javascript classes are in the scriptloader so its easy to load any set of jquery ui components that you may need using the script-server. You get a callback so you can then execute js with dependencies loaded.
== other stuff ==
there is a bit more code in js2 that pertains to sequence editing, timed text display and basic image editing. We include a base import of pixastic-lib & pixastic-editor... will work with the pixastic developer to try and ensure upstream compatibility on our usage of the library for in-browser photo and sequence manipulation.
* Add ustoken=userrights to list=users
* Move the non-UI part of UserrightsPage::saveUserGroups() to the static and more generic doSaveUserGroups()
* Add a $reason parameter to UserrightsPage::addLogEntry() and make it and its helpers static
* Move UserrightsPage::changeableGroups() and changeableByGroup() to the User class and make the latter static
* In doSaveUserGroups(), drop groups that the user doesn't have from $remove (and those that they do have from $add), and return array($add, $remove)
* Fix up a comment in ApiQueryRecentChanges
* Instead of hiding read-restricted modules, throw an error when a user without read rights tries to use them
* Do the same for write modules when $wgEnableWriteAPI is false
* Indicate whether a module needs read or write rights in action=help and action=paraminfo
* BREAKING CHANGE: action=purge now requires write rights and, for anonymous users, a POST request
* This means queries could possibly return fewer results than the limit and still set a query-continue
* Add iicontinue, rvcontinue, cicontinue, incontinue, amfrom to faciliate query-continue for these modules
* Implemented by blocking additions to the ApiResult object if they would make it too large
** Important things like query-continue values and warnings are exempt from this check
** RSS feeds and exported XML are also exempted (size-checking them would be too messy)
** Result size is checked against $wgAPIMaxResultSize, which defaults to 8 MB
For those who really care, per-file details follow:
ApiResult.php:
* Introduced ApiResult::$mSize which keeps track of the result size.
* Introduced ApiResult::size() which calculates an array's size
(which is the sum of the strlen()s of its elements).
* ApiResult::addValue() now checks that the result size stays below
$wgAPIMaxResultSize. If the item won't fit, it won't be added and addValue()
will return false. Callers should check the return value and set a
query-continue if it's false.
* Closed the back door that is ApiResult::getData(): callers can't manipulate
the data array directly anymore so they can't bypass the result size limit.
* Added ApiResult::setIndexedTagName_internal() which will call
setIndexedTagName() on an array already in the result. This is needed for the
'new' order of adding results, which means addValue()ing one result at a time
until you hit the limit or run out, then calling this function to set the tag
name.
* Added ApiResult::disableSizeCheck() and enableSizeCheck() which disable and
enable size checking in addValue(). This is used for stuff like query-continue
elements and warnings which shouldn't count towards the result size.
* Added ApiResult::unsetValue() which removes an element from the result and
decreases $mSize.
ApiBase.php:
* Like ApiResult::getData(), ApiBase::getResultData() no longer returns a
reference.
* Use ApiResult::disableSizeCheck() in ApiBase::setWarning()
ApiQueryBase.php:
* Added ApiQueryBase::addPageSubItem(), which adds page subitems one item
at a time.
* addPageSubItem() and addPageSubItems() now return whether the subitem
fit in the result.
* Use ApiResult::disableSizeCheck() in setContinueEnumParameter()
ApiMain.php:
* Use ApiResult::disableSizeCheck() in ApiMain::substituteResultWithError()
* Use getParameter() rather than $mRequest to obtain requestid
DefaultSettings.php:
* Added $wgAPIMaxResultSize, with a default value of 8 MB
ApiQuery*.php:
* Added results one at a time, and set a query-continue if the result is full.
ApiQueryLangLinks.php and friends:
* Migrated from addPageSubItems() to addPageSubItem(). This eliminates the
need for $lastId.
ApiQueryAllLinks.php, ApiQueryWatchlist.php, ApiQueryAllimages.php, ApiQuerySearch.php:
* Renamed $data to something more appropriate ($pageids, $ids or $titles)
ApiQuerySiteinfo.php:
* Abuse siprop as a query-continue parameter and set it to all props that
couldn't be processed.
ApiQueryRandom.php:
* Doesn't do continuations, because the result is supposed to be random.
* Be smart enough to not run the second query if the results of the first
didn't fit.
ApiQueryImageInfo.php, ApiQueryRevisions.php, ApiQueryCategoryInfo.php, ApiQueryInfo.php:
* Added continue parameter which basically skips the first so many items
ApiQueryBacklinks.php:
* Throw the result in a big array first and addValue() that one element at a time if necessary
** This is necessary because the results aren't retrieved in order
* Introduced $this->pageMap to map namespace and title to page ID
* Rewritten extractRowInfo() and extractRedirRowInfo() a little
* Declared all private member variables explicitly
ApiQueryDeletedrevs.php:
* Use a pagemap just like in Backlinks
* Introduce fake page IDs and keep track of them so we know where to add what
** This doesn't change the output format, because the fake page IDs start at 0 and are consecutive
ApiQueryAllmessages.php:
* Add amfrom to facilitate query-continue
ApiQueryUsers.php:
* Rewrite: put the getOtherUsersInfo() code in execute()
** Backend code moved to RecentChange::reallyMarkPatrolled() and doMarkPatrolled()
** Adapted Article::markpatrolled()
* (bug 15466) Added action=patrol to the API. Modified patch by Soxred93
* Added rctoken=patrol to list=recentchanges
* Detect duplicate warnings in ApiBase::setWarning()
* (bug 15048) Added limit field for multivalue parameters to action=paraminfo output.
* When the limit on multivalue parameters is exceeded, a warning is issued
* Add Bryan Tongh Minh to the API credits. Half of all image-related code is his
* Add myself to CREDITS. Why do we sort that by first name, though? Kind of weird
$params['action'] cannot be an invalid action, because the $params array is filled by ApiBase::extractRequestParams() which checks whether the parameters are valid and throws an error message (ironically implemented with a UsageException) if they're not.
* Checking for 'writeapi' in ApiMain::requestWriteMode() and tweaking the noapiwrite error message a bit
* Granting this right to *, user and bot by default.
For extra clarity: to e.g. move pages through the API, a user needs to have the 'move' right AND the 'writeapi' right AND $wgEnableWriteAPI = true;
Doxygen documentation update:
* Changed alls @addtogroup to @ingroup. @addtogroup adds the comment to the group description, but doesn't add the file, class, function, ... to the group like @ingroup does. See for example http://svn.wikimedia.org/doc/group__SpecialPage.html where it's impossible to see related files, classes, ... that should belong to that group.
* Added @file to file description, it seems that it should be explicitely decalred for file descriptions, otherwise doxygen will think that the comment document the first class, variabled, function, ... that is in that file.
* Removed some empty comments
* Removed some ?>
Added following groups:
* ExternalStorage
* JobQueue
* MaintenanceLanguage
One more thing: there are still a lot of warnings when generating the doc.
* Wrote two concrete implementations. LBFactory_Simple is for general installations. LBFactory_Multi will replace the runtime configuration used on Wikimedia and allow load-balanced connections to any DB.
* Ported Special:Userrights, CentralAuth and OAI audit to the LBFactory system.
* Added ForeignDBViaLBRepo, a file repository which uses LBFactory.
* Removed $wgLoadBalancer and $wgAlternateMaster
* Improved the query group concept to allow failover and lag control
* Improved getReaderIndex(), it will now try all servers before waiting, instead of waiting after each.
* Removed the $fail parameter to getConnection(), obsolete.
* Removed the useless force() function.
* Abstracted the replication position interface to allow for future non-MySQL support.
* Rearranged Database.php. Added a few debugging features.
* Removed ancient benet-specific hack from waitForSlave.php
* Removing action=render module (which was deprecated) in favor of action=parse
* Added prop parameter to action=parse so certain parts of the output can be left out
* action=parse&prop=text behaves pretty much exactly like action=render used to
** This probably shouldn't be hard-coded the way I did it
* UserrightsPage::saveUserGroups() now takes $removegroup and $addgroup parameters by reference. Parameters are changed to reflect what was actually added and removed.
* Re-adding ApiChangeRights module, which now handles permission denied errors more gracefully
format=raw is an HTML injection machine like action=raw but without any safeguards; it's trivial to create JavaScript exploits which hit at least Internet Explorer.
There's no reason to add a whole new danger point here when you've got machine-readable structure already... please do not add this raw formatter back.
Just get a user to visit a URL with the user ID and token you like in the query string (say, in an <img> referenced in a page you convince them to go to or post for their review) and their login session will be replaced with the one you provided.
* Allow staying logged in through lg* parameters instead of cookies (modified patch by Eddie Roger)
* Removed ApiLogin's sessionID return value, as it doesn't always work and is redundant anyway
* De-escape &amp; to & rather than & to & -- guarantees that we won't leave stray &s around producing invalid or freaky output
* Use == instead of = when comparing... :)
Adds what seems to be a very purpose-specific extension into the core API:
a) shortly before release
b) while apparently not implementing much of its interface
c) with an interface that looks kind of strange to me
revisions - removed oldid (not used except in content retrieval), added extra prop options to optimize bandwidth, continue value is now an integer in JSON
minor help screen improvement.
breaking change: Query watchlist shows flags only when explicitly requested with wlparam=flags, and rc_this_oldid (textid) is no longer accessible
query watchlist cleanup
bug in the integer parameter min/max validation
bug in feed formatting in error handling
some documentation
* breaking change: Converted a map of revisions into a list of revisions to allow easier json processing (no need to know map keys)
* html formatting now properly links urls ending with a '\n' string (jsonfm)
* regression: fixed allpages to return int instead of string for pageid and ns
* Added: info now returns page length, counter, and a new flag
* Add @addtogroup tags to various classes, to try and group conceptually-related classes together.
* Add brief descriptions to various Special pages, thanks to Phil Boswell.
* Moving some docs to be right above the classes they represent, so that they are picked up.
* @link. You might think @link would surely mean "here comes a web URL" ... but @link is a valid command
in Doxygen, which means an entirely different kind of link (an internal link to somewhere, so that you can separate
documentation and implementation). The result is a mess, and the best solution I can see is to use "@see" instead of "@link".
* Warning: argument `nourl' of command @param is not found in the argument list of Linker::makeMediaLinkObj($title,$text='')
* Moving few class descriptions to right above classes, and/or formatting into Javadoc style.
* "@addtogroup Special Pages" --> "@addtogroup SpecialPage" so that all special pages have the same @addtogroup tag.
* @fixme --> @todo (must have missed these before)
* "@param $specialPage @see" remove the "@" in the "@see" to stop warning.
* @throws wants type, then a brief description, to stop warning.
This last one is for PHPdocumentor only, but it fixes something for PHPDocumentor, and should be neutral for Doxygen:
* WARNING in includes/api/ApiFormatYaml_spyc.php on line 860: docblock template never terminated with /**#@-*/
* Strict Standards: Undefined index: switch in includes/Parser.php on line 3849
* Strict Standards: Undefined index: ref in includes/Parser.php on line 3818
* Strict Standards: Non-static method OutputPage::setEncodings() should not be called statically in index.php on line 11
* Strict Standards: Only variables should be assigned by reference in includes/Skin.php on line 888
* Strict Standards: Non-static method Title::newFromURL() should not be called statically in includes/SpecialContributions.php on line 178
* Strict Standards: Only variables should be assigned by reference in includes/GlobalFunctions.php on line 2054
* Strict Standards: Undefined index: contributions-summary in languages/Language.php on line 764
* Strict Standards: Undefined index: trackbackhtml in skins/MonoBook.php on line 86
* Strict Standards: Undefined index: blockip in skins/MonoBook.php on line 204
* Strict Standards: Undefined index: tagline in skins/MonoBook.php on line 261
* Strict Standards: Undefined index: uselang in includes/SkinTemplate.php on line 1159
* Strict Standards: Non-static method CoreParserFunctions::plural() cannot be called statically in includes/Parser.php on line 2902
* Strict Standards: Undefined offset: 0 in includes/SkinTemplate.php on line 196
* Strict Standards: Undefined index: USE INDEX in includes/Database.php on line 1015
* Strict Standards: Undefined index: image_tests in includes/Parser.php on line 3488
* Strict Standards: Undefined offset: 0 in includes/Parser.php on line 3507
* Strict Standards: Non-static method ChangesList::newFromUser() should not be called statically in includes/SpecialWatchlist.php on line 361
* Strict Standards: Non-static method RecentChange::newFromCurRow() should not be called statically in includes/SpecialWatchlist.php on line 367
* Strict Standards: is_a(): Deprecated. Please use the instanceof operator in includes/Exception.php on line 168
* Strict Standards: Non-static method LogPage::logName() should not be called statically in includes/SpecialContributions.php on line 325
* Strict Standards: ob_end_flush(): failed to delete and flush buffer. No buffer to delete or flush. in maintenance/commandLine.inc on line 191
* Strict Standards: Undefined index: meatball in languages/Language.php on line 234
* Strict Standards: rmdir(/tmp/mwParser-2108164586-images/thumb): Directory not empty in maintenance/parserTests.inc on line 605
* Cleaning out some new temp files left over by parserTests (there were one or two straggler dirs/files that would persist after the test run ended, due to new tests being added over time)
* Strict Standards: Non-static method CoreParserFunctions::special() cannot be called statically in includes/Parser.php on line 2902
* Strict Standards: Declaration of ListUsersPage::preprocessResults() should be compatible with that of QueryPage::preprocessResults() in includes/SpecialListusers.php on line 38
* Strict Standards: Only variables should be passed by reference in includes/SpecialBlockip.php on line 175
* Strict Standards: Skin::include_once(skins/Standard.deps.php) [<a href='function.include-once'>function.include-once</a>]: failed to open stream: No such file or directory in includes/Skin.php on line 121
* Strict Standards: Declaration of ApiMain::getResult() should be compatible with that of ApiBase::getResult() in includes/api/ApiMain.php on line 35
* Strict Standards: is_a(): Deprecated. Please use the instanceof operator in includes/WikiError.php on line 63
* Strict Standards: Non-static method WikiError::isError() should not be called statically in includes/SpecialImport.php on line 64
* Strict Standards: Non-static method ImportStreamSource::newFromInterwiki() should not be called statically in includes/SpecialImport.php on line 58<b
* Strict Standards: Only variables should be assigned by reference in includes/SpecialUndelete.php on line 501
* Strict Standards: Non-static method Image::newFromName() should not be called statically in thumb.php on line 56
* Strict Standards: Non-static method CoreParserFunctions::numberoffiles() cannot be called statically in includes/Parser.php on line 2902
* Strict Standards: Non-static method CoreParserFunctions::statisticsFunction() should not be called statically in includes/CoreParserFunctions.php on line 139
* Strict Standards: Non-static method CoreParserFunctions::isRaw() should not be called statically in includes/CoreParserFunctions.php on line 128
* Strict Standards: Non-static method CoreParserFunctions::grammar() cannot be called statically in includes/Parser.php on line 2902
* Strict Standards: Undefined offset: 1 in includes/SpecialMIMEsearch.php on line 130
* Strict Standards: Undefined index: recentchangeslinked in skins/MonoBook.php on line 184
* Strict Standards: Declaration of DumpNotalkFilter::pass() should be compatible with that of DumpFilter::pass() in includes/Export.php on line 612
* Strict Standards: Declaration of DumpNamespaceFilter::pass() should be compatible with that of DumpFilter::pass() in includes/Export.php on line 665
* Strict Standards: Non-static method ImportStreamSource::newFromUpload() should not be called statically in includes/SpecialImport.php on line 46
* Strict Standards: Undefined offset: 5 in includes/Sanitizer.php on line 396
* Strict Standards: Undefined index: wikidbUserName in includes/SpecialUserlogin.php on line 562
* Strict Standards: Only variables should be assigned by reference in includes/api/ApiQueryBase.php on line 95
* Strict Standards: Only variables should be assigned by reference in includes/api/ApiQueryBase.php on line 116
* Strict Standards: Only variables should be assigned by reference in includes/api/ApiQueryWatchlist.php on line 128
* Strict Standards: Undefined property: stdClass::$rc_id in includes/api/ApiQueryBase.php on line 131
* Strict Standards: Undefined property: stdClass::$rc_last_oldid in includes/api/ApiQueryBase.php on line 164
* Strict Standards: Undefined property: stdClass::$rc_moved_to_ns in includes/api/ApiQueryBase.php on line 285
* Strict Standards: Undefined property: stdClass::$rc_patrolled in includes/api/ApiQueryBase.php on line 176
* Strict Standards: Undefined index: comment in includes/api/ApiFeedWatchlist.php on line 85
* Strict Standards: Undefined offset: 0 in includes/Skin.php on line 302
* Strict Standards: Non-static method User::SetupSession() should not be called statically in includes/SpecialUserlogin.php on line 15
... There are certain to be other things too, so this is not intended to be comprehensive, rather the above just stops most of the notifications I observed.
* removing some unused global declarations.
* removing or commenting out or adding comments for unused local vars.
* Adding one or two local var declarations.
* Declaring $matches array passed to preg_match() / preg_match_all() as array() before using [not required, just have a slight preference for the explicitness].
* remove one or two pass-by-reference function declarations where the value is not modified.
* Adding some braces to if-else blocks.
* In Parser.php, stripstrate is now an object rather than an array as per r17820, so we no longer need ask for a reference to it (as in "$x =& $this->mStripState;"), and in fact it's probably just simpler to get rid of $x altogether.
* Moving some preg regexes from "" quoting to '' quoting to stop static analyzer whinging about bad escape sequences.
... up to "LinksUpdate.php" in the includes/ directory.
