* Fix errors spotted by new release
* Introduce "composer fix", which uses phpcbf to automatically fix some
errors spotted by phpcs.
* Drop $PHPCS_ARGS variable that didn't work on Windows, and add -s flag
* Remove rules from phpcs.xml that are now in MW-CS ruleset.
Change-Id: I13e2155695918c918b67497ac65b85a03897095e
This ensures that, in case "composer install" has not been run,
the user will see the error message about setting up dependencies
(as opposed a plain "Class not found" error because some other
dependency was used first).
Change-Id: Ib6026123770d21cc9f8960a1de361c8178b1b044
This performs sanity check that request *is* for a non-write module.
By handling the validation, the CDN layer can simply use the presence
of this header to route POST requests to the local datacenter.
Without validation, users could cause strange traffic patterns and slow
cross-DC database writes (which can involve many RTTs).
This is useful for AJAX widgets that need to post a payload to get a
response, but that don't actually change anything in the process. They
should be able to use the local datacenter.
Bug: T91820
Change-Id: I34248ddee33033e3d1d86c3391236259d917d4a7
* WMF has has ignore_user_abort() for *all* request in configuration
for many years. This brings this to default MediaWiki for all POST
requests, which are likely to do writes. Of course, some do not,
notably parse requests and previews, since GET cannot carry the
payload. Avoiding data corruption is more important though.
Bug: T102890
Change-Id: I11c8b0d99583a682f756cef9747ec5ba9751c5e3
* Deprecate $wgRequestTime in favor of $_SERVER['REQUEST_TIME_FLOAT'], which is
more accurate. Because $_SERVER['REQUEST_TIME_FLOAT'] is only set for PHP
5.4+, set it to microtime( true ) in WebStart.php for back-compatibility.
* Add a 'requestTime' property to WebRequest objects, set to
$_SERVER['REQUEST_TIME_FLOAT'] for WebRequest or the instance creation time
for FauxRequest instances.
* Use that to provide WebRequest::getElapsedTime(), which gets the time since
the request was initiated.
* In wfLogProfilingData(), get the user and request objects from the context
object rather than from global scope.
Opportunistic clean-up: move the magic quotes check to WebStart.php and make
the error message more helpful.
Change-Id: I7e07e22eaf16b5141b80ad9f843285c542a127b7
The TemplateParser class provides a server-side interface to cachable
dynamically-compiled Mustache templates. It currently uses the
lightncandy library to do compilation (which is already included in
the vendor repo).
Also converting NoLocalSettings.php to use it as a proof-of-concept.
Bug: T379
Change-Id: I28cd13d4d1132bd386e2ae2f4f0d1dd88ad9162b
Introduces wfLoadExtension()/wfLoadSkin() which should be used in
LocalSettings.php rather than require-ing a PHP entry point.
Extensions and skins would add "extension.json" or "skin.json" files
in their root, which contains all the information typically
present in PHP entry point files (classes to autoload, special pages,
API modules, etc.) A full schema can be found at
docs/extension.schema.json, and a script to validate these to the
schema is provided. An additional script is provided to convert
typical PHP entry point files into their JSON equivalents.
The basic flow of loading an extension goes like:
* Get the ExtensionRegistry singleton instance
* ExtensionRegistry takes a filename, reads the file or tries
to get the parsed JSON from APC if possible.
* The JSON is run through a Processor instance,
which registers things with the appropriate
global settings.
* The output of the processor is cached in APC if possible.
* The extension/skin is marked as loaded in the
ExtensionRegistry and a callback function is executed
if one was specified.
For ideal performance, a batch loading method is also provided:
* The absolute path name to the JSON file is queued
in the ExtensionRegistry instance.
* When loadFromQueue() is called, it constructs a hash
unique to the members of the current queue, and sees
if the queue has been cached in APC. If not, it processes
each file individually, and combines the result of each
Processor into one giant array, which is cached in APC.
* The giant array then sets various global settings,
defines constants, and calls callbacks.
To invalidate the cached processed info, by default the mtime
of each JSON file is checked. However that can be slow if you
have a large number of extensions, so you can set $wgExtensionInfoMTime
to the mtime of one file, and `touch` it whenever you update
your extensions.
Change-Id: I7074b65d07c5c7d4e3f1fb0755d74a0b07ed4596
It may have been defined at one time, but now it's just
function overhead to check on every request.
Change-Id: I05963a0e496e0a960a4feb6877a03e67c5a6fc85
- Put Profiler, ProfileSection and TransactionProfiler in their own
files and rely on Autoloader to use them (maintenance has been
using the autoloader here for some time--we don't profile the
autoloader manually)
- This reduces overhead in WebStart/doMaintenance by only loading
three functions at profiler initialization and defers until the
first profiling call happens
- Inline callback functions in ProfilerSimpleText rather than having
public static functions.
- Small comment and code formatting changes in various touched files.
Change-Id: Idf27677c068c50b847152c523a33e7f0c33fdeeb
As of <https://github.com/facebook/hhvm/commit/0f98cab>, it is possible to
call getrusage( [ int $who = 0 ] ) with $who = 2 to request resource usage
info for the current thread (RUSAGE_THERAD), rather than the calling process
(RUSAGE_SELF). (Earlier versions of HHVM return RUSAGE_SELF data unless $who
is 1.)
PHP5 code can assume that each request is handled in a dedicated subprocess,
but the same is not true of HHVM, which is multi-threaded. Therefore, to get
resource usage data for the current request context, it is necessary to ask
for RUSAGE_THREAD rather than RUSAGE_SELF.
To do this, introduce a new global function in Profiler.php: wfGetRusage().
It is defined there and not in GlobalFunctions.php so that it can be used early
in WebStart.php.
Bug: 70227
Change-Id: Ibe9598ecdfc0f6c434f8b3c7a94f06a7b2fcca23
Good idea, but moves things about too much and will break things. Let's revisit and not break things.
This reverts commit 214931ed33.
Change-Id: I6f5026b572105cd9e7d6de12a491c7ee45ac3dbc
register_globals has been deprecated since PHP 5.3, which was released
5 years ago. There's absolutely no reason anyone should have this turned
on, and if they do, well, they probably have bigger issues than this.
Due to changes in WebStart.php, the web installer will now fail to
start, just showing an error message stating that register_globals
must be disabled beforehand.
The command-line installer will display the
"config-register-globals-error" message before exiting.
Change-Id: If951d15293c5f6aa8a92e91fefcb00f04e6c13b3
* Harmonize spacing
* Use // for comments rather than #
* Harmonize call style for 'require', 'include' etc.
* Add missing profileinfo.php5
* Use "./" for path to api.php in api.php5 (to match other php5 files).
* Move documentation related to Setup.php from index.php to WebStart.php
* Remove "Initialise common code." comment in api.php (was already remove
in most entry points)
Change-Id: I8dc4a79fd13cee49e34f250a4039b3666bd42aca
Change check in WebStart to is_readable and output a different
text on NoLocalSettings template, when the file exists.
Bug: 61094
Change-Id: I4dbdb33e468bc731fa1d6eef8e0f66e1d552d0f8
... as well as the require_once statements in includes/WebStart.php
and maintenance/doMaintenance.php, now that the autoloader lists
MWInit (since r85807 / c68957c5e3).
Also removed code paths in maintenance/userDupes.inc that seem to be
dead (class_exists( 'Revision' ) should always be true) and useless
global/require_once statements in languages/Language.php.
Follows-up Ic3e769f1fbad4f7ad26dd819406796fee48c6b45.
Change-Id: I48fd6810fdb923b3065ae98024912eb18d394415
These functions existed to work around a bug (fixed in PHP 5.3) and
a missing feature (added in PHP 5.2) in older versions of PHP;
therefore, they are no longer necessary.
Change-Id: Ifebbe3d449fc57fd83f8350c28f467605c1a07b7
This never really worked properly, doesn't conform to coding
conventions, and isn't actually used by anyone for testing.
Our selenium stuff these days are in the qa/browsertests repo
Change-Id: I8f1efaa118fe41821fb3f4a6099d75a33681f17b
"phpunit/phpunit" already exists inside our composer.json's "require-dev" however this has been
entirely useless as we don't include the autoloader which would load composer's PHPUnit.
This change begins including composer's autoloader when present and also tweaks phpunit.php
to ensure PHPUnit isn't double loaded. As a result besides supporting PHPUnit via composer this
also means that we're ready to make use of any library we add to our composer.json in the future.
Change-Id: I891740e8fd3d237c5f473862027205d951f564b9
Squiz.WhiteSpace.LanguageConstructSpacing:
Language constructs must be followed by a single space;
expected "require_once expression" but found
"require_once(expression)"
It is a keyword (e.g. like `new`, `return` and `print`). As
such the parentheses don't make sense.
Per our code conventions, we use a space after keywords like
these. We appeared to have an unwritten exception for `require`
that doesn't make sense. About 60% of require/include usage
was missing the space and/or had superfluous parentheses.
It is as silly as print("foo") or return("foo"), it works
because keywords have no significance for whitespace between
it and the expression that follows, and since experessions can
be wrapped in parentheses for clarity (e.g. when doing string
concatenation or mathematical operations) the parenthesis
before and after basiclaly just ignored.
Change-Id: I2df2f80b8123714bea7e0771bf94b51ad5bb4b87
hphpc has been superseded by hhvm, so support for hphpc is no longer
needed.
* Continue to use Preprocessor_Hash under HipHop since it is still
faster under hhvm
* Keep $wgCompiledFiles for now, so that wikihiero doesn't give an error
before Ic9d1e795 is merged
* Migrate the run-server script and associated configuration file to
hhvm. Enable EnableStaticContentFromDisk since it doesn't seem
ridiculously inefficient at first glance. Run from $IP rather than
$IP/.. since hhvm is apparently not picky about sourcing files from
outside of the current directory.
Change-Id: Ic3e769f1fbad4f7ad26dd819406796fee48c6b45
* Ran spell-checker over code comments in /includes/
* A few spellchecking fixes for wfDebug() calls
Found one very strange (NOOP?) line in Linker.php - see "TODO: BUG?"
Change-Id: Ibb86b51073b980eda9ecce2cf0b8dd33f058adbf
Added/removed spaces after opening/before closing parentheses
Added a space after a comma
Removed unneeded parentheses in condition
Change-Id: I306091347ccaaf11dee0cdfda3019cb0c12be51b
Sets a cookie on user login (removed on logout) if wpStickHTTPS
was checked, which causes the browser to get a redirect if they
visit the HTTP version of the site.
Change-Id: I60f44a1062a93d15198edae6674bb3310a148b2d
We can now do this since we finally switched to PHP 5.3 for MW 1.20 and get rid of the silly dirname(__FILE__) stuff :)
Change-Id: Id9b2c9cd2e678197aa81c78adced5d1d31ff57b1
** Don't try to set a global variable in the same file as a class definition (Profiler.php). Set it in WebStart.php instead.
** In StartProfiler.sample, don't use require_once() to get ProfilerStub.
* Removed the setproctitle() stuff from ProfilerStub, the extension is not maintained and doesn't work with Apache 2.x
* Added an optimisation to wfProfileIn() and wfProfileOut() to reduce the overhead when profiling is not enabled
* Added the ability to configure in StartProfiler.php whether CPU time or wall-clock time is used, avoiding recompilation
* Added the ability to compile extensions. The build process is bootstrapped by running MediaWiki in interpreted mode. Extension setup file inclusions are slightly modified in a way that makes them register themselves for compilation. Then the same LocalSettings.php uses the compiled extension setup file when the compiled binary runs.
* Tested with Cite and ParserFunctions. The code which lets you have an extensions directory in a place other than $IP/../extensions is untested.
* Simplified WebStart.php slightly by using a custom $_SERVER variable to mark compiled mode. It will break if you don't use the supplied server.conf, but that will break a lot of things so don't do that.
* Fixed the core web entry points to include WebStart.php in compiled mode instead of interpreted.
* Made the build directory configurable. This is mostly so that I can grep the source tree without seeing loads of generated C++.
* In server.conf, added a rewrite rule allowing a /wiki/$1 article path.
* Removed server.conf log file location "/dev/stdout", breaks when you switch user
* Disable static content cache, breaks horribly when you set SourceRoot to a directory containing 7GB of files.
* Rewrote the run-server script in PHP, mostly to support the configurable build directory feature.
* Added an option to the run-server script to allow running in interpreted (hphpi) mode.
Adding X-Content-Type-Options: nosniff header in WebStart.php so that it's *always* set, even for alternate entry points and when $wgOut gets disabled or overridden.
Note that this of course doesn't apply to uploaded images and such loaded directly -- the usual caveats still apply.
Have not tested to confirm that this actually protects against sniffing errors -- please test on IE8 and IE9.
