In Web entry points, move file scope code into a main function

Avoid leaking local variables into the global scope by accident, by
moving the entry point code to a function.

In index.php, document the intentional $mediaWiki global so that
nobody removes it by accident.

Change-Id: Ie1a181ae3ebdda90cd2321f0c1b50e31fb0d586e

1 files changed, 69 insertions, 63 deletions

diff --git a/api.php b/api.php
index 05a4742027a6..bb08c9a0a070 100644
--- a/api.php
+++ b/api.php
@@ -41,79 +41,85 @@ define( 'MW_ENTRY_POINT', 'api' );
 
 require __DIR__ . '/includes/WebStart.php';
 
-$starttime = microtime( true );
+wfApiMain();
 
-// PATH_INFO can be used for stupid things. We don't support it for api.php at
-// all, so error out if it's present. (T128209)
-if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
-	$correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValuesOnly() );
-	$correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL );
-	header( "Location: $correctUrl", true, 301 );
-	echo 'This endpoint does not support "path info", i.e. extra text between "api.php"'
-		. 'and the "?". Remove any such text and try again.';
-	die( 1 );
-}
+function wfApiMain() {
+	global $wgRequest, $wgTitle, $wgAPIRequestLog;
 
-// Set a dummy $wgTitle, because $wgTitle == null breaks various things
-// In a perfect world this wouldn't be necessary
-$wgTitle = Title::makeTitle( NS_SPECIAL, 'Badtitle/dummy title for API calls set in api.php' );
+	$starttime = microtime( true );
 
-// RequestContext will read from $wgTitle, but it will also whine about it.
-// In a perfect world this wouldn't be necessary either.
-RequestContext::getMain()->setTitle( $wgTitle );
+	// PATH_INFO can be used for stupid things. We don't support it for api.php at
+	// all, so error out if it's present. (T128209)
+	if ( isset( $_SERVER['PATH_INFO'] ) && $_SERVER['PATH_INFO'] != '' ) {
+		$correctUrl = wfAppendQuery( wfScript( 'api' ), $wgRequest->getQueryValuesOnly() );
+		$correctUrl = wfExpandUrl( $correctUrl, PROTO_CANONICAL );
+		header( "Location: $correctUrl", true, 301 );
+		echo 'This endpoint does not support "path info", i.e. extra text between "api.php"'
+			. 'and the "?". Remove any such text and try again.';
+		die( 1 );
+	}
 
-try {
-	// Construct an ApiMain with the arguments passed via the URL. What we get back
-	// is some form of an ApiMain, possibly even one that produces an error message,
-	// but we don't care here, as that is handled by the constructor.
-	$processor = new ApiMain( RequestContext::getMain(), true );
+	// Set a dummy $wgTitle, because $wgTitle == null breaks various things
+	// In a perfect world this wouldn't be necessary
+	$wgTitle = Title::makeTitle( NS_SPECIAL, 'Badtitle/dummy title for API calls set in api.php' );
 
-	// Last chance hook before executing the API
-	Hooks::runner()->onApiBeforeMain( $processor );
-	if ( !$processor instanceof ApiMain ) {
-		throw new MWException( 'ApiBeforeMain hook set $processor to a non-ApiMain class' );
-	}
-} catch ( Throwable $e ) {
-	// Crap. Try to report the exception in API format to be friendly to clients.
-	ApiMain::handleApiBeforeMainException( $e );
-	$processor = false;
-}
+	// RequestContext will read from $wgTitle, but it will also whine about it.
+	// In a perfect world this wouldn't be necessary either.
+	RequestContext::getMain()->setTitle( $wgTitle );
 
-// Process data & print results
-if ( $processor ) {
-	$processor->execute();
-}
+	try {
+		// Construct an ApiMain with the arguments passed via the URL. What we get back
+		// is some form of an ApiMain, possibly even one that produces an error message,
+		// but we don't care here, as that is handled by the constructor.
+		$processor = new ApiMain( RequestContext::getMain(), true );
 
-// Log what the user did, for book-keeping purposes.
-$endtime = microtime( true );
+		// Last chance hook before executing the API
+		Hooks::runner()->onApiBeforeMain( $processor );
+		if ( !$processor instanceof ApiMain ) {
+			throw new MWException( 'ApiBeforeMain hook set $processor to a non-ApiMain class' );
+		}
+	} catch ( Throwable $e ) {
+		// Crap. Try to report the exception in API format to be friendly to clients.
+		ApiMain::handleApiBeforeMainException( $e );
+		$processor = false;
+	}
 
-// Log the request
-if ( $wgAPIRequestLog ) {
-	$items = [
-		wfTimestamp( TS_MW ),
-		$endtime - $starttime,
-		$wgRequest->getIP(),
-		$wgRequest->getHeader( 'User-agent' )
-	];
-	$items[] = $wgRequest->wasPosted() ? 'POST' : 'GET';
+	// Process data & print results
 	if ( $processor ) {
-		try {
-			$manager = $processor->getModuleManager();
-			$module = $manager->getModule( $wgRequest->getVal( 'action' ), 'action' );
-		} catch ( Throwable $ex ) {
-			$module = null;
-		}
-		if ( !$module || $module->mustBePosted() ) {
-			$items[] = "action=" . $wgRequest->getVal( 'action' );
+		$processor->execute();
+	}
+
+	// Log what the user did, for book-keeping purposes.
+	$endtime = microtime( true );
+
+	// Log the request
+	if ( $wgAPIRequestLog ) {
+		$items = [
+			wfTimestamp( TS_MW ),
+			$endtime - $starttime,
+			$wgRequest->getIP(),
+			$wgRequest->getHeader( 'User-agent' )
+		];
+		$items[] = $wgRequest->wasPosted() ? 'POST' : 'GET';
+		if ( $processor ) {
+			try {
+				$manager = $processor->getModuleManager();
+				$module = $manager->getModule( $wgRequest->getVal( 'action' ), 'action' );
+			} catch ( Throwable $ex ) {
+				$module = null;
+			}
+			if ( !$module || $module->mustBePosted() ) {
+				$items[] = "action=" . $wgRequest->getVal( 'action' );
+			} else {
+				$items[] = wfArrayToCgi( $wgRequest->getValues() );
+			}
 		} else {
-			$items[] = wfArrayToCgi( $wgRequest->getValues() );
+			$items[] = "failed in ApiBeforeMain";
 		}
-	} else {
-		$items[] = "failed in ApiBeforeMain";
+		LegacyLogger::emit( implode( ',', $items ) . "\n", $wgAPIRequestLog );
+		wfDebug( "Logged API request to $wgAPIRequestLog" );
 	}
-	LegacyLogger::emit( implode( ',', $items ) . "\n", $wgAPIRequestLog );
-	wfDebug( "Logged API request to $wgAPIRequestLog" );
-}
 
-$mediawiki = new MediaWiki();
-$mediawiki->doPostOutputShutdown();
+	$mediawiki = new MediaWiki();
+	$mediawiki->doPostOutputShutdown();
+}