From 5b2198bfebde0085d8c73c7a7bec23b2f59431b9 Mon Sep 17 00:00:00 2001 From: Roan Kattouw Date: Tue, 25 Jul 2017 19:46:37 -0700 Subject: [PATCH] Cap 'days' param in RC/Watchlist at $wgRCMaxAge Without this, setting the 'days' param to a very high value causes exceptions while doing timestamp math. Bug: T149890 Change-Id: I5aee5f027cced8860eb966e2d6bdb07764ce861a --- includes/specials/SpecialRecentchanges.php | 3 ++- includes/specials/SpecialWatchlist.php | 13 ++++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/includes/specials/SpecialRecentchanges.php b/includes/specials/SpecialRecentchanges.php index 1248007892..f0c2bc45a4 100644 --- a/includes/specials/SpecialRecentchanges.php +++ b/includes/specials/SpecialRecentchanges.php @@ -373,6 +373,7 @@ class SpecialRecentChanges extends ChangesListSpecialPage { public function validateOptions( FormOptions $opts ) { $opts->validateIntBounds( 'limit', 0, 5000 ); + $opts->validateBounds( 'days', 0, $this->getConfig()->get( 'RCMaxAge' ) / ( 3600 * 24 ) ); parent::validateOptions( $opts ); } @@ -387,7 +388,7 @@ class SpecialRecentChanges extends ChangesListSpecialPage { $query_options, $join_conds, $opts ); // Calculate cutoff - $cutoff_unixtime = time() - ( $opts['days'] * 86400 ); + $cutoff_unixtime = time() - $opts['days'] * 3600 * 24; $cutoff = $dbr->timestamp( $cutoff_unixtime ); $fromValid = preg_match( '/^[0-9]{14}$/', $opts['from'] ); diff --git a/includes/specials/SpecialWatchlist.php b/includes/specials/SpecialWatchlist.php index 65131ec25f..549362f20f 100644 --- a/includes/specials/SpecialWatchlist.php +++ b/includes/specials/SpecialWatchlist.php @@ -34,6 +34,8 @@ use Wikimedia\Rdbms\IDatabase; class SpecialWatchlist extends ChangesListSpecialPage { public function __construct( $page = 'Watchlist', $restriction = 'viewmywatchlist' ) { parent::__construct( $page, $restriction ); + + $this->maxDays = $this->getConfig()->get( 'RCMaxAge' ) / ( 3600 * 24 ); } public function doesWrites() { @@ -173,6 +175,11 @@ class SpecialWatchlist extends ChangesListSpecialPage { return $opts; } + public function validateOptions( FormOptions $opts ) { + $opts->validateBounds( 'days', 0, $this->maxDays ); + parent::validateOptions( $opts ); + } + /** * Get all custom filters * @@ -255,7 +262,7 @@ class SpecialWatchlist extends ChangesListSpecialPage { // Calculate cutoff if ( $opts['days'] > 0 ) { $conds[] = 'rc_timestamp > ' . - $dbr->addQuotes( $dbr->timestamp( time() - intval( $opts['days'] * 86400 ) ) ); + $dbr->addQuotes( $dbr->timestamp( time() - $opts['days'] * 3600 * 24 ) ); } } @@ -499,7 +506,7 @@ class SpecialWatchlist extends ChangesListSpecialPage { if ( $opts['days'] > 0 ) { $days = $opts['days']; } else { - $days = $this->getConfig()->get( 'RCMaxAge' ) / ( 3600 * 24 ); + $days = $this->maxDays; } $timestamp = wfTimestampNow(); $wlInfo = $this->msg( 'wlnote' )->numParams( $numRows, round( $days * 24 ) )->params( @@ -599,7 +606,7 @@ class SpecialWatchlist extends ChangesListSpecialPage { $days[] = $userWatchlistOption; } - $maxDays = (string)( $this->getConfig()->get( 'RCMaxAge' ) / ( 3600 * 24 ) ); + $maxDays = (string)$this->maxDays; // add the maximum possible value, if it isn't available already if ( !in_array( $maxDays, $days ) ) { $days[] = $maxDays; -- 2.20.1