From ee535c908555930a989e23a5e181f468d7c5d342 Mon Sep 17 00:00:00 2001 From: Michael Dale Date: Fri, 17 Jul 2009 20:26:14 +0000 Subject: [PATCH] * fixed filldestination with for non-js2 version of special upload page. * fixed some other warnings that come up in strict compliance mode * removed double httpspecialchars on token --- includes/specials/SpecialUpload.php | 28 ++++++++++++++++------------ includes/upload/UploadBase.php | 4 ++-- includes/upload/UploadFromStash.php | 10 ++++++---- includes/upload/UploadFromUrl.php | 3 ++- 4 files changed, 26 insertions(+), 19 deletions(-) diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php index 6b2f4dcce3..78a6d8ee87 100644 --- a/includes/specials/SpecialUpload.php +++ b/includes/specials/SpecialUpload.php @@ -543,7 +543,7 @@ class UploadForm extends SpecialPage { $this->mSessionKey = $this->mUpload->stashSession(); - if( $sessionData === false ) { + if( $this->mSessionKey === false ) { # Couldn't save file; an error has been displayed so let's go. return; } @@ -591,12 +591,10 @@ class UploadForm extends SpecialPage { } else { $copyright = ''; } - //add the wpEditToken - $token = htmlspecialchars( $wgUser->editToken() ); $wgOut->addHTML( Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ), 'enctype' => 'multipart/form-data', 'id' => 'uploadwarning' ) ) . "\n" . - Xml::hidden('wpEditToken', $token) . + Xml::hidden('wpEditToken', $wgUser->editToken()) . Xml::hidden( 'wpIgnoreWarning', '1' ) . "\n" . Xml::hidden( 'wpSourceType', 'stash' ) . "\n" . Xml::hidden( 'wpSessionKey', $this->mSessionKey ) . "\n" . @@ -788,16 +786,16 @@ wgUploadAutoFill = {$autofill}; wfMsgHtml( 'upload_source_url' ) ; }else{ //@@todo depreciate (not needed once $wgEnableJS2system is turned on) - $filename_form = + $filename_form = "" . "" . wfMsgHTML( 'upload_source_file' ) . "
" . - "" . "" . - "" ; + if($wgEnableJS2system){ + $filename_form = + Xml::input( 'wpUploadFile', 60, false, array( 'id'=>'wpUploadFile', 'type'=>'file', 'tabindex' => '1' ) ) . + Xml::hidden( 'wpSourceType', 'file'); + }else{ + $filename_form = + "" . + "" ; + } } if ( $useAjaxDestCheck ) { @@ -826,11 +831,10 @@ wgUploadAutoFill = {$autofill}; $encComment = htmlspecialchars( $this->mComment ); //add the wpEditToken - $token = htmlspecialchars( $wgUser->editToken() ); $wgOut->addHTML( Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ), 'enctype' => 'multipart/form-data', 'id' => 'mw-upload-form' ) ) . - Xml::hidden('wpEditToken', $token) . + Xml::hidden('wpEditToken', $wgUser->editToken()) . Xml::openElement( 'fieldset' ) . Xml::element( 'legend', null, wfMsg( 'upload' ) ) . Xml::openElement( 'table', array( 'border' => '0', 'id' => 'mw-upload-table' ) ) . diff --git a/includes/upload/UploadBase.php b/includes/upload/UploadBase.php index 758a490bba..d2f94ea48f 100644 --- a/includes/upload/UploadBase.php +++ b/includes/upload/UploadBase.php @@ -463,12 +463,12 @@ class UploadBase { return false; } $mTempPath = $status->value; - session_start(); // start up the session (might have been previously closed to prevent php session locking) + if(!isset($_SESSION)) + session_start(); // start up the session (might have been previously closed to prevent php session locking) $key = $this->getSessionKey(); $_SESSION['wsUploadData'][$key] = array( 'mTempPath' => $mTempPath, 'mFileSize' => $this->mFileSize, - 'mSrcName' => $this->mSrcName, 'mFileProps' => $this->mFileProps, 'version' => self::SESSION_VERSION, ); diff --git a/includes/upload/UploadFromStash.php b/includes/upload/UploadFromStash.php index 6144e4ebf7..22f8e9b26b 100644 --- a/includes/upload/UploadFromStash.php +++ b/includes/upload/UploadFromStash.php @@ -10,15 +10,17 @@ class UploadFromStash extends UploadBase { $sessionData[$key]['version'] == self::SESSION_VERSION; } - static function isValidRequest( &$request ) { + static function isValidRequest( $request ) { $sessionData = $request->getSessionData( 'wsUploadData' ); return self::isValidSessionKey( $request->getInt( 'wpSessionKey' ), $sessionData ); } - - function initialize( $name, $sessionData ) { + /* + * some $na vars for uploadBase method compatibility. + */ + function initialize( $name, $sessionData, $na, $na2=false ) { /** * Confirming a temporarily stashed upload. * We don't want path names to be forged, so we keep @@ -41,7 +43,7 @@ class UploadFromStash extends UploadBase { $desiredDestName = $request->getText( 'wpDestFile' ); if( !$desiredDestName ) $desiredDestName = $request->getText( 'wpUploadFile' ); - return $this->initialize( $desiredDestName, $sessionData[$sessionKey] ); + return $this->initialize( $desiredDestName, $sessionData[$sessionKey], false ); } /** diff --git a/includes/upload/UploadFromUrl.php b/includes/upload/UploadFromUrl.php index 2b2a33244f..4533ef96b9 100644 --- a/includes/upload/UploadFromUrl.php +++ b/includes/upload/UploadFromUrl.php @@ -61,7 +61,8 @@ class UploadFromUrl extends UploadBase { $desiredDestName = $request->getText( 'wpUploadFile' ); return $this->initialize( $desiredDestName, - $request->getVal( 'wpUploadFileURL' ) + $request->getVal( 'wpUploadFileURL' ), + $asyncdownload = false ); } -- 2.20.1