From: Tim Starling <tstarling@users.mediawiki.org>
Date: Sat, 23 Jun 2007 10:15:10 +0000 (+0000)
Subject: * Make $wgUser->editToken() work for either logged-in or logged-out users.
X-Git-Tag: 1.31.0-rc.0~52433
X-Git-Url: http://git.cyclocoop.org/%22.%24image2.%22?a=commitdiff_plain;h=0b68a403d762cf47ea4de312f5bb88803527cc7e;p=lhc%2Fweb%2Fwiklou.git

* Make $wgUser->editToken() work for either logged-in or logged-out users.
* Fix escaping of edit tokens, removed FIXME note.
* Added + to EDIT_TOKEN_SUFFIX on report of broken proxy from mutante
* Two random minor changes
---

diff --git a/includes/Article.php b/includes/Article.php
index 5a541594c0..7925189e62 100644
--- a/includes/Article.php
+++ b/includes/Article.php
@@ -878,8 +878,8 @@ class Article {
 			$rmvtxt = "";
 			if ($wgUser->isAllowed( 'trackback' )) {
 				$delurl = $this->mTitle->getFullURL("action=deletetrackback&tbid="
-						. $o->tb_id . "&token=" . $wgUser->editToken());
-				$rmvtxt = wfMsg('trackbackremove', $delurl);
+						. $o->tb_id . "&token=" . urlencode( $wgUser->editToken() ) );
+				$rmvtxt = wfMsg( 'trackbackremove', htmlspecialchars( $delurl ) );
 			}
 			$tbtext .= wfMsg(strlen($o->tb_ex) ? 'trackbackexcerpt' : 'trackback',
 					$o->tb_title,
diff --git a/includes/EditPage.php b/includes/EditPage.php
index 3a8038a680..e09114d447 100644
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -576,13 +576,7 @@ class EditPage {
 	 */
 	function tokenOk( &$request ) {
 		global $wgUser;
-		if( $wgUser->isAnon() ) {
-			# Anonymous users may not have a session
-			# open. Check for suffix anyway.
-			$this->mTokenOk = ( EDIT_TOKEN_SUFFIX == $request->getVal( 'wpEditToken' ) );
-		} else {
-			$this->mTokenOk = $wgUser->matchEditToken( $request->getVal( 'wpEditToken' ) );
-		}
+		$this->mTokenOk = $wgUser->matchEditToken( $request->getVal( 'wpEditToken' ) );
 		return $this->mTokenOk;
 	}
 
@@ -1244,10 +1238,7 @@ END
 		 * include the constant suffix to prevent editing from
 		 * broken text-mangling proxies.
 		 */
-		if ( $wgUser->isLoggedIn() )
-			$token = htmlspecialchars( $wgUser->editToken() );
-		else
-			$token = EDIT_TOKEN_SUFFIX;
+		$token = htmlspecialchars( $wgUser->editToken() );
 		$wgOut->addHTML( "\n<input type='hidden' value=\"$token\" name=\"wpEditToken\" />\n" );
 
 
diff --git a/includes/SpecialBlockip.php b/includes/SpecialBlockip.php
index 0222094f25..f819929efd 100644
--- a/includes/SpecialBlockip.php
+++ b/includes/SpecialBlockip.php
@@ -144,7 +144,7 @@ class IPBlockForm {
 			$blockReasonList .= $optgroup;
 		}
 
-		$token = htmlspecialchars( $wgUser->editToken() );
+		$token = $wgUser->editToken();
 
 		global $wgStylePath, $wgStyleVersion;
 		$wgOut->addHTML( "
diff --git a/includes/SpecialEmailuser.php b/includes/SpecialEmailuser.php
index ca14bd6e5a..688892da5a 100644
--- a/includes/SpecialEmailuser.php
+++ b/includes/SpecialEmailuser.php
@@ -115,7 +115,7 @@ class EmailUserForm {
 		$titleObj = SpecialPage::getTitleFor( "Emailuser" );
 		$action = $titleObj->escapeLocalURL( "target=" .
 			urlencode( $this->target->getName() ) . "&action=submit" );
-		$token = $wgUser->editToken();
+		$token = htmlspecialchars( $wgUser->editToken() );
 
 		$wgOut->addHTML( "
 <form id=\"emailuser\" method=\"post\" action=\"{$action}\">
diff --git a/includes/SpecialPreferences.php b/includes/SpecialPreferences.php
index bcfe9823b0..49c562de82 100644
--- a/includes/SpecialPreferences.php
+++ b/includes/SpecialPreferences.php
@@ -994,7 +994,7 @@ class PreferencesForm {
 		}
 		$wgOut->addHTML( '</fieldset>' );
 
-		$token = $wgUser->editToken();
+		$token = htmlspecialchars( $wgUser->editToken() );
 		$skin = $wgUser->getSkin();
 		$wgOut->addHTML( "
 	<div id='prefsubmit'>
@@ -1005,7 +1005,7 @@ class PreferencesForm {
 
 	</div>
 
-	<input type='hidden' name='wpEditToken' value='{$token}' />
+	<input type='hidden' name='wpEditToken' value=\"{$token}\" />
 	</div></form>\n" );
 
 		$wgOut->addHtml( Xml::tags( 'div', array( 'class' => "prefcache" ),
diff --git a/includes/User.php b/includes/User.php
index 9b62e2da42..1b7b113125 100644
--- a/includes/User.php
+++ b/includes/User.php
@@ -11,9 +11,7 @@ define( 'USER_TOKEN_LENGTH', 32 );
 define( 'MW_USER_VERSION', 5 );
 
 # Some punctuation to prevent editing from broken text-mangling proxies.
-# FIXME: this is embedded unescaped into HTML attributes in various
-# places, so we can't safely include ' or " even though we really should.
-define( 'EDIT_TOKEN_SUFFIX', '\\' );
+define( 'EDIT_TOKEN_SUFFIX', '+\\' );
 
 /**
  * Thrown by User::setPassword() on error
@@ -2273,16 +2271,20 @@ class User {
 	 * @public
 	 */
 	function editToken( $salt = '' ) {
-		if( !isset( $_SESSION['wsEditToken'] ) ) {
-			$token = $this->generateToken();
-			$_SESSION['wsEditToken'] = $token;
+		if ( $this->isAnon() ) {
+			return EDIT_TOKEN_SUFFIX;
 		} else {
-			$token = $_SESSION['wsEditToken'];
-		}
-		if( is_array( $salt ) ) {
-			$salt = implode( '|', $salt );
+			if( !isset( $_SESSION['wsEditToken'] ) ) {
+				$token = $this->generateToken();
+				$_SESSION['wsEditToken'] = $token;
+			} else {
+				$token = $_SESSION['wsEditToken'];
+			}
+			if( is_array( $salt ) ) {
+				$salt = implode( '|', $salt );
+			}
+			return md5( $token . $salt ) . EDIT_TOKEN_SUFFIX;
 		}
-		return md5( $token . $salt ) . EDIT_TOKEN_SUFFIX;
 	}
 
 	/**