From 8d18685f6ca6110dd77460795472414ed30d4b1e Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Mon, 17 Nov 2008 18:58:57 +0000 Subject: [PATCH] * Improved input validation on Special:Import form Applying Tim's fixes --- RELEASE-NOTES | 1 + includes/specials/SpecialImport.php | 30 +++++++++++++++++------------ languages/messages/MessagesEn.php | 2 ++ 3 files changed, 21 insertions(+), 12 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 7faba68fca..5483cab585 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -348,6 +348,7 @@ The following extensions are migrated into MediaWiki 1.14: formatting and path exposure. * Less verbose errors from profileinfo.php when not configured * Blacklist redirects via Special:Filepath, hard to use. +* Improved input validation on Special:Import form === API changes in 1.14 === diff --git a/includes/specials/SpecialImport.php b/includes/specials/SpecialImport.php index 833d6a8dcf..a87918eae1 100644 --- a/includes/specials/SpecialImport.php +++ b/includes/specials/SpecialImport.php @@ -43,26 +43,30 @@ function wfSpecialImport( $page = '' ) { if( $wgRequest->wasPosted() && $wgRequest->getVal( 'action' ) == 'submit') { $isUpload = false; $namespace = $wgRequest->getIntOrNull( 'namespace' ); + $sourceName = $wgRequest->getVal( "source" ); - switch( $wgRequest->getVal( "source" ) ) { - case "upload": + if ( !$wgUser->matchEditToken( $wgRequest->getVal( 'editToken' ) ) ) { + $source = new WikiErrorMsg( 'import-token-mismatch' ); + } elseif ( $sourceName == 'upload' ) { $isUpload = true; if( $wgUser->isAllowed( 'importupload' ) ) { $source = ImportStreamSource::newFromUpload( "xmlimport" ); } else { return $wgOut->permissionRequired( 'importupload' ); } - break; - case "interwiki": + } elseif ( $sourceName == "interwiki" ) { $interwiki = $wgRequest->getVal( 'interwiki' ); - $history = $wgRequest->getCheck( 'interwikiHistory' ); - $frompage = $wgRequest->getText( "frompage" ); - $source = ImportStreamSource::newFromInterwiki( - $interwiki, - $frompage, - $history ); - break; - default: + if ( !in_array( $interwiki, $wgImportSources ) ) { + $source = new WikiErrorMsg( "import-invalid-interwiki" ); + } else { + $history = $wgRequest->getCheck( 'interwikiHistory' ); + $frompage = $wgRequest->getText( "frompage" ); + $source = ImportStreamSource::newFromInterwiki( + $interwiki, + $frompage, + $history ); + } + } else { $source = new WikiErrorMsg( "importunknownsource" ); } @@ -106,6 +110,7 @@ function wfSpecialImport( $page = '' ) { Xml::hidden( 'action', 'submit' ) . Xml::hidden( 'source', 'upload' ) . Xml::input( 'xmlimport', 50, '', array( 'type' => 'file' ) ) . ' ' . + Xml::hidden( 'editToken', $wgUser->editToken() ) . Xml::submitButton( wfMsg( 'uploadbtn' ) ) . Xml::closeElement( 'form' ) . Xml::closeElement( 'fieldset' ) @@ -124,6 +129,7 @@ function wfSpecialImport( $page = '' ) { wfMsgExt( 'import-interwiki-text', array( 'parse' ) ) . Xml::hidden( 'action', 'submit' ) . Xml::hidden( 'source', 'interwiki' ) . + Xml::hidden( 'editToken', $wgUser->editToken() ) . Xml::openElement( 'table', array( 'id' => 'mw-import-table' ) ) . " " . diff --git a/languages/messages/MessagesEn.php b/languages/messages/MessagesEn.php index 239ce9739d..312bcd4535 100644 --- a/languages/messages/MessagesEn.php +++ b/languages/messages/MessagesEn.php @@ -2803,6 +2803,8 @@ A temporary folder is missing.', 'import-nonewrevisions' => 'All revisions were previously imported.', 'xml-error-string' => '$1 at line $2, col $3 (byte $4): $5', 'import-upload' => 'Upload XML data', +'import-token-mismatch' => 'Loss of session data. Please try again.', +'import-invalid-interwiki' => 'Cannot import from the specified wiki.', # Import log 'importlogpage' => 'Import log', -- 2.20.1