From 1b4276bc69bbf307374ed1e5d69309c9cf562799 Mon Sep 17 00:00:00 2001 From: Sam Reed Date: Fri, 9 Apr 2010 20:05:33 +0000 Subject: [PATCH] Refactor code in ApiRollback to fix bug 23117 Rollback uses salted token, but as this is dealt with in the Article object, it was missed by myself when refactoring API code Refactor code to generate salt, and save variables as needed (so not needlessly regenerated) Hence fix for r62482 and r62557 --- includes/api/ApiRollback.php | 60 ++++++++++++++++++++---------------- 1 file changed, 33 insertions(+), 27 deletions(-) diff --git a/includes/api/ApiRollback.php b/includes/api/ApiRollback.php index 70dbc562b8..960afc826b 100644 --- a/includes/api/ApiRollback.php +++ b/includes/api/ApiRollback.php @@ -35,35 +35,15 @@ class ApiRollback extends ApiBase { public function __construct( $main, $action ) { parent::__construct( $main, $action ); } + + private $mTitleObj = null; public function execute() { $params = $this->extractRequestParams(); - $titleObj = null; - if ( !isset( $params['title'] ) ) { - $this->dieUsageMsg( array( 'missingparam', 'title' ) ); - } - if ( !isset( $params['user'] ) ) { - $this->dieUsageMsg( array( 'missingparam', 'user' ) ); - } + // User and title already validated in call to getTokenSalt from Main - $titleObj = Title::newFromText( $params['title'] ); - if ( !$titleObj ) { - $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) ); - } - if ( !$titleObj->exists() ) { - $this->dieUsageMsg( array( 'notanarticle' ) ); - } - - // We need to be able to revert IPs, but getCanonicalName rejects them - $username = User::isIP( $params['user'] ) - ? $params['user'] - : User::getCanonicalName( $params['user'] ); - if ( !$username ) { - $this->dieUsageMsg( array( 'invaliduser', $params['user'] ) ); - } - - $articleObj = new Article( $titleObj ); + $articleObj = new Article( $this->mTitleObj ); $summary = ( isset( $params['summary'] ) ? $params['summary'] : '' ); $details = null; $retval = $articleObj->doRollback( $username, $summary, $params['token'], $params['markbot'], $details ); @@ -73,7 +53,7 @@ class ApiRollback extends ApiBase { $this->dieUsageMsg( reset( $retval ) ); } - $watch = $this->getWatchlistValue( $params['watchlist'], $titleObj ); + $watch = $this->getWatchlistValue( $params['watchlist'], $this->mTitleObj ); if ( $watch !== null) { if ( $watch ) { @@ -84,7 +64,7 @@ class ApiRollback extends ApiBase { } $info = array( - 'title' => $titleObj->getPrefixedText(), + 'title' => $this->mTitleObj->getPrefixedText(), 'pageid' => intval( $details['current']->getPage() ), 'summary' => $details['summary'], 'revid' => intval( $details['newid'] ), @@ -151,7 +131,33 @@ class ApiRollback extends ApiBase { } public function getTokenSalt() { - return ''; + $params = $this->extractRequestParams(); + + if ( !isset( $params['user'] ) ) { + $this->dieUsageMsg( array( 'missingparam', 'user' ) ); + } + + // We need to be able to revert IPs, but getCanonicalName rejects them + $this->username = User::isIP( $params['user'] ) + ? $params['user'] + : User::getCanonicalName( $params['user'] ); + if ( !$this->username ) { + $this->dieUsageMsg( array( 'invaliduser', $params['user'] ) ); + } + + if ( !isset( $params['title'] ) ) { + $this->dieUsageMsg( array( 'missingparam', 'title' ) ); + } + + $this->mTitleObj = Title::newFromText( $params['title'] ); + if ( !$this->mTitleObj ) { + $this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) ); + } + if ( !$this->mTitleObj->exists() ) { + $this->dieUsageMsg( array( 'notanarticle' ) ); + } + + return array( $this->mTitleObj->getPrefixedText(), $this->username ); } protected function getExamples() { -- 2.20.1