From 89bc577c5ae63cd7161a24c0571620f5acf4a0cd Mon Sep 17 00:00:00 2001
From: Benjamin Lees <emufarmers@users.mediawiki.org>
Date: Sun, 12 Dec 2010 23:19:24 +0000
Subject: [PATCH] Follow-up to r77956: instead of making $wgFileExtensions
 override $wgFileBlacklist, make sure the upload page does not mark
 blacklisted extensions as "Permitted file types".  I've updated the
 MediaWiki.org pages to explain how to remove items from the blacklist.

---
 RELEASE-NOTES                       | 1 +
 includes/specials/SpecialUpload.php | 3 +++
 includes/upload/UploadBase.php      | 7 +++----
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index de3c6d8358..1c1cfff282 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -34,6 +34,7 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN
   cannot read the page in question.
 * (bug 19006) {{REVISIONUSER}} no longer acts like {{CURRENTUSER}} in some cases
 * (bug 16019) $wgArticlePath = "/$1" no longer breaks API edit/watch actions
+* (bug 18372) File types blacklisted by $wgFileBlacklist will no longer be shown as "Permitted file types" on the upload form
 
 === API changes in 1.18 ===
 
diff --git a/includes/specials/SpecialUpload.php b/includes/specials/SpecialUpload.php
index 37db906651..48e700c588 100644
--- a/includes/specials/SpecialUpload.php
+++ b/includes/specials/SpecialUpload.php
@@ -899,6 +899,9 @@ class UploadForm extends HTMLForm {
 		$wgFileExtensions, $wgFileBlacklist;
 
 		if( $wgCheckFileExtensions ) {
+			//don't show blacklisted types as permitted
+			$wgFileExtensions = array_diff ( $wgFileExtensions, $wgFileBlacklist );
+			
 			if( $wgStrictFileExtensions ) {
 				# Everything not permitted is banned
 				$extensionsList =
diff --git a/includes/upload/UploadBase.php b/includes/upload/UploadBase.php
index 424ce11fe5..1e3414f350 100644
--- a/includes/upload/UploadBase.php
+++ b/includes/upload/UploadBase.php
@@ -568,10 +568,9 @@ abstract class UploadBase {
 		if ( $this->mFinalExtension == '' ) {
 			$this->mTitleError = self::FILETYPE_MISSING;
 			return $this->mTitle = null;
-		} elseif ( ( $this->checkFileExtensionList( $ext, $wgFileBlacklist )
-				&& !$this->checkFileExtensionList( $ext, $wgFileExtensions ) ) ||
-					( $wgCheckFileExtensions && $wgStrictFileExtensions &&
-						!$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) ) {
+		} elseif ( $this->checkFileExtensionList( $ext, $wgFileBlacklist ) ||
+				( $wgCheckFileExtensions && $wgStrictFileExtensions &&
+					!$this->checkFileExtension( $this->mFinalExtension, $wgFileExtensions ) ) ) {
 			$this->mTitleError = self::FILETYPE_BADTYPE;
 			return $this->mTitle = null;
 		}
-- 
2.20.1