From: Sam Reed <reedy@users.mediawiki.org>
Date: Fri, 9 Apr 2010 20:05:33 +0000 (+0000)
Subject: Refactor code in ApiRollback to fix bug 23117
X-Git-Tag: 1.31.0-rc.0~37190
X-Git-Url: http://git.cyclocoop.org/%24self?a=commitdiff_plain;h=1b4276bc69bbf307374ed1e5d69309c9cf562799;p=lhc%2Fweb%2Fwiklou.git

Refactor code in ApiRollback to fix bug 23117

Rollback uses salted token, but as this is dealt with in the Article object, it was missed by myself when refactoring API code

Refactor code to generate salt, and save variables as needed (so not needlessly regenerated)

Hence fix for r62482 and r62557
---

diff --git a/includes/api/ApiRollback.php b/includes/api/ApiRollback.php
index 70dbc562b8..960afc826b 100644
--- a/includes/api/ApiRollback.php
+++ b/includes/api/ApiRollback.php
@@ -35,35 +35,15 @@ class ApiRollback extends ApiBase {
 	public function __construct( $main, $action ) {
 		parent::__construct( $main, $action );
 	}
+	
+	private $mTitleObj = null;
 
 	public function execute() {
 		$params = $this->extractRequestParams();
 
-		$titleObj = null;
-		if ( !isset( $params['title'] ) ) {
-			$this->dieUsageMsg( array( 'missingparam', 'title' ) );
-		}
-		if ( !isset( $params['user'] ) ) {
-			$this->dieUsageMsg( array( 'missingparam', 'user' ) );
-		}
+		// User and title already validated in call to getTokenSalt from Main
 
-		$titleObj = Title::newFromText( $params['title'] );
-		if ( !$titleObj ) {
-			$this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
-		}
-		if ( !$titleObj->exists() ) {
-			$this->dieUsageMsg( array( 'notanarticle' ) );
-		}
-
-		// We need to be able to revert IPs, but getCanonicalName rejects them
-		$username = User::isIP( $params['user'] )
-			? $params['user']
-			: User::getCanonicalName( $params['user'] );
-		if ( !$username ) {
-			$this->dieUsageMsg( array( 'invaliduser', $params['user'] ) );
-		}
-
-		$articleObj = new Article( $titleObj );
+		$articleObj = new Article( $this->mTitleObj );
 		$summary = ( isset( $params['summary'] ) ? $params['summary'] : '' );
 		$details = null;
 		$retval = $articleObj->doRollback( $username, $summary, $params['token'], $params['markbot'], $details );
@@ -73,7 +53,7 @@ class ApiRollback extends ApiBase {
 			$this->dieUsageMsg( reset( $retval ) );
 		}
 		
-		$watch = $this->getWatchlistValue( $params['watchlist'], $titleObj );
+		$watch = $this->getWatchlistValue( $params['watchlist'], $this->mTitleObj );
 		
 		if ( $watch !== null) {
 			if ( $watch ) {
@@ -84,7 +64,7 @@ class ApiRollback extends ApiBase {
 		}
 
 		$info = array(
-			'title' => $titleObj->getPrefixedText(),
+			'title' => $this->mTitleObj->getPrefixedText(),
 			'pageid' => intval( $details['current']->getPage() ),
 			'summary' => $details['summary'],
 			'revid' => intval( $details['newid'] ),
@@ -151,7 +131,33 @@ class ApiRollback extends ApiBase {
 	}
 
 	public function getTokenSalt() {
-		return '';
+		$params = $this->extractRequestParams();
+		
+		if ( !isset( $params['user'] ) ) {
+			$this->dieUsageMsg( array( 'missingparam', 'user' ) );
+		}
+		
+		// We need to be able to revert IPs, but getCanonicalName rejects them
+		$this->username = User::isIP( $params['user'] )
+			? $params['user']
+			: User::getCanonicalName( $params['user'] );
+		if ( !$this->username ) {
+			$this->dieUsageMsg( array( 'invaliduser', $params['user'] ) );
+		}
+		
+		if ( !isset( $params['title'] ) ) {
+			$this->dieUsageMsg( array( 'missingparam', 'title' ) );
+		}
+		
+		$this->mTitleObj = Title::newFromText( $params['title'] );
+		if ( !$this->mTitleObj ) {
+			$this->dieUsageMsg( array( 'invalidtitle', $params['title'] ) );
+		}
+		if ( !$this->mTitleObj->exists() ) {
+			$this->dieUsageMsg( array( 'notanarticle' ) );
+		}
+		
+		return array( $this->mTitleObj->getPrefixedText(), $this->username );
 	}
 
 	protected function getExamples() {