Bartosz Dziewoński [Mon, 1 Feb 2016 18:07:03 +0000 (19:07 +0100)]
Clarify and expand messages mentioning "loss of session data"
Saying "loss of session data" in error messages is meaningless to the
user. It basically means "you might have been logged out", and is
sometimes normal (as login sessions are not stored forever).
MediaWiki gives this error when it isn't sure if it's still the same
user who started the edit, instead of just re-creating the session and
saving the page, which could potentially expose user's IP address.
Expanded 'session_fail_preview' message with this information, changed
which parts of it we bold, and updated three other messages for
consistency. Updated their documentation to refer for each other, too
(https://translatewiki.net/wiki/Template:Identical/Loss_of_session_data).
Bug: T125334
Change-Id: Ia99f39fac506855804ce5c40b0df3381d2782e48
jenkins-bot [Fri, 5 Feb 2016 20:52:05 +0000 (20:52 +0000)]
Merge "Add $wgRateLimits types ip-all and subnet-all"
Translation updater bot [Fri, 5 Feb 2016 20:28:39 +0000 (21:28 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: I833de3a05f11dedaead4ace0757e37abc5d34351
jenkins-bot [Fri, 5 Feb 2016 16:46:30 +0000 (16:46 +0000)]
Merge "Add Special:UserLogin/signup to search suggestions"
Alex Monk [Fri, 5 Feb 2016 15:15:23 +0000 (15:15 +0000)]
Add Special:UserLogin/signup to search suggestions
Change-Id: I8aa1c7526f5c8d4c80b2cc649b39a30c1da3946a
jenkins-bot [Fri, 5 Feb 2016 11:44:16 +0000 (11:44 +0000)]
Merge "mediawiki.api.parse: Use formatversion=2 for API requests"
jenkins-bot [Fri, 5 Feb 2016 11:28:18 +0000 (11:28 +0000)]
Merge "mediawiki.userSuggest: Use formatversion=2 for API request"
jenkins-bot [Fri, 5 Feb 2016 00:04:30 +0000 (00:04 +0000)]
Merge "mw.loader: Guard localStorage access with try/catch in mw.store.clear()"
Bryan Davis [Thu, 4 Feb 2016 16:19:25 +0000 (09:19 -0700)]
mw.loader: Guard localStorage access with try/catch in mw.store.clear()
We use try/catch appropriately in other places but it was missing
in mw.store.clear().
If the user agent has localStorage disabled an exception will be thrown
for any operation that touches the object.
Change-Id: Idcd0e4c8ba9b0843b2ddcad0ae1781e4915e04fe
jenkins-bot [Thu, 4 Feb 2016 23:06:11 +0000 (23:06 +0000)]
Merge "mediawiki.jqueryMsg.test: Call async() before each async test step"
jenkins-bot [Thu, 4 Feb 2016 22:01:33 +0000 (22:01 +0000)]
Merge "Add logic for "tags" in ApiBase"
Translation updater bot [Thu, 4 Feb 2016 20:57:23 +0000 (21:57 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: Ic35ee8090408696e1b609bae1289aa0036462333
jenkins-bot [Thu, 4 Feb 2016 20:50:07 +0000 (20:50 +0000)]
Merge "ForeignAPIRepo: Remove incorrect 'thumbnail' from $imageInfoProps"
victorbarbu [Wed, 20 Jan 2016 09:51:01 +0000 (11:51 +0200)]
Add logic for "tags" in ApiBase
Bug: T97720
Change-Id: I275c516b4744e243333ec0818d2be1e5508e54a3
Thiemo Mättig [Thu, 4 Feb 2016 17:52:58 +0000 (18:52 +0100)]
mediawiki.jqueryMsg.test: Call async() before each async test step
Previously, this code ran into the problem that the timeout for dozens of
API requests was hit and the test failed.
The timeout now starts within each individual step.
Bug: T125484
Change-Id: Ia7874ccafadf93986278a241d9d308be0bc99493
jenkins-bot [Thu, 4 Feb 2016 19:24:54 +0000 (19:24 +0000)]
Merge "Page is an interface not a class"
jenkins-bot [Thu, 4 Feb 2016 19:24:50 +0000 (19:24 +0000)]
Merge "Pass function to Database::selectField in SpecialActiveusers.php"
jenkins-bot [Thu, 4 Feb 2016 18:15:55 +0000 (18:15 +0000)]
Merge "qunit: Increase individual test timeout to 60 seconds"
Jan Zerebecki [Thu, 4 Feb 2016 10:35:02 +0000 (11:35 +0100)]
qunit: Increase individual test timeout to 60 seconds
Bug: T125484
Change-Id: If4147d678fdef168d79bc2b4d0c606b8c82dc6af
Bartosz Dziewoński [Thu, 4 Feb 2016 17:14:05 +0000 (18:14 +0100)]
ForeignAPIRepo: Remove incorrect 'thumbnail' from $imageInfoProps
'thumbnail' doesn't seem to have ever been a valid 'iiprop' value.
It's currently causing harmless warnings on every InstantCommons request.
Added in
8d1fa96578e8570a08a0cb5f7e2945f09819fbfb for unknown reasons.
Change-Id: I6286ce3ac07207c0dcfc1171084cb358b3fcecda
jenkins-bot [Thu, 4 Feb 2016 16:42:07 +0000 (16:42 +0000)]
Merge "Avoid unstubbing $wgUser before the end of Setup.php in User::getBlockedStatus()"
jenkins-bot [Thu, 4 Feb 2016 16:29:28 +0000 (16:29 +0000)]
Merge "When serializing Message, don't try to unstub StubUserLang"
jenkins-bot [Thu, 4 Feb 2016 16:29:20 +0000 (16:29 +0000)]
Merge "Disable automatic cache headers associated with starting a session"
Bartosz Dziewoński [Thu, 4 Feb 2016 16:01:44 +0000 (17:01 +0100)]
BitmapHandler: Implement validateParam()
Follow-up to
695a93dd3353678ae4a9038528a33a1ac03eba38.
Bug: T125804
Change-Id: Ifde40bb5d7c60dd19727f5e47041a6e676f7e3c8
jenkins-bot [Thu, 4 Feb 2016 13:17:31 +0000 (13:17 +0000)]
Merge "[debug] Remove BC code from AvroFormatter"
jenkins-bot [Thu, 4 Feb 2016 11:48:37 +0000 (11:48 +0000)]
Merge "Split ImagePage.php into separate classes"
Thomas Arrow [Wed, 3 Feb 2016 12:26:01 +0000 (12:26 +0000)]
Split ImagePage.php into separate classes
Change-Id: Id2ca94c50b75d24da4d02fe82747a7ce7edccd9f
jenkins-bot [Thu, 4 Feb 2016 06:08:07 +0000 (06:08 +0000)]
Merge "Add User::isSafeToLoad() and ParserOptions::newFromAnon()"
jenkins-bot [Thu, 4 Feb 2016 02:09:46 +0000 (02:09 +0000)]
Merge "Include completion search into SearchEngine"
jenkins-bot [Thu, 4 Feb 2016 01:28:01 +0000 (01:28 +0000)]
Merge "Change bug ID to Phabricator task ID"
wctaiwan [Thu, 4 Feb 2016 01:13:10 +0000 (20:13 -0500)]
Change bug ID to Phabricator task ID
Change-Id: I8e1fc6ed9434a331eb7c66273305576eebed3125
Bartosz Dziewoński [Thu, 4 Feb 2016 01:10:58 +0000 (01:10 +0000)]
Merge "Revert "Preprocessor: Don't allow unclosed extension tags (matching until end of input)""
Legoktm [Thu, 4 Feb 2016 00:38:35 +0000 (00:38 +0000)]
Revert "Preprocessor: Don't allow unclosed extension tags (matching until end of input)"
This reverts commit
f51d0d9a819f8f1c181350ced2f015ce97985fcc.
Breaks templates with non-closed </noinclude> tags, which
were previously acceptable.
Bug: T125754
Change-Id: I8bafb15eefac4e1d3e727c1c84782636d8b82c2b
Stanislav Malyshev [Tue, 26 Jan 2016 21:18:27 +0000 (13:18 -0800)]
Include completion search into SearchEngine
By default it still uses PrefixSearch and supports PrefixSearchBackend
but it can be deprecated and phased out and SearchEngine extensions used
instead.
New APIs:
- SearchEngine
public function defaultPrefixSearch( $search );
public function completionSearch( $search );
public function completionSearchWithVariants( $search );
Search engines should override:
protected function completionSearchBackend( $search );
Bug: T121430
Change-Id: Ie78649591dff94d21b72fad8e4e5eab010a461df
Brad Jorsch [Wed, 3 Feb 2016 17:33:25 +0000 (12:33 -0500)]
Avoid unstubbing $wgUser before the end of Setup.php in User::getBlockedStatus()
Autocreation needs to check if the current IP is blocked from account
creation.
There are two ways we could go here: treat $wgUser as logged-out, or
assume it will eventually be the user name specified by the session.
This patch chooses the former, by the logic that at this early point in
the setup process we don't have a logged-in user determined yet so no
username can really be considered to match the logged-in user.
Bug: T124367
Change-Id: I631bec85291b57f07c378cf6554a8f06cf3fb00c
Brad Jorsch [Wed, 3 Feb 2016 20:41:00 +0000 (15:41 -0500)]
Add User::isSafeToLoad() and ParserOptions::newFromAnon()
Useful for avoiding "User::loadFromSession called before the end of
Setup.php".
Bug: T124367
Change-Id: I0b018a623fc833ca95d249ee21667a8f5690d50e
Bryan Davis [Mon, 1 Feb 2016 04:39:10 +0000 (21:39 -0700)]
Disable automatic cache headers associated with starting a session
Follow up to
7491b52. The 'private, must-revalidate' argument to
session_cache_limiter() does not match any expected values for the
function. This results in the PHP runtime treating it like the
documented empty string argument which completely disables the automatic
addition of cache related headers. Change the implementation to use the
empty string argument explicitly rather than continuing to rely on
the undocumented and potentially confusing existing behavior.
session_cache_limiter( '' ) is called unconditionally in
MediaWiki\Session\PHPSessionHandler::install(). This is safe now that it
is understood that we are disabling the setting of the automatic
headers.
Bug: T124510
Change-Id: I63164f8b7a408e370ff01dead42be27a0135dd35
Brad Jorsch [Sat, 30 Jan 2016 01:09:57 +0000 (20:09 -0500)]
Clean up after Ie161e0f
Ie161e0f was done in a hurry, and so didn't do things in the best ways.
This introduces a new "CachedBagOStuff" that transparently handles all
the logic that had been copy-pasted all over in Ie161e0f.
The differences between CachedBagOStuff and MultiWriteBagOStuff are:
* CachedBagOStuff supports only one "backend".
* There's a flag for writes to only go to the in-memory cache.
* The in-memory cache is always updated.
* Locks go to the backend cache (with MultiWriteBagOStuff, it would wind
up going to the HashBagOStuff used for the in-memory cache).
Change-Id: Iea494729bd2e8c6c5ab8facf4c241232e31e8215
Brad Jorsch [Mon, 1 Feb 2016 20:44:03 +0000 (15:44 -0500)]
Revert "Remove SessionManager, temporarily"
This reverts commit
823db5d63dd5200d04c63da50ba6bf16f928e70b.
Change-Id: Ibb3e023e4eb6715295586dea87d0725c344a8271
Translation updater bot [Wed, 3 Feb 2016 21:44:43 +0000 (21:44 +0000)]
Merge "Localisation updates from https://translatewiki.net."
Translation updater bot [Wed, 3 Feb 2016 21:40:15 +0000 (22:40 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: Ia72df7f41e81cc99e25bcc9804c6b0bd43bfa61b
jenkins-bot [Wed, 3 Feb 2016 21:38:34 +0000 (21:38 +0000)]
Merge "resources: Load OOjs UI from its four parts"
Bartosz Dziewoński [Wed, 3 Feb 2016 18:40:31 +0000 (19:40 +0100)]
mediawiki.widgets: Remove backwards-compatibility dependency on 'mediawiki.widgets.CategorySelector'
Follow-up to
40a8367fe9cd5fc2a26f1adf8f9e208551a4d7b9.
Change-Id: I28faea785cf13d1e741ae6f746a76bd7aeeaf3eb
Bartosz Dziewoński [Mon, 1 Feb 2016 22:28:13 +0000 (23:28 +0100)]
resources: Load OOjs UI from its four parts
See the task for more details. This is a backwards-compatible change.
If your script only needs a subset of OOjs UI functionality, you can
use one of the new smaller modules instead of the old big one.
New modules:
oojs-ui-core
The core JavaScript library.
oojs-ui-widgets
Additional widgets and layouts module.
oojs-ui-toolbars
Toolbar and tools module.
oojs-ui-windows
Windows and dialogs module.
Changed modules:
oojs-ui.styles
Now correctly only loads the styles needed by OOjs UI PHP.
oojs-ui
Now just loads core+widgets+toolbars+windows as dependencies.
Using the new modules in I58799e22f9c0a2f78c1b4a02c4b7af576157883a.
Bug: T113677
Change-Id: I0a3bf8fb25fb82325705a473cebd883e20b3ab8d
Brad Jorsch [Thu, 7 May 2015 17:11:09 +0000 (13:11 -0400)]
Add Special:ApiSandbox
Like Extension:ApiSandbox, but rewritten to use OOJS-UI and to add many
long-requested features.
Bug: T89386
Bug: T92893
Bug: T98457
Bug: T98083
Bug: T89229
Bug: T66008
Bug: T50607
Bug: T47811
Bug: T38875
Bug: T36962
Bug: T34740
Change-Id: Ic42a6c5ef54b811cd63cfef2132942b27a626fe5
Depends-On: I85c0eedcd31a0e419d8055eca0d9cb1ba872ae62
Depends-On: Ic85ff4abbbcd2076ebf5cdfaa0e95e98878e2308
jenkins-bot [Wed, 3 Feb 2016 13:36:59 +0000 (13:36 +0000)]
Merge "Use LinkTarget in TitleValue only methods"
jenkins-bot [Wed, 3 Feb 2016 13:23:08 +0000 (13:23 +0000)]
Merge "Add LinkTarget interface"
Brad Jorsch [Tue, 2 Feb 2016 14:27:05 +0000 (09:27 -0500)]
Set title on context in ApiDocumentationTest
For some reason the unit testing infrastructure doesn't set one, and
that makes RequestContext warn.
Bug: T125491
Change-Id: I3e0ec0f567dd06231bca0d3d923e9d4e05ef5514
jenkins-bot [Wed, 3 Feb 2016 12:01:09 +0000 (12:01 +0000)]
Merge "Pass WikiPage objects to ParserCache"
Timo Tijhof [Fri, 22 Jan 2016 22:58:03 +0000 (22:58 +0000)]
Centralise url handling for urls to static resources
Keep in CSSMin as-is for back-compat and to ensure library remains
independent of MediaWiki.
Moved down a few lines as there is no need to compute the md5 hash when we're
returning a data URI. Previously md5_file was called twice during module builds
(once for the fallback url, and another time when producing the embedded data uri).
Applied to logo in SkinModule as example. To be applied elsewhere as needed.
Without it, fallback is current behaviour (no cache invalidation).
Bug: T99096
Change-Id: I7f38bfc1bea5c241bc4f8ec4f4b640fd65f2c04f
James D. Forrester [Tue, 2 Feb 2016 22:10:54 +0000 (14:10 -0800)]
Update OOjs UI to v0.15.2
Release notes:
https://git.wikimedia.org/blob/oojs%2Fui.git/v0.15.2/History.md
Change-Id: I8124a726660443ce514c48182871d46e6b086a10
jenkins-bot [Tue, 2 Feb 2016 20:29:19 +0000 (20:29 +0000)]
Merge "Unroll Article::__call again"
jenkins-bot [Tue, 2 Feb 2016 20:25:34 +0000 (20:25 +0000)]
Merge "Add Blob to accepted types for uploads"
Translation updater bot [Tue, 2 Feb 2016 20:14:54 +0000 (21:14 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: Idc128c366bbcbd34e7fb4e75af8400fa11bcd53e
umherirrender [Tue, 2 Feb 2016 20:12:57 +0000 (21:12 +0100)]
Pass function to Database::selectField in SpecialActiveusers.php
Change-Id: Ie58b484cb8add682c7a0c138af2c3268faf7b383
Mark Holmquist [Tue, 2 Feb 2016 17:00:28 +0000 (11:00 -0600)]
Add Blob to accepted types for uploads
From https://developer.mozilla.org/en-US/docs/Web/API/File :
A File object is specific kind of a Blob, and can be used in any
context that a Blob can. In particular, FileReader, URL.createObjectURL(),
createImageBitmap(), and XMLHttpRequest.send() accept both Blobs and Files.
Change-Id: I171f884fc4ada6180e5c605a44b27044fc03f26e
umherirrender [Tue, 2 Feb 2016 19:38:36 +0000 (20:38 +0100)]
Pass WikiPage objects to ParserCache
ParserCache::get is documented for WikiPage, so do it from Article class
This avoids magic calls due Article::__call
Change-Id: I92b91bd112383d1c0132530c3325b39596d95768
Brad Jorsch [Mon, 1 Feb 2016 20:07:09 +0000 (15:07 -0500)]
Add $wgAuthenticationTokenVersion
This allows for quickly invalidating everyone's session all at once by
changing a single value.
As a side effect, setting this also stops the user_token field from
the database from being served to the user as a cookie.
This mitigates but doesn't completely solve T49490, as it allows for
invalidating all existing sessions and token-cookies but does not help
if the user_token field in the database was leaked.
Bug: T49490
Change-Id: I9d316a6bbb36278d138f39a89125ebb8cc71b28f
addshore [Tue, 2 Feb 2016 18:13:39 +0000 (19:13 +0100)]
Page is an interface not a class
Change-Id: I299067320a2f8e541eba668464eb18c42bfb56e5
jenkins-bot [Tue, 2 Feb 2016 17:06:20 +0000 (17:06 +0000)]
Merge "XMPValidate: fix undefined variable for logger"
addshore [Tue, 2 Feb 2016 16:48:20 +0000 (17:48 +0100)]
Unroll Article::__call again
Adds all public functions from WikiPage to Article
Adds all public functions from WikiFilePage that
are not in Article to ImagePage
WikiCategoryPage has no methods that need moving
Removed __call from Article
If extensions extend WikiPage and rely on the __call
method in Article they may break with this change.
They cal easily call $article->getPage()->method..
Change-Id: I8cd8d69d0d59c67f4879212535206688387bead4
jenkins-bot [Tue, 2 Feb 2016 09:48:45 +0000 (09:48 +0000)]
Merge "QA: Upgrade to mediawiki_selenium 1.6.5"
This, that and the other [Mon, 1 Feb 2016 14:16:08 +0000 (01:16 +1100)]
fix hardcoded limit on titles in Special:Export
In Special:Export if you enter a category in the "Add pages from
category" textbox, there was a hardcoded limit of 5000 page titles in
the function getPagesFromCategory().
The same is true for a similar function fetching pages by namespace
instead of category, function getPagesFromNamespace().
I have a couple of wikis where we wish to export a nummber of pages
exceeding 5000, so this is inconvenient. In this commit, I have
introduced one new global configuration variable: $wgExportPagelistLimit.
This new configuration variable has had its default set in
includes/DefaultSettings.php to the values the two affected functions
were hardcoded to prior to this patch; 5000 in both instances.
This way, I can adjust the number of pages returned in the
Special:Export page by adjusting the above new variable in
LocalSettings.php.
Change-Id: I6ca9e26eb6bc4a7a2bafd73b9460f445940c8ecb
Tyler Cipriani [Tue, 2 Feb 2016 00:58:27 +0000 (16:58 -0800)]
Revert "Unroll Article::__call"
This reverts commit
6051fcd38374db7e2d984ec535da264cb48d291f.
Bug: T125468
Change-Id: I9456c8e1b95ca3b2b2fa5d306f45a46210c4b1fc
Dan Duvall [Mon, 1 Feb 2016 23:30:44 +0000 (15:30 -0800)]
QA: Upgrade to mediawiki_selenium 1.6.5
Bug: T114241
Change-Id: I2996611d51b5d08c67f7a60d05003db97dffc0b7
jenkins-bot [Mon, 1 Feb 2016 22:47:40 +0000 (22:47 +0000)]
Merge "New hook for filters on Special:Contributions form"
jenkins-bot [Mon, 1 Feb 2016 22:40:29 +0000 (22:40 +0000)]
Merge "Add phpdoc for some ApiQueryInfo properties"
Brad Jorsch [Mon, 1 Feb 2016 17:28:29 +0000 (12:28 -0500)]
Remove SessionManager, temporarily
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
*
6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks
*
4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider
*
fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage
*
058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
*
b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally
*
13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser
*
305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens
*
7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs
*
296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata
*
94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session
*
46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null
*
c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php"
*
4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
*
7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session
*
2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting
*
9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted'
*
43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId()
*
50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata()
*
f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts
*
70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places
*
bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails
*
722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session
*
4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById()
*
66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
*
f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords"
*
d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog
*
a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
jenkins-bot [Mon, 1 Feb 2016 21:31:27 +0000 (21:31 +0000)]
Merge "Remove use of explodeMarkup"
jenkins-bot [Mon, 1 Feb 2016 20:26:38 +0000 (20:26 +0000)]
Merge "Revert "Remove unused functions from unroll of Article::__call""
Translation updater bot [Mon, 1 Feb 2016 20:20:52 +0000 (21:20 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: I5d76f70102160fdeb8fe596f0f31b04efdcb56d7
Alex Monk [Mon, 1 Feb 2016 20:05:38 +0000 (20:05 +0000)]
Revert "Remove unused functions from unroll of Article::__call"
This reverts commit
0204a28443606a2b3026d403c625f3a089841430.
Change-Id: Ia058c91f808eedae28946b9561c826fbf09b386e
jenkins-bot [Mon, 1 Feb 2016 17:16:28 +0000 (17:16 +0000)]
Merge "Fix typo in mw.widgets.CategorySelector.js"
Glaisher [Mon, 1 Feb 2016 16:41:40 +0000 (21:41 +0500)]
Fix typo in mw.widgets.CategorySelector.js
Change-Id: I65aef06fbabab8b3d4d8c6b72847fecb0637f352
jenkins-bot [Mon, 1 Feb 2016 15:11:54 +0000 (15:11 +0000)]
Merge "Use autoloader for PHP data files instead of include/require"
jenkins-bot [Mon, 1 Feb 2016 14:09:36 +0000 (14:09 +0000)]
Merge "Remove unused functions from unroll of Article::__call"
Southparkfan [Mon, 1 Feb 2016 13:01:58 +0000 (14:01 +0100)]
XMPValidate: fix undefined variable for logger
Change-Id: I8903e89bd93ef62236023fb07d78ade722eb102a
Brad Jorsch [Sun, 31 Jan 2016 20:48:23 +0000 (15:48 -0500)]
SessionManager: Notify AuthPlugin before calling hooks
This avoids a race in CentralAuth:
* The user doesn't exist locally, so CA wants to create it
* Auto-creation adds the user to the database
* A hook function tries to access the session; now the user does exist
locally but isn't yet attached, so CA rejects the session.
Bug: T125283
Change-Id: I6024885e3cf9c85c527fc160577f66ff97451c98
Florian [Mon, 1 Feb 2016 00:02:54 +0000 (01:02 +0100)]
Add myself to CREDITS
Change-Id: Ib16b6e91b0ce25bef6b747c90955cf840c63dabf
jenkins-bot [Sun, 31 Jan 2016 22:52:52 +0000 (22:52 +0000)]
Merge "ResourceLoaderImage: Use DomDocument::loadXml rather than DomDocument::load"
Bartosz Dziewoński [Sun, 31 Jan 2016 22:23:27 +0000 (23:23 +0100)]
ResourceLoaderImage: Use DomDocument::loadXml rather than DomDocument::load
Some users are reporting that DomDocument::load can't read the files
on their setups, while they can be read with file_get_contents. So use
that and pass the string to DomDocument::loadXml. The advantage of
DomDocument::load is supposed to be in handling large files, and the
icons here are supposed to be small.
Bug: T107198
Change-Id: I8e4dc4642f9d0c5f01ec5e4061e83bf09d0a4900
Translation updater bot [Sun, 31 Jan 2016 20:20:37 +0000 (21:20 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: I3e45e4442bad5ddf8bf91b9cf4d2f8c66b143929
jenkins-bot [Sun, 31 Jan 2016 18:43:52 +0000 (18:43 +0000)]
Merge "Correct messages 'uploaded-href-attribute-svg' and 'uploaded-href-unsafe-target-svg'"
Bartosz Dziewoński [Sun, 31 Jan 2016 18:10:09 +0000 (19:10 +0100)]
Correct messages 'uploaded-href-attribute-svg' and 'uploaded-href-unsafe-target-svg'
Whoops, 'uploaded-href-attribute-svg' was actually telling the user
almost the exact opposite of the truth. I'm also removing all the
translations for it, as they're all wrong.
Change-Id: I56b62c0127cb87707256c8e45d49ce7764f49e31
jenkins-bot [Sun, 31 Jan 2016 11:39:50 +0000 (11:39 +0000)]
Merge "wfMsgReplaceArgs: Don't use count(), if the actual amount of entries isn't needed"
jenkins-bot [Sun, 31 Jan 2016 11:39:46 +0000 (11:39 +0000)]
Merge "Give TestCase::checkHasDiff3 a better name"
jenkins-bot [Sun, 31 Jan 2016 11:39:42 +0000 (11:39 +0000)]
Merge "HTMLUserTextField: Enable suggestions for non-OOUI mode"
jenkins-bot [Sun, 31 Jan 2016 11:36:10 +0000 (11:36 +0000)]
Merge "SpecialMovepage: Use hidden form fields to set hidden data, not the submit button"
Florian [Sat, 30 Jan 2016 21:45:35 +0000 (22:45 +0100)]
Add missing ResetUserEmail class to autoload.php
The test in I3a426b92892f4c00cab33a13f6a717751120367c would prevent
the need of this commit :P
Follow up: I2b875326a0eb1e6d1f4bc758b8ac97b8f9324c4e
Change-Id: Id5efc5a5b43a1795c133f64025ea04f3e2d159cb
Brad Jorsch [Sat, 30 Jan 2016 15:54:24 +0000 (10:54 -0500)]
Close a loophole in CookieSessionProvider
There's a crazy-small chance that someone could have a logged-out
session (e.g. by logging out or visiting a page that creates a session
despite being logged out), then the session expires, then someone else
logs in and gets the same session ID (which is about a 1 in a
quindecillion chance), then the first person comes in and picks up the
second person's session.
To avoid that, if there's no UserID cookie set (or the cookie value is
0) then indicate that the SessionInfo is for a logged-out user.
No idea if this is actually what happened in T125283, but it's worth
fixing anyway.
Bug: T125283
Change-Id: I44096c69aa7bd285e4e2472959e8d892200c5f2c
Florian [Thu, 29 Oct 2015 18:00:59 +0000 (19:00 +0100)]
HTMLUserTextField: Enable suggestions for non-OOUI mode
Bug: T117067
Change-Id: I03eabf6ed5d5a36534a5eec76c05d0a353ebf6ff
Translation updater bot [Sat, 30 Jan 2016 21:33:26 +0000 (22:33 +0100)]
Localisation updates from https://translatewiki.net.
Change-Id: I2610945396e52544782c86e00c34bf64abf2a129
Florian [Wed, 13 Jan 2016 17:55:08 +0000 (18:55 +0100)]
wfMsgReplaceArgs: Don't use count(), if the actual amount of entries isn't needed
The only use of the return value of count() is, to check, if the array is empty or
not. This can be done in an easier way and a bit more performant, especially for
large arrays.
Change-Id: If119ead9230ba1783b8c853c18c379f174910e51
umherirrender [Sat, 30 Jan 2016 12:44:01 +0000 (13:44 +0100)]
Remove unused functions from unroll of Article::__call
With I779aa1c017abc9a17047fd5335f2d082148daa6f all public functions from
WikiPage were copied as delegator into Article.
Now remove the unused functions and add a release notes
Change-Id: I9cc79acedecb003048e1add568e8bba96ddbb41a
Aaron Schulz [Sat, 30 Jan 2016 18:19:36 +0000 (10:19 -0800)]
Style and commenting tweaks to CategoryMembershipChangeJob
Also renamed safeWaitForPos() => safeWaitForMasterPos()
Change-Id: Ic89e2a0b17cd6e6ef09cf703bbbcea1988a5bde9
jenkins-bot [Sat, 30 Jan 2016 18:07:35 +0000 (18:07 +0000)]
Merge "Do not auto-reconnect to DBs if named locks where lost"
jenkins-bot [Sat, 30 Jan 2016 17:51:10 +0000 (17:51 +0000)]
Merge "Use slave for selects in CategoryMembershipJob"
addshore [Fri, 29 Jan 2016 10:10:52 +0000 (11:10 +0100)]
Use slave for selects in CategoryMembershipJob
This patch switches to using a slave but imediatly
waits for the slave to catch up with master
(so as not to miss things).
This may result in more delay between an edit and
category changes being inserted.
It may be possible to instead wait for the timestamp
that is passed in $this->params['revTimestamp']
which could result in slightly less delay.
I can't see any uses of waitForReplication in quite
this way but see no imediate reason this would not work.
Bug: T125147
Change-Id: Ia0aa722c97f41a3959bcd3cb4210b39db0c3bc45
Aaron Schulz [Sat, 30 Jan 2016 17:17:17 +0000 (09:17 -0800)]
Do not auto-reconnect to DBs if named locks where lost
Otherwise, transactions might be committed without cooperative
locks that were supposed to be present. This is similar to the
logic of not auto-reconnecting if a transaction was started to
avoid committing incomplete changes.
Change-Id: Ia7bc6b188bb5ee53a5bf7c5a30718bc7c4dd0ba9
Aaron Schulz [Sat, 30 Jan 2016 16:52:06 +0000 (08:52 -0800)]
Make sure getScopedLockAndFlush() commits before unlocking
This is necessary for callers to see changes from prior callers
Change-Id: I5e05215541e641b5b5a4bc55c91d6ec8ef774ca1