From e3f14a9f5fbf9c390d3cda42057ecf6d9cb0c589 Mon Sep 17 00:00:00 2001 From: Brion Vibber Date: Sun, 24 Feb 2008 02:02:19 +0000 Subject: [PATCH] Revert r31223 -- edit token below the text box means we're more likely to submit broken forms (with incomplete text). It is placed after the textbox deliberately, to ensure that the entire text box is transmitted successfully first. --- RELEASE-NOTES | 9 ++++----- includes/EditPage.php | 30 +++++++++++++++--------------- 2 files changed, 19 insertions(+), 20 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 789b72b274..2bec6699e4 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -18,7 +18,7 @@ will be made on the development trunk and appear in the next quarterly release. Those wishing to use the latest code instead of a branch release can obtain it from source control: http://www.mediawiki.org/wiki/Download_from_SVN -=== Configuration changes in 1.13 === +=== Configuration changes in 1.12 === * ... @@ -31,18 +31,17 @@ it from source control: http://www.mediawiki.org/wiki/Download_from_SVN confused when they are told they are range-blocked. * One can turn off syndicatino feeds by setting $wgFeed to false -=== Bug fixes in 1.13 === +=== Bug fixes in 1.12 === * (bug 10677) Add link to the file description page on the shared repository * (bug 13084) Increase size of source/destination filename fields in upload form * (bug 13115) rebuildrecentchanges should print the current value of $wgRCMaxAge -* (bug 13130) Position of wpEditToken input tag in edit form -=== API changes in 1.13 === +=== API changes in 1.12 === * .... -=== Languages updated in 1.13 === +=== Languages updated in 1.12 === * ... diff --git a/includes/EditPage.php b/includes/EditPage.php index ac51a42fb9..45ca48d02a 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -1306,21 +1306,6 @@ END edittime}\" name=\"wpEdittime\" />\n scrolltop}\" name=\"wpScrolltop\" id=\"wpScrolltop\" />\n" ); - /** - * To make it harder for someone to slip a user a page - * which submits an edit form to the wiki without their - * knowledge, a random token is associated with the login - * session. If it's not passed back with the submission, - * we won't save the page, or render user JavaScript and - * CSS previews. - * - * For anon editors, who may not have a session, we just - * include the constant suffix to prevent editing from - * broken text-mangling proxies. - */ - $token = htmlspecialchars( $wgUser->editToken() ); - $wgOut->addHTML( "\n\n" ); - $wgOut->addHTML( << " ); + /** + * To make it harder for someone to slip a user a page + * which submits an edit form to the wiki without their + * knowledge, a random token is associated with the login + * session. If it's not passed back with the submission, + * we won't save the page, or render user JavaScript and + * CSS previews. + * + * For anon editors, who may not have a session, we just + * include the constant suffix to prevent editing from + * broken text-mangling proxies. + */ + $token = htmlspecialchars( $wgUser->editToken() ); + $wgOut->addHTML( "\n\n" ); + # If a blank edit summary was previously provided, and the appropriate # user preference is active, pass a hidden tag here. This will stop the -- 2.20.1