*
*/
require_once 'Image.php';
-require_once 'MacBinary.php';
-require_once 'Licenses.php';
/**
* Entry point
*/
return;
}
- $this->mIgnoreWarning = $request->getCheck( 'wpIgnoreWarning');
+ $this->mIgnoreWarning = $request->getCheck( 'wpIgnoreWarning' );
$this->mReUpload = $request->getCheck( 'wpReUpload' );
$this->mUpload = $request->getCheck( 'wpUpload' );
} else {
$wgOut->errorPage( 'uploadnologin', 'uploadnologintext' );
return;
- }
+ }
# Check blocks
if( $wgUser->isBlocked() ) {
* @access private
*/
function processUpload() {
- global $wgUser, $wgOut, $wgUploadDirectory;
+ global $wgUser, $wgOut;
/* Check for PHP error if any, requires php 4.2 or newer */
if ( $this->mUploadError == 1/*UPLOAD_ERR_INI_SIZE*/ ) {
* only the final one for the whitelist.
*/
list( $partname, $ext ) = $this->splitExtensions( $basename );
+
if( count( $ext ) ) {
$finalExt = $ext[count( $ext ) - 1];
} else {
}
$fullExt = implode( '.', $ext );
+ # If there was more than one "extension", reassemble the base
+ # filename to prevent bogus complaints about length
+ if( count( $ext ) > 1 ) {
+ for( $i = 0; $i < count( $ext ) - 1; $i++ )
+ $partname .= '.' . $ext[$i];
+ }
+
if ( strlen( $partname ) < 3 ) {
$this->mainUploadForm( wfMsgHtml( 'minlength' ) );
return;
$sk = $wgUser->getSkin();
$dlink = $sk->makeKnownLinkObj( $nt );
$warning .= '<li>'.wfMsgHtml( 'fileexists', $dlink ).'</li>';
+ } else {
+ # If the file existed before and was deleted, warn the user of this
+ # Don't bother doing so if the image exists now, however
+ $image = new Image( $nt );
+ if( $image->wasDeleted() ) {
+ $skin = $wgUser->getSkin();
+ $ltitle = Title::makeTitle( NS_SPECIAL, 'Log' );
+ $llink = $skin->makeKnownLinkObj( $ltitle, wfMsgHtml( 'deletionlog' ), 'type=delete&page=' . $nt->getPrefixedUrl() );
+ $warning .= wfOpenElement( 'li' ) . wfMsgWikiHtml( 'filewasdeleted', $llink ) . wfCloseElement( 'li' );
+ }
}
if( $warning != '' ) {
if ( $success ) {
$this->showSuccess();
+ wfRunHooks( 'UploadComplete', array( &$img ) );
} else {
// Image::recordUpload() fails if the image went missing, which is
// unlikely, hence the lack of a specialised message
* is a PHP-managed upload temporary
*/
function saveUploadedFile( $saveName, $tempName, $useRename = false ) {
- global $wgUploadDirectory, $wgOut;
+ global $wgOut;
$fname= "SpecialUpload::saveUploadedFile";
* @access private
*/
function uploadWarning( $warning ) {
- global $wgOut, $wgUser, $wgUploadDirectory, $wgRequest;
+ global $wgOut;
global $wgUseCopyrightUpload;
$this->mSessionKey = $this->stashSession();
<tr>
<tr>
<td align='right'>
- <input tabindex='2' type='submit' name='wpUpload' value='$save' />
+ <input tabindex='2' type='submit' name='wpUpload' value=\"$save\" />
</td>
<td align='left'>$iw</td>
</tr>
<tr>
<td align='right'>
- <input tabindex='2' type='submit' name='wpReUpload' value='{$reupload}' />
+ <input tabindex='2' type='submit' name='wpReUpload' value=\"{$reupload}\" />
</td>
<td align='left'>$reup</td>
</tr>
* @access private
*/
function mainUploadForm( $msg='' ) {
- global $wgOut, $wgUser, $wgUploadDirectory, $wgRequest;
+ global $wgOut, $wgUser;
global $wgUseCopyrightUpload;
$cols = intval($wgUser->getOption( 'cols' ));
</tr>
<tr>" );
- if ( $licenseshtml != '' ) {
- global $wgStylePath;
- $wgOut->addHTML( "
+ if ( $licenseshtml != '' ) {
+ global $wgStylePath;
+ $wgOut->addHTML( "
<td align='right'><label for='wpLicense'>$license:</label></td>
<td align='left'>
<script type='text/javascript' src=\"$wgStylePath/common/upload.js\"></script>
</tr>
<tr>
");
- }
-
- if ( $wgUseCopyrightUpload ) {
- $filestatus = wfMsgHtml ( 'filestatus' );
- $copystatus = htmlspecialchars( $this->mUploadCopyStatus );
- $filesource = wfMsgHtml ( 'filesource' );
- $uploadsource = htmlspecialchars( $this->mUploadSource );
+ }
- $wgOut->addHTML( "
+ if ( $wgUseCopyrightUpload ) {
+ $filestatus = wfMsgHtml ( 'filestatus' );
+ $copystatus = htmlspecialchars( $this->mUploadCopyStatus );
+ $filesource = wfMsgHtml ( 'filesource' );
+ $uploadsource = htmlspecialchars( $this->mUploadSource );
+
+ $wgOut->addHTML( "
<td align='right' nowrap='nowrap'><label for='wpUploadCopyStatus'>$filestatus:</label></td>
<td><input tabindex='5' type='text' name='wpUploadCopyStatus' id='wpUploadCopyStatus' value=\"$copystatus\" size='40' /></td>
</tr>
</tr>
<tr>
");
- }
+ }
- $wgOut->addHtml( "
+ $wgOut->addHtml( "
<td></td>
<td>
<input tabindex='7' type='checkbox' name='wpWatchthis' id='wpWatchthis' $watchChecked value='true' />
<td></td>
<td align='left'>
" );
- $wgOut->addWikiText( wfMsgForContent( 'edittools' ) );
- $wgOut->addHTML( "
+ $wgOut->addWikiText( wfMsgForContent( 'edittools' ) );
+ $wgOut->addHTML( "
</td>
</tr>
}
#check for htmlish code and javascript
- if( $this->detectScript ( $tmpfile, $mime ) ) {
+ if( $this->detectScript ( $tmpfile, $mime, $extension ) ) {
return new WikiErrorMsg( 'uploadscripted' );
}
*
* @param string $file Pathname to the temporary upload file
* @param string $mime The mime type of the file
+ * @param string $extension The extension of the file
* @return bool true if the file contains something looking like embedded scripts
*/
- function detectScript($file,$mime) {
+ function detectScript($file, $mime, $extension) {
+ global $wgAllowTitlesInSVG;
#ugly hack: for text files, always look at the entire file.
#For binarie field, just check the first K.
'<img',
'<pre',
'<script', #also in safari
- '<table',
- '<title' #also in safari
+ '<table'
);
+ if( ! $wgAllowTitlesInSVG && $extension !== 'svg' && $mime !== 'image/svg' ) {
+ $tags[] = '<title';
+ }
foreach( $tags as $tag ) {
if( false !== strpos( $chunk, $tag ) ) {
* If textual feedback is missing but a virus was found, this function returns true.
*/
function detectVirus($file) {
- global $wgAntivirus, $wgAntivirusSetup, $wgAntivirusRequired;
+ global $wgAntivirus, $wgAntivirusSetup, $wgAntivirusRequired, $wgOut;
$fname= "SpecialUpload::detectVirus";