Commit JeLuF's register_globals fixes, first phase

diff --git a/includes/Article.php b/includes/Article.php
index 7592c7b..c988c80 100644 (file)
--- a/includes/Article.php
+++ b/includes/Article.php
@@ -42,6 +42,8 @@ class Article {
        function getContent( $noredir = false )
        {
                global $action,$section,$count; # From query string
+               $section = $_REQUEST["section"];
+               $count   = $_REQUEST['count'];
                $fname =  "Article::getContent"; 
                wfProfileIn( $fname );
 
@@ -700,6 +702,8 @@ class Article {
        {
                global $wgUser, $wgOut;
                global $wpConfirm, $wpReason, $image, $oldimage;
+               $wpReason  = $_REQUEST["wpReason"];
+               $wpConfirm = $_REQUEST["wpConfirm"];
 
                # This code desperately needs to be totally rewritten
                
@@ -952,6 +956,7 @@ class Article {
        function rollback()
        {
                global $wgUser, $wgLang, $wgOut, $from;
+               $from = $_REQUEST["from"];
 
                if ( ! $wgUser->isSysop() ) {
                        $wgOut->sysopRequired();

diff --git a/includes/EditPage.php b/includes/EditPage.php
index 43aafdf..8879d61 100644 (file)
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -22,6 +22,16 @@ class EditPage {
                global $wgOut, $wgUser, $wgWhitelistEdit;
                global $wpTextbox1, $wpSummary, $wpSave, $wpPreview;
                global $wpMinoredit, $wpEdittime, $wpTextbox2;
+               global $wpSection , $wpWatchthis;
+               $wpTextbox1 = $_REQUEST["wpTextbox1"];
+               $wpSummary  = $_REQUEST["wpSummary"];
+               $wpSave     = $_REQUEST["wpSave"];
+               $wpPreview  = $_REQUEST["wpPreview"];
+               $wpMinoredit= $_REQUEST["wpMinoredit"];
+               $wpEdittime = $_REQUEST["wpEdittime"];
+               $wpTextbox2 = $_REQUEST["wpTextbox2"];
+               $wpWatchthis = $_REQUEST["wpWatchthis"];
+               $wpSection = $_REQUEST["wpSection"];
 
                $fields = array( "wpTextbox1", "wpSummary", "wpTextbox2" );
                wfCleanFormFields( $fields );

diff --git a/includes/Setup.php b/includes/Setup.php
index 3079dc5..5306ca5 100644 (file)
--- a/includes/Setup.php
+++ b/includes/Setup.php
@@ -91,10 +91,15 @@ if( !$wgCommandLineMode ) {
        session_set_cookie_params( 0, $wgCookiePath, $wgCookieDomain );
        session_cache_limiter( "private, must-revalidate" );
        session_start();
-       session_register( "wsUserID" );
-       session_register( "wsUserName" );
-       session_register( "wsUserPassword" );
-       session_register( "wsUploadFiles" );
+       global $wsUserID, $wsUserName, $wsUserPassword, $wsUploadFiles;
+       # Reaad back session variables
+       $wsUserID       = $_SESSION["wsUserID"];
+       $wsUserName     = $_SESSION["wsUserName"];
+       $wsUserPassword = $_SESSION["wsUserPassword"];
+       $wsUploadFiles  = $_SESSION["wsUploadFiles"];
+
+
+
 }
 
 $wgUser = User::loadFromSession();

diff --git a/includes/SpecialAsksql.php b/includes/SpecialAsksql.php
index a4ecf02..a52aa1f 100644 (file)
--- a/includes/SpecialAsksql.php
+++ b/includes/SpecialAsksql.php
@@ -23,6 +23,7 @@ class SqlQueryForm {
                global $wgOut, $wgUser, $wgLang;
                global $wpSqlQuery;
                global $wgLogQueries;
+               $wpSqlQuery = $_REQUEST["wpSqlQuery"];
 
                $wgOut->setPagetitle( wfMsg( "asksql" ) );
                $note = wfMsg( "asksqltext" );
@@ -61,6 +62,7 @@ class SqlQueryForm {
                global $wgOut, $wgUser, $wgServer, $wgScript, $wgArticlePath, $wgLang;
                global $wpSqlQuery;
                global $wgDBsqluser, $wgDBsqlpassword;
+               $wpSqlQuery = $_REQUEST["wpSqlQuery"];
 
                # Use a limit, folks!
                $wpSqlQuery = trim( $wpSqlQuery );

diff --git a/includes/SpecialBlockip.php b/includes/SpecialBlockip.php
index f03e535..6851d99 100644 (file)
--- a/includes/SpecialBlockip.php
+++ b/includes/SpecialBlockip.php
@@ -23,6 +23,9 @@ class IPBlockForm {
        {
                global $wgOut, $wgUser, $wgLang;
                global $ip, $wpBlockAddress, $wpBlockReason;
+               $wpBlockAddress  = $_REQUEST["wpBlockAddress"];
+               $wpBlockReason   = $_REQUEST["wpBlockReason"];
+               $ip              = $_REQUEST["ip"];
 
                $wgOut->setPagetitle( wfMsg( "blockip" ) );
                $wgOut->addWikiText( wfMsg( "blockiptext" ) );
@@ -60,6 +63,9 @@ class IPBlockForm {
        {
                global $wgOut, $wgUser, $wgLang;
                global $ip, $wpBlockAddress, $wpBlockReason, $wgSysopUserBans;
+               $wpBlockAddress  = $_REQUEST["wpBlockAddress"];
+               $wpBlockReason   = $_REQUEST["wpBlockReason"];
+               $ip              = $_REQUEST["ip"];
                
                $userId = 0;
                $wpBlockAddress = trim( $wpBlockAddress );
@@ -103,11 +109,10 @@ class IPBlockForm {
        function showSuccess()
        {
                global $wgOut, $wgUser;
-               global $ip;
 
                $wgOut->setPagetitle( wfMsg( "blockip" ) );
                $wgOut->setSubtitle( wfMsg( "blockipsuccesssub" ) );
-               $text = wfMsg( "blockipsuccesstext", $ip );
+               $text = wfMsg( "blockipsuccesstext", $_REQUEST["ip"] );
                $wgOut->addWikiText( $text );
        }
 }

diff --git a/includes/SpecialEmailuser.php b/includes/SpecialEmailuser.php
index ababac2..4140f14 100644 (file)
--- a/includes/SpecialEmailuser.php
+++ b/includes/SpecialEmailuser.php
@@ -53,6 +53,8 @@ class EmailUserForm {
        {
                global $wgOut, $wgUser, $wgLang;
                global $wpSubject, $wpText, $target;
+               $wpSubject = $_REQUEST["wpSubject"];
+               $wpText    = $_REQUEST["wpText"];
 
                $wgOut->setPagetitle( wfMsg( "emailpage" ) );
                $wgOut->addWikiText( wfMsg( "emailpagetext" ) );
@@ -105,9 +107,11 @@ class EmailUserForm {
        {
                global $wgOut, $wgUser, $wgLang, $wgOutputEncoding;
                global $wpSubject, $wpText, $target;
+               $wpSubject = $_REQUEST["wpSubject"];
+               $wpText    = $_REQUEST["wpText"];
            
                $from = wfQuotedPrintable( $wgUser->getName() ) . " <" . $wgUser->getEmail() . ">";
-           $to = wfQuotedPrintable( $this->mAddress );
+               $to = wfQuotedPrintable( $this->mAddress );
 
                $headers =
                        "MIME-Version: 1.0\r\n" .

diff --git a/includes/SpecialImagelist.php b/includes/SpecialImagelist.php
index 9224467..d7fde56 100644 (file)
--- a/includes/SpecialImagelist.php
+++ b/includes/SpecialImagelist.php
@@ -4,6 +4,9 @@ function wfSpecialImagelist()
 {
        global $wgUser, $wgOut, $wgLang, $sort;
        global $wpIlMatch, $wpIlSubmit;
+       $sort        = $_REQUEST['sort'];
+       $wpIlMatch   = $_REQUEST["wpIlMatch"];
+       $wpIlSubmit  = $_REQUEST["wpIlSubmit"];
 
        $fields = array( 'wpIlMatch' );
        wfCleanFormFields( $fields );

diff --git a/includes/SpecialPreferences.php b/includes/SpecialPreferences.php
index 6c0c396..9069347 100644 (file)
--- a/includes/SpecialPreferences.php
+++ b/includes/SpecialPreferences.php
@@ -65,6 +65,25 @@ function wfSpecialPreferences()
        global $wpSkin, $wpMath, $wpDate, $wpUserEmail, $wpEmailFlag, $wpNick, $wpSearch, $wpRecent;
        global $wpSearchLines, $wpSearchChars, $wpStubs;
        global $wpRows, $wpCols, $wpHourDiff, $HTTP_POST_VARS;
+       $wpQuickbar    = $_REQUEST["wpQuickbar"];
+       $wpOldpass     = $_REQUEST["wpOldpass"];
+       $wpNewpass     = $_REQUEST["wpNewpass"];
+       $wpRetypePass  = $_REQUEST["wpRetypePass"];
+       $wpSkin        = $_REQUEST["wpSkin"];
+       $wpMath        = $_REQUEST["wpMath"];
+       $wpDate        = $_REQUEST["wpDate"];
+       $wpUserEmail   = $_REQUEST["wpUserEmail"];
+       $wpEmailFlag   = $_REQUEST["wpEmailFlag"];
+       $wpNick        = $_REQUEST["wpNick"];
+       $wpSearch      = $_REQUEST["wpSearch"];
+       $wpRecent      = $_REQUEST["wpRecent"];
+       $wpSearchLines = $_REQUEST["wpSearchLines"];
+       $wpSearchChars = $_REQUEST["wpSearchChars"];
+       $wpStubs       = $_REQUEST["wpStubs"];
+       $wpRows        = $_REQUEST["wpRows"];
+       $wpCols        = $_REQUEST["wpCols"];
+       $wpHourDiff    = $_REQUEST["wpHourDiff"];
+
 
        if ( "" != $wpNewpass ) {
                if ( $wpNewpass != $wpRetypePass ) {
@@ -101,8 +120,7 @@ function wfSpecialPreferences()
        foreach ( $namespaces as $i => $namespaces ) {
                if ( $i >= 0 ) {
                        $nsvar = "wpNs$i";
-                       global $$nsvar;
-                       $wgUser->setOption( "searchNs{$i}", validateCheckbox( $$nsvar ) );
+                       $wgUser->setOption( "searchNs{$i}", validateCheckbox( $_REQUEST[$nsvar] ) );
                }
        }
 

diff --git a/includes/SpecialRecentchanges.php b/includes/SpecialRecentchanges.php
index c0fa2ca..bb3855a 100644 (file)
--- a/includes/SpecialRecentchanges.php
+++ b/includes/SpecialRecentchanges.php
@@ -4,6 +4,11 @@ function wfSpecialRecentchanges( $par )
 {
        global $wgUser, $wgOut, $wgLang, $wgTitle;
        global $days, $hideminor, $from, $hidebots; # From query string
+       $days      = $_REQUEST["days"];
+       $hideminor = $_REQUEST["hideminor"];
+       $from      = $_REQUEST["from"];
+       $hidebots  = $_REQUEST["hidebots"];
+
        $fname = "wfSpecialRecentchanges";
 
        if( $par ) {

diff --git a/includes/SpecialRecentchangeslinked.php b/includes/SpecialRecentchangeslinked.php
index 458cfe6..fa86e3a 100644 (file)
--- a/includes/SpecialRecentchangeslinked.php
+++ b/includes/SpecialRecentchangeslinked.php
@@ -5,6 +5,10 @@ function wfSpecialRecentchangeslinked( $par = NULL )
 {
        global $wgUser, $wgOut, $wgLang, $wgTitle;
        global $days, $target, $hideminor; # From query string
+       $days      = $_REQUEST["days"];
+       $hideminor = $_REQUEST["hideminor"];
+       $from      = $_REQUEST["from"];
+
        $fname = "wfSpecialRecentchangeslinked";
 
        $wgOut->setPagetitle( wfMsg( "recentchanges" ) );

diff --git a/includes/SpecialUndelete.php b/includes/SpecialUndelete.php
index 6c8a24b..8d308d3 100644 (file)
--- a/includes/SpecialUndelete.php
+++ b/includes/SpecialUndelete.php
@@ -3,6 +3,8 @@
 function wfSpecialUndelete( $par )
 {
     global $wgLang, $wgUser, $wgOut, $action, $target, $timestamp, $restore;
+    $restore   = $_REQUEST["restore"];
+    $timestamp = $_REQUEST["timestamp"];
     
        if( $par != "" ) $target = $par;
     if( isset($target ) ) {

diff --git a/includes/SpecialUnusedimages.php b/includes/SpecialUnusedimages.php
index a594be0..9b32f55 100644 (file)
--- a/includes/SpecialUnusedimages.php
+++ b/includes/SpecialUnusedimages.php
@@ -4,6 +4,9 @@ function wfSpecialUnusedimages()
 {
        global $wgUser, $wgOut, $wgLang, $wgTitle;
        global $limit, $offset; # From query string
+       $limit  = $_REQUEST["limit"];
+       $offset = $_REQUEST["offset"];
+
        $fname = "wfSpecialUnusedimages";
 
        list( $limit, $offset ) = wfCheckLimits();

diff --git a/includes/SpecialUpload.php b/includes/SpecialUpload.php
index 16ab982..5f69dc2 100644 (file)
--- a/includes/SpecialUpload.php
+++ b/includes/SpecialUpload.php
@@ -4,6 +4,8 @@ function wfSpecialUpload()
 {
        global $wgUser, $wgOut, $wpUpload, $wpReUpload, $action;
        global $wgDisableUploads;
+       $wpUpload   = $_REQUEST["wpUpload"];
+       $wpReUpload = $_REQUEST["wpReUpload"];
        
        $fields = array( "wpUploadFile", "wpUploadDescription" );
        wfCleanFormFields( $fields );
@@ -39,6 +41,16 @@ function processUpload()
        global $wpUploadSaveName, $wpUploadTempName, $wpUploadSize;
        global $wgSavedFile, $wgUploadOldVersion, $wpUploadOldVersion;
        global $wgUseCopyrightUpload , $wpUploadCopyStatus , $wpUploadSource ;
+       $wpUploadAffirm       = $_REQUEST["wpUploadAffirm"];
+       $wpUploadFile         = $_REQUEST["wpUploadFile"];
+       $wpUploadDescription  = $_REQUEST["wpUploadDescription"];
+       $wpIgnoreWarning      = $_REQUEST["wpIgnoreWarning"];
+       $wpUploadSaveName     = $_REQUEST["wpUploadSaveName"];
+       $wpUploadTempName     = $_REQUEST["wpUploadTempName"];
+       $wpUploadSize         = $_REQUEST["wpUploadSize"];
+       $wpUploadOldVersion   = $_REQUEST["wpUploadOldVersion"];
+       $wpUploadCopyStatus   = $_REQUEST["wpUploadCopyStatus"];
+       $wpUploadSource       = $_REQUEST["wpUploadSource"];
 
        if ( $wgUseCopyrightUpload )
          {
@@ -144,6 +156,7 @@ function unsaveUploadedFile()
 {
        global $wpSessionKey, $wpUploadOldVersion;
        global $wgUploadDirectory, $wgOut, $wsUploadFiles;
+       $wpSessionKey       = $_REQUEST["wpSessionKey"];
        
        $wgSavedFile = $wsUploadFiles[$wpSessionKey];
        $wgUploadOldVersion = $wpUploadOldVersion;
@@ -173,6 +186,7 @@ function uploadWarning( $warning )
        global $wgSavedFile, $wgUploadOldVersion;
        global $wpSessionKey, $wpUploadOldVersion, $wsUploadFiles;
        global $wgUseCopyrightUpload , $wpUploadCopyStatus , $wpUploadSource ;
+       $wpSessionKey       = $_REQUEST["wpSessionKey"];
 
        # wgSavedFile is stored in the session not the form, for security
        $wpSessionKey = mt_rand( 0, 0x7fffffff );
@@ -225,6 +239,14 @@ function mainUploadForm( $msg )
        global $wpUploadDescription, $wpIgnoreWarning;
        global $wgUseCopyrightUpload , $wpUploadSource , $wpUploadCopyStatus ;
 
+       $wpUpload            = $_REQUEST["wpUpload"];
+       $wpUploadAffirm      = $_REQUEST["wpUploadAffirm"];
+       $wpUploadFile        = $_REQUEST["wpUploadFile"];
+       $wpUploadDescription = $_REQUEST["wpUploadDescription"];
+       $wpIgnoreWarning     = $_REQUEST["wpIgnoreWarning"];
+       $wpUploadSource      = $_REQUEST["wpUploadSource"];
+       $wpUploadCopyStatus  = $_REQUEST["wpUploadCopyStatus"];
+
        if ( "" != $msg ) {
                $sub = wfMsg( "uploaderror" );
                $wgOut->addHTML( "<h2>{$sub}</h2>\n" .

diff --git a/includes/SpecialUserlogin.php b/includes/SpecialUserlogin.php
index f84f640..96e553c 100644 (file)
--- a/includes/SpecialUserlogin.php
+++ b/includes/SpecialUserlogin.php
@@ -5,6 +5,10 @@ function wfSpecialUserlogin()
        global $wpCreateaccount, $wpCreateaccountMail;
        global $wpLoginattempt, $wpMailmypassword;
        global $action;
+       $wpCreateaccount     = $_REQUEST["wpCreateaccount"];
+       $wpCreateaccountMail = $_REQUEST["wpCreateaccountMail"];
+       $wpLoginattempt      = $_REQUEST["wpLoginattempt"];
+       $wpMailmypassword    = $_REQUEST["wpMailmypassword"];
 
        $fields = array( "wpName", "wpPassword", "wpName",
          "wpPassword", "wpRetype", "wpEmail" );
@@ -27,6 +31,8 @@ function wfSpecialUserlogin()
 /* private */ function addNewAccountMailPassword()
 {
        global $wgOut, $wpEmail, $wpName;
+       $wpEmail = $_REQUEST["wpEmail"];
+       $wpName  = $_REQUEST["wpName"];
        
        if ("" == $wpEmail) {
                mainLoginForm( wfMsg( "noemail", $wpName ) );
@@ -60,6 +66,11 @@ function wfSpecialUserlogin()
 {
        global $wgUser, $wgOut, $wpPassword, $wpRetype, $wpName, $wpRemember;
        global $wpEmail, $wgDeferredUpdateList;
+       $wpPassword = $_REQUEST["wpPassword"];
+       $wpRetype   = $_REQUEST["wpRetype"];
+       $wpName     = $_REQUEST["wpName"];
+       $wpRemember = $_REQUEST["wpRemember"];
+       $wpEmail    = $_REQUEST["wpEmail"];
 
        $u = addNewAccountInternal();
 
@@ -81,6 +92,7 @@ function wfSpecialUserlogin()
                 return;
         }
 
+
        if (!$wgUser->isAllowedToCreateAccount()) {
                userNotPrivilegedMessage();
                return;
@@ -125,6 +137,9 @@ function wfSpecialUserlogin()
 {
        global $wgUser, $wpName, $wpPassword, $wpRemember;
        global $returnto;
+       $wpPassword = $_REQUEST["wpPassword"];
+       $wpName     = $_REQUEST["wpName"];
+       $wpRemember = $_REQUEST["wpRemember"];
 
         if (!cookieCheck()) {
                 return;

diff --git a/includes/SpecialWatchlist.php b/includes/SpecialWatchlist.php
index 7ec0fdd..61c2aa1 100644 (file)
--- a/includes/SpecialWatchlist.php
+++ b/includes/SpecialWatchlist.php
@@ -6,6 +6,10 @@ function wfSpecialWatchlist()
 {
        global $wgUser, $wgOut, $wgLang, $wgTitle;
        global $days, $limit, $target; # From query string
+       $days      = $_REQUEST["days"];
+       $limit     = $_REQUEST["limit"];
+       $target    = $_REQUEST["target"];
+
        $fname = "wfSpecialWatchlist";
 
        $wgOut->setPagetitle( wfMsg( "watchlist" ) );

diff --git a/includes/User.php b/includes/User.php
index 06be141..0adb815 100644 (file)
--- a/includes/User.php
+++ b/includes/User.php
@@ -493,6 +493,11 @@ class User {
                } else {
                        setcookie( "{$wgDBname}Password", "", time() - 3600 );
                }
+               # Store Session variables
+               $_SESSION["wsUserID"]       = $wsUserID;
+               $_SESSION["wsUserName"]     = $wsUserName;
+               $_SESSION["wsUserPassword"] = $wsUserPassword;
+               $_SESSION["wsUploadFiles"]  = $wsUploadFiles;
        }
 
        function logout()