<?php
/**
*
+ * @package MediaWiki
+ * @subpackage SpecialPage
*/
/**
$ipu = new IPUnblockForm( $ip, $reason );
if ( "success" == $action ) {
- $msg = wfMsg( "ipusuccess", $ip );
+ $msg = wfMsg( "ipusuccess", htmlspecialchars( $ip ) );
$ipu->showList( $msg );
- } else if ( "submit" == $action && $wgRequest->wasPosted() ) {
- if ( ! $wgUser->isSysop() ) {
+ } else if ( "submit" == $action && $wgRequest->wasPosted() &&
+ $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+ if ( ! $wgUser->isAllowed('block') ) {
$wgOut->sysopRequired();
return;
}
/**
*
+ * @package MediaWiki
+ * @subpackage SpecialPage
*/
class IPUnblockForm {
var $ip, $reason;
$wgOut->setSubtitle( wfMsg( "formerror" ) );
$wgOut->addHTML( "<p class='error'>{$err}</p>\n" );
}
+ $token = htmlspecialchars( $wgUser->editToken() );
$wgOut->addHTML( "
<form id=\"unblockip\" method=\"post\" action=\"{$action}\">
</td>
</tr>
</table>
+ <input type='hidden' name='wpEditToken' value=\"{$token}\" />
</form>\n" );
}
* Callback function to output a block
*/
function wfAddRow( $block, $tag ) {
- global $wgOut, $wgUser, $wgLang;
+ global $wgOut, $wgUser, $wgLang, $wgContLang;
$sk = $wgUser->getSkin();
$addr = $block->mAuto ? "#{$block->mId}" : $block->mAddress;
$name = User::whoIs( $block->mBy );
- $ulink = $sk->makeKnownLink( $wgLang->getNsText( Namespace::getUser() ). ":{$name}", $name );
+ $ulink = $sk->makeKnownLinkObj( Title::makeTitle( NS_USER, $name ), $name );
$formattedTime = $wgLang->timeanddate( $block->mTimestamp, true );
if ( $block->mExpiry === "" ) {
$wgOut->addHTML( " ({$clink})" );
}
- if ( $wgUser->isSysop() ) {
+ if ( $wgUser->isAllowed('block') ) {
$titleObj = Title::makeTitle( NS_SPECIAL, "Ipblocklist" );
$ublink = "<a href=\"" .
$titleObj->escapeLocalURL( "action=unblock&ip=" . urlencode( $addr ) ) . "\">" .
wfMsg( "unblocklink" ) . "</a>";
$wgOut->addHTML( " ({$ublink})" );
}
- if ( "" != $block->mReason ) {
- $wgOut->addHTML( " <em>(" . htmlspecialchars( $block->mReason ) .
- ")</em>" );
- }
+ $wgOut->addHTML( $sk->commentBlock( $block->mReason ) );
$wgOut->addHTML( "</li>\n" );
}