Merge "Fix return typehint"

diff --git a/includes/Message.php b/includes/Message.php
index 3bd7755..15d9786 100644 (file)
--- a/includes/Message.php
+++ b/includes/Message.php
@@ -290,6 +290,7 @@ class Message implements MessageSpecifier, Serializable {
                        'format' => $this->format,
                        'useDatabase' => $this->useDatabase,
                        'title' => $this->title,
+                       'titlestr' => $this->title ? $this->title->getFullText() : null,
                ] );
        }
 
@@ -300,6 +301,10 @@ class Message implements MessageSpecifier, Serializable {
         */
        public function unserialize( $serialized ) {
                $data = unserialize( $serialized );
+               if ( !is_array( $data ) ) {
+                       throw new InvalidArgumentException( __METHOD__ . ': Invalid serialized data' );
+               }
+
                $this->interface = $data['interface'];
                $this->key = $data['key'];
                $this->keysToTry = $data['keysToTry'];
@@ -307,7 +312,15 @@ class Message implements MessageSpecifier, Serializable {
                $this->format = $data['format'];
                $this->useDatabase = $data['useDatabase'];
                $this->language = $data['language'] ? Language::factory( $data['language'] ) : false;
-               $this->title = $data['title'];
+
+               if ( isset( $data['titlestr'] ) ) {
+                       $this->title = Title::newFromText( $data['titlestr'] );
+               } elseif ( isset( $data['title'] ) && $data['title'] instanceof Title ) {
+                       // Old serializations from before December 2018
+                       $this->title = $data['title'];
+               } else {
+                       $this->title = null; // Explicit for sanity
+               }
        }
 
        /**

diff --git a/includes/Revision/RevisionStore.php b/includes/Revision/RevisionStore.php
index 6d3b72c..fc1f6df 100644 (file)
--- a/includes/Revision/RevisionStore.php
+++ b/includes/Revision/RevisionStore.php
@@ -1624,7 +1624,7 @@ class RevisionStore
                        $row->role_name = $this->slotRoleStore->getName( (int)$row->slot_role_id );
                        $row->model_name = $this->contentModelStore->getName( (int)$row->content_model );
 
-                       $contentCallback = function ( SlotRecord $slot ) use ( $queryFlags, $row ) {
+                       $contentCallback = function ( SlotRecord $slot ) use ( $queryFlags ) {
                                return $this->loadSlotContent( $slot, null, null, null, $queryFlags );
                        };
 

diff --git a/includes/password/PasswordPolicyChecks.php b/includes/password/PasswordPolicyChecks.php
index 04ee6e9..3c56535 100644 (file)
--- a/includes/password/PasswordPolicyChecks.php
+++ b/includes/password/PasswordPolicyChecks.php
@@ -87,7 +87,7 @@ class PasswordPolicyChecks {
                $username = $user->getName();
                $contLang = MediaWikiServices::getInstance()->getContentLanguage();
                if (
-                       $policyVal && $contLang->lc( $password ) === $contLang->lc( $username )
+                       $policyVal && hash_equals( $contLang->lc( $username ), $contLang->lc( $password ) )
                ) {
                        $status->error( 'password-name-match' );
                }
@@ -110,12 +110,15 @@ class PasswordPolicyChecks {
                $status = Status::newGood();
                $username = $user->getName();
                if ( $policyVal ) {
-                       if ( isset( $blockedLogins[$username] ) && $password == $blockedLogins[$username] ) {
+                       if (
+                               isset( $blockedLogins[$username] ) &&
+                               hash_equals( $blockedLogins[$username], $password )
+                       ) {
                                $status->error( 'password-login-forbidden' );
                        }
 
                        // Example from ApiChangeAuthenticationRequest
-                       if ( $password === 'ExamplePassword' ) {
+                       if ( hash_equals( 'ExamplePassword', $password ) ) {
                                $status->error( 'password-login-forbidden' );
                        }
                }

diff --git a/includes/specials/pagers/BlockListPager.php b/includes/specials/pagers/BlockListPager.php
index 74ec6b5..e8a7d2d 100644 (file)
--- a/includes/specials/pagers/BlockListPager.php
+++ b/includes/specials/pagers/BlockListPager.php
@@ -224,7 +224,7 @@ class BlockListPager extends TablePager {
                                                'ul',
                                                [],
                                                implode( '', array_map( function ( $prop ) {
-                                                       return HTML::rawElement(
+                                                       return Html::rawElement(
                                                                'li',
                                                                [],
                                                                $prop
@@ -264,7 +264,7 @@ class BlockListPager extends TablePager {
                                continue;
                        }
 
-                       $items[] = HTML::rawElement(
+                       $items[] = Html::rawElement(
                                'li',
                                [],
                                Linker::link( $restriction->getTitle() )