From 4e198a96e4ebd28b14a3e0927770f7dc6d73e974 Mon Sep 17 00:00:00 2001
From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Wed, 20 Aug 2014 11:17:35 -0400
Subject: [PATCH] API: Adjust feature usage log format

On the advice of the Research Analyst, quote all data fields and add
slashes to escape quotes.

Change-Id: I3471475c0ae7a11398a774b1a14d023676259c04
Follows-up: Ifd640883e46f3e6c8179c63d122c704b046674ca
---
 includes/api/ApiBase.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php
index 23a386775d..fc87a4767f 100644
--- a/includes/api/ApiBase.php
+++ b/includes/api/ApiBase.php
@@ -2242,11 +2242,11 @@ abstract class ApiBase extends ContextSource {
 	 */
 	protected function logFeatureUsage( $feature ) {
 		$request = $this->getRequest();
-		$s = $feature .
-			' ' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) .
-			' ' . $request->getIP() .
-			' "' . $request->getHeader( 'Referer' ) . '"' .
-			' "' . $request->getHeader( 'User-agent' ) . '"';
+		$s = '"' . addslashes( $feature ) . '"' .
+			' "' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) . '"' .
+			' "' . $request->getIP() . '"' .
+			' "' . addslashes( $request->getHeader( 'Referer' ) ) . '"' .
+			' "' . addslashes( $request->getHeader( 'User-agent' ) ) . '"';
 		wfDebugLog( 'api-feature-usage', $s, 'private' );
 	}
 }
-- 
2.20.1