function doDeleteArticle( $title )
{
- global $wgUser, $wgOut, $wgLang, $wpReason;
+ global $wgUser, $wgOut, $wgLang, $wgRequest;
global $wgUseSquid, $wgDeferredUpdateList, $wgInternalServer;
$fname = "Article::doDeleteArticle";
$log = new LogPage( wfMsg( "dellogpage" ), wfMsg( "dellogpagetext" ) );
$art = $title->getPrefixedText();
- $wpReason = wfCleanQueryVar( $wpReason );
+ $wpReason = $wgRequest->getText( "wpReason" );
$log->addEntry( wfMsg( "deletedarticle", $art ), $wpReason );
# Clear the cached article id so the interface doesn't act like we exist
function rollback()
{
- global $wgUser, $wgLang, $wgOut, $from;
+ global $wgUser, $wgLang, $wgOut, $wgRequest;
if ( ! $wgUser->isSysop() ) {
$wgOut->sysopRequired();
}
# Enhanced rollback, marks edits rc_bot=1
- $bot = !!$_REQUEST['bot'];
+ $bot = $wgRequest->getBool( 'bot' );
# Replace all this user's current edits with the next one down
$tt = wfStrencode( $this->mTitle->getDBKey() );
$uid = $s->cur_user;
$pid = $s->cur_id;
- $from = str_replace( '_', ' ', wfCleanQueryVar( $from ) );
+ $from = str_replace( '_', ' ', $wgRequest->getVal( "from" ) );
if( $from != $s->cur_user_text ) {
$wgOut->setPageTitle(wfmsg("rollbackfailed"));
$wgOut->addWikiText( wfMsg( "alreadyrolled",
var $mArticle;
var $mTitle;
+ # Form values
+ var $save = false, $preview = false;
+ var $minoredit = false, $watchthis = false;
+ var $textbox1 = "", $textbox2 = "", $summary = "";
+ var $edittime = "", $section = "";
+ var $oldid = 0;
+
function EditPage( $article ) {
$this->mArticle =& $article;
global $wgTitle;
function edit()
{
- global $wgOut, $wgUser, $wgWhitelistEdit;
- global $wpTextbox1, $wpSummary, $wpSave, $wpPreview;
- global $wpMinoredit, $wpEdittime, $wpTextbox2;
+ global $wgOut, $wgUser, $wgWhitelistEdit, $wgRequest;
// this is not an article
$wgOut->setArticleFlag(false);
- $fields = array( "wpTextbox1", "wpSummary", "wpTextbox2" );
- wfCleanFormFields( $fields );
+ $this->importFormData( $wgRequest );
if ( ! $this->mTitle->userCanEdit() ) {
$wgOut->readOnlyPage( $this->mArticle->getContent(), true );
return;
}
if ( wfReadOnly() ) {
- if( isset( $wpSave ) or isset( $wpPreview ) ) {
+ if( $this->save || $this->preview ) {
$this->editForm( "preview" );
} else {
$wgOut->readOnlyPage( $this->mArticle->getContent() );
}
return;
}
- if ( $_SERVER['REQUEST_METHOD'] != "POST" ) unset( $wpSave );
- if ( isset( $wpSave ) ) {
+ if( !$wgRequest->wasPosted() ) $this->save = false;
+ if ( $this->save ) {
$this->editForm( "save" );
- } else if ( isset( $wpPreview ) ) {
+ } else if ( $this->preview ) {
$this->editForm( "preview" );
} else { # First time through
$this->editForm( "initial" );
}
}
+ function importFormData( &$request ) {
+ # These fields need to be checked for encoding.
+ # Also remove trailing whitespace, but don't remove _initial_
+ # whitespace from the text boxes. This may be significant formatting.
+ $this->textbox1 = rtrim( $request->getText( "wpTextbox1" ) );
+ $this->textbox2 = rtrim( $request->getText( "wpTextbox2" ) );
+ $this->summary = trim( $request->getText( "wpSummary" ) );
+
+ $this->edittime = $request->getVal( 'wpEdittime' );
+ if( !preg_match( '/^\d{14}$/', $this->edittime ) ) $this->edittime = "";
+
+ $this->save = $request->getCheck( 'wpSave' );
+ $this->preview = $request->getCheck( 'wpPreview' );
+ $this->minoredit = $request->getCheck( 'wpMinoredit' );
+ $this->watchthis = $request->getCheck( 'wpWatchthis' );
+
+ $this->oldid = $request->getInt( 'oldid' );
+
+ # Section edit can come from either the form or a link
+ $this->section = $request->getVal( 'wpSection', $request->getVal( 'section' ) );
+ }
+
# Since there is only one text field on the edit form,
# pressing <enter> will cause the form to be submitted, but
# the submit button value won't appear in the query, so we
function submit()
{
- global $wpSave, $wpPreview;
- if ( ! isset( $wpPreview ) ) { $wpSave = 1; }
+ if( !$this->preview ) $this->save = true;
$this->edit();
}
function editForm( $formtype )
{
global $wgOut, $wgUser;
- global $wpTextbox1, $wpSummary, $wpWatchthis;
- global $wpSave, $wpPreview;
- global $wpMinoredit, $wpEdittime, $wpTextbox2, $wpSection;
- global $oldid, $redirect, $section;
global $wgLang, $wgParser, $wgTitle;
global $wgAllowAnonymousMinor;
- if(isset($wpSection)) { $section=$wpSection; } else { $wpSection=$section; }
-
$sk = $wgUser->getSkin();
$isConflict = false;
- $wpTextbox1 = rtrim ( $wpTextbox1 ) ; # To avoid text getting longer on each preview
if(!$this->mTitle->getArticleID()) { # new article
$wgOut->addWikiText(wfmsg("newarticletext"));
$aid = $this->mTitle->getArticleID();
if ( 0 == $aid ) {
- # we need to strip Windoze linebreaks because some browsers
- # append them and the string comparison fails
- if ( ( "" == $wpTextbox1 ) ||
- ( wfMsg( "newarticletext" ) == rtrim( preg_replace("/\r/","",$wpTextbox1) ) ) ) {
+ # Don't save a new article if it's blank.
+ if ( ( "" == $this->textbox1 ) ||
+ ( wfMsg( "newarticletext" ) == $this->textbox1 ) ) {
$wgOut->redirect( $this->mTitle->getFullURL() );
return;
}
- $this->mArticle->insertNewArticle( $wpTextbox1, $wpSummary, $wpMinoredit, $wpWatchthis );
+ $this->mArticle->insertNewArticle( $this->textbox1, $this->summary, $this->minoredit, $this->watchthis );
return;
}
# Article exists. Check for edit conflict.
# Don't check for conflict when appending a comment - this should always work
$this->mArticle->clear(); # Force reload of dates, etc.
- if ( $section!="new" && ( $this->mArticle->getTimestamp() != $wpEdittime ) ) {
+ if( ( $this->section != "new" ) &&
+ ( $this->mArticle->getTimestamp() != $this->edittime ) ) {
$isConflict = true;
}
- $u = $wgUser->getID();
+ $userid = $wgUser->getID();
# Suppress edit conflict with self
- if ( ( 0 != $u ) && ( $this->mArticle->getUser() == $u ) ) {
+ if ( ( 0 != $userid ) && ( $this->mArticle->getUser() == $userid ) ) {
$isConflict = false;
} else {
# switch from section editing to normal editing in edit conflict
+ # FIXME: This is confusing. In theory we should attempt to merge, finding
+ # the equivalent section if it's unchanged and avoid the conflict.
if($isConflict) {
- $section="";$wpSection="";
+ $this->section = "";
}
-
}
if ( ! $isConflict ) {
# All's well: update the article here
- if($this->mArticle->updateArticle( $wpTextbox1, $wpSummary, $wpMinoredit, $wpWatchthis, $wpSection ))
+ if($this->mArticle->updateArticle( $this->textbox1, $this->summary, $this->minoredit, $this->watchthis, $this->section ))
return;
else
$isConflict = true;
# checking, etc.
if ( "initial" == $formtype ) {
- $wpEdittime = $this->mArticle->getTimestamp();
- $wpTextbox1 = $this->mArticle->getContent(true);
- $wpSummary = "";
+ $this->edittime = $this->mArticle->getTimestamp();
+ $this->textbox1 = $this->mArticle->getContent(true);
+ $this->summary = "";
}
$wgOut->setRobotpolicy( "noindex,nofollow" );
$wgOut->setPageTitle( $s );
$wgOut->addHTML( wfMsg( "explainconflict" ) );
- $wpTextbox2 = $wpTextbox1;
- $wpTextbox1 = $this->mArticle->getContent(true);
- $wpEdittime = $this->mArticle->getTimestamp();
+ $this->textbox2 = $this->textbox1;
+ $this->textbox1 = $this->mArticle->getContent(true);
+ $this->edittime = $this->mArticle->getTimestamp();
} else {
$s = wfMsg( "editing", $this->mTitle->getPrefixedText() );
- if($section!="") {
- if($section=="new") {
+ if( $this->section != "" ) {
+ if( $this->section == "new" ) {
$s.=wfMsg("commentedit");
} else {
$s.=wfMsg("sectionedit");
}
}
$wgOut->setPageTitle( $s );
- if ( $oldid ) {
+ if ( $this->oldid ) {
$this->mArticle->setOldSubtitle();
$wgOut->addHTML( wfMsg( "editingold" ) );
}
"</strong><br />\n" );
}
- $kblength = (int)(strlen( $wpTextbox1 ) / 1024);
+ $kblength = (int)(strlen( $this->textbox1 ) / 1024);
if( $kblength > 29 ) {
$wgOut->addHTML( "<strong>" .
wfMsg( "longpagewarning", $kblength )
else $ew = "" ;
$q = "action=submit";
- if ( "no" == $redirect ) { $q .= "&redirect=no"; }
+ #if ( "no" == $redirect ) { $q .= "&redirect=no"; }
$action = $this->mTitle->escapeLocalURL( $q );
$summary = wfMsg( "summary" );
$copywarn = wfMsg( "copyrightwarning", $sk->makeKnownLink(
wfMsg( "copyrightpage" ) ) );
- $wpTextbox1 = wfEscapeHTML( $wpTextbox1 );
- $wpTextbox2 = wfEscapeHTML( $wpTextbox2 );
- $wpSummary = wfEscapeHTML( $wpSummary );
-
-
if($wgUser->getOption("showtoolbar")) {
// prepare toolbar for edit buttons
$toolbar=$sk->getEditToolbar();
}
// activate checkboxes if user wants them to be always active
- if (!$wpPreview && $wgUser->getOption("watchdefault")) $wpWatchthis=1;
- if (!$wpPreview && $wgUser->getOption("minordefault")) $wpMinoredit=1;
-
- // activate checkbox also if user is already watching the page,
- // require wpWatchthis to be unset so that second condition is not
- // checked unnecessarily
- if (!$wpWatchthis && !$wpPreview && $this->mTitle->userIsWatching()) $wpWatchthis=1;
-
- $minoredithtml = "";
+ if( !$this->preview ) {
+ if( $wgUser->getOption( "watchdefault" ) ) $this->watchthis = true;
+ if( $wgUser->getOption( "minordefault" ) ) $this->minoredit = true;
+
+ // activate checkbox also if user is already watching the page,
+ // require wpWatchthis to be unset so that second condition is not
+ // checked unnecessarily
+ if( !$this->watchthis && $this->mTitle->userIsWatching() ) $this->watchthis = true;
+ }
+
+ $minoredithtml = "";
if ( 0 != $wgUser->getID() || $wgAllowAnonymousMinor ) {
$minoredithtml =
- "<input tabindex=3 type=checkbox value=1 name='wpMinoredit'".($wpMinoredit?" checked":"")." id='wpMinoredit'>".
+ "<input tabindex='3' type='checkbox' value='1' name='wpMinoredit'".($this->minoredit?" checked":"")." id='wpMinoredit'>".
"<label for='wpMinoredit'>{$minor}</label>";
}
-
- $watchhtml = "";
-
+
+ $watchhtml = "";
+
if ( 0 != $wgUser->getID() ) {
- $watchhtml = "<input tabindex=4 type=checkbox name='wpWatchthis'".($wpWatchthis?" checked":"")." id='wpWatchthis'>".
+ $watchhtml = "<input tabindex='4' type='checkbox' name='wpWatchthis'".($this->watchthis?" checked":"")." id='wpWatchthis'>".
"<label for='wpWatchthis'>{$watchthis}</label>";
-
}
-
- $checkboxhtml= $minoredithtml . $watchhtml . "<br>";
+
+ $checkboxhtml = $minoredithtml . $watchhtml . "<br>";
if ( "preview" == $formtype) {
-
$previewhead="<h2>" . wfMsg( "preview" ) . "</h2>\n<p><large><center><font color=\"#cc0000\">" .
- wfMsg( "note" ) . wfMsg( "previewnote" ) . "</font></center></large><P>\n";
+ wfMsg( "note" ) . wfMsg( "previewnote" ) . "</font></center></large><p>\n";
if ( $isConflict ) {
$previewhead.="<h2>" . wfMsg( "previewconflict" ) .
"</h2>\n";
}
- $previewtext = wfUnescapeHTML( $wpTextbox1 );
+ $previewtext = wfUnescapeHTML( $this->textbox1 );
$parserOptions = ParserOptions::newFromUser( $wgUser );
$parserOptions->setUseCategoryMagic( false );
# if this is a comment, show a subject line at the top, which is also the edit summary.
# Otherwise, show a summary field at the bottom
- if($section=="new") {
- $commentsubject="{$subject}: <input tabindex=1 type=text value=\"{$wpSummary}\" name=\"wpSummary\" maxlength=200 size=60><br>";
+ $summarytext = htmlspecialchars( $wgLang->recodeForEdit( $this->summary ) ); # FIXME
+ if( $this->section == "new" ) {
+ $commentsubject="{$subject}: <input tabindex='1' type='text' value=\"$summarytext\" name=\"wpSummary\" maxlength='200' size='60'><br>";
$editsummary = "";
} else {
$commentsubject = "";
- $editsummary="{$summary}: <input tabindex=3 type=text value=\"{$wpSummary}\" name=\"wpSummary\" maxlength=200 size=60><br>";
+ $editsummary="{$summary}: <input tabindex='3' type='text' value=\"$summarytext\" name=\"wpSummary\" maxlength='200' size='60'><br>";
}
- if( $_GET["action"] == "edit" ) {
+ if( !$this->preview ) {
# Don't select the edit box on preview; this interferes with seeing what's going on.
$wgOut->setOnloadHandler( "document.editform.wpTextbox1.focus()" );
}
<form id=\"editform\" name=\"editform\" method=\"post\" action=\"$action\"
enctype=\"application/x-www-form-urlencoded\">
{$commentsubject}
-<textarea tabindex=2 name=\"wpTextbox1\" rows={$rows}
-cols={$cols}{$ew} wrap=\"virtual\">" .
-$wgLang->recodeForEdit( $wpTextbox1 ) .
+<textarea tabindex='2' name=\"wpTextbox1\" rows='{$rows}'
+cols='{$cols}'{$ew} wrap=\"virtual\">" .
+htmlspecialchars( $wgLang->recodeForEdit( $this->textbox1 ) ) .
"
</textarea>
<br>{$editsummary}
{$checkboxhtml}
-<input tabindex=5 type=submit value=\"{$save}\" name=\"wpSave\" accesskey=\"s\">
-<input tabindex=6 type=submit value=\"{$prev}\" name=\"wpPreview\" accesskey=\"p\">
+<input tabindex='5' type='submit' value=\"{$save}\" name=\"wpSave\" accesskey=\"s\">
+<input tabindex='6' type='submit' value=\"{$prev}\" name=\"wpPreview\" accesskey=\"p\">
<em>{$cancel}</em> | <em>{$edithelp}</em>
<br><br>{$copywarn}
-<input type=hidden value=\"{$section}\" name=\"wpSection\">
-<input type=hidden value=\"{$wpEdittime}\" name=\"wpEdittime\">\n" );
+<input type=hidden value=\"" . htmlspecialchars( $this->section ) . "\" name=\"wpSection\">
+<input type=hidden value=\"{$this->edittime}\" name=\"wpEdittime\">\n" );
if ( $isConflict ) {
$wgOut->addHTML( "<h2>" . wfMsg( "yourdiff" ) . "</h2>\n" );
wfMsg( "yourtext" ), wfMsg( "storedversion" ) );
$wgOut->addHTML( "<h2>" . wfMsg( "yourtext" ) . "</h2>
-<textarea tabindex=6 name=\"wpTextbox2\" rows={$rows} cols={$cols} wrap=virtual>"
-. $wgLang->recodeForEdit( $wpTextbox2 ) .
+<textarea tabindex=6 name=\"wpTextbox2\" rows='{$rows}' cols='{$cols}' wrap='virtual'>"
+. htmlspecialchars( $wgLang->recodeForEdit( $wpTextbox2 ) ) .
"
</textarea>" );
}
}
function wfFullUrl( $a, $q = "" ) {
- die( "Call to obsolete function wfFullUrl()" );
+ wfDebugDieBacktrace( "Call to obsolete function wfFullUrl(); use Title::getFullURL" );
}
function wfFullUrlE( $a, $q = "" ) {
- die( "Call to obsolete function wfFullUrlE()" );
+ wfDebugDieBacktrace( "Call to obsolete function wfFullUrlE(); use Title::getFullUrlE" );
}
function wfCleanFormFields( $fields )
{
- global $HTTP_POST_VARS;
- global $wgInputEncoding, $wgOutputEncoding, $wgEditEncoding, $wgLang;
-
- if ( get_magic_quotes_gpc() ) {
- foreach ( $fields as $fname ) {
- if ( isset( $HTTP_POST_VARS[$fname] ) ) {
- $HTTP_POST_VARS[$fname] = stripslashes(
- $HTTP_POST_VARS[$fname] );
- }
- global ${$fname};
- if ( isset( ${$fname} ) ) {
- ${$fname} = stripslashes( ${$fname} );
- }
- }
- }
- $enc = $wgOutputEncoding;
- if( $wgEditEncoding != "") $enc = $wgEditEncoding;
- if ( $enc != $wgInputEncoding ) {
- foreach ( $fields as $fname ) {
- if ( isset( $HTTP_POST_VARS[$fname] ) ) {
- $HTTP_POST_VARS[$fname] = $wgLang->iconv(
- $wgOutputEncoding, $wgInputEncoding,
- $HTTP_POST_VARS[$fname] );
- }
- global ${$fname};
- if ( isset( ${$fname} ) ) {
- ${$fname} = $wgLang->iconv(
- $enc, $wgInputEncoding, ${$fname} );
- }
- }
- }
+ wfDebugDieBacktrace( "Call to obsolete wfCleanFormFields(). Use wgRequest instead..." );
}
function wfMungeQuotes( $in )
function wfCleanQueryVar( $var )
{
- global $wgLang;
- if ( get_magic_quotes_gpc() ) {
- $var = stripslashes( $var );
- }
- return $wgLang->recodeInput( $var );
+ wfDebugDieBacktrace( "Call to obsolete function wfCleanQueryVar(); use wgRequest instead" );
}
function wfSpecialPage()
function wfSearch( $s )
{
- $se = new SearchEngine( wfCleanQueryVar( $s ) );
+ $se = new SearchEngine( $s );
$se->showResults();
}
function wfGo( $s )
{ # pick the nearest match
- $se = new SearchEngine( wfCleanQueryVar( $s ) );
+ $se = new SearchEngine( $s );
$se->goResult();
}
# Yay, more global functions!
function wfCheckLimits( $deflimit = 50, $optionname = "rclimit" ) {
- global $wgUser;
+ global $wgUser, $wgRequest;
- if( isset( $_REQUEST['limit'] ) ) {
- $limit = IntVal( $_REQUEST['limit'] );
- } else {
- $limit = 0;
- }
+ $limit = $wgRequest->getInt( 'limit', 0 );
if( $limit < 0 ) $limit = 0;
if( ( $limit == 0 ) && ( $optionname != "" ) ) {
$limit = (int)$wgUser->getOption( $optionname );
if( $limit <= 0 ) $limit = $deflimit;
if( $limit > 5000 ) $limit = 5000; # We have *some* limits...
- if( isset( $_REQUEST['offset'] ) ) {
- $offset = IntVal( $_REQUEST['offset'] );
- } else {
- $offset = 0;
- }
+ $offset = $wgRequest->getInt( 'offset', 0 );
if( $offset < 0 ) $offset = 0;
if( $offset > 65000 ) $offset = 65000; # do we need a max? what?
function fixBrokenLinks() {
/* Update any brokenlinks *to* this page */
/* Call for a newly created page, or just to make sure state is consistent */
+ $fname = "LinksUpdate::fixBrokenLinks";
$sql = "SELECT bl_from FROM brokenlinks WHERE bl_to='{$this->mTitleEnc}'";
$res = wfQuery( $sql, DB_READ, $fname );
}
$d = $wgLang->timeanddate( wfTimestampNow(), false );
- preg_match( "/^(.*?)<ul>(.*)$/sD", $this->mContent, $m );
-
+ if( preg_match( "/^(.*?)<ul>(.*)$/sD", $this->mContent, $m ) ) {
+ $before = $m[1];
+ $after = $m[2];
+ } else {
+ $before = "";
+ $after = "";
+ }
+
if($textaction)
$this->mComment = $textaction;
else
# comment gets escaped again, so we use the unescaped version
$this->mComment .= ": {$comment}";
}
- $this->mContent = "{$m[1]}<ul><li>{$d} {$ul} {$action}{$inline}</li>\n{$m[2]}";
+ $this->mContent = "{$before}<ul><li>{$d} {$ul} {$action}{$inline}</li>\n{$after}";
# TODO: automatic log rotation...
$this->mOptions = $options;
$this->mTitle = $title;
if ( $clearState ) {
- $this->clearState;
+ $this->clearState();
}
$stripState = false;
function feedUrl() {
global $wgLang;
- return wfFullUrl( $wgLang->SpecialPage( $this->getName() ) );
+ $title = Title::MakeTitle( NS_SPECIAL, $this->getName() );
+ return $title->getFullURL();
}
}
include_once( "BlockCache.php" );
include_once( "Parser.php" );
include_once( "ParserCache.php" );
+include_once( "WebRequest.php" );
+$wgRequest = new WebRequest();
+
wfProfileOut( "$fname-includes" );
wfProfileIn( "$fname-memcached" );
function wfSpecialAsksql()
{
- global $wgUser, $wgOut, $action;
+ global $wgUser, $wgOut, $wgRequest;
if ( ! $wgUser->isSysop() ) {
$wgOut->sysopRequired();
return;
}
- $fields = array( "wpSqlQuery" );
- wfCleanFormFields( $fields );
- $f = new SqlQueryForm();
+
+ if( $wgRequest->wasPosted() ) {
+ $query = $wgRequest->getVal( 'wpSqlQuery' );
+ $action = $wgRequest->getVal( 'action' );
+ } else {
+ $query = "";
+ $action = "";
+ }
+ $f = new SqlQueryForm( $query);
- if ( "submit" == $action ) { $f->doSubmit(); }
- else { $f->showForm( "" ); }
+ if ( "submit" == $action ) {
+ $f->doSubmit();
+ } else {
+ $f->showForm( "" );
+ }
}
class SqlQueryForm {
-
+ var $query = "";
+
+ function SqlQueryForm( $query ) {
+ $this->query = $query;
+ }
+
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang;
- global $wpSqlQuery;
global $wgLogQueries;
$wgOut->setPagetitle( wfMsg( "asksql" ) );
if ( "" != $err ) {
$wgOut->addHTML( "<p><font color='red' size='+1'>" . htmlspecialchars($err) . "</font>\n" );
}
- if ( ! $wpSqlQuery ) { $wpSqlQuery = "SELECT ... FROM ... WHERE ..."; }
+ if ( ! $this->query ) { $this->query = "SELECT ... FROM ... WHERE ..."; }
$q = wfMsg( "sqlquery" );
$qb = wfMsg( "querybtn" );
$titleObj = Title::makeTitle( NS_SPECIAL, "Asksql" );
<td align=right>{$q}:</td>
<td align=left>
<textarea name=\"wpSqlQuery\" cols=80 rows=4 wrap=\"virtual\">"
-. htmlspecialchars($wpSqlQuery) ."
+. htmlspecialchars($this->query) ."
</textarea>
</td>
</tr><tr>
function doSubmit()
{
global $wgOut, $wgUser, $wgServer, $wgScript, $wgArticlePath, $wgLang;
- global $wpSqlQuery;
global $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname, $wgSqlTimeout;
# Use a limit, folks!
- $wpSqlQuery = trim( $wpSqlQuery );
- if( preg_match( "/^SELECT/i", $wpSqlQuery )
- and !preg_match( "/LIMIT/i", $wpSqlQuery ) ) {
- $wpSqlQuery .= " LIMIT 100";
+ $this->query = trim( $this->query );
+ if( preg_match( "/^SELECT/i", $this->query )
+ and !preg_match( "/LIMIT/i", $this->query ) ) {
+ $this->query .= " LIMIT 100";
}
$conn = Database::newFromParams( $wgDBserver, $wgDBsqluser, $wgDBsqlpassword, $wgDBname );
- $this->logQuery( $wpSqlQuery );
+ $this->logQuery( $this->query );
# Start timer, will kill the DB thread in $wgSqlTimeout seconds
$conn->startTimer( $wgSqlTimeout );
- $res = $conn->query( $wpSqlQuery, "SpecialAsksql::doSubmit" );
+ $res = $conn->query( $this->query, "SpecialAsksql::doSubmit" );
$conn->stopTimer();
$this->logFinishedQuery();
function wfSpecialBlockip()
{
- global $wgUser, $wgOut, $action;
+ global $wgUser, $wgOut, $wgRequest;
if ( ! $wgUser->isSysop() ) {
$wgOut->sysopRequired();
return;
}
- $fields = array( "wpBlockAddress", "wpBlockReason", "wpBlockExpiry" );
- wfCleanFormFields( $fields );
$ipb = new IPBlockForm();
+ $action = $wgRequest->getVal( 'action' );
if ( "success" == $action ) { $ipb->showSuccess(); }
- else if ( "submit" == $action ) { $ipb->doSubmit(); }
+ else if ( $wgRequest->wasPosted() && "submit" == $action ) { $ipb->doSubmit(); }
else { $ipb->showForm( "" ); }
}
class IPBlockForm {
+ var $BlockAddress, $BlockExpiry, $BlockReason;
+ function IPBlockForm() {
+ global $wgRequest;
+ $this->BlockAddress = $wgRequest->getVal( 'wpBlockAddress', $wgRequest->getVal( 'ip' ) );
+ $this->BlockReason = $wgRequest->getText( 'wpBlockReason' );
+ $this->BlockExpiry = $wgRequest->getVal( 'wpBlockExpiry' );
+ }
+
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang, $wgDefaultBlockExpiry;
- global $ip, $wpBlockAddress, $wpBlockExpiry, $wpBlockReason;
+ global $wgRequest;
$wgOut->setPagetitle( wfMsg( "blockip" ) );
$wgOut->addWikiText( wfMsg( "blockiptext" ) );
- if ( ! $wpBlockAddress ) {
- $wpBlockAddress = $ip;
- }
-
- if ( is_null( $wpBlockExpiry ) || $wpBlockExpiry === "" ) {
- $wpBlockExpiry = $wgDefaultBlockExpiry;
+ if ( is_null( $this->BlockExpiry ) || $this->BlockExpiry === "" ) {
+ $this->BlockExpiry = $wgDefaultBlockExpiry;
}
$mIpaddress = wfMsg( "ipaddress" );
$wgOut->addHTML( "<p><font color='red' size='+1'>{$err}</font>\n" );
}
- $scBlockAddress = htmlspecialchars( $wpBlockAddress );
- $scBlockExpiry = htmlspecialchars( $wpBlockExpiry );
- $scBlockReason = htmlspecialchars( $wpBlockReason );
+ $scBlockAddress = htmlspecialchars( $this->BlockAddress );
+ $scBlockExpiry = htmlspecialchars( $this->BlockExpiry );
+ $scBlockReason = htmlspecialchars( $this->BlockReason );
$wgOut->addHTML( "<p>
<form id=\"blockip\" method=\"post\" action=\"{$action}\">
function doSubmit()
{
global $wgOut, $wgUser, $wgLang;
- global $ip, $wpBlockAddress, $wpBlockReason, $wpBlockExpiry;
global $wgSysopUserBans, $wgSysopRangeBans;
$userId = 0;
- $wpBlockAddress = trim( $wpBlockAddress );
+ $this->BlockAddress = trim( $this->BlockAddress );
$rxIP = '\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}';
# Check for invalid specifications
- if ( ! preg_match( "/^$rxIP$/", $wpBlockAddress ) ) {
- if ( preg_match( "/^($rxIP)\\/(\\d{1,2})$/", $wpBlockAddress, $matches ) ) {
+ if ( ! preg_match( "/^$rxIP$/", $this->BlockAddress ) ) {
+ if ( preg_match( "/^($rxIP)\\/(\\d{1,2})$/", $this->BlockAddress, $matches ) ) {
if ( $wgSysopRangeBans ) {
if ( $matches[2] > 31 || $matches[2] < 16 ) {
$this->showForm( wfMsg( "ip_range_invalid" ) );
}
- $wpBlockAddress = Block::normaliseRange( $wpBlockAddress );
+ $this->BlockAddress = Block::normaliseRange( $this->BlockAddress );
} else {
# Range block illegal
$this->showForm( wfMsg( "range_block_disabled" ) );
} else {
# Username block
if ( $wgSysopUserBans ) {
- $userId = User::idFromName( $wpBlockAddress );
+ $userId = User::idFromName( $this->BlockAddress );
if ( $userId == 0 ) {
- $this->showForm( wfMsg( "nosuchuser", htmlspecialchars( $wpBlockAddress ) ) );
+ $this->showForm( wfMsg( "nosuchuser", htmlspecialchars( $this->BlockAddress ) ) );
return;
}
} else {
}
}
- if ( $wpBlockExpiry == "infinite" || $wpBlockExpiry == "indefinite" ) {
+ if ( $this->BlockExpiry == "infinite" || $this->BlockExpiry == "indefinite" ) {
$expiry = '';
} else {
# Convert GNU-style date, returns -1 on error
- $expiry = strtotime( $wpBlockExpiry );
+ $expiry = strtotime( $this->BlockExpiry );
if ( $expiry < 0 ) {
$this->showForm( wfMsg( "ipb_expiry_invalid" ) );
}
- if ( "" == $wpBlockReason ) {
+ if ( "" == $this->BlockReason ) {
$this->showForm( wfMsg( "noblockreason" ) );
return;
}
# Create block
# Note: for a user block, ipb_address is only for display purposes
- $ban = new Block( $wpBlockAddress, $userId, $wgUser->getID(),
- wfStrencode( $wpBlockReason ), wfTimestampNow(), 0, $expiry );
+ $ban = new Block( $this->BlockAddress, $userId, $wgUser->getID(),
+ wfStrencode( $this->BlockReason ), wfTimestampNow(), 0, $expiry );
$ban->insert();
# Make log entry
$log = new LogPage( wfMsg( "blocklogpage" ), wfMsg( "blocklogtext" ) );
- $action = wfMsg( "blocklogentry", $wpBlockAddress, $wpBlockExpiry );
- $log->addEntry( $action, $wpBlockReason );
+ $action = wfMsg( "blocklogentry", $this->BlockAddress, $this->BlockExpiry );
+ $log->addEntry( $action, $this->BlockReason );
# Report to the user
$titleObj = Title::makeTitle( NS_SPECIAL, "Blockip" );
- $wgOut->redirect( $titleObj->getFullURL( "action=success&ip={$wpBlockAddress}" ) );
+ $wgOut->redirect( $titleObj->getFullURL( "action=success&ip={$this->BlockAddress}" ) );
}
function showSuccess()
{
global $wgOut, $wgUser;
- global $ip;
$wgOut->setPagetitle( wfMsg( "blockip" ) );
$wgOut->setSubtitle( wfMsg( "blockipsuccesssub" ) );
- $text = wfMsg( "blockipsuccesstext", $ip );
+ $text = wfMsg( "blockipsuccesstext", $this->BlockAddress );
$wgOut->addWikiText( $text );
}
}
function wfSpecialContributions( $par = "" )
{
- global $wgUser, $wgOut, $wgLang, $target, $hideminor;
+ global $wgUser, $wgOut, $wgLang, $wgRequest;
$fname = "wfSpecialContributions";
$sysop = $wgUser->isSysop();
if( $par )
$target = $par;
else
- $target = wfCleanQueryVar( $target );
+ $target = $wgResult->getVal( 'target' );
if ( "" == $target ) {
$wgOut->errorpage( "notargettitle", "notargettext" );
list( $limit, $offset ) = wfCheckLimits( 50, "" );
$offlimit = $limit + $offset;
$querylimit = $offlimit + 1;
- $hideminor = ($hideminor ? 1 : 0);
+ $hideminor = ($wgRequest->getVal( 'hideminor' ) ? 1 : 0);
$nt = Title::newFromURL( $target );
$nt->setNamespace( Namespace::getUser() );
function wfSpecialEmailuser()
{
- global $wgUser, $wgOut, $action, $target;
+ global $wgUser, $wgOut, $wgRequest;
if ( 0 == $wgUser->getID() ||
( false === strpos( $wgUser->getEmail(), "@" ) ) ) {
$wgOut->errorpage( "mailnologin", "mailnologintext" );
return;
}
- $target = wfCleanQueryVar( $target );
+ $action = $wgRequest->getVal( $action );
+ $target = $wgRequest->getVal( $target );
if ( "" == $target ) {
$wgOut->errorpage( "notargettitle", "notargettext" );
return;
$wgOut->errorpage( "noemailtitle", "noemailtext" );
return;
}
- $fields = array( "wpSubject", "wpText" );
- wfCleanFormFields( $fields );
- $f = new EmailUserForm( $nu->getName() . " <{$address}>" );
+ $f = new EmailUserForm( $nu->getName() . " <{$address}>", $target );
if ( "success" == $action ) { $f->showSuccess(); }
- else if ( "submit" == $action ) { $f->doSubmit(); }
+ else if ( "submit" == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
else { $f->showForm( "" ); }
}
class EmailUserForm {
var $mAddress;
+ var $target;
+ var $text, $subject;
- function EmailUserForm( $addr )
+ function EmailUserForm( $addr, $target )
{
+ global $wgRequest;
$this->mAddress = $addr;
+ $this->target = $target;
+ $this->text = $wgRequest->getText( 'wpText' );
+ $this->subject = $wgRequest->getText( 'wpSubject' );
}
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang;
- global $wpSubject, $wpText, $target;
+ global $wpSubject, $wpText;
$wgOut->setPagetitle( wfMsg( "emailpage" ) );
$wgOut->addWikiText( wfMsg( "emailpagetext" ) );
$emf = wfMsg( "emailfrom" );
$sender = $wgUser->getName();
$emt = wfMsg( "emailto" );
- $rcpt = str_replace( "_", " ", urldecode( $target ) );
+ $rcpt = str_replace( "_", " ", $this->target );
$emr = wfMsg( "emailsubject" );
$emm = wfMsg( "emailmessage" );
$ems = wfMsg( "emailsend" );
$titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
- $action = $titleObj->escapeLocalURL( "target={$target}&action=submit" );
+ $action = $titleObj->escapeLocalURL( "target={$this->target}&action=submit" );
if ( "" != $err ) {
$wgOut->setSubtitle( wfMsg( "formerror" ) );
function doSubmit()
{
global $wgOut, $wgUser, $wgLang, $wgOutputEncoding;
- global $wpSubject, $wpText, $target;
+ global $wpSubject, $wpText, $this->target;
$from = wfQuotedPrintable( $wgUser->getName() ) . " <" . $wgUser->getEmail() . ">";
if (! $mailResult)
{
$titleObj = Title::makeTitle( NS_SPECIAL, "Emailuser" );
- $wgOut->redirect( $titleObj->getFullURL( "target={$target}&action=success" ) );
+ $wgOut->redirect( $titleObj->getFullURL( "target={$this->target}&action=success" ) );
}
else
$wgOut->addHTML( wfMsg( "usermailererror" ) . $mailResult);
function wfSpecialImagelist()
{
- global $wgUser, $wgOut, $wgLang, $sort;
- global $wpIlMatch, $wpIlSubmit;
-
- $fields = array( 'wpIlMatch' );
- wfCleanFormFields( $fields );
+ global $wgUser, $wgOut, $wgLang, $wgRequest;
+
+ $sort = $wgRequest->getVal( 'sort' );
+ $wpIlMatch = $wgRequest->getText( 'wpIlMatch' );
$sql = "SELECT img_size,img_name,img_user,img_user_text," .
"img_description,img_timestamp FROM image";
function wfSpecialIpblocklist()
{
- global $wgUser, $wgOut, $action, $ip;
-
- $fields = array( "wpUnblockAddress" );
- wfCleanFormFields( $fields );
- $ipu = new IPUnblockForm();
+ global $wgUser, $wgOut, $wgRequest, $action;
+
+ $ip = $wgRequest->getVal( 'wpUnblockAddress', $wgRequest->getVal( 'ip' ) );
+ $reason = $wgRequest->getText( 'wpUnblockReason' );
+
+ $ipu = new IPUnblockForm( $ip, $reason );
if ( "success" == $action ) {
$msg = wfMsg( "ipusuccess", $ip );
$ipu->showList( $msg );
- } else if ( "submit" == $action ) {
+ } else if ( "submit" == $action && $wgRequest->wasPosted() ) {
if ( ! $wgUser->isSysop() ) {
$wgOut->sysopRequired();
return;
}
class IPUnblockForm {
-
+ var $ip, $reason;
+
+ function IPUnblockForm( $ip, $reason ) {
+ $this->ip = $ip;
+ $this->reason = $reason;
+ }
+
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang;
- global $ip, $wpUnblockAddress;
$wgOut->setPagetitle( wfMsg( "unblockip" ) );
$wgOut->addWikiText( wfMsg( "unblockiptext" ) );
- if ( ! $wpUnblockAddress ) { $wpUnblockAddress = $ip; }
$ipa = wfMsg( "ipaddress" );
$ipr = wfMsg( "ipbreason" );
- $ipus = wfMsg( "ipusubmit" );
+ $ipus = htmlspecialchars( wfMsg( "ipusubmit" ) );
$titleObj = Title::makeTitle( NS_SPECIAL, "Ipblocklist" );
$action = $titleObj->escapeLocalURL( "action=submit" );
$wgOut->setSubtitle( wfMsg( "formerror" ) );
$wgOut->addHTML( "<p><font color='red' size='+1'>{$err}</font>\n" );
}
+
$wgOut->addHTML( "<p>
<form id=\"unblockip\" method=\"post\" action=\"{$action}\">
<table border=0><tr>
<td align=right>{$ipa}:</td>
<td align=left>
-<input tabindex=1 type=text size=20 name=\"wpUnblockAddress\" value=\"{$wpUnblockAddress}\">
+<input tabindex=1 type=text size=20 name=\"wpUnblockAddress\" value=\"" . htmlspecialchars( $this->ip ) . "\">
</td></tr><tr>
<td align=right>{$ipr}:</td>
<td align=left>
-<input tabindex=1 type=text size=40 name=\"wpUnblockReason\" value=\"{$wpUnblockReason}\">
+<input tabindex=1 type=text size=40 name=\"wpUnblockReason\" value=\"" . htmlspecialchars( $this->reason ) . "\">
</td></tr><tr>
<td> </td><td align=left>
<input tabindex=2 type=submit name=\"wpBlock\" value=\"{$ipus}\">
function doSubmit()
{
global $wgOut, $wgUser, $wgLang;
- global $wpUnblockAddress, $wpUnblockReason;
$block = new Block();
- $wpUnblockAddress = trim( $wpUnblockAddress );
+ $this->ip = trim( $this->ip );
- if ( $wpUnblockAddress{0} == "#" ) {
- $block->mId = substr( $wpUnblockAddress, 1 );
+ if ( $this->ip{0} == "#" ) {
+ $block->mId = substr( $this->ip, 1 );
} else {
- $block->mAddress = $wpUnblockAddress;
+ $block->mAddress = $this->ip;
}
# Delete block (if it exists)
# Make log entry
$log = new LogPage( wfMsg( "blocklogpage" ), wfMsg( "blocklogtext" ) );
- $action = wfMsg( "unblocklogentry", $wpUnblockAddress );
- $log->addEntry( $action, $wpUnblockReason );
+ $action = wfMsg( "unblocklogentry", $this->ip );
+ $log->addEntry( $action, $this->reason );
# Report to the user
$titleObj = Title::makeTitle( NS_SPECIAL, "Ipblocklist" );
- $success = $titleObj->getFullURL( "action=success&ip=" . urlencode($wpUnblockAddress) );
+ $success = $titleObj->getFullURL( "action=success&ip=" . urlencode( $this->ip ) );
$wgOut->redirect( $success );
}
# Callback function to output a block
function wfAddRow( $block, $tag ) {
- global $wgOut, $wgUser, $wgLang, $ip;
+ global $wgOut, $wgUser, $wgLang;
$sk = $wgUser->getSkin();
function wfSpecialLockdb()
{
- global $wgUser, $wgOut, $action;
+ global $wgUser, $wgOut, $wgRequest, $action;
if ( ! $wgUser->isDeveloper() ) {
$wgOut->developerRequired();
return;
}
- $fields = array( "wpLockReason" );
- wfCleanFormFields( $fields );
$f = new DBLockForm();
if ( "success" == $action ) { $f->showSuccess(); }
- else if ( "submit" == $action ) { $f->doSubmit(); }
+ else if ( "submit" == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
else { $f->showForm( "" ); }
}
class DBLockForm {
-
+ var $reason = "";
+
+ function DBLockForm() {
+ global $wgRequest;
+ $this->reason = $wgRequest->getText( 'wpLockReason' );
+ }
+
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang;
function doSubmit()
{
- global $wgOut, $wgUser, $wgLang;
- global $wpLockConfirm, $wpLockReason, $wgReadOnlyFile;
+ global $wgOut, $wgUser, $wgLang, $wgRequest;
+ global $wgReadOnlyFile;
- if ( ! $wpLockConfirm ) {
+ if ( ! $wgRequest->getCheck( 'wpLockConfirm' ) ) {
$this->showForm( wfMsg( "locknoconfirm" ) );
return;
}
$wgOut->fileNotFoundError( $wgReadOnlyFile );
return;
}
- fwrite( $fp, $wpLockReason );
+ fwrite( $fp, $this->reason );
fwrite( $fp, "\n<p>(by " . $wgUser->getName() . " at " .
$wgLang->timeanddate( wfTimestampNow() ) . ")\n" );
fclose( $fp );
function showSuccess()
{
global $wgOut, $wgUser;
- global $ip;
$wgOut->setPagetitle( wfMsg( "lockdb" ) );
$wgOut->setSubtitle( wfMsg( "lockdbsuccesssub" ) );
- $wgOut->addWikiText( wfMsg( "lockdbsuccesstext", $ip ) );
+ $wgOut->addWikiText( wfMsg( "lockdbsuccesstext" ) );
}
}
function wfSpecialMovepage()
{
- global $wgUser, $wgOut;
+ global $wgUser, $wgOut, $wgRequest, $action;
if ( 0 == $wgUser->getID() or $wgUser->isBlocked() ) {
$wgOut->errorpage( "movenologin", "movenologintext" );
$wgOut->readOnlyPage();
return;
}
- $fields = array( "wpNewTitle", "wpOldTitle" );
- wfCleanFormFields( $fields );
$f = new MovePageForm();
- if ( "success" == $_REQUEST['action'] ) { $f->showSuccess(); }
- else if ( "submit" == $_REQUEST['action'] ) { $f->doSubmit(); }
+ if ( "success" == $action ) { $f->showSuccess(); }
+ else if ( "submit" == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
else { $f->showForm( "" ); }
}
class MovePageForm {
-
+ var $oldTitle, $newTitle; # Text input
+
var $ot, $nt; # Old, new Title objects
var $ons, $nns; # Namespaces
var $odt, $ndt; # Pagenames (dbkey form)
var $oldid, $newid; # "cur_id" field (yes, both from "cur")
var $talkmoved = 0;
+ function MovePageForm() {
+ global $wgRequest;
+ $this->oldTitle = $wgRequest->getText( 'wpOldTitle', $wgRequest->getVal( 'target' ) );
+ $this->newTitle = $wgRequest->getText( 'wpNewTitle' );
+ }
+
function showForm( $err )
{
global $wgOut, $wgUser, $wgLang;
$wgOut->setPagetitle( wfMsg( "movepage" ) );
- if ( ! $_REQUEST['wpOldTitle'] ) {
- if ( "" == $_REQUEST['target'] ) {
- $wgOut->errorpage( "notargettitle", "notargettext" );
- return;
- }
- $oldTitle = htmlspecialchars( $_REQUEST['target'] );
- } else {
- $oldTitle = htmlspecialchars( $_REQUEST['wpOldTitle'] );
+ if ( empty( $this->oldTitle ) ) {
+ $wgOut->errorpage( "notargettitle", "notargettext" );
+ return;
}
- $encOldTitle = htmlspecialchars( $oldTitle );
- $encNewTitle = htmlspecialchars( $_REQUEST['wpNewTitle'] );
- $ot = Title::newFromURL( $oldTitle );
+ $encOldTitle = htmlspecialchars( $this->oldTitle );
+ $encNewTitle = htmlspecialchars( $this->newTitle );
+ $ot = Title::newFromURL( $this->oldTitle );
$ott = $ot->getPrefixedText();
$wgOut->addWikiText( wfMsg( "movepagetext" ) );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) )
+ if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
$wgOut->addWikiText( "\n\n" . wfMsg( "movepagetalktext" ) );
+ }
$ma = wfMsg( "movearticle" );
$newt = wfMsg( "newtitle" );
global $wgUseSquid, $wgInternalServer;
$fname = "MovePageForm::doSubmit";
- $this->ot = Title::newFromText( $_REQUEST['wpOldTitle'] );
- $this->nt = Title::newFromText( $_REQUEST['wpNewTitle'] );
+ $this->ot = Title::newFromText( $this->oldTitle );
+ $this->nt = Title::newFromText( $this->newTitle );
if( !$this->ot or !$this->nt ) {
$this->showForm( wfMsg( "badtitletext" ) );
return;
( "" != $this->ot->getInterwiki() ) ||
( !$this->ot->userCanEdit() ) ||
( !$this->oldid ) ||
- ( ! Namespace::isMovable( $nns ) ) ||
+ ( ! Namespace::isMovable( $this->nns ) ) ||
( "" == $this->ndt ) ||
( "" != $this->nt->getInterwiki() ) ||
( !$this->nt->userCanEdit() ) ||
}
function getSQL( $offset, $limit ) {
- return "SELECT rc_title AS cur_title,rc_user AS cur_user,rc_user_text AS cur_user_text,rc_comment as cur_comment," .
+ return "SELECT rc_namespace AS cur_namespace, rc_title AS cur_title,rc_user AS cur_user,rc_user_text AS cur_user_text,rc_comment as cur_comment," .
"rc_timestamp AS cur_timestamp,length(cur_text) as cur_length FROM recentchanges,cur " .
"WHERE rc_cur_id=cur_id AND rc_new=1 AND rc_namespace=0 AND cur_is_redirect=0 " .
"ORDER BY rc_timestamp DESC LIMIT {$offset}, {$limit}";
function wfSpecialNewpages()
{
+ global $wgRequest;
list( $limit, $offset ) = wfCheckLimits();
$npp = new NewPagesPage();
-
- if( !$npp->doFeed( $_GET["feed"] ) ) {
+ if( !$npp->doFeed( $wgRequest->getVal( 'feed' ) ) ) {
$npp->doQuery( $offset, $limit );
}
}
function wfSpecialPreferences()
{
global $wgUser, $wgOut, $wgUseDynamicDates, $action;
- global $wpSaveprefs, $wpReset;
-
- $fields = array( "wpOldpass", "wpNewpass", "wpRetypePass",
- "wpUserEmail", "wpNick" );
- wfCleanFormFields( $fields );
+ global $wpSaveprefs, $wpReset, $wgRequest;
+
+ # EWWWWWW temp hack
+ global $wpOldpass, $wpNewpass, $wpRetypePass, $wpNick, $wpUserEmail;
+ $wpOldpass = $wgRequest->getText( 'wpOldpass' );
+ $wpNewpass = $wgRequest->getText( 'wpNewpass' );
+ $wpRetypePass = $wgRequest->getText( 'wpRetypePass' );
+ $wpNick = $wgRequest->getText( 'wpNick' );
+ $wpUserEmail = $wgRequest->getVal( 'wpUserEmail' );
if ( 0 == $wgUser->getID() ) {
$wgOut->errorpage( "prefsnologin", "prefsnologintext" );
{
global $wgUser, $wgOut, $wpUpload, $wpReUpload, $action;
global $wgDisableUploads;
-
- $fields = array( "wpUploadFile", "wpUploadDescription" );
- wfCleanFormFields( $fields );
if ( $wgDisableUploads ) {
$wgOut->addWikiText( wfMsg( "uploaddisabled" ) );
$wpUploadSize = $HTTP_POST_FILES['wpUploadFile']['size'];
}
$prev = error_reporting( E_ALL & ~( E_NOTICE | E_WARNING ) );
- $oname = wfCleanQueryVar( $HTTP_POST_FILES['wpUploadFile']['name'] );
- if ( $wpUploadSaveName != "" ) $wpUploadSaveName = wfCleanQueryVar( $wpUploadSaveName );
+ $oname = $wgRequest->getVal( $HTTP_POST_FILES['wpUploadFile'], 'name' );
error_reporting( $prev );
if ( "" != $oname ) {
}
$fields = array( "wpName", "wpPassword", "wpName",
- "wpPassword", "wpRetype", "wpEmail" );
- wfCleanFormFields( $fields );
+ "wpPassword", "wpRetype" );
+ # FIXME: UGLY HACK
+ foreach( $fields as $x ) {
+ $_REQUEST[$x] = $wgRequest->getText( $x );
+ }
# When switching accounts, it sucks to get automatically logged out
global $wgLang;
# For links that came from outside, check for alternate/legacy
# character encoding.
- wfDebug( "Refer: {$_SERVER['HTTP_REFERER']}\n" );
wfDebug( "Servr: $wgServer\n" );
if( empty( $_SERVER["HTTP_REFERER"] ) ||
strncmp($wgServer, $_SERVER["HTTP_REFERER"], strlen( $wgServer ) ) )
{
$s = $wgLang->checkTitleEncoding( $s );
+ } else {
+ wfDebug( "Refer: {$_SERVER['HTTP_REFERER']}\n" );
}
$t->mDbkeyform = str_replace( " ", "_", $s );
}
/* static */ function duplicateEntries( $ot, $nt ) {
+ $fname = "WatchedItem::duplicateEntries";
global $wgMemc, $wgDBname;
$oldnamespace = $ot->getNamespace() & ~1;
$newnamespace = $nt->getNamespace() & ~1;
--- /dev/null
+<?php
+
+# Hypothetically, we could use a WebRequest object to fake a
+# self-contained request.
+
+## Enable this to debug total elimination of register_globals
+#define( "DEBUG_GLOBALS", 1 );
+
+# Deal with importing all those nasssty globals and things
+class WebRequest {
+ function WebRequest() {
+ if( defined('DEBUG_GLOBALS') ) error_reporting(E_ALL);
+
+ $this->checkMagicQuotes();
+ $this->checkRegisterGlobals();
+ }
+
+ function &fix_magic_quotes( &$arr ) {
+ foreach( $arr as $key => $val ) {
+ if( is_array( $val ) ) {
+ $this->fix_magic_quotes( $arr[$key] );
+ } else {
+ $arr[$key] = stripslashes( $val );
+ }
+ }
+ return $arr;
+ }
+
+ function checkMagicQuotes() {
+ if ( get_magic_quotes_gpc() ) {
+ $this->fix_magic_quotes( $_COOKIE );
+ $this->fix_magic_quotes( $_ENV );
+ $this->fix_magic_quotes( $_GET );
+ $this->fix_magic_quotes( $_POST );
+ $this->fix_magic_quotes( $_REQUEST );
+ $this->fix_magic_quotes( $_SERVER );
+ } elseif( defined('DEBUG_GLOBALS') ) {
+ die("DEBUG_GLOBALS: turn on magic_quotes_gpc" );
+ }
+ }
+
+ function checkRegisterGlobals() {
+ if( ini_get( "register_globals" ) ) {
+ if( defined( "DEBUG_GLOBALS" ) ) {
+ die( "DEBUG_GLOBALS: Turn register_globals off!" );
+ }
+ } else {
+ if( !defined( "DEBUG_GLOBALS" ) ) {
+ # Insecure, but at least it'll run
+ import_request_variables( "GPC" );
+ }
+ }
+ }
+
+ function getGPCVal( &$arr, $name, $default ) {
+ if( isset( $arr[$name] ) ) {
+ return $arr[$name];
+ } else {
+ return $default;
+ }
+ }
+
+ function getGPCText( &$arr, $name, $default ) {
+ # Text fields may be in an alternate encoding which we should check.
+ # Also, strip CRLF line endings down to LF to achieve consistency.
+ global $wgLang;
+ if( isset( $arr[$name] ) ) {
+ return str_replace( "\r\n", "\n", $wgLang->recodeInput( $arr[$name] ) );
+ } else {
+ return $default;
+ }
+ }
+
+ function getVal( $name, $default = NULL ) {
+ return $this->getGPCVal( $_REQUEST, $name, $default );
+ }
+
+ function getInt( $name, $default = 0 ) {
+ return IntVal( $this->getVal( $name, $default ) );
+ }
+
+ function getBool( $name, $default = false ) {
+ return $this->getVal( $name, $default ) ? true : false;
+ }
+
+ function getCheck( $name ) {
+ # Checkboxes and buttons are only present when clicked
+ # Presence connotes truth, abscense false
+ $val = $this->getVal( $name, NULL );
+ return isset( $val );
+ }
+
+ function getText( $name, $default = "" ) {
+ return $this->getGPCText( $_REQUEST, $name, $default );
+ }
+
+ function wasPosted() {
+ return $_SERVER['REQUEST_METHOD'] == 'POST';
+ }
+
+ function checkSessionCookie() {
+ return isset( $_COOKIE[ini_get("session.name")] );
+ }
+}
+
+?>
\ No newline at end of file
#
$wgRequestTime = microtime();
-## Enable this to debug total elimination of register_globals
-#define( "DEBUG_GLOBALS", 1 );
-
-if( defined('DEBUG_GLOBALS') ) error_reporting(E_ALL);
-
-function &fix_magic_quotes( &$arr ) {
- foreach( $arr as $key => $val ) {
- if( is_array( $val ) ) {
- fix_magic_quotes( $arr[$key] );
- } else {
- $arr[$key] = stripslashes( $val );
- }
- }
- return $arr;
-}
-
-if ( get_magic_quotes_gpc() ) {
- fix_magic_quotes( $_COOKIE );
- fix_magic_quotes( $_ENV );
- fix_magic_quotes( $_GET );
- fix_magic_quotes( $_POST );
- fix_magic_quotes( $_REQUEST );
- fix_magic_quotes( $_SERVER );
-} elseif( defined('DEBUG_GLOBALS') ) {
- die("DEBUG_GLOBALS: turn on magic_quotes_gpc" );
-}
-
-if( defined('DEBUG_GLOBALS') ) {
- if( ini_get( "register_globals" ) ) {
- die( "DEBUG_GLOBALS: turn off register_globals" );
- }
-} elseif( !ini_get( "register_globals" ) ) {
- # Insecure, but at least it'll run
- import_request_variables( "GPC" );
-}
-
unset( $IP );
ini_set( "allow_url_fopen", 0 ); # For security...
if(!file_exists("LocalSettings.php")) {
OutputPage::setEncodings(); # Not really used yet
# Query string fields
-if( empty( $_REQUEST['action'] ) ) {
- $action = "view";
-} else {
- $action = $_REQUEST['action'];
-}
+$action = $wgRequest->getVal( "action", "view" );
if( isset( $_SERVER['PATH_INFO'] ) ) {
$title = substr( $_SERVER['PATH_INFO'], 1 );
-} elseif( !empty( $_REQUEST['title'] ) ) {
- $title = $_REQUEST['title'];
} else {
- $title = "";
+ $title = $wgRequest->getVal( "title" );
}
# Placeholders in case of DB error
$action = strtolower( trim( $action ) );
if ( "" == $action ) { $action = "view"; }
-if ( !empty( $_REQUEST['printable'] ) && $_REQUEST['printable'] == "yes") {
+if ($wgRequest->getVal( "printable" ) == "yes") {
$wgOut->setPrintable();
}
if ( "" == $title && "delete" != $action ) {
$wgTitle = Title::newFromText( wfMsg( "mainpage" ) );
-} elseif ( !empty( $_REQUEST['curid'] ) ) {
+} elseif ( $curid = $wgRequest->getInt( 'curid' ) ) {
# URLs like this are generated by RC, because rc_title isn't always accurate
- $wgTitle = Title::newFromID( $_REQUEST['curid'] );
+ $wgTitle = Title::newFromID( $curid );
} else {
$wgTitle = Title::newFromURL( $title );
}
}
}
-if ( !empty( $_REQUEST['search'] ) ) {
- if( isset($_REQUEST['fulltext']) ) {
- wfSearch( $_REQUEST['search'] );
+if ( $search = $wgRequest->getText( 'search' ) ) {
+ if( $wgRequest->getVal( 'fulltext' ) ) {
+ wfSearch( $search );
} else {
- wfGo( $_REQUEST['search'] );
+ wfGo( $search );
}
} else if( !$wgTitle or $wgTitle->getInterwiki() != "" or $wgTitle->getDBkey() == "" ) {
$wgTitle = Title::newFromText( wfMsg( "badtitle" ) );
$wgOut->errorpage( "badtitle", "badtitletext" );
} else if ( ( $action == "view" ) && $wgTitle->getPrefixedDBKey() != $title ) {
/* redirect to canonical url, make it a 301 to allow caching */
- $wgOut->redirect( wfLocalUrl( $wgTitle->getPrefixedURL() ), '301');
+ $wgOut->redirect( $wgTitle->getFullURL(), '301');
} else if ( Namespace::getSpecial() == $wgTitle->getNamespace() ) {
wfSpecialPage();
} else {
if ( Namespace::getMedia() == $wgTitle->getNamespace() ) {
$wgTitle = Title::makeTitle( Namespace::getImage(), $wgTitle->getDBkey() );
- }
+ }
switch( $wgTitle->getNamespace() ) {
- case 6:
+ case NS_IMAGE:
include_once( "ImagePage.php" );
$wgArticle = new ImagePage( $wgTitle );
break;
break;
case "edit":
case "submit":
- if( !$wgCommandLineMode && !isset( $_COOKIE[ini_get("session.name")] ) ) {
+ if( !$wgCommandLineMode && !$wgRequest->checkSessionCookie() ) {
User::SetupSession();
}
include_once( "EditPage.php" );