From: Brad Jorsch <bjorsch@wikimedia.org>
Date: Wed, 20 Aug 2014 15:17:35 +0000 (-0400)
Subject: API: Adjust feature usage log format
X-Git-Tag: 1.31.0-rc.0~14352^2
X-Git-Url: http://git.cyclocoop.org//%22javascript:ModifierStyle%28%27%22.%24id.%22%27%29/%22?a=commitdiff_plain;h=4e198a96e4ebd28b14a3e0927770f7dc6d73e974;p=lhc%2Fweb%2Fwiklou.git

API: Adjust feature usage log format

On the advice of the Research Analyst, quote all data fields and add
slashes to escape quotes.

Change-Id: I3471475c0ae7a11398a774b1a14d023676259c04
Follows-up: Ifd640883e46f3e6c8179c63d122c704b046674ca
---

diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php
index 23a386775d..fc87a4767f 100644
--- a/includes/api/ApiBase.php
+++ b/includes/api/ApiBase.php
@@ -2242,11 +2242,11 @@ abstract class ApiBase extends ContextSource {
 	 */
 	protected function logFeatureUsage( $feature ) {
 		$request = $this->getRequest();
-		$s = $feature .
-			' ' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) .
-			' ' . $request->getIP() .
-			' "' . $request->getHeader( 'Referer' ) . '"' .
-			' "' . $request->getHeader( 'User-agent' ) . '"';
+		$s = '"' . addslashes( $feature ) . '"' .
+			' "' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) . '"' .
+			' "' . $request->getIP() . '"' .
+			' "' . addslashes( $request->getHeader( 'Referer' ) ) . '"' .
+			' "' . addslashes( $request->getHeader( 'User-agent' ) ) . '"';
 		wfDebugLog( 'api-feature-usage', $s, 'private' );
 	}
 }