X-Git-Url: http://git.cyclocoop.org/?a=blobdiff_plain;f=includes%2FWebRequest.php;h=b42564c5ed3a36657494c8a9ed92a174888ece10;hb=688200c607640e77029d171803a7a72832519aa2;hp=2a7c032593adc939595cf06eefbbed73d2f901c4;hpb=f40328ff95cdf7a238b0f3109940972b535fb900;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/WebRequest.php b/includes/WebRequest.php index 2a7c032593..b42564c5ed 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -795,11 +795,12 @@ class WebRequest { * defaults if not given. The limit must be positive and is capped at 5000. * Offset must be positive but is not capped. * - * @param $deflimit Integer: limit to use if no input and the user hasn't set the option. + * @param int $deflimit limit to use if no input and the user hasn't set the option. * @param string $optionname to specify an option other than rclimit to pull from. + * @param int $hardlimit the maximum upper limit to allow, usually 5000 * @return array first element is limit, second is offset */ - public function getLimitOffset( $deflimit = 50, $optionname = 'rclimit' ) { + public function getLimitOffset( $deflimit = 50, $optionname = 'rclimit', $hardlimit = 5000 ) { global $wgUser; $limit = $this->getInt( 'limit', 0 ); @@ -812,8 +813,8 @@ class WebRequest { if ( $limit <= 0 ) { $limit = $deflimit; } - if ( $limit > 5000 ) { - $limit = 5000; # We have *some* limits... + if ( $limit > $hardlimit ) { + $limit = $hardlimit; # We have *some* limits... } $offset = $this->getInt( 'offset', 0 ); @@ -835,19 +836,6 @@ class WebRequest { return $file->getTempName(); } - /** - * Return the size of the upload, or 0. - * - * @deprecated since 1.17 - * @param $key String: - * @return integer - */ - public function getFileSize( $key ) { - wfDeprecated( __METHOD__, '1.17' ); - $file = new WebRequestUpload( $this, $key ); - return $file->getSize(); - } - /** * Return the upload error or 0 * @@ -1035,35 +1023,6 @@ HTML; return true; } - /** - * Returns true if the PATH_INFO ends with an extension other than a script - * extension. This could confuse IE for scripts that send arbitrary data which - * is not HTML but may be detected as such. - * - * Various past attempts to use the URL to make this check have generally - * run up against the fact that CGI does not provide a standard method to - * determine the URL. PATH_INFO may be mangled (e.g. if cgi.fix_pathinfo=0), - * but only by prefixing it with the script name and maybe some other stuff, - * the extension is not mangled. So this should be a reasonably portable - * way to perform this security check. - * - * Also checks for anything that looks like a file extension at the end of - * QUERY_STRING, since IE 6 and earlier will use this to get the file type - * if there was no dot before the question mark (bug 28235). - * - * @deprecated Use checkUrlExtension(). - * - * @param $extWhitelist array - * - * @return bool - */ - public function isPathInfoBad( $extWhitelist = array() ) { - wfDeprecated( __METHOD__, '1.17' ); - global $wgScriptExtension; - $extWhitelist[] = ltrim( $wgScriptExtension, '.' ); - return IEUrlExtension::areServerVarsBad( $_SERVER, $extWhitelist ); - } - /** * Parse the Accept-Language header sent by the client into an array * @return array array( languageCode => q-value ) sorted by q-value in descending order then @@ -1462,14 +1421,6 @@ class FauxRequest extends WebRequest { return $this->session; } - /** - * @param array $extWhitelist - * @return bool - */ - public function isPathInfoBad( $extWhitelist = array() ) { - return false; - } - /** * FauxRequests shouldn't depend on raw request data (but that could be implemented here) * @return String