Tim Starling [Thu, 5 Feb 2009 08:56:35 +0000 (08:56 +0000)]
* Fixed a whole lot of XSS vulnerabilities in the installer. All require a live installer, i.e. with no LocalSettings.php present.
* Implemented taint support in the installer and fixed some false positives (and false negatives)
Niklas Laxström [Thu, 5 Feb 2009 08:13:57 +0000 (08:13 +0000)]
* Remove unneeded includes
Andrew Garrett [Thu, 5 Feb 2009 07:52:19 +0000 (07:52 +0000)]
Avoid E_NOTICE for wikis that give no rights to anonymous users.
Andrew Garrett [Thu, 5 Feb 2009 07:47:46 +0000 (07:47 +0000)]
Add missing mCoreRight 'writeapi' to User.php
Alex Z [Thu, 5 Feb 2009 03:12:03 +0000 (03:12 +0000)]
update parserTests.txt per change to red-link-title message in r46663
Roan Kattouw [Wed, 4 Feb 2009 23:19:18 +0000 (23:19 +0000)]
API: Re-enable ucprop=patrolled and rcshow=patrolled|!patrolled using the timestamp index for the join (thanks to Tim for pointing this out) and a STRAIGHT_JOIN for the inner join case
Roan Kattouw [Wed, 4 Feb 2009 22:56:34 +0000 (22:56 +0000)]
Commit RELEASE-NOTES for r46823
Roan Kattouw [Wed, 4 Feb 2009 22:51:36 +0000 (22:51 +0000)]
API: BREAKING CHANGE: Remove rctitles parameter from list=recentchanges for performance reasons (requests using it time out on enwiki)
Andrew Garrett [Wed, 4 Feb 2009 22:16:35 +0000 (22:16 +0000)]
Add ACTIVEUSERS magic-word, complement to NUMBEROFUSERS.
Roan Kattouw [Wed, 4 Feb 2009 22:12:25 +0000 (22:12 +0000)]
API: Tweak the format for &export to be more XML-friendly. Not a breaking change since &export hasn't gone live yet anyway
Roan Kattouw [Wed, 4 Feb 2009 20:11:27 +0000 (20:11 +0000)]
* API: (bug 17007) Add action=import
* Add intoken=import to prop=info
* Store message key and arguments in WikiErrorMsg
Alexandre Emsenhuber [Wed, 4 Feb 2009 19:43:30 +0000 (19:43 +0000)]
Removed check for empty( $action ), seems to be old register_globals code, but since $action is set in index.php with
$action = $wgRequest->getVal( 'action', 'view' );
it can't match empty() in "normal" conditions
Roan Kattouw [Wed, 4 Feb 2009 19:10:14 +0000 (19:10 +0000)]
* API: (bug 17355) Added auwitheditsonly parameter to list=allusers
* Use consistent code style
Alexandre Emsenhuber [Wed, 4 Feb 2009 19:01:14 +0000 (19:01 +0000)]
* (bug 17231) Transcluding special pages on wikis using language conversion no longer affects the page title
* Whitespaces tweaks in LanguageConverter.php
Please feel free to correct this if it's not the correct solution ;)
Aaron Schulz [Wed, 4 Feb 2009 18:54:59 +0000 (18:54 +0000)]
(bug 17342) Prevent deleted log item leaking (via slow brute-force)
Aaron Schulz [Wed, 4 Feb 2009 18:23:26 +0000 (18:23 +0000)]
(bug 17352) Improve review UI with regards to blocks
Siebrand Mazeland [Wed, 4 Feb 2009 18:09:48 +0000 (18:09 +0000)]
Localisation updates for core messages from translatewiki.net (2009-02-04 18:04 UTC)
Siebrand Mazeland [Wed, 4 Feb 2009 18:00:06 +0000 (18:00 +0000)]
Use "e-mail" consistently.
Roan Kattouw [Wed, 4 Feb 2009 14:18:53 +0000 (14:18 +0000)]
Nitpicking brigade: fix copyright year
Roan Kattouw [Wed, 4 Feb 2009 13:16:12 +0000 (13:16 +0000)]
API: Temporarily disable ucprop=patrolled and ucshow=patrolled|!patrolled because of performance concerns mentioned on bug 17215
Siebrand Mazeland [Wed, 4 Feb 2009 10:26:26 +0000 (10:26 +0000)]
(bug 12937) Update native name for Afar
Tim Starling [Wed, 4 Feb 2009 09:10:32 +0000 (09:10 +0000)]
Added basic support for Wietse Venema's taint feature. Fixed a few instances of shoddy code that it turned up, no actual vulnerabilities yet.
Roan Kattouw [Tue, 3 Feb 2009 16:25:50 +0000 (16:25 +0000)]
* API: (bug 17326) BREAKING CHANGE: Changing output format for prop=imageinfo&iiprop=metadata to something based on name/value pairs. This means we don't use parts of the metadata in attributes anymore, something that caused invalid XML to be output. For more info on the exact format, see the mediawiki-api mailing list
* Removed the spaces-to-underscores hack in the XML formatter
X! [Tue, 3 Feb 2009 13:56:31 +0000 (13:56 +0000)]
When creating a new section, one can specify the 'nosummary' parameter to disallow creation of a section title
Andrew Garrett [Tue, 3 Feb 2009 04:58:08 +0000 (04:58 +0000)]
Re-implementation of r46725 (caching of Cite <references /> output).
This time, I've written a Parser method called serialiseHalfParsedText, which, as the name implies, grabs some half-parsed text, and fixes up all of the strip
markers, and link comments, and makes it safe to import some other time with unserialiseHalfParsedText. I tested it by live-hacking the cache key to be a constant,
and then putting <references /> on a completely different page, where it worked perfectly.
Tim Starling [Tue, 3 Feb 2009 02:07:00 +0000 (02:07 +0000)]
* Support for the "blobs table" LB config parameter
* Don't redefine the constructor
Chad Horohoe [Tue, 3 Feb 2009 00:06:46 +0000 (00:06 +0000)]
(bug 17330) Fix minor warning if $titles is null, which it can be.
Andrew Garrett [Mon, 2 Feb 2009 23:35:12 +0000 (23:35 +0000)]
Add some core rights
Roan Kattouw [Mon, 2 Feb 2009 23:17:07 +0000 (23:17 +0000)]
(bug 17327) Normalize API help texts: remove quotes
Rotem Liss [Mon, 2 Feb 2009 20:23:17 +0000 (20:23 +0000)]
Localization fixes.
Roan Kattouw [Mon, 2 Feb 2009 20:07:33 +0000 (20:07 +0000)]
* API: (bug 17007) Add export functionality to the API
* Accessed through the export and exportnowrap parameters added to action=query
* To facilitate &exportnowrap, add ApiFormatRaw, a formatter that just spits out its input without any formatting (not accessible through &format= of course)
* Fix up the action=query description message to reflect the deprecation of query.php
Raimond Spekking [Mon, 2 Feb 2009 17:52:26 +0000 (17:52 +0000)]
Wrap 'searchresulttext' into a div with class
Redo of r45651: Now without breakage when the message text starts with line-start-markup such as a table or list.
Siebrand Mazeland [Mon, 2 Feb 2009 16:41:16 +0000 (16:41 +0000)]
* (bug 17105) Numeric table sorting broken. Patch contributed by Michael Walsh.
* removed some trailing whitespace in RELEASE-NOTES
Roan Kattouw [Mon, 2 Feb 2009 16:38:40 +0000 (16:38 +0000)]
API: (bug 17317) Added watch parameter to action=protect
Siebrand Mazeland [Mon, 2 Feb 2009 16:29:51 +0000 (16:29 +0000)]
(bug 17283) Remove double URL escaping in show/hide links for log entries and RevisionDeleteForm::__construct. Patch contributed by Mormegil.
Siebrand Mazeland [Mon, 2 Feb 2009 16:21:43 +0000 (16:21 +0000)]
(bug 17236) Suppress 'watch user page link' for IP range blocks. Patch contributed by Mormegil.
Siebrand Mazeland [Mon, 2 Feb 2009 14:54:33 +0000 (14:54 +0000)]
Localisation updates for core messages from Betawiki (2009-02-02 14:46 UTC)
Philip Tzou [Mon, 2 Feb 2009 14:15:21 +0000 (14:15 +0000)]
(bug 3311) Automatic category redirects
Philip Tzou [Mon, 2 Feb 2009 07:54:43 +0000 (07:54 +0000)]
1. Use param $ignoreOtherCond instead of $forTemplate and $ignoreSubmitCond in findVariantLink().
2. Drop some duplicate categories produced by findVariantLink().
Siebrand Mazeland [Mon, 2 Feb 2009 07:06:58 +0000 (07:06 +0000)]
Update 'ipusubmit' as it was incorrect (title=Special:BlockList&action=unblock&ip=SomeUsername)
Philip Tzou [Mon, 2 Feb 2009 06:53:49 +0000 (06:53 +0000)]
To find an available category name during update table 'categorylinks'. Just act on the language which enabled LanguageConverter.
Greg Sabino Mullane [Mon, 2 Feb 2009 06:05:12 +0000 (06:05 +0000)]
Quick fix in case search_path started out empty.
Chad Horohoe [Sun, 1 Feb 2009 23:09:56 +0000 (23:09 +0000)]
(bug 17304) Fatal error in file history when File::transform() fails.
Niklas Laxström [Sun, 1 Feb 2009 19:01:10 +0000 (19:01 +0000)]
* Small cleanups
Siebrand Mazeland [Sun, 1 Feb 2009 18:58:18 +0000 (18:58 +0000)]
(bug 14938) Removing a section no longer leaves excess whitespace. Contributed by Michael Walsh.
Niklas Laxström [Sun, 1 Feb 2009 15:44:01 +0000 (15:44 +0000)]
* kill E_NOTICE
Siebrand Mazeland [Sun, 1 Feb 2009 14:01:36 +0000 (14:01 +0000)]
Localisation updates for core messages from Betawiki (2009-02-01 13:41 UTC)
Siebrand Mazeland [Sun, 1 Feb 2009 13:22:50 +0000 (13:22 +0000)]
Remove trailing space in autoredircomment
Rotem Liss [Sun, 1 Feb 2009 12:59:59 +0000 (12:59 +0000)]
Localization update for he; removing self-link and some other fixes in en:.
Niklas Laxström [Sun, 1 Feb 2009 10:05:25 +0000 (10:05 +0000)]
* Fix E_NOTICE for werdnum
Chad Horohoe [Sun, 1 Feb 2009 09:12:42 +0000 (09:12 +0000)]
(bug 17284) Fix broken msg calls. It's defined as tags-edit in all languages.
Chad Horohoe [Sun, 1 Feb 2009 07:32:01 +0000 (07:32 +0000)]
(bug 16555) Post installation screen has too many links to mw.org:
* Made the logo link to your wiki's homepage (as you'd expect)
* Removed largely useless link to mw.org homepage, plenty of other links to us as it is.
Siebrand Mazeland [Sun, 1 Feb 2009 01:10:48 +0000 (01:10 +0000)]
Correct special page in 'accmailtext'
Siebrand Mazeland [Sat, 31 Jan 2009 23:40:07 +0000 (23:40 +0000)]
Localisation updates for core messages from Betawiki (2009-01-31 23:29 UTC)
Siebrand Mazeland [Sat, 31 Jan 2009 23:28:02 +0000 (23:28 +0000)]
* (bug 17288) Improved messages for default language (English). Patch submitted by rememberthedot. Changes made by English language Wikipedia administrators.
* Note max. number of moved subpages in 'move-subpages' and 'move-talk-subpages'
* Register new messages
* Rebuild all language files
Alex Z [Sat, 31 Jan 2009 22:25:01 +0000 (22:25 +0000)]
(bug 8249) Followup to r46630, add parser function versions of the various PAGENAME magic words
Siebrand Mazeland [Sat, 31 Jan 2009 21:27:41 +0000 (21:27 +0000)]
Update 'dberr-info'. No L10n update needed.
Niklas Laxström [Sat, 31 Jan 2009 21:25:48 +0000 (21:25 +0000)]
* bug 17103 Special:Newpages/Special:Recentchanges should be localized on the "mark changes as patrolled" confirmation
Roan Kattouw [Sat, 31 Jan 2009 20:12:27 +0000 (20:12 +0000)]
Followup to r46648 and fix for bug 17267: when expanding $1 in namespace aliases, actually store the 'new' alias back in the $wgContLang->namespaceAliases array
Niklas Laxström [Sat, 31 Jan 2009 19:49:41 +0000 (19:49 +0000)]
* Cleanup database error message code
* (bug 7480) Internationalize database error message
Niklas Laxström [Sat, 31 Jan 2009 17:34:47 +0000 (17:34 +0000)]
* (bug 7556) Time zone names in signatures lack i18n
Niklas Laxström [Sat, 31 Jan 2009 17:00:23 +0000 (17:00 +0000)]
Substitute variables and parse grammar also on NS_PROJECT_TALK aliases, as it is used quite often. Ref: bug 17267
Roan Kattouw [Sat, 31 Jan 2009 16:35:23 +0000 (16:35 +0000)]
Fix up r46646: instead of outputting displaytitle="" when {{DISPLAYTITLE}} isn't used (or isn't valid), output the 'normal' title instead
Roan Kattouw [Sat, 31 Jan 2009 16:29:15 +0000 (16:29 +0000)]
API: (bug 17239) Added prop=displaytitle to action=parse
Roan Kattouw [Sat, 31 Jan 2009 15:56:52 +0000 (15:56 +0000)]
API: (bug 17224) Add siprop=rightsinfo to meta=siteinfo. Modified patch by Brianna Laugher
Roan Kattouw [Sat, 31 Jan 2009 13:20:36 +0000 (13:20 +0000)]
Revert r46512 (Add "check" parameter to action=email) and its followups r46515 and r46517. This functionality is already present in list=users (as usprop=emailable), where it belongs
Roan Kattouw [Sat, 31 Jan 2009 13:05:12 +0000 (13:05 +0000)]
API: (bug 17182) Fix pretty printer so URLs with parentheses in them are autolinked correctly
Andrew Garrett [Sat, 31 Jan 2009 11:43:42 +0000 (11:43 +0000)]
Fix r46628 -- I'd misunderstood the nature of the hack. People wanted to append the string to be truncated to an empty string, not the reverse.
Rotem Liss [Sat, 31 Jan 2009 11:20:44 +0000 (11:20 +0000)]
Localization update for he, and several whitespace fixes + messages.inc fixes.
Aaron Schulz [Sat, 31 Jan 2009 09:07:42 +0000 (09:07 +0000)]
Styled #mw-data-after-content in cologneblue.css to match the rest of the font (bug 17110)
Andrew Garrett [Sat, 31 Jan 2009 08:03:42 +0000 (08:03 +0000)]
Fix r46502 -- Title::newFromRedirectRe doesn't exist -- assuming you meant newFromRedirectRecurse.
Andrew Garrett [Sat, 31 Jan 2009 07:55:40 +0000 (07:55 +0000)]
E_STRICT (call-time pass-by-reference)
Andrew Garrett [Sat, 31 Jan 2009 01:59:13 +0000 (01:59 +0000)]
Allow af_public_comments to be wikitext.
Relatedly, add parseInline function to OutputPage, to avoid duplicating the same awful regex in wfMsgExt.
Alex Z [Sat, 31 Jan 2009 01:35:18 +0000 (01:35 +0000)]
Allow the {{NAMESPACE}}, {{TALKSPACE}}, and {{SUBJECTSPACE}} magic words (and their urlencoding versions) to be used as parser functions to return the desired namespace for a given title.
Brion Vibber [Sat, 31 Jan 2009 01:19:18 +0000 (01:19 +0000)]
* (bug 17146) Fix for UTF-8 and short word search for some possible MySQL configs
Language::stripForSearch() was lowercasing input, but producing 'U8' for its unicode and short-word normalizations... but SearchUpdate::doUpdate() was running *that* through an additional strtolower() before actually saving to the database.
It's possible that some folks configurations were applying a case-sensitive search on the search table (?) which would make these not match up when actually searching. Going ahead and producing 'u8' right off will ensure these stay in sync.
Andrew Garrett [Sat, 31 Jan 2009 00:46:38 +0000 (00:46 +0000)]
Don't allow padding parser functions to be used to truncate strings. This breaks in some situations, and also encourages its use to reconstruct StringFunctions with core parser functions, which is undesirable for performance and usability reasons.
Andrew Garrett [Fri, 30 Jan 2009 23:24:29 +0000 (23:24 +0000)]
Don't show tag filter boxes if no tags are defined. To support this change without bringing down servers, cache the list of valid tags in the object cache.
Andrew Garrett [Fri, 30 Jan 2009 22:21:23 +0000 (22:21 +0000)]
Consistency: Replace 'edits' with 'changes'
Bryan Tong Minh [Fri, 30 Jan 2009 22:08:23 +0000 (22:08 +0000)]
Removing the new upload code from trunk so that patches do not accidentilly get applied here.
Chad Horohoe [Fri, 30 Jan 2009 22:03:23 +0000 (22:03 +0000)]
Remove two unused $wgUsers.
Chad Horohoe [Fri, 30 Jan 2009 19:59:38 +0000 (19:59 +0000)]
Handle this todo: Allow local redirects to foreign images to be displayed on the local wiki. We already store this data in the redirect table anyway.
Andrew Garrett [Fri, 30 Jan 2009 19:41:10 +0000 (19:41 +0000)]
E_NOTICE
Alexandre Emsenhuber [Fri, 30 Jan 2009 19:36:11 +0000 (19:36 +0000)]
Fix comment for compatibility with doxygen
Raimond Spekking [Fri, 30 Jan 2009 16:45:09 +0000 (16:45 +0000)]
Revert r46524 per Nikerabbits comment
Niklas Laxström [Fri, 30 Jan 2009 16:31:51 +0000 (16:31 +0000)]
bug 17252: Galician numbering format
Brion Vibber [Fri, 30 Jan 2009 00:15:19 +0000 (00:15 +0000)]
Clean up database access in revisiondelete
Shinjiman [Fri, 30 Jan 2009 00:08:53 +0000 (00:08 +0000)]
Localisation updates Cantonese and Chinese
Andrew Garrett [Thu, 29 Jan 2009 23:07:10 +0000 (23:07 +0000)]
Add missing <tags> message.
Roan Kattouw [Thu, 29 Jan 2009 23:01:13 +0000 (23:01 +0000)]
Add the 'movenotallowedfile' message to the API message map. Turns out that's all I needed to do to support file moving through the API :D
Andrew Garrett [Thu, 29 Jan 2009 22:44:31 +0000 (22:44 +0000)]
Abuse Filter changes designed for testing filters against real data:
* Add searching and filtering functionality to the existing 'test' interface.
* Add an 'examine' interface designed for testing filters against a previous change, selectable through the search interface in either the 'test' or the 'examine' view.
* Minor enabling change in ChangesList core, to allow subclassing.
Siebrand Mazeland [Thu, 29 Jan 2009 21:30:05 +0000 (21:30 +0000)]
Localisation updates for core messages from Betawiki (2009-01-29 21:14 UTC)
Aaron Schulz [Thu, 29 Jan 2009 21:09:14 +0000 (21:09 +0000)]
Make userCan() short getUserPermissionsErrorsInternal()
Raimond Spekking [Thu, 29 Jan 2009 20:54:47 +0000 (20:54 +0000)]
* Move class=error from message to program code. Other languages will be handled by Translatewiki
* Wrap message 'confirmemail_pending' into a div with CSS classes "error" and "mw-confirmemail-pending"
* Fix double escaping of submit button
Alexandre Emsenhuber [Thu, 29 Jan 2009 19:48:56 +0000 (19:48 +0000)]
Document UserIsBlockedGlobally hook
Bryan Tong Minh [Thu, 29 Jan 2009 19:30:18 +0000 (19:30 +0000)]
Also return why the target user is not valid
Bryan Tong Minh [Thu, 29 Jan 2009 19:27:44 +0000 (19:27 +0000)]
Kill code duplication & other style tweaks
Brion Vibber [Thu, 29 Jan 2009 18:00:55 +0000 (18:00 +0000)]
Partial revert of r45778 and friends "(bug 15936) New page's patrol button should always be visible"
The permission & patrolled checks on every view seem to be a performance problem. Have backed this out live; backing it out in SVN until resolved.
Aaron Schulz [Thu, 29 Jan 2009 16:26:35 +0000 (16:26 +0000)]
Short-circuit block check
Aaron Schulz [Thu, 29 Jan 2009 16:03:13 +0000 (16:03 +0000)]
Use quickUserCan rather than strange boolean param :)
Rotem Liss [Thu, 29 Jan 2009 15:49:48 +0000 (15:49 +0000)]
* Localization update for he.
* Removing duplicate messages in en in AbuseFilter.