Image redirects:

* Forbid users who can't create redirects when they are not allowed to upload files
* Move target namespace check from checkRedirect() to findFile()

diff --git a/includes/EditPage.php b/includes/EditPage.php
index f3d72f5..61e58d2 100644 (file)
--- a/includes/EditPage.php
+++ b/includes/EditPage.php
@@ -38,6 +38,8 @@ class EditPage {
        const AS_OK                                                     = 230;
        const AS_END                                            = 231;
        const AS_SPAM_ERROR                                     = 232;
+       const AS_IMAGE_REDIRECT_ANON        = 233;
+       const AS_IMAGE_REDIRECT_LOGGED      = 234;
 
        var $mArticle;
        var $mTitle;
@@ -699,6 +701,17 @@ class EditPage {
                        return self::AS_HOOK_ERROR;
                }
 
+               # Check image redirect
+               if ( $wgTitle->getNamespace() == NS_IMAGE &&
+                       Title::newFromRedirect( $this->textbox1 ) instanceof Title &&
+                       !$wgUser->isAllowed( 'upload' ) ) {
+                               if( $wgUser->isAnon() ) {
+                                       return self::AS_IMAGE_REDIRECT_ANON;
+                               } else {
+                                       return self::AS_IMAGE_REDIRECT_LOGGED;
+                               }
+               }
+
                # Reintegrate metadata
                if ( $this->mMetaData != '' ) $this->textbox1 .= "\n" . $this->mMetaData ;
                $this->mMetaData = '' ;
@@ -2196,6 +2209,10 @@ END
                                $this->blockedPage();
                                return false;
 
+                       case self::AS_IMAGE_REDIRECT_ANON:
+                               $wgOut->showErrorPage( 'uploadnologin', 'uploadnologintext' );
+                               return false;
+
                        case self::AS_READ_ONLY_PAGE_ANON:
                                $this->userNotLoggedInPage();
                                return false;
@@ -2216,6 +2233,10 @@ END
                        case self::AS_BLANK_ARTICLE:
                                $wgOut->redirect( $wgTitle->getFullURL() );
                                return false;
+
+                       case self::AS_IMAGE_REDIRECT_LOGGED:
+                               $wgOut->permissionRequired( 'upload' );
+                               return false;
                }
        }
 }

diff --git a/includes/filerepo/FileRepo.php b/includes/filerepo/FileRepo.php
index 96bcd19..c010b3f 100644 (file)
--- a/includes/filerepo/FileRepo.php
+++ b/includes/filerepo/FileRepo.php
@@ -93,7 +93,7 @@ abstract class FileRepo {
 
                # Now try redirects
                $redir = $this->checkRedirect( $title );
-               if( $redir ) {
+               if( $redir && $redir->getNamespace() == NS_IMAGE) {
                        $img = $this->newFile( $redir );
                        if( !$img ) {
                                return false;

diff --git a/includes/filerepo/LocalRepo.php b/includes/filerepo/LocalRepo.php
index e41ed44..92aa9e5 100644 (file)
--- a/includes/filerepo/LocalRepo.php
+++ b/includes/filerepo/LocalRepo.php
@@ -104,9 +104,6 @@ class LocalRepo extends FSRepo {
                if( !$row ) {
                        return false;
                }
-               if( $row->rd_namespace != NS_IMAGE ) {
-                       return false;
-               }
                return Title::makeTitle( $row->rd_namespace, $row->rd_title );
        }
 }