= MediaWiki release notes =
Security reminder: MediaWiki does not require PHP's register_globals
-setting since version 1.2.0. If you have it on, turn it *off* if you can.
+setting since version 1.2.0. If you have it on, turn it '''off''' if you can.
== MediaWiki 1.18 ==
# Protect against bug 28235
<IfModule rewrite_module>
RewriteEngine On
- RewriteCond %{QUERY_STRING} \.[a-z0-9]{1,4}(#|\?|$) [nocase]
+ RewriteCond %{QUERY_STRING} \.[^\\/:*?\x22<>|%]+(#|\?|$) [nocase]
RewriteRule . - [forbidden]
</IfModule>
// Check for bug 28235: QUERY_STRING overriding the correct extension
if ( isset( $_SERVER['QUERY_STRING'] )
- && preg_match( '/\.[a-z0-9]{1,4}(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
+ && preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
{
wfForbidden( 'img-auth-accessdenied', 'img-auth-bad-query-string' );
}
return false;
}
- $this->mId = $sId;
- if ( !$this->loadFromId() ) {
- # Not a valid ID, loadFromId has switched the object to anon for us
+ $proposedUser = User::newFromId( $sId );
+ if ( !$proposedUser->isLoggedIn() ) {
+ # Not a valid ID
+ $this->loadDefaults();
return false;
}
global $wgBlockDisablesLogin;
- if( $wgBlockDisablesLogin && $this->isBlocked() ) {
+ if( $wgBlockDisablesLogin && $proposedUser->isBlocked() ) {
# User blocked and we've disabled blocked user logins
$this->loadDefaults();
return false;
}
if ( $wgRequest->getSessionData( 'wsToken' ) !== null ) {
- $passwordCorrect = $this->mToken == $wgRequest->getSessionData( 'wsToken' );
+ $passwordCorrect = $proposedUser->getToken() === $wgRequest->getSessionData( 'wsToken' );
$from = 'session';
} else if ( $wgRequest->getCookie( 'Token' ) !== null ) {
- $passwordCorrect = $this->mToken == $wgRequest->getCookie( 'Token' );
+ $passwordCorrect = $proposedUser->getToken() === $wgRequest->getCookie( 'Token' );
$from = 'cookie';
} else {
# No session or persistent login cookie
return false;
}
- if ( ( $sName == $this->mName ) && $passwordCorrect ) {
+ if ( ( $sName === $proposedUser->getName() ) && $passwordCorrect ) {
+ $this->loadFromUserObject( $proposedUser );
$wgRequest->setSessionData( 'wsToken', $this->mToken );
wfDebug( "User: logged in from $from\n" );
return true;
}
}
+ /**
+ * Load the data for this user object from another user object.
+ */
+ protected function loadFromUserObject( $user ) {
+ $user->load();
+ $user->loadGroups();
+ $user->loadOptions();
+ foreach ( self::$mCacheVars as $var ) {
+ $this->$var = $user->$var;
+ }
+ }
+
/**
* Load the groups from the database if they aren't already loaded.
* @private
global $wgScriptExtension;
if ( isset( $_SERVER['QUERY_STRING'] )
- && preg_match( '/\.[a-z0-9]{1,4}(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
+ && preg_match( '/\.[^\\/:*?"<>|%]+(#|\?|$)/i', $_SERVER['QUERY_STRING'] ) )
{
// Bug 28235
// Block only Internet Explorer, and requests with missing UA