return $file->getTempName();
}
- /**
- * Return the size of the upload, or 0.
- *
- * @deprecated since 1.17
- * @param $key String:
- * @return integer
- */
- public function getFileSize( $key ) {
- wfDeprecated( __METHOD__, '1.17' );
- $file = new WebRequestUpload( $this, $key );
- return $file->getSize();
- }
-
/**
* Return the upload error or 0
*
return true;
}
- /**
- * Returns true if the PATH_INFO ends with an extension other than a script
- * extension. This could confuse IE for scripts that send arbitrary data which
- * is not HTML but may be detected as such.
- *
- * Various past attempts to use the URL to make this check have generally
- * run up against the fact that CGI does not provide a standard method to
- * determine the URL. PATH_INFO may be mangled (e.g. if cgi.fix_pathinfo=0),
- * but only by prefixing it with the script name and maybe some other stuff,
- * the extension is not mangled. So this should be a reasonably portable
- * way to perform this security check.
- *
- * Also checks for anything that looks like a file extension at the end of
- * QUERY_STRING, since IE 6 and earlier will use this to get the file type
- * if there was no dot before the question mark (bug 28235).
- *
- * @deprecated Use checkUrlExtension().
- *
- * @param $extWhitelist array
- *
- * @return bool
- */
- public function isPathInfoBad( $extWhitelist = array() ) {
- wfDeprecated( __METHOD__, '1.17' );
- global $wgScriptExtension;
- $extWhitelist[] = ltrim( $wgScriptExtension, '.' );
- return IEUrlExtension::areServerVarsBad( $_SERVER, $extWhitelist );
- }
-
/**
* Parse the Accept-Language header sent by the client into an array
* @return array array( languageCode => q-value ) sorted by q-value in descending order then
# unless the address is not sensible (e.g. private). However, prefer private
# IP addresses over proxy servers controlled by this site (more sensible).
foreach ( $ipchain as $i => $curIP ) {
+ // ignore 'unknown' value from Squid when 'forwarded_for off' and try next
+ if ( $curIP === 'unknown' ) {
+ continue;
+ }
$curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
if ( wfIsTrustedProxy( $curIP ) && isset( $ipchain[$i + 1] ) ) {
if ( wfIsConfiguredProxy( $curIP ) || // bug 48919; treat IP as sane
return $this->session;
}
- /**
- * @param array $extWhitelist
- * @return bool
- */
- public function isPathInfoBad( $extWhitelist = array() ) {
- return false;
- }
-
/**
* FauxRequests shouldn't depend on raw request data (but that could be implemented here)
* @return String