From f3a9b12a73962479e746db957144fe322444c37c Mon Sep 17 00:00:00 2001 From: Sam Reed Date: Sat, 23 Apr 2011 16:57:03 +0000 Subject: [PATCH] * (bug 28560) list=deletedrevs should die, if combination of param is invalid No checking for NS or unique in the mode 1/2 checks, as they have defaults of 0 and false, which is impossible to determine if they had been set as that, or just using the defaults. They are ignored in the code still on the incorrect path Update usage of dir --- RELEASE-NOTES | 1 + includes/api/ApiQueryDeletedrevs.php | 35 ++++++++++++++++++++++------ 2 files changed, 29 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES b/RELEASE-NOTES index 56fa6fbc1e..bb33a19793 100644 --- a/RELEASE-NOTES +++ b/RELEASE-NOTES @@ -348,6 +348,7 @@ PHP if you have not done so prior to upgrading MediaWiki. * (bug 28558) Add iw_api and iw_wikiid to meta=siteinfo&siprop=interwikimap * (bug 26882) Allow listing of indefinite protections with the api * (bug 27344) add drprefix param to list=deletedrevs +* (bug 28560) list=deletedrevs should die, if combination of param is invalid === Languages updated in 1.18 === diff --git a/includes/api/ApiQueryDeletedrevs.php b/includes/api/ApiQueryDeletedrevs.php index 7731154309..f8c92502a1 100644 --- a/includes/api/ApiQueryDeletedrevs.php +++ b/includes/api/ApiQueryDeletedrevs.php @@ -66,9 +66,9 @@ class ApiQueryDeletedrevs extends ApiQueryBase { $titles = $pageSet->getTitles(); // This module operates in three modes: - // 'revs': List deleted revs for certain titles - // 'user': List deleted revs by a certain user - // 'all': List all deleted revs + // 'revs': List deleted revs for certain titles (1) + // 'user': List deleted revs by a certain user (2) + // 'all': List all deleted revs in NS (3) $mode = 'all'; if ( count( $titles ) > 0 ) { $mode = 'revs'; @@ -76,6 +76,21 @@ class ApiQueryDeletedrevs extends ApiQueryBase { $mode = 'user'; } + if ( $mode == 'revs' || $mode == 'user' ) { + // Ignore namespace and unique due to inability to know whether they were purposely set + foreach( array( 'from', 'to', 'prefix', /*'namespace',*/ 'continue', /*'unique'*/ ) as $p ) { + if ( !is_null( $params[$p] ) ) { + $this->dieUsage( "The '{$p}' parameter cannot be used in modes 1 or 2", 'badparams'); + } + } + } else { + foreach( array( 'start', 'end' ) as $p ) { + if ( !is_null( $params[$p] ) ) { + $this->dieUsage( "The {$p} parameter cannot be used in mode 3", 'badparams'); + } + } + } + if ( !is_null( $params['user'] ) && !is_null( $params['excludeuser'] ) ) { $this->dieUsage( 'user and excludeuser cannot be used together', 'badparams' ); } @@ -329,7 +344,7 @@ class ApiQueryDeletedrevs extends ApiQueryBase { return array( 'start' => 'The timestamp to start enumerating from (1,2)', 'end' => 'The timestamp to stop enumerating at (1,2)', - 'dir' => $this->getDirectionDescription( $this->getModulePrefix(), ' (1,2)' ), + 'dir' => $this->getDirectionDescription( $this->getModulePrefix(), ' (1, 3)' ), 'from' => 'Start listing at this title (3)', 'to' => 'Stop listing at this title (3)', 'prefix' => 'Search for all page titles that begin with this value (3)', @@ -360,9 +375,9 @@ class ApiQueryDeletedrevs extends ApiQueryBase { return array( 'List deleted revisions.', 'This module operates in three modes:', - '1) List deleted revisions for the given title(s), sorted by timestamp', - '2) List deleted contributions for the given user, sorted by timestamp (no titles specified)', - "3) List all deleted revisions in the given namespace, sorted by title and timestamp (no titles specified, {$p}user not set)", + ' 1) List deleted revisions for the given title(s), sorted by timestamp', + ' 2) List deleted contributions for the given user, sorted by timestamp (no titles specified)', + " 3) List all deleted revisions in the given namespace, sorted by title and timestamp (no titles specified, {$p}user not set)", 'Certain parameters only apply to some modes and are ignored in others.', 'For instance, a parameter marked (1) only applies to mode 1 and is ignored in modes 2 and 3', ); @@ -374,6 +389,12 @@ class ApiQueryDeletedrevs extends ApiQueryBase { array( 'code' => 'badparams', 'info' => 'user and excludeuser cannot be used together' ), array( 'code' => 'permissiondenied', 'info' => 'You don\'t have permission to view deleted revision content' ), array( 'code' => 'badcontinue', 'info' => 'Invalid continue param. You should pass the original value returned by the previous query' ), + array( 'code' => 'badparams', 'info' => "The 'from' parameter cannot be used in modes 1 or 2" ), + array( 'code' => 'badparams', 'info' => "The 'to' parameter cannot be used in modes 1 or 2" ), + array( 'code' => 'badparams', 'info' => "The 'prefix' parameter cannot be used in modes 1 or 2" ), + array( 'code' => 'badparams', 'info' => "The 'continue' parameter cannot be used in modes 1 or 2" ), + array( 'code' => 'badparams', 'info' => "The 'start' parameter cannot be used in mode 3" ), + array( 'code' => 'badparams', 'info' => "The 'end' parameter cannot be used in mode 3" ), ) ); } -- 2.20.1