Brion Vibber [Thu, 14 Oct 2004 05:14:45 +0000 (05:14 +0000)]
Escape input on a few error messages
River Tarnell [Thu, 14 Oct 2004 05:08:33 +0000 (05:08 +0000)]
fix xss attack
Brion Vibber [Thu, 14 Oct 2004 04:55:57 +0000 (04:55 +0000)]
Never used; just had a todo message.
Brion Vibber [Thu, 14 Oct 2004 04:55:06 +0000 (04:55 +0000)]
spaces to tabs
River Tarnell [Thu, 14 Oct 2004 04:50:14 +0000 (04:50 +0000)]
fix potential xss attack
Brion Vibber [Thu, 14 Oct 2004 04:40:58 +0000 (04:40 +0000)]
Fix potential HTML breakage if removechecked message were to include an apostrophe
Zheng Zhu [Thu, 14 Oct 2004 04:40:57 +0000 (04:40 +0000)]
Changed the second Chinese character for Traditional Chinese to what it should be, Traditional;)
River Tarnell [Thu, 14 Oct 2004 04:15:29 +0000 (04:15 +0000)]
fix xss attack
River Tarnell [Thu, 14 Oct 2004 03:50:14 +0000 (03:50 +0000)]
fix xss attack
River Tarnell [Thu, 14 Oct 2004 02:56:02 +0000 (02:56 +0000)]
fix two xss attacks and one path validation attack
Brion Vibber [Thu, 14 Oct 2004 02:13:12 +0000 (02:13 +0000)]
Clean up a few scriptlets
River Tarnell [Wed, 13 Oct 2004 21:38:50 +0000 (21:38 +0000)]
fix xss attack
Jens Frank [Wed, 13 Oct 2004 21:30:18 +0000 (21:30 +0000)]
Fix SQL injection bug
Jens Frank [Wed, 13 Oct 2004 21:07:08 +0000 (21:07 +0000)]
Fix cross site scripting bug
Brion Vibber [Wed, 13 Oct 2004 20:02:32 +0000 (20:02 +0000)]
(bug 704) remove misleading LocalSettings.sample
Jens Frank [Wed, 13 Oct 2004 20:02:10 +0000 (20:02 +0000)]
Fix cross site scripting bug
Brion Vibber [Wed, 13 Oct 2004 07:38:43 +0000 (07:38 +0000)]
Pull the actual series of updater calls into do_all_updaters(), add
the necessary require_all's to updaters.inc, and add a command-line
update.php which runs them without having to pull things out and
run the web installer.
Brion Vibber [Wed, 13 Oct 2004 07:31:52 +0000 (07:31 +0000)]
patch from tom
Bug 697: Several XHTML errors on Special:Preferences
Wil Mahan [Wed, 13 Oct 2004 06:09:01 +0000 (06:09 +0000)]
A pair of tests for self links
Wil Mahan [Wed, 13 Oct 2004 04:30:19 +0000 (04:30 +0000)]
When checking for self links, use Title::getFragment() rather
than searching for '#', so that self-links escaped with
character entities are handled correctly. Related to
bug 337.
Jens Frank [Tue, 12 Oct 2004 10:57:27 +0000 (10:57 +0000)]
BUG#178 Allow center/right/left/etc image options even if
$wgUseImageResize is set to false. Changing width or computing thumbs still depends on $wgUseImageResize.
Jens Frank [Tue, 12 Oct 2004 10:07:31 +0000 (10:07 +0000)]
Catch error 2000, too. Some mysql servers return 2000 instead of 1045
Wil Mahan [Tue, 12 Oct 2004 00:17:13 +0000 (00:17 +0000)]
Add the new "longdesc" attribute to all image tests, and
fix a test that is currently broken (in a right-aligned
image with no caption, the title/alt text should not
be "right").
Wil Mahan [Tue, 12 Oct 2004 00:12:06 +0000 (00:12 +0000)]
Add "longdesc" attribute to all (non-external) images, containing
the URL of the image page.
Evan Prodromou [Mon, 11 Oct 2004 22:59:29 +0000 (22:59 +0000)]
Briefly document the $wgLocaltimezone variable.
Wil Mahan [Mon, 11 Oct 2004 22:13:02 +0000 (22:13 +0000)]
Test case for disallowed character in an external link
Wil Mahan [Mon, 11 Oct 2004 22:10:14 +0000 (22:10 +0000)]
Also add " to disallowed URI characters, per RFC 2396, fixing
some more test cases.
Wil Mahan [Mon, 11 Oct 2004 21:55:35 +0000 (21:55 +0000)]
Pass the -a option to diff in case there are tests with
non-text characters; set wgMaxTocLevel global; use
.PHONY target in Makefile in case someone happens
to have a file named 'test' or similar in the
maintenance/ directory.
Brion Vibber [Mon, 11 Oct 2004 21:47:31 +0000 (21:47 +0000)]
Update tests for 289:
* fix the expected output to match actual behavior with caught invalid chars
* add cases with double-quote (")
Brion Vibber [Mon, 11 Oct 2004 21:23:39 +0000 (21:23 +0000)]
$wgBrowserBlackList must be an array, not a string. Also, the previous value would have matched virtually all browsers other than Mozilla.
Jens Frank [Mon, 11 Oct 2004 20:03:24 +0000 (20:03 +0000)]
BUG#187, BUG#669 Fix centered images. span apparently didn't work properly
Wil Mahan [Mon, 11 Oct 2004 19:17:34 +0000 (19:17 +0000)]
Use the new wfRandom() function for setting cur_random
Wil Mahan [Mon, 11 Oct 2004 19:15:24 +0000 (19:15 +0000)]
Oops, invalid chars in bracketed external links should
be added to the link description, not the trail.
Jens Frank [Mon, 11 Oct 2004 19:02:56 +0000 (19:02 +0000)]
Fix bounding box feature of thumbnails (e.g. |200x200px|)
Wil Mahan [Mon, 11 Oct 2004 18:54:35 +0000 (18:54 +0000)]
Re-exclude '<' and '>' from external links, since brion pointed
out cases where it matters. We don't need to exclude them from
external link text, to allow for e.g. bold text in the link
description.
Emmanuel Engelhart [Mon, 11 Oct 2004 18:38:32 +0000 (18:38 +0000)]
+ better browser black list example
Emmanuel Engelhart [Mon, 11 Oct 2004 18:36:01 +0000 (18:36 +0000)]
$wgBrowserBlackList = "/Mozilla\/4./";
Brion Vibber [Mon, 11 Oct 2004 18:33:30 +0000 (18:33 +0000)]
Bug 686: broken linktrail in Catalan
Brion Vibber [Mon, 11 Oct 2004 18:12:14 +0000 (18:12 +0000)]
Add more test cases for bug 289
Wil Mahan [Mon, 11 Oct 2004 17:34:39 +0000 (17:34 +0000)]
Bug 589: make random selection slightly more random. PHP's
mt_rand() function has a maximum value of 2^31-1, which
is small enough that duplicate values can occur due to the
Birthday paradox, e.g. on the English Wikipedia. To fix
this, add a wfRandom() function that calls mt_rand()
twice to get the desired amount of randomness.
Wil Mahan [Mon, 11 Oct 2004 16:57:49 +0000 (16:57 +0000)]
Detect and disallow > and < within external links.
Fixes bug 289.
Wil Mahan [Mon, 11 Oct 2004 16:16:27 +0000 (16:16 +0000)]
Prevent double-escaping of '<' and '>' in external links;
allow them in free external links again, at least until there
is a consistent way of handling them. Convert some spaces to
tabs from zhengzhu's last commit.
Emmanuel Engelhart [Mon, 11 Oct 2004 16:13:53 +0000 (16:13 +0000)]
+ comment about the browser blacklist array
Emmanuel Engelhart [Mon, 11 Oct 2004 16:10:47 +0000 (16:10 +0000)]
+ explicit example for the browser black list.
River Tarnell [Mon, 11 Oct 2004 11:09:18 +0000 (11:09 +0000)]
don't show redirects in categories
Brion Vibber [Mon, 11 Oct 2004 07:44:37 +0000 (07:44 +0000)]
If wiki has the old non-unique indexes on cur, check for duplicate cur entries and remove the extras.
Brion Vibber [Mon, 11 Oct 2004 07:43:44 +0000 (07:43 +0000)]
Obsolete and probably dangerous old script. Removed from 1.3 branch long ago, forgot to get it here.
Brion Vibber [Mon, 11 Oct 2004 06:38:42 +0000 (06:38 +0000)]
add missing autoConvert wrapper
Domas Mituzas [Mon, 11 Oct 2004 04:13:43 +0000 (04:13 +0000)]
fix from live site, set->add for "loading".
Erik Moeller [Mon, 11 Oct 2004 04:10:41 +0000 (04:10 +0000)]
bugfix: check for existence of PRIMARY key in addition to UNIQUE key, as
MySQL returns "PRIMARY" as key_name. This caused uploads to fail with a
"patch required" message in HEAD even if the schema was up to date.
Erik Moeller [Mon, 11 Oct 2004 03:28:18 +0000 (03:28 +0000)]
this seems to have sneaked into HEAD somehow, belongs in SCHEMA_WORK only
Zheng Zhu [Mon, 11 Oct 2004 03:05:48 +0000 (03:05 +0000)]
update doc
Zheng Zhu [Mon, 11 Oct 2004 02:46:31 +0000 (02:46 +0000)]
Adding the interface language to the page rendering hash; also fixed some formatting errors from my previous commits.
Zheng Zhu [Mon, 11 Oct 2004 02:15:55 +0000 (02:15 +0000)]
For content language, removed language code suffix from the message keys in the mediawiki: namespace. This way languages that do not support multiple variants will see no change in the way the namespace works.
Evan Prodromou [Sun, 10 Oct 2004 23:28:45 +0000 (23:28 +0000)]
Updated the checktrans.php script to be a little more modern and to
WFM. Removed the two variations on the theme, since they don't work.
Might as well have just one broken script instead of three.
Brion Vibber [Sun, 10 Oct 2004 22:56:23 +0000 (22:56 +0000)]
When deleting images / old image revisions, don't fail out if the file
doesn't exist or the oi_archive_name field is empty. Treat it gracefully
and continue deleting the database records.
Bug 484: image deletion causes an internal error
Brion Vibber [Sun, 10 Oct 2004 22:40:58 +0000 (22:40 +0000)]
Fix brainfart that broke options on insertArray()
Emmanuel Engelhart [Sun, 10 Oct 2004 21:30:17 +0000 (21:30 +0000)]
+ checkUnicodeCompliantBrowser() and code to show if necessary a warning message
Emmanuel Engelhart [Sun, 10 Oct 2004 21:27:15 +0000 (21:27 +0000)]
+ nonunicodebrowser message
Emmanuel Engelhart [Sun, 10 Oct 2004 21:25:42 +0000 (21:25 +0000)]
+ $wgBrowserBlackList
Brion Vibber [Sun, 10 Oct 2004 13:41:09 +0000 (13:41 +0000)]
fix bug 439: protected pages should not display a "move" link.
Brion Vibber [Sun, 10 Oct 2004 13:17:56 +0000 (13:17 +0000)]
fix for bug 433: Title attribute on undelete button wrong
Brion Vibber [Sun, 10 Oct 2004 13:05:04 +0000 (13:05 +0000)]
Test case for bug 289
Brion Vibber [Sun, 10 Oct 2004 09:44:00 +0000 (09:44 +0000)]
fix for bug 149: Special:Recentchanges: Link that adds &from= to URL discards &limit= and vice-versa
Brion Vibber [Sun, 10 Oct 2004 08:36:59 +0000 (08:36 +0000)]
Disable message cache transforms on install (bug 296)
Brion Vibber [Sun, 10 Oct 2004 04:30:01 +0000 (04:30 +0000)]
'fromwikipedia' has been renamed to 'tagline'
Brion Vibber [Sat, 9 Oct 2004 21:55:28 +0000 (21:55 +0000)]
Fix for last checkin on Squid and for the generated data
Brion Vibber [Sat, 9 Oct 2004 21:24:52 +0000 (21:24 +0000)]
More paranoia checks for Internet Explorer
Brion Vibber [Sat, 9 Oct 2004 08:41:55 +0000 (08:41 +0000)]
Adjust spacing, and fix the disclaimer link again so it's separated from the printable link
Brion Vibber [Sat, 9 Oct 2004 08:34:52 +0000 (08:34 +0000)]
Re-tabification
Brion Vibber [Sat, 9 Oct 2004 08:08:26 +0000 (08:08 +0000)]
Load form C data on demand; if we are dealing in all-ASCII text we can save some memory and time by not loading it.
Brion Vibber [Sat, 9 Oct 2004 06:49:28 +0000 (06:49 +0000)]
Merge adjacent edits to same page by same user in the RSS feed
Brion Vibber [Sat, 9 Oct 2004 02:55:32 +0000 (02:55 +0000)]
Put diffs into the RecentChanges RSS/Atom feed to make it more useful for offline reading (and more convenient in general). For new pages, includes the full wikitext.
Probably will want to do caching of diffs before pushing this one out the door, but it's not as bad as all that; nothing has to be parsed, just diffed.
Brion Vibber [Sat, 9 Oct 2004 02:53:11 +0000 (02:53 +0000)]
Reduce dependence on $wgOut global in the difference formatter; just buffer up the output and give it to $wgOut in a lump.
Also added DifferenceEngine::getDiff() so you can get a diff without sending it to $wgOut.
Evan Prodromou [Fri, 8 Oct 2004 22:31:45 +0000 (22:31 +0000)]
Fixed some tab bogosity and took out a couple of debug printf
statements.
Evan Prodromou [Fri, 8 Oct 2004 22:00:51 +0000 (22:00 +0000)]
Fixed problems with hiding certain links (portal, currentevents,
disclaimers). Corrected help text in Language.php -- it said to set
the values to '', but the code used '-'. Fixed Skin.php so it checks
for '-' for disclaimers. Also, fixed SkinPHPTal.php so it checks for
'-' anywhere it can show up -- in buildNavigationUrls and buildNavUrls.
Zheng Zhu [Fri, 8 Oct 2004 14:38:40 +0000 (14:38 +0000)]
need to include sg and hk...
Zheng Zhu [Fri, 8 Oct 2004 13:57:01 +0000 (13:57 +0000)]
Added fallback in case the preferred language variant is not provided in the manual conversion markup.
Andre Engels [Fri, 8 Oct 2004 12:05:12 +0000 (12:05 +0000)]
Changed namespace names (request of Aliter).
Brion Vibber [Fri, 8 Oct 2004 08:46:25 +0000 (08:46 +0000)]
old_text conversion on load, for future UTF-8 conversion of en.wikipedia.org and remaining holdouts.
* When not $wgUseLatin1, saved revisions are now marked with 'utf-8' in old_flags
* When $wgLegacyEncoding is set, an old row without 'utf-8' in old_flags is converted from $wgLegacyCharset to $wgInputEncoding at load time (after gzip decompression if applicable). Thus the old_text fields will not need to be modified when the wiki is converted; this will mainly be useful after the SCHEMA_WORK changes are made so that the other fields in the old table are discarded (they will need to be separately converted anyway)
Zheng Zhu [Fri, 8 Oct 2004 05:24:36 +0000 (05:24 +0000)]
these two files are now refered to as zh2TW.manual and zh2CN.manual
Zheng Zhu [Fri, 8 Oct 2004 05:21:16 +0000 (05:21 +0000)]
Ooops...
Zheng Zhu [Fri, 8 Oct 2004 05:20:09 +0000 (05:20 +0000)]
support for zh-hk and zh-sg
Zheng Zhu [Fri, 8 Oct 2004 05:19:23 +0000 (05:19 +0000)]
initial support for zh-hk and zh-sg
Zheng Zhu [Fri, 8 Oct 2004 05:01:33 +0000 (05:01 +0000)]
Adding support for zh-sg (Singapore) and zh-hk (Hong Kong)
Zheng Zhu [Fri, 8 Oct 2004 04:27:07 +0000 (04:27 +0000)]
performance tweak related to title conversion
Brion Vibber [Thu, 7 Oct 2004 05:59:10 +0000 (05:59 +0000)]
Add support for using ICU to perform normalization, which is much much faster than the PHP code!
Still need to add support for cleanup/verification.
Brion Vibber [Thu, 7 Oct 2004 03:40:06 +0000 (03:40 +0000)]
Fetch test data for the benchmark
Zheng Zhu [Thu, 7 Oct 2004 02:09:03 +0000 (02:09 +0000)]
Added another phrase library from libtabe (libtabe.sourceforge.net/); Extract phrases that nees manual translation.
River Tarnell [Thu, 7 Oct 2004 01:16:37 +0000 (01:16 +0000)]
Replace searchdisabled with a more informative message
Jens Frank [Wed, 6 Oct 2004 20:55:08 +0000 (20:55 +0000)]
BUG#58. Patch by Tom Gilder. Prevent edit box scrollbar from disappearing under MSIE 5.5
Jens Frank [Wed, 6 Oct 2004 20:19:06 +0000 (20:19 +0000)]
BUG#634, Patch#2.1: Patch by Tom Gilder. Avoids flickering logo in MSIE 5.5 and newer
Jens Frank [Wed, 6 Oct 2004 20:12:14 +0000 (20:12 +0000)]
BUG#634, Patch#2: Patch by Tom Gilder. Avoids flickering logo in MSIE 5.5 and newer
Wil Mahan [Wed, 6 Oct 2004 19:30:00 +0000 (19:30 +0000)]
Three more test cases involving images, and give
bug number for bug 648.
Wil Mahan [Wed, 6 Oct 2004 19:22:42 +0000 (19:22 +0000)]
Trivial fix from Rowan Collins to better handle
malformed images with captions containing links.
Brion Vibber [Wed, 6 Oct 2004 10:33:22 +0000 (10:33 +0000)]
Add support for some alternate SVG rasterizers:
* ImageMagick - scaling is done after rasterization, and curves don't look good
* Batik - looks good; requires Java
* Sodipodi & Inkscape - haven't got them actually working yet; they crash on my mac when called from the web server though they work on the command line
Brion Vibber [Wed, 6 Oct 2004 09:43:00 +0000 (09:43 +0000)]
Get native size from SVG files
Zheng Zhu [Tue, 5 Oct 2004 16:13:40 +0000 (16:13 +0000)]
Show error message when 6730wgwgUseDatabaseMessages is off in Special:Allmessages. This fixes bug 440.
Domas Mituzas [Tue, 5 Oct 2004 11:18:43 +0000 (11:18 +0000)]
* cache standalone messages fetched from DB on memcached
* from DB/memcached on MC:mCache
Brion Vibber [Tue, 5 Oct 2004 07:35:19 +0000 (07:35 +0000)]
Rasterize plain image views of SVG files at default size (currently 512px wide, maybe not the best).
Prefer ImageMagick over GD when setting up LocalSettings.php