Tim Starling [Sat, 23 Oct 2004 08:23:13 +0000 (08:23 +0000)]
correcting for what was probably an odd one-off error
Tim Starling [Sat, 23 Oct 2004 08:21:39 +0000 (08:21 +0000)]
moving wfProfileIn() to the start of the function, adding warning suppression like I did in MessageCache.php
Brion Vibber [Sat, 23 Oct 2004 07:37:48 +0000 (07:37 +0000)]
Kludge for the present state of PHPTAL 1.0.0's i18n:attributes, which isn't backwards-compatible with PHPTAL 0.7.0's version
Brion Vibber [Sat, 23 Oct 2004 07:10:37 +0000 (07:10 +0000)]
Remove $wgCurParser kludge
Tim Starling [Sat, 23 Oct 2004 01:07:38 +0000 (01:07 +0000)]
alsatian, inheriting from de
Tim Starling [Sat, 23 Oct 2004 00:43:39 +0000 (00:43 +0000)]
renaming
Tim Starling [Sat, 23 Oct 2004 00:00:57 +0000 (00:00 +0000)]
stub inheriting from de
Erik Moeller [Thu, 21 Oct 2004 05:04:14 +0000 (05:04 +0000)]
Preliminary support for shared upload directory. This is primarily intended
for the Wikimedia Commons. If $wgUseSharedUploads is set, MediaWiki will try
to locate an image file in the shared upload directory if it is not found
locally. Thumbnails for shared images will also be generated in the
shared directory.
Note: I changed
$text = $this->replaceInternalLinks ( $text );
$text = $this->replaceExternalLinks( $text );
to
$text = $this->replaceExternalLinks( $text );
$text = $this->replaceInternalLinks ( $text );
in Parser.php. Otherwise [[Media:Bla.jpg]] to an absolute URL would be
incorrectly parsed as external links. The header of
replaceExternalLinks says:
Note: we have to do external links before the internal ones
So the old order was not consistent with the documentation. I did some
tests and nothing seems to be broken, but I have some problems executing
parserTests.php so I couldn't test it systematically.
Zheng Zhu [Thu, 21 Oct 2004 03:36:19 +0000 (03:36 +0000)]
Add variant conversion to the output of these special pages
Zheng Zhu [Thu, 21 Oct 2004 02:47:51 +0000 (02:47 +0000)]
Moving code that checks for valid link in another variant from Parser.php to Language.php
Jens Frank [Wed, 20 Oct 2004 20:29:40 +0000 (20:29 +0000)]
als: Elsaessisch -> Alemannisch
Jens Frank [Wed, 20 Oct 2004 20:18:26 +0000 (20:18 +0000)]
http://bugzilla.wikipedia.org/show_bug.cgi?id=748
Nynorsk language file
Brion Vibber [Wed, 20 Oct 2004 09:56:34 +0000 (09:56 +0000)]
Reorganization of SearchEngine for legibility
* Removed 'fuzzy title search', it's not been maintained and generally produces unexpected and unwanted results
* Separated search guts (in SearchEngine) from display/control (in SpecialSearch)
* Extracted MySQL3 and MySQL4 variants to subclasses
* Added PHPUnit tests for MySQL3 and MySQL4 search engines, which try to use temporary tables to fiddle in (if configured)
* comments n stuff
Zheng Zhu [Wed, 20 Oct 2004 02:18:42 +0000 (02:18 +0000)]
Forgot to changed these...
Zheng Zhu [Tue, 19 Oct 2004 18:03:58 +0000 (18:03 +0000)]
special conversion for displaying title
Zheng Zhu [Tue, 19 Oct 2004 18:02:44 +0000 (18:02 +0000)]
Added option wgDisableLangConversion to disable langauge variant conversion, mainly for debugging and testing purpose.
Zheng Zhu [Tue, 19 Oct 2004 17:52:23 +0000 (17:52 +0000)]
fix NS_PROJECT*, and formatting
Zheng Zhu [Tue, 19 Oct 2004 17:44:00 +0000 (17:44 +0000)]
removed double conversion of linked text.
Zheng Zhu [Tue, 19 Oct 2004 16:54:07 +0000 (16:54 +0000)]
Added code to generate a wordlist from the various sources.
Brion Vibber [Tue, 19 Oct 2004 08:38:08 +0000 (08:38 +0000)]
Add more globals tests
Brion Vibber [Tue, 19 Oct 2004 07:30:56 +0000 (07:30 +0000)]
(bug 737) only use the post-parse link placeholders within replaceInternalLinks().
The recent move of the replacement step from OutputPage into Parser completely
broke a crapload of special pages; this makes the links show again.
Brion Vibber [Tue, 19 Oct 2004 07:12:15 +0000 (07:12 +0000)]
* Drop a couple instances of wfTimestamp2Unix & reverse for wfTimestamp()
* Make wfTimestampNow() a wrapper on wfTimestamp()
* Add some tests and docstrings
Brion Vibber [Tue, 19 Oct 2004 05:46:14 +0000 (05:46 +0000)]
Don't forget to urlencode the data in wfArrayToCGI()
Zheng Zhu [Mon, 18 Oct 2004 18:13:39 +0000 (18:13 +0000)]
fixes Bug 718: Bad charset in cached pages.
Brion Vibber [Mon, 18 Oct 2004 09:53:47 +0000 (09:53 +0000)]
* Start on some unit tests for GlobalFunctions
* Add makefile & readme for the lazy
Brion Vibber [Mon, 18 Oct 2004 09:49:03 +0000 (09:49 +0000)]
* add a require dependency
* allow do_html_entity_decode() to be called with different charsets during the script lifetime
Brion Vibber [Mon, 18 Oct 2004 08:11:06 +0000 (08:11 +0000)]
Clean up options code a bit to make use of commandLine.inc's parsing
Brion Vibber [Mon, 18 Oct 2004 08:10:22 +0000 (08:10 +0000)]
Support setting values for long options like --color=yes
Brion Vibber [Mon, 18 Oct 2004 07:25:56 +0000 (07:25 +0000)]
* Add support for prepared statements. This should be safer than dumping variables into raw SQL and more flexible than the array-based wrapper functions
* Add some quick PHPUnit tests for Database::fillPrepared()
Zheng Zhu [Mon, 18 Oct 2004 00:54:53 +0000 (00:54 +0000)]
toc should be translated using content language
River Tarnell [Mon, 18 Oct 2004 00:15:30 +0000 (00:15 +0000)]
security_fix
Brion Vibber [Sun, 17 Oct 2004 21:59:36 +0000 (21:59 +0000)]
1.2 to 1.3 updater script from wikipedia. Not exactly useful still. :D
Brion Vibber [Sun, 17 Oct 2004 21:38:47 +0000 (21:38 +0000)]
Interactive scripts are a pain in the butt, and have bad interactions
with output buffering. If no option is given on the command line, just
print a help message instead of the ill-fated prompt.
Also now accepts --update and --rebuild in standard GNU long option style.
Brion Vibber [Sun, 17 Oct 2004 08:32:27 +0000 (08:32 +0000)]
Bug 732: Typo in config/index.php
Brion Vibber [Sun, 17 Oct 2004 07:33:03 +0000 (07:33 +0000)]
Add test for links with double-escaped hex codes (raw hex codes in titles are now illegal as they don't survive round-trip conversion and thus are inaccessible)
Tim Starling [Sun, 17 Oct 2004 01:46:18 +0000 (01:46 +0000)]
ang
Tim Starling [Sun, 17 Oct 2004 01:41:12 +0000 (01:41 +0000)]
Gothic
Brion Vibber [Sat, 16 Oct 2004 07:15:18 +0000 (07:15 +0000)]
Reject titles with %XX hex codes (since these have special meaning in URL links and are interpreted for this purpose, breaking things if they're used literally)
Brion Vibber [Sat, 16 Oct 2004 02:36:51 +0000 (02:36 +0000)]
Work around weird vanishing form data problem (bugs.php.net/bug.php?id=22427 )
Emmanuel Engelhart [Fri, 15 Oct 2004 22:15:11 +0000 (22:15 +0000)]
+ "/Mozilla\/4\.78 \[en\] \(X11; U; Linux/" to the browser black list
array
Wil Mahan [Fri, 15 Oct 2004 17:50:08 +0000 (17:50 +0000)]
Add tests for links inside section headings and
<nowiki> inside links, and explicitly set the title
for some tests now that Skin.php used by the parser
has been corrected to longer use the $wgTitle global.
Wil Mahan [Fri, 15 Oct 2004 17:46:42 +0000 (17:46 +0000)]
Now it is no longer necessary to create an OutputPage
object, because Parser replaces link placeholders.
This also means that tidy happens automatically
on the parser output if $wgUseTidy = true.
Wil Mahan [Fri, 15 Oct 2004 17:39:10 +0000 (17:39 +0000)]
Move replaceLinkHolders() from OutputPage to Parser, because
it needs to happen before unstripNoWiki() and before tidy.
This also makes the parser more self-contained, so there is
no need to create an OutputPage object for the parser
tester.
Call unstripNoWiki() before creating a Title object
for an internal link; this fixes <nowiki> inside of
a link target. Need to make sure this does not degrade
performance.
Wil Mahan [Fri, 15 Oct 2004 17:33:51 +0000 (17:33 +0000)]
Change editSectionLink() and editSectionScript() to take a
title object instead of using a global; we want to keep
$wgTitle and $wgUser out of the parser
Domas Mituzas [Fri, 15 Oct 2004 09:57:23 +0000 (09:57 +0000)]
disable client cache for 'you have new messages'
River Tarnell [Thu, 14 Oct 2004 09:26:51 +0000 (09:26 +0000)]
don't double escape
River Tarnell [Thu, 14 Oct 2004 09:18:36 +0000 (09:18 +0000)]
restore accidentally broken functionality
River Tarnell [Thu, 14 Oct 2004 08:58:47 +0000 (08:58 +0000)]
fix xss attack
Brion Vibber [Thu, 14 Oct 2004 08:38:06 +0000 (08:38 +0000)]
Validate input
Brion Vibber [Thu, 14 Oct 2004 07:49:22 +0000 (07:49 +0000)]
url-encode the url
Brion Vibber [Thu, 14 Oct 2004 07:33:22 +0000 (07:33 +0000)]
xhtml fix
Brion Vibber [Thu, 14 Oct 2004 07:32:20 +0000 (07:32 +0000)]
XHTML fix
River Tarnell [Thu, 14 Oct 2004 07:29:38 +0000 (07:29 +0000)]
fix xss attack if wgRawHtml is enabled
Brion Vibber [Thu, 14 Oct 2004 07:29:12 +0000 (07:29 +0000)]
XHTML fix, handle bad target more gracefully
Brion Vibber [Thu, 14 Oct 2004 06:52:42 +0000 (06:52 +0000)]
escape html output
Brion Vibber [Thu, 14 Oct 2004 06:38:12 +0000 (06:38 +0000)]
Never used; just a TODO note
Brion Vibber [Thu, 14 Oct 2004 06:21:33 +0000 (06:21 +0000)]
Escape HTMl output
Brion Vibber [Thu, 14 Oct 2004 05:53:30 +0000 (05:53 +0000)]
Fix XHTML tags
Brion Vibber [Thu, 14 Oct 2004 05:30:30 +0000 (05:30 +0000)]
Escape HTML output
Brion Vibber [Thu, 14 Oct 2004 05:14:45 +0000 (05:14 +0000)]
Escape input on a few error messages
River Tarnell [Thu, 14 Oct 2004 05:08:33 +0000 (05:08 +0000)]
fix xss attack
Brion Vibber [Thu, 14 Oct 2004 04:55:57 +0000 (04:55 +0000)]
Never used; just had a todo message.
Brion Vibber [Thu, 14 Oct 2004 04:55:06 +0000 (04:55 +0000)]
spaces to tabs
River Tarnell [Thu, 14 Oct 2004 04:50:14 +0000 (04:50 +0000)]
fix potential xss attack
Brion Vibber [Thu, 14 Oct 2004 04:40:58 +0000 (04:40 +0000)]
Fix potential HTML breakage if removechecked message were to include an apostrophe
Zheng Zhu [Thu, 14 Oct 2004 04:40:57 +0000 (04:40 +0000)]
Changed the second Chinese character for Traditional Chinese to what it should be, Traditional;)
River Tarnell [Thu, 14 Oct 2004 04:15:29 +0000 (04:15 +0000)]
fix xss attack
River Tarnell [Thu, 14 Oct 2004 03:50:14 +0000 (03:50 +0000)]
fix xss attack
River Tarnell [Thu, 14 Oct 2004 02:56:02 +0000 (02:56 +0000)]
fix two xss attacks and one path validation attack
Brion Vibber [Thu, 14 Oct 2004 02:13:12 +0000 (02:13 +0000)]
Clean up a few scriptlets
River Tarnell [Wed, 13 Oct 2004 21:38:50 +0000 (21:38 +0000)]
fix xss attack
Jens Frank [Wed, 13 Oct 2004 21:30:18 +0000 (21:30 +0000)]
Fix SQL injection bug
Jens Frank [Wed, 13 Oct 2004 21:07:08 +0000 (21:07 +0000)]
Fix cross site scripting bug
Brion Vibber [Wed, 13 Oct 2004 20:02:32 +0000 (20:02 +0000)]
(bug 704) remove misleading LocalSettings.sample
Jens Frank [Wed, 13 Oct 2004 20:02:10 +0000 (20:02 +0000)]
Fix cross site scripting bug
Brion Vibber [Wed, 13 Oct 2004 07:38:43 +0000 (07:38 +0000)]
Pull the actual series of updater calls into do_all_updaters(), add
the necessary require_all's to updaters.inc, and add a command-line
update.php which runs them without having to pull things out and
run the web installer.
Brion Vibber [Wed, 13 Oct 2004 07:31:52 +0000 (07:31 +0000)]
patch from tom
Bug 697: Several XHTML errors on Special:Preferences
Wil Mahan [Wed, 13 Oct 2004 06:09:01 +0000 (06:09 +0000)]
A pair of tests for self links
Wil Mahan [Wed, 13 Oct 2004 04:30:19 +0000 (04:30 +0000)]
When checking for self links, use Title::getFragment() rather
than searching for '#', so that self-links escaped with
character entities are handled correctly. Related to
bug 337.
Jens Frank [Tue, 12 Oct 2004 10:57:27 +0000 (10:57 +0000)]
BUG#178 Allow center/right/left/etc image options even if
$wgUseImageResize is set to false. Changing width or computing thumbs still depends on $wgUseImageResize.
Jens Frank [Tue, 12 Oct 2004 10:07:31 +0000 (10:07 +0000)]
Catch error 2000, too. Some mysql servers return 2000 instead of 1045
Wil Mahan [Tue, 12 Oct 2004 00:17:13 +0000 (00:17 +0000)]
Add the new "longdesc" attribute to all image tests, and
fix a test that is currently broken (in a right-aligned
image with no caption, the title/alt text should not
be "right").
Wil Mahan [Tue, 12 Oct 2004 00:12:06 +0000 (00:12 +0000)]
Add "longdesc" attribute to all (non-external) images, containing
the URL of the image page.
Evan Prodromou [Mon, 11 Oct 2004 22:59:29 +0000 (22:59 +0000)]
Briefly document the $wgLocaltimezone variable.
Wil Mahan [Mon, 11 Oct 2004 22:13:02 +0000 (22:13 +0000)]
Test case for disallowed character in an external link
Wil Mahan [Mon, 11 Oct 2004 22:10:14 +0000 (22:10 +0000)]
Also add " to disallowed URI characters, per RFC 2396, fixing
some more test cases.
Wil Mahan [Mon, 11 Oct 2004 21:55:35 +0000 (21:55 +0000)]
Pass the -a option to diff in case there are tests with
non-text characters; set wgMaxTocLevel global; use
.PHONY target in Makefile in case someone happens
to have a file named 'test' or similar in the
maintenance/ directory.
Brion Vibber [Mon, 11 Oct 2004 21:47:31 +0000 (21:47 +0000)]
Update tests for 289:
* fix the expected output to match actual behavior with caught invalid chars
* add cases with double-quote (")
Brion Vibber [Mon, 11 Oct 2004 21:23:39 +0000 (21:23 +0000)]
$wgBrowserBlackList must be an array, not a string. Also, the previous value would have matched virtually all browsers other than Mozilla.
Jens Frank [Mon, 11 Oct 2004 20:03:24 +0000 (20:03 +0000)]
BUG#187, BUG#669 Fix centered images. span apparently didn't work properly
Wil Mahan [Mon, 11 Oct 2004 19:17:34 +0000 (19:17 +0000)]
Use the new wfRandom() function for setting cur_random
Wil Mahan [Mon, 11 Oct 2004 19:15:24 +0000 (19:15 +0000)]
Oops, invalid chars in bracketed external links should
be added to the link description, not the trail.
Jens Frank [Mon, 11 Oct 2004 19:02:56 +0000 (19:02 +0000)]
Fix bounding box feature of thumbnails (e.g. |200x200px|)
Wil Mahan [Mon, 11 Oct 2004 18:54:35 +0000 (18:54 +0000)]
Re-exclude '<' and '>' from external links, since brion pointed
out cases where it matters. We don't need to exclude them from
external link text, to allow for e.g. bold text in the link
description.
Emmanuel Engelhart [Mon, 11 Oct 2004 18:38:32 +0000 (18:38 +0000)]
+ better browser black list example
Emmanuel Engelhart [Mon, 11 Oct 2004 18:36:01 +0000 (18:36 +0000)]
$wgBrowserBlackList = "/Mozilla\/4./";
Brion Vibber [Mon, 11 Oct 2004 18:33:30 +0000 (18:33 +0000)]
Bug 686: broken linktrail in Catalan
Brion Vibber [Mon, 11 Oct 2004 18:12:14 +0000 (18:12 +0000)]
Add more test cases for bug 289
Wil Mahan [Mon, 11 Oct 2004 17:34:39 +0000 (17:34 +0000)]
Bug 589: make random selection slightly more random. PHP's
mt_rand() function has a maximum value of 2^31-1, which
is small enough that duplicate values can occur due to the
Birthday paradox, e.g. on the English Wikipedia. To fix
this, add a wfRandom() function that calls mt_rand()
twice to get the desired amount of randomness.
Wil Mahan [Mon, 11 Oct 2004 16:57:49 +0000 (16:57 +0000)]
Detect and disallow > and < within external links.
Fixes bug 289.