<?php
-
-function wfSpecialImagelist()
-{
- global $wgUser, $wgOut, $wgLang, $wgRequest;
+/**
+ *
+ * @package MediaWiki
+ * @subpackage SpecialPage
+ */
+
+/**
+ *
+ */
+function wfSpecialImagelist() {
+ global $wgUser, $wgOut, $wgLang, $wgContLang, $wgRequest;
$sort = $wgRequest->getVal( 'sort' );
$wpIlMatch = $wgRequest->getText( 'wpIlMatch' );
-
+ $dbr =& wfGetDB( DB_SLAVE );
+ $image = $dbr->tableName( 'image' );
$sql = "SELECT img_size,img_name,img_user,img_user_text," .
- "img_description,img_timestamp FROM image";
+ "img_description,img_timestamp FROM $image";
$byname = wfMsg( "byname" );
$bydate = wfMsg( "bydate" );
$bysize = wfMsg( "bysize" );
- if ( "bysize" == $sort ) {
- $sql .= " ORDER BY img_size DESC";
- $st = $bysize;
- } else if ( "byname" == $sort ) {
- if ( $wpIlMatch ) {
- $nt = Title::newFromUrl( $wpIlMatch );
- $m = wfStrencode( strtolower( $nt->getDBkey() ) );
+ if ( !empty( $wpIlMatch ) ) {
+ $nt = Title::newFromUrl( $wpIlMatch );
+ if($nt ) {
+ $m = $dbr->strencode( strtolower( $nt->getDBkey() ) );
$m = str_replace( "%", "\\%", $m );
$m = str_replace( "_", "\\_", $m );
$sql .= " WHERE LCASE(img_name) LIKE '%{$m}%'";
}
+ }
+ if ( "bysize" == $sort ) {
+ $sql .= " ORDER BY img_size DESC";
+ $st = $bysize;
+ } else if ( "byname" == $sort ) {
$sql .= " ORDER BY img_name";
$st = $byname;
} else {
+ $sort = "bydate";
$sql .= " ORDER BY img_timestamp DESC";
$st = $bydate;
}
$wgOut->addHTML( "<form id=\"imagesearch\" method=\"post\" action=\"" .
"{$action}\">" .
- "{$cap}: <input type='text' size='8' name=\"wpIlMatch\" value=\"\" /> " .
+ "{$cap}: <input type='text' size='8' name=\"wpIlMatch\" value=\"" .
+ htmlspecialchars( $wpIlMatch ) . "\" /> " .
"<input type='submit' name=\"wpIlSubmit\" value=\"{$sub}\" /></form>" );
$nums = array( 50, 100, 250, 500 );
- $here = $wgLang->specialPage( "Imagelist" );
+ $here = $wgContLang->specialPage( "Imagelist" );
$fill = "";
$first = true;
$first = false;
$fill .= $sk->makeKnownLink( $here, $wgLang->formatNum( $num ),
- "sort=byname&limit={$num}&wpIlMatch={$wpIlMatch}" );
+ "sort=byname&limit={$num}&wpIlMatch=" . urlencode( $wpIlMatch ) );
}
$text = wfMsg( "showlast", $fill, $byname );
$wgOut->addHTML( "<p>{$text}<br />\n" );
$first = false;
$fill .= $sk->makeKnownLink( $here, $wgLang->formatNum( $num ),
- "sort=bysize&limit={$num}&wpIlMatch={$wpIlMatch}" );
+ "sort=bysize&limit={$num}&wpIlMatch=" . urlencode( $wpIlMatch ) );
}
$text = wfMsg( "showlast", $fill, $bysize );
$wgOut->addHTML( "{$text}<br />\n" );
$first = false;
$fill .= $sk->makeKnownLink( $here, $wgLang->formatNum( $num ),
- "sort=bydate&limit={$num}&wpIlMatch={$wpIlMatch}" );
+ "sort=bydate&limit={$num}&wpIlMatch=" . urlencode( $wpIlMatch ) );
}
$text = wfMsg( "showlast", $fill, $bydate );
$wgOut->addHTML( "{$text}</p>\n<p>" );
- $res = wfQuery( $sql, DB_READ, "wfSpecialImagelist" );
- while ( $s = wfFetchObject( $res ) ) {
+ $res = $dbr->query( $sql, "wfSpecialImagelist" );
+ while ( $s = $dbr->fetchObject( $res ) ) {
$name = $s->img_name;
$ut = $s->img_user_text;
if ( 0 == $s->img_user ) { $ul = $ut; }
- else { $ul = $sk->makeLink( $wgLang->getNsText(
+ else { $ul = $sk->makeLink( $wgContLang->getNsText(
Namespace::getUser() ) . ":{$ut}", $ut ); }
- $ilink = "<a href=\"" . Image::wfImageUrl( $name ) .
- "\">{$name}</a>";
+ $ilink = "<a href=\"" . htmlspecialchars( Image::wfImageUrl( $name ) ) .
+ "\">" . htmlspecialchars( $name ) . "</a>";
$nb = wfMsg( "nbytes", $wgLang->formatNum( $s->img_size ) );
$l = "(" .
- $sk->makeKnownLink( $wgLang->getNsText(
+ $sk->makeKnownLink( $wgContLang->getNsText(
Namespace::getImage() ) . ":{$name}", wfMsg( "imgdesc" ) ) .
") {$ilink} . . {$nb} . . {$ul} . . " .
$wgLang->timeanddate( $s->img_timestamp, true );
if ( "" != $s->img_description ) {
- $l .= " <em>({$s->img_description})</em>";
+ $l .= ' <i>(' . $sk->formatComment( $s->img_description ) . ')</i>';
}
$wgOut->addHTML( "{$l}<br />\n" );
}
$wgOut->addHTML( "</p>" );
- wfFreeResult( $res );
+ $dbr->freeResult( $res );
}
?>