From 82738c520ee3927e2aeb7f6583a0e29a9ede7192 Mon Sep 17 00:00:00 2001
From: Gabriel Wicke <gwicke@users.mediawiki.org>
Date: Wed, 28 Apr 2004 19:30:21 +0000
Subject: [PATCH] quick hack to protect css/js subpages of userpages. Should be
 replaced by some more advanced (and less hard-coded) permission scheme sooner
 or later

---
 includes/Title.php | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/includes/Title.php b/includes/Title.php
index 77b1a95671..cd91d19fba 100644
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -487,6 +487,13 @@ class Title {
 		if ( -1 == $this->mNamespace ) { return false; }
 		# if ( 0 == $this->getArticleID() ) { return false; }
 		if ( $this->mDbkeyform == "_" ) { return false; }
+		# protect css/js subpages of user pages
+		# XXX: this might be better using restrictions
+		if( Namespace::getUser() == $this->mNamespace
+			and preg_match("/\\.(css|js)$/", $this->mTextform )
+			and !$wgUser->isDeveloper()
+			and !preg_match("/^".$wgUser->getName()."/", $this->mTextform) )
+		{ return false; }
 
 		$ur = $wgUser->getRights();
 		foreach ( $this->getRestrictions() as $r ) {
-- 
2.20.1