API: Adjust feature usage log format

On the advice of the Research Analyst, quote all data fields and add
slashes to escape quotes.

Change-Id: I3471475c0ae7a11398a774b1a14d023676259c04
Follows-up: Ifd640883e46f3e6c8179c63d122c704b046674ca

diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php
index 23a3867..fc87a47 100644 (file)
--- a/includes/api/ApiBase.php
+++ b/includes/api/ApiBase.php
@@ -2242,11 +2242,11 @@ abstract class ApiBase extends ContextSource {
         */
        protected function logFeatureUsage( $feature ) {
                $request = $this->getRequest();
-               $s = $feature .
-                       ' ' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) .
-                       ' ' . $request->getIP() .
-                       ' "' . $request->getHeader( 'Referer' ) . '"' .
-                       ' "' . $request->getHeader( 'User-agent' ) . '"';
+               $s = '"' . addslashes( $feature ) . '"' .
+                       ' "' . wfUrlencode( str_replace( ' ', '_', $this->getUser()->getName() ) ) . '"' .
+                       ' "' . $request->getIP() . '"' .
+                       ' "' . addslashes( $request->getHeader( 'Referer' ) ) . '"' .
+                       ' "' . addslashes( $request->getHeader( 'User-agent' ) ) . '"';
                wfDebugLog( 'api-feature-usage', $s, 'private' );
        }
 }