* Main wiki script; see docs/design.txt
* @package MediaWiki
*/
-
$wgRequestTime = microtime();
unset( $IP );
@ini_set( 'allow_url_fopen', 0 ); # For security...
+if ( isset( $_REQUEST['GLOBALS'] ) ) {
+ die( '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>');
+}
+
# Valid web server entry point, enable includes.
# Please don't move this line to includes/Defines.php. This line essentially defines
# a valid entry point. If you put it in includes/Defines.php, then any script that includes
# Debug statement for user levels
// print_r($wgUser);
+$search = $wgRequest->getText( 'search' );
+if( !is_null( $search ) && $search !== '' ) {
+ // Compatibility with old search URLs which didn't use Special:Search
+ // Do this above the read whitelist check for security...
+ $wgTitle = Title::makeTitle( NS_SPECIAL, 'Search' );
+}
+
# If the user is not logged in, the Namespace:title of the article must be in
# the Read array in order for the user to see it. (We have to check here to
# catch special pages etc. We check again in Article::view())
}
wfProfileIn( 'main-action' );
-$search = $wgRequest->getText( 'search' );
-if( $wgDisableInternalSearch && !is_null( $search ) && $search !== '' ) {
- $wgTitle = Title::makeTitle( NS_SPECIAL, 'Search' );
-}
if( !$wgDisableInternalSearch && !is_null( $search ) && $search !== '' ) {
require_once( 'includes/SpecialSearch.php' );
case 'validate':
case 'render':
case 'deletetrackback':
+ case 'purge':
$wgArticle->$action();
break;
case 'print':
$raw = new RawPage( $wgArticle );
$raw->view();
break;
- case 'purge':
- wfPurgeSquidServers(array($wgTitle->getInternalURL()));
- $wgOut->setSquidMaxage( $wgSquidMaxage );
- $wgTitle->invalidateCache();
- $wgArticle->view();
- break;
default:
if (wfRunHooks('UnknownAction', array($action, $wgArticle))) {
$wgOut->errorpage( 'nosuchaction', 'nosuchactiontext' );