From 5260ea4fce50f1426d9546efc2e8c3b0a62e642c Mon Sep 17 00:00:00 2001 From: Pierre Schmitz Date: Mon, 13 Jul 2009 21:58:36 +0200 Subject: upgrade to 1.15.1 (security fix) --- includes/DefaultSettings.php | 4 +-- includes/filerepo/FileRepo.php | 45 ++++++----------------------- includes/filerepo/LocalRepo.php | 49 +++++++++++++++++++++++++++++--- includes/specials/SpecialBlockip.php | 2 +- includes/specials/SpecialPreferences.php | 2 +- 5 files changed, 57 insertions(+), 45 deletions(-) (limited to 'includes') diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 19878f76..136817bf 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -33,7 +33,7 @@ if ( !defined( 'MW_PHP4' ) ) { } /** MediaWiki version number */ -$wgVersion = '1.15.0'; +$wgVersion = '1.15.1'; /** Name of the site. It must be changed in LocalSettings.php */ $wgSitename = 'MediaWiki'; @@ -2561,7 +2561,7 @@ $wgAutoloadClasses = array(); * $wgExtensionCredits[$type][] = array( * 'name' => 'Example extension', * 'version' => 1.9, - * 'svn-revision' => '$LastChangedRevision: 51678 $', + * 'svn-revision' => '$LastChangedRevision: 53179 $', * 'author' => 'Foo Barstein', * 'url' => 'http://wwww.example.com/Example%20Extension/', * 'description' => 'An example extension', diff --git a/includes/filerepo/FileRepo.php b/includes/filerepo/FileRepo.php index face1614..c9d34377 100644 --- a/includes/filerepo/FileRepo.php +++ b/includes/filerepo/FileRepo.php @@ -517,47 +517,14 @@ abstract class FileRepo { function cleanupDeletedBatch( $storageKeys ) {} /** - * Checks if there is a redirect named as $title + * Checks if there is a redirect named as $title. If there is, return the + * title object. If not, return false. + * STUB * * @param Title $title Title of image */ function checkRedirect( $title ) { - global $wgMemc; - - if( is_string( $title ) ) { - $title = Title::newFromTitle( $title ); - } - if( $title instanceof Title && $title->getNamespace() == NS_MEDIA ) { - $title = Title::makeTitle( NS_FILE, $title->getText() ); - } - - $memcKey = $this->getMemcKey( "image_redirect:" . md5( $title->getPrefixedDBkey() ) ); - $cachedValue = $wgMemc->get( $memcKey ); - if( $cachedValue ) { - return Title::newFromDbKey( $cachedValue ); - } elseif( $cachedValue == ' ' ) { # FIXME: ugly hack, but BagOStuff caching seems to be weird and return false if !cachedValue, not only if it doesn't exist - return false; - } - - $id = $this->getArticleID( $title ); - if( !$id ) { - $wgMemc->set( $memcKey, " ", 9000 ); - return false; - } - $dbr = $this->getSlaveDB(); - $row = $dbr->selectRow( - 'redirect', - array( 'rd_title', 'rd_namespace' ), - array( 'rd_from' => $id ), - __METHOD__ - ); - - if( $row ) $targetTitle = Title::makeTitle( $row->rd_namespace, $row->rd_title ); - $wgMemc->set( $memcKey, ($row ? $targetTitle->getPrefixedDBkey() : " "), 9000 ); - if( !$row ) { - return false; - } - return $targetTitle; + return false; } /** @@ -598,4 +565,8 @@ abstract class FileRepo { function getMasterDB() { return wfGetDB( DB_MASTER ); } + + function getMemcKey( $key ) { + return wfWikiID( $this->getSlaveDB() ) . ":{$key}"; + } } diff --git a/includes/filerepo/LocalRepo.php b/includes/filerepo/LocalRepo.php index 1ec1b9a6..c679dd98 100644 --- a/includes/filerepo/LocalRepo.php +++ b/includes/filerepo/LocalRepo.php @@ -10,10 +10,6 @@ class LocalRepo extends FSRepo { var $fileFromRowFactory = array( 'LocalFile', 'newFromRow' ); var $oldFileFromRowFactory = array( 'OldLocalFile', 'newFromRow' ); - function getMemcKey( $key ) { - return wfWikiID( $this->getSlaveDB() ) . ":{$key}"; - } - function newFileFromRow( $row ) { if ( isset( $row->img_name ) ) { return call_user_func( $this->fileFromRowFactory, $row, $this ); @@ -71,6 +67,51 @@ class LocalRepo extends FSRepo { } return $status; } + + /** + * Checks if there is a redirect named as $title + * + * @param Title $title Title of image + */ + function checkRedirect( $title ) { + global $wgMemc; + + if( is_string( $title ) ) { + $title = Title::newFromTitle( $title ); + } + if( $title instanceof Title && $title->getNamespace() == NS_MEDIA ) { + $title = Title::makeTitle( NS_FILE, $title->getText() ); + } + + $memcKey = $this->getMemcKey( "image_redirect:" . md5( $title->getPrefixedDBkey() ) ); + $cachedValue = $wgMemc->get( $memcKey ); + if( $cachedValue ) { + return Title::newFromDbKey( $cachedValue ); + } elseif( $cachedValue == ' ' ) { # FIXME: ugly hack, but BagOStuff caching seems to be weird and return false if !cachedValue, not only if it doesn't exist + return false; + } + + $id = $this->getArticleID( $title ); + if( !$id ) { + $wgMemc->set( $memcKey, " ", 9000 ); + return false; + } + $dbr = $this->getSlaveDB(); + $row = $dbr->selectRow( + 'redirect', + array( 'rd_title', 'rd_namespace' ), + array( 'rd_from' => $id ), + __METHOD__ + ); + + if( $row ) $targetTitle = Title::makeTitle( $row->rd_namespace, $row->rd_title ); + $wgMemc->set( $memcKey, ($row ? $targetTitle->getPrefixedDBkey() : " "), 9000 ); + if( !$row ) { + return false; + } + return $targetTitle; + } + /** * Function link Title::getArticleID(). diff --git a/includes/specials/SpecialBlockip.php b/includes/specials/SpecialBlockip.php index 0efaedf1..f002e570 100644 --- a/includes/specials/SpecialBlockip.php +++ b/includes/specials/SpecialBlockip.php @@ -632,7 +632,7 @@ class IPBlockForm { */ private function getContribsLink( $skin ) { $contribsPage = SpecialPage::getTitleFor( 'Contributions', $this->BlockAddress ); - return $skin->link( $contribsPage, wfMsgHtml( 'ipb-blocklist-contribs', $this->BlockAddress ) ); + return $skin->link( $contribsPage, wfMsgExt( 'ipb-blocklist-contribs', 'escape', $this->BlockAddress ) ); } /** diff --git a/includes/specials/SpecialPreferences.php b/includes/specials/SpecialPreferences.php index f4a42ef4..49c4f4e0 100644 --- a/includes/specials/SpecialPreferences.php +++ b/includes/specials/SpecialPreferences.php @@ -813,7 +813,7 @@ class PreferencesForm { # Password if( $wgAuth->allowPasswordChange() ) { $link = $wgUser->getSkin()->link( SpecialPage::getTitleFor( 'ResetPass' ), wfMsgHtml( 'prefs-resetpass' ), - array() , array('returnto' => SpecialPage::getTitleFor( 'Preferences') ) ); + array() , array( 'returnto' => SpecialPage::getTitleFor( 'Preferences' )->getPrefixedText() ) ); $wgOut->addHTML( $this->tableRow( Xml::element( 'h2', null, wfMsg( 'changepassword' ) ) ) . $this->tableRow( '' ) ); -- cgit v1.2.3-54-g00ecf