Changeset 1881
- Timestamp:
- 02/22/2011 12:19:11 PM (15 months ago)
- Location:
- trunk
- Files:
-
- 96 edited
-
. (modified) (1 prop)
-
Readme.txt (modified) (1 diff)
-
w/CREDITS (modified) (2 diffs)
-
w/RELEASE-NOTES (modified) (7 diffs)
-
w/includes/Article.php (modified) (4 diffs)
-
w/includes/DefaultSettings.php (modified) (4 diffs)
-
w/includes/HTMLForm.php (modified) (1 diff)
-
w/includes/HistoryPage.php (modified) (6 diffs)
-
w/includes/Html.php (modified) (3 diffs)
-
w/includes/HttpFunctions.php (modified) (2 diffs)
-
w/includes/ImagePage.php (modified) (6 diffs)
-
w/includes/OutputHandler.php (modified) (1 diff)
-
w/includes/OutputPage.php (modified) (4 diffs)
-
w/includes/Sanitizer.php (modified) (1 diff)
-
w/includes/Skin.php (modified) (4 diffs)
-
w/includes/StringUtils.php (modified) (2 diffs)
-
w/includes/StubObject.php (modified) (1 diff)
-
w/includes/Title.php (modified) (1 diff)
-
w/includes/WebRequest.php (modified) (1 diff)
-
w/includes/api/ApiBase.php (modified) (5 diffs)
-
w/includes/api/ApiBlock.php (modified) (2 diffs)
-
w/includes/api/ApiDelete.php (modified) (2 diffs)
-
w/includes/api/ApiEditPage.php (modified) (2 diffs)
-
w/includes/api/ApiEmailUser.php (modified) (2 diffs)
-
w/includes/api/ApiExpandTemplates.php (modified) (2 diffs)
-
w/includes/api/ApiFeedWatchlist.php (modified) (1 diff)
-
w/includes/api/ApiImport.php (modified) (2 diffs)
-
w/includes/api/ApiLogout.php (modified) (1 diff)
-
w/includes/api/ApiMain.php (modified) (8 diffs)
-
w/includes/api/ApiMove.php (modified) (2 diffs)
-
w/includes/api/ApiOpenSearch.php (modified) (2 diffs)
-
w/includes/api/ApiParse.php (modified) (2 diffs)
-
w/includes/api/ApiPatrol.php (modified) (2 diffs)
-
w/includes/api/ApiProtect.php (modified) (2 diffs)
-
w/includes/api/ApiPurge.php (modified) (1 diff)
-
w/includes/api/ApiQuery.php (modified) (6 diffs)
-
w/includes/api/ApiQueryAllCategories.php (modified) (2 diffs)
-
w/includes/api/ApiQueryAllLinks.php (modified) (2 diffs)
-
w/includes/api/ApiQueryAllUsers.php (modified) (2 diffs)
-
w/includes/api/ApiQueryAllimages.php (modified) (2 diffs)
-
w/includes/api/ApiQueryAllmessages.php (modified) (2 diffs)
-
w/includes/api/ApiQueryAllpages.php (modified) (2 diffs)
-
w/includes/api/ApiQueryBacklinks.php (modified) (2 diffs)
-
w/includes/api/ApiQueryBase.php (modified) (2 diffs)
-
w/includes/api/ApiQueryBlocks.php (modified) (1 diff)
-
w/includes/api/ApiQueryCategories.php (modified) (2 diffs)
-
w/includes/api/ApiQueryCategoryInfo.php (modified) (2 diffs)
-
w/includes/api/ApiQueryCategoryMembers.php (modified) (2 diffs)
-
w/includes/api/ApiQueryDeletedrevs.php (modified) (1 diff)
-
w/includes/api/ApiQueryDuplicateFiles.php (modified) (2 diffs)
-
w/includes/api/ApiQueryExtLinksUsage.php (modified) (2 diffs)
-
w/includes/api/ApiQueryExternalLinks.php (modified) (2 diffs)
-
w/includes/api/ApiQueryImageInfo.php (modified) (2 diffs)
-
w/includes/api/ApiQueryImages.php (modified) (2 diffs)
-
w/includes/api/ApiQueryInfo.php (modified) (4 diffs)
-
w/includes/api/ApiQueryLangLinks.php (modified) (2 diffs)
-
w/includes/api/ApiQueryLinks.php (modified) (2 diffs)
-
w/includes/api/ApiQueryLogEvents.php (modified) (2 diffs)
-
w/includes/api/ApiQueryProtectedTitles.php (modified) (2 diffs)
-
w/includes/api/ApiQueryRandom.php (modified) (1 diff)
-
w/includes/api/ApiQueryRecentChanges.php (modified) (2 diffs)
-
w/includes/api/ApiQueryRevisions.php (modified) (4 diffs)
-
w/includes/api/ApiQuerySearch.php (modified) (2 diffs)
-
w/includes/api/ApiQuerySiteinfo.php (modified) (2 diffs)
-
w/includes/api/ApiQueryTags.php (modified) (2 diffs)
-
w/includes/api/ApiQueryUserContributions.php (modified) (2 diffs)
-
w/includes/api/ApiQueryUserInfo.php (modified) (1 diff)
-
w/includes/api/ApiQueryUsers.php (modified) (2 diffs)
-
w/includes/api/ApiQueryWatchlist.php (modified) (2 diffs)
-
w/includes/api/ApiQueryWatchlistRaw.php (modified) (1 diff)
-
w/includes/api/ApiUnblock.php (modified) (2 diffs)
-
w/includes/api/ApiUndelete.php (modified) (2 diffs)
-
w/includes/api/ApiUpload.php (modified) (1 diff)
-
w/includes/api/ApiUserrights.php (modified) (2 diffs)
-
w/includes/api/ApiWatch.php (modified) (1 diff)
-
w/includes/db/DatabaseOracle.php (modified) (2 diffs)
-
w/includes/diff/DifferenceInterface.php (modified) (2 diffs)
-
w/includes/json/Services_JSON.php (modified) (1 diff)
-
w/includes/search/SearchSqlite.php (modified) (1 diff)
-
w/includes/specials/SpecialAllpages.php (modified) (1 diff)
-
w/includes/specials/SpecialCategories.php (modified) (1 diff)
-
w/includes/specials/SpecialContributions.php (modified) (4 diffs)
-
w/includes/specials/SpecialLinkSearch.php (modified) (1 diff)
-
w/includes/specials/SpecialSearch.php (modified) (1 diff)
-
w/includes/specials/SpecialSpecialpages.php (modified) (1 diff)
-
w/includes/specials/SpecialUpload.php (modified) (3 diffs)
-
w/includes/specials/SpecialVersion.php (modified) (1 diff)
-
w/profileinfo.php (modified) (6 diffs)
-
w/skins/Vector.php (modified) (4 diffs)
-
w/skins/common/wikibits.js (modified) (3 diffs)
-
w/skins/vector/experiments/babaco-colors-a.css (modified) (3 diffs)
-
w/skins/vector/experiments/babaco-colors-b.css (modified) (1 diff)
-
w/skins/vector/experiments/babaco-colors-c.css (modified) (3 diffs)
-
w/skins/vector/experiments/new-tabs.css (modified) (1 diff)
-
w/skins/vector/main-ltr.css (modified) (12 diffs)
-
w/skins/vector/main-rtl.css (modified) (12 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk
- Property svn:externals
-
old new 1 w/bin http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/bin2 w/cache http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/cache3 w/config http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/config4 w/docs http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/docs5 w/languages http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/languages6 w/maintenance http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/maintenance7 w/math http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/math8 w/serialized http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/phase3/serialized9 w/extensions/Interwiki http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_ 0beta3/extensions/Interwiki1 w/bin http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/bin 2 w/cache http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/cache 3 w/config http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/config 4 w/docs http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/docs 5 w/languages http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/languages 6 w/maintenance http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/maintenance 7 w/math http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/math 8 w/serialized http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/phase3/serialized 9 w/extensions/Interwiki http://svn.wikimedia.org/svnroot/mediawiki/tags/REL1_16_2/extensions/Interwiki
-
- Property svn:externals
-
trunk/Readme.txt
r1496 r1881 133 133 * You may need to go into Forums Administration Control Panel as Admin/password to purge the cache. 134 134 135 * -
trunk/w/CREDITS
r1484 r1881 63 63 * Tom Gries 64 64 * Victor Vasiliev 65 * Yuri Astrakhan 65 66 66 67 == Patch Contributors == … … 126 127 * Rotem Liss 127 128 * Shinjiman 129 * Translatewiki.net Translators http://translatewiki.net/wiki/Special:ListUsers/translator -
trunk/w/RELEASE-NOTES
r1570 r1881 1 1 = MediaWiki release notes = 2 2 3 == MediaWiki 1.16 beta 3==4 5 201 0-05-286 7 This is a pre-release betaof the MediaWiki 1.16 branch.3 == MediaWiki 1.16.2 == 4 5 2011-02-01 6 7 This is a security and maintenance release of the MediaWiki 1.16 branch. 8 8 9 9 === Summary of selected changes in 1.16 === 10 10 11 11 Selected changes since MediaWiki 1.15 that may be of interest: 12 13 * A new skin called Vector was added 12 14 13 15 * Watchlists now have RSS/Atom feeds. RSS feeds generally are now hidden, … … 42 44 you have the DBA extension for PHP installed, this will improve performance 43 45 further. 46 47 == Changes since 1.16.1 == 48 49 * (bug 26642) Fixed incorrect translated namespace due to a regression in the 50 language converter. 51 * The interface translations were updated. 52 * (bug 27093, CVE-2011-0047): Fixed CSS injection vulnerability. 53 * (bug 27094) Fixed server-side arbitrary script inclusion vulnerability. 54 Affects Windows servers only. A malicious file with extension ".php" must 55 exist on the server for the exploit to be effective. 56 57 == Changes since 1.16.0 == 58 59 * (bug 24981) Allow extensions to access SpecialUpload variables again 60 * (bug 24724) list=allusers was out by 1 (shows total users - 1) 61 * (bug 24166) Fixed API error when using rvprop=tags 62 * For wikis using French as a content language, Special:Téléchargement works 63 again as an alias for Special:Upload. 64 * (bug 25167) Correctly load JS fixes for IE6 (fixing a regression in 1.16.0) 65 * (bug 25248) Fixed paraminfo errors in certain API modules. 66 * The installer now has improved handling for situations where safe_mode is 67 active or exec() and similar functions are disabled. 68 * (bug 19593) Specifying --server in now works for all maintenance scripts. 69 * Fixed $wgLicenseTerms register globals. 70 * (bug 26561) Fixed clickjacking vulnerabilities by introducing support for 71 X-Frame-Options. The header value can be configured using $wgBreakFrames and 72 $wgEditPageFrameOptions. 73 74 == Changes since 1.16 beta 3 == 75 76 * (bug 23769) Disabled HTML 5 client-side form validation. Was introduced in 77 1.16 beta 1, but is currently poorly supported by browsers. 78 * (bug 23175) Re-added window.ta variable for backwards compatibility. 79 * (bug 23264) Fixed breakage of various command line scripts due to extra line 80 endings being inserted by Maintenance::output(). 81 * Fixed HTTP client functionality with safe_mode=On. 82 * Fixed parser tests broken in 1.16 beta 3. 83 * For Oracle DB backend: fixed parser tests and table prefix feature. 84 * (bug 23767) Fixed PHP warning when REQUEST_URI is blank (IIS issue). 85 * Fixed plural function for Northern Sami (se) 86 * (bug 23597) Fixed conflicts between ID attributes in the Vector skin and 87 parser-generated heading IDs. Renamed head, panel, head-base and page-base. 88 * Disabled $wgHitcounterUpdateFreq>1 feature on SQLite, does not work yet. 89 * (bug 23465) Don't ignore the predefined destination filename on 90 Special:Upload after following a red link to a file. 91 * In SQLite full-text search feature: fixed "move page" feature, was non- 92 functional. 93 * (bug 24565) Fixed Cache-Control headers sent from API modules, to protect 94 user privacy in the case where an attacker can access the wiki through the 95 same HTTP proxy as a logged-in user. 96 * Fixed an XSS vulnerability in profileinfo.php for installations with 97 $wgEnableProfileInfo = true (false by default) 98 * Fixed a case where an X-Vary-Options header was sent despite $wgUseXVO being 99 false. Fixed a minor header parsing issue when $wgUseXVO = true. 100 * Fixed a register_globals arbitrary inclusion vulnerability in 101 MediaWikiParserTest.php, introduced in 1.16 beta 1. 44 102 45 103 == Changes since 1.16 beta 2 == … … 76 134 * (bug 23687) Fixed XSS vulnerability affecting IE clients only, due to a CSS 77 135 validation issue. 136 * Fixed a DoS vulnerability in ImageMagick image scaling. ImageMagick 137 expanded wildcard characters "?" and "*" in image filenames, potentially 138 causing large numbers of images to be scaled in response to a single request. 139 The fix for this involves breaking the scaling of such image filenames until 140 ImageMagick 6.6.1-5 or later is deployed, see bug 23361 for more details. 141 * (bug 23608) Fixed invalid HTML in diff pages. 78 142 79 143 === Changes since 1.16 beta 1 === … … 172 236 === New features in 1.16 === 173 237 238 * A new skin called Vector was added 174 239 * Add CSS defintion of the 'wikitable' class to shared.css 175 240 * (bug 17163) Added MediaWiki:Talkpageheader which will be displayed when … … 276 341 This can be disabled by setting $wgHtml5 = false;. Specific features enabled 277 342 if HTML 5 is used: 278 ** New HTML 5 input attributes allow JavaScript-free input validation in some 279 cutting-edge browsers. E.g., some inputs will be autofocused, users will 280 not be allowed to submit forms with certain types of invalid values (like 281 numbers outside the permitted ranges), etc. 343 ** Some extra inputs will be autofocused, in supporting browsers. 282 344 ** The summary attribute has been removed from tables of contents. summary is 283 345 obsolete in HTML 5 and wasn't useful here anyway. … … 308 370 * New hook ShowMissingArticle so extensions can modify the output for 309 371 non-existent pages. 310 * Added $wgUseAJAXCategories allow enabling AJAX based categories system.311 This works on all namespaces. Enabled namespaces can be reduces using312 $wgAJAXCategoriesNamespaces.313 372 * Admins could disable some variants using $wgDisabledVariants now. ONLY apply 314 373 on wikis enabled LanguageConverter. … … 828 887 829 888 == API changes in 1.16 == 830 831 889 * Added uiprop=changeablegroups to meta=userinfo 832 890 * Added usprop=gender to list=users -
trunk/w/includes/Article.php
r1570 r1881 793 793 } 794 794 795 # Allow frames by default 796 $wgOut->allowClickjacking(); 797 795 798 # Should the parser cache be used? 796 799 $useParserCache = $this->useParserCache( $oldid ); … … 1452 1455 ); 1453 1456 if ( !$dbr->numRows( $tbs ) ) return; 1457 1458 $wgOut->preventClickjacking(); 1454 1459 1455 1460 $tbtext = ""; … … 3662 3667 $hitcounterTable = $dbw->tableName( 'hitcounter' ); 3663 3668 $acchitsTable = $dbw->tableName( 'acchits' ); 3664 3665 if ( $wgHitcounterUpdateFreq <= 1 ) { 3669 $dbType = $dbw->getType(); 3670 3671 if ( $wgHitcounterUpdateFreq <= 1 || $dbType == 'sqlite' ) { 3666 3672 $dbw->query( "UPDATE $pageTable SET page_counter = page_counter + 1 WHERE page_id = $id" ); 3667 3673 return; … … 3687 3693 $old_user_abort = ignore_user_abort( true ); 3688 3694 3689 $dbType = $dbw->getType();3690 3695 $dbw->lockTables( array(), array( 'hitcounter' ), __METHOD__, false ); 3691 3696 $tabletype = $dbType == 'mysql' ? "ENGINE=HEAP " : ''; -
trunk/w/includes/DefaultSettings.php
r1570 r1881 34 34 35 35 /** MediaWiki version number */ 36 $wgVersion = '1.16. 0beta3';36 $wgVersion = '1.16.2'; 37 37 38 38 /** Name of the site. It must be changed in LocalSettings.php */ … … 1687 1687 * styles. 1688 1688 */ 1689 $wgStyleVersion = '2 69';1689 $wgStyleVersion = '270'; 1690 1690 1691 1691 … … 2502 2502 $wgRightsText = null; 2503 2503 $wgRightsIcon = null; 2504 2505 /** 2506 * Set to an array of metadata terms. Else they will be loaded based on $wgRightsUrl 2507 */ 2508 $wgLicenseTerms = false; 2504 2509 2505 2510 /** Set this to some HTML to override the rights icon with an arbitrary logo */ … … 3982 3987 3983 3988 /** 3984 * Break out of framesets. This can be used to prevent external sites from3985 * framing your site with ads.3989 * Break out of framesets. This can be used to prevent clickjacking attacks, 3990 * or to prevent external sites from framing your site with ads. 3986 3991 */ 3987 3992 $wgBreakFrames = false; 3993 3994 /** 3995 * The X-Frame-Options header to send on pages sensitive to clickjacking 3996 * attacks, such as edit pages. This prevents those pages from being displayed 3997 * in a frame or iframe. The options are: 3998 * 3999 * - 'DENY': Do not allow framing. This is recommended for most wikis. 4000 * 4001 * - 'SAMEORIGIN': Allow framing by pages on the same domain. This can be used 4002 * to allow framing within a trusted domain. This is insecure if there 4003 * is a page on the same domain which allows framing of arbitrary URLs. 4004 * 4005 * - false: Allow all framing. This opens up the wiki to XSS attacks and thus 4006 * full compromise of local user accounts. Private wikis behind a 4007 * corporate firewall are especially vulnerable. This is not 4008 * recommended. 4009 * 4010 * For extra safety, set $wgBreakFrames = true, to prevent framing on all pages, 4011 * not just edit pages. 4012 */ 4013 $wgEditPageFrameOptions = 'DENY'; 3988 4014 3989 4015 /** -
trunk/w/includes/HTMLForm.php
r1484 r1881 312 312 } 313 313 314 # For good measure (it is the default) 315 $wgOut->preventClickjacking(); 316 314 317 $html = '' 315 318 . $this->mHeader -
trunk/w/includes/HistoryPage.php
r1484 r1881 167 167 $pager->getNavigationBar() 168 168 ); 169 $wgOut->preventClickjacking( $pager->getPreventClickjacking() ); 169 170 170 171 wfProfileOut( __METHOD__ ); … … 302 303 public $lastRow = false, $counter, $historyPage, $title, $buttons, $conds; 303 304 protected $oldIdChecked; 305 protected $preventClickjacking = false; 304 306 305 307 function __construct( $historyPage, $year='', $month='', $tagFilter = '', $conds = array() ) { … … 383 385 $this->buttons = '<div>'; 384 386 if( $wgUser->isAllowed('deleterevision') ) { 387 $this->preventClickjacking(); 385 388 $float = $wgContLang->alignEnd(); 386 389 # Note bug #20966, <button> is non-standard in IE<8 … … 489 492 // User can delete revisions... 490 493 if( $wgUser->isAllowed( 'deleterevision' ) ) { 494 $this->preventClickjacking(); 491 495 // If revision was hidden from sysops, disable the checkbox 492 496 if( !$rev->userCan( Revision::DELETED_RESTRICTED ) ) { … … 535 539 if( !is_null( $next ) && is_object( $next ) ) { 536 540 if( $latest && $this->title->userCan( 'rollback' ) && $this->title->userCan( 'edit' ) ) { 541 $this->preventClickjacking(); 537 542 $tools[] = '<span class="mw-rollback-link">'. 538 543 $this->getSkin()->buildRollbackLink( $rev ).'</span>'; … … 722 727 } 723 728 } 729 730 /** 731 * This is called if a write operation is possible from the generated HTML 732 */ 733 function preventClickjacking( $enable = true ) { 734 $this->preventClickjacking = $enable; 735 } 736 737 /** 738 * Get the "prevent clickjacking" flag 739 */ 740 function getPreventClickjacking() { 741 return $this->preventClickjacking; 742 } 724 743 } 725 744 -
trunk/w/includes/Html.php
r1484 r1881 144 144 $element = strtolower( $element ); 145 145 146 # Remove HTML5-only attributes if we aren't doing HTML5 147 if ( !$wgHtml5 ) { 148 if ( $element == 'input' ) { 149 # Whitelist of valid XHTML1 types 150 $validTypes = array( 151 'hidden', 152 'text', 153 'password', 154 'checkbox', 155 'radio', 156 'file', 157 'submit', 158 'image', 159 'reset', 160 'button', 161 ); 162 if ( isset( $attribs['type'] ) 163 && !in_array( $attribs['type'], $validTypes ) ) { 164 # Fall back to type=text, the default 165 unset( $attribs['type'] ); 166 } 167 } 168 if ( $element == 'textarea' && isset( $attribs['maxlength'] ) ) { 169 unset( $attribs['maxlength'] ); 146 # Remove HTML5-only attributes if we aren't doing HTML5, and disable 147 # form validation regardless (see bug 23769 and the more detailed 148 # comment in expandAttributes()) 149 if ( $element == 'input' ) { 150 # Whitelist of types that don't cause validation. All except 151 # 'search' are valid in XHTML1. 152 $validTypes = array( 153 'hidden', 154 'text', 155 'password', 156 'checkbox', 157 'radio', 158 'file', 159 'submit', 160 'image', 161 'reset', 162 'button', 163 'search', 164 ); 165 if ( isset( $attribs['type'] ) 166 && !in_array( $attribs['type'], $validTypes ) ) { 167 unset( $attribs['type'] ); 168 } 169 if ( isset( $attribs['type'] ) && $attribs['type'] == 'search' 170 && !$wgHtml5 ) { 171 unset( $attribs['type'] ); 170 172 } 171 173 # Here we're blacklisting some HTML5-only attributes... … … 185 187 unset( $attribs[$badAttr] ); 186 188 } 189 } 190 if ( !$wgHtml5 && $element == 'textarea' && isset( $attribs['maxlength'] ) ) { 191 unset( $attribs['maxlength'] ); 187 192 } 188 193 … … 329 334 # and we'd like consistency and better compression anyway. 330 335 $key = strtolower( $key ); 336 337 # Bug 23769: Blacklist all form validation attributes for now. Current 338 # (June 2010) WebKit has no UI, so the form just refuses to submit 339 # without telling the user why, which is much worse than failing 340 # server-side validation. Opera is the only other implementation at 341 # this time, and has ugly UI, so just kill the feature entirely until 342 # we have at least one good implementation. 343 if ( in_array( $key, array( 'max', 'min', 'pattern', 'required', 'step' ) ) ) { 344 continue; 345 } 331 346 332 347 # See the "Attributes" section in the HTML syntax part of HTML5, -
trunk/w/includes/HttpFunctions.php
r1484 r1881 715 715 $this->curlOptions[CURLOPT_WRITEFUNCTION] = $this->callback; 716 716 $this->curlOptions[CURLOPT_HEADERFUNCTION] = array($this, "readHeader"); 717 $this->curlOptions[CURLOPT_FOLLOWLOCATION] = $this->followRedirects;718 717 $this->curlOptions[CURLOPT_MAXREDIRS] = $this->maxRedirects; 719 718 … … 749 748 750 749 $curlHandle = curl_init( $this->url ); 751 curl_setopt_array( $curlHandle, $this->curlOptions ); 750 if ( !curl_setopt_array( $curlHandle, $this->curlOptions ) ) { 751 throw new MWException("Error setting curl options."); 752 } 753 if ( ! @curl_setopt( $curlHandle, CURLOPT_FOLLOWLOCATION, $this->followRedirects ) ) { 754 wfDebug("Couldn't set CURLOPT_FOLLOWLOCATION. Probably safe_mode or open_basedir is set."); 755 /* Continue the processing. If it were in curl_setopt_array, processing would have halted on its entry */ 756 } 752 757 753 758 if ( false === curl_exec( $curlHandle ) ) { -
trunk/w/includes/ImagePage.php
r1484 r1881 601 601 $pager = new ImageHistoryPseudoPager( $this ); 602 602 $wgOut->addHTML( $pager->getBody() ); 603 $wgOut->preventClickjacking( $pager->getPreventClickjacking() ); 603 604 604 605 $this->img->resetHistory(); // free db resources … … 804 805 805 806 protected $imagePage, $img, $skin, $title, $repo, $showThumb; 807 protected $preventClickjacking = false; 806 808 807 809 public function __construct( $imagePage ) { … … 930 932 $row .= '<span class="history-deleted">' . $wgLang->timeAndDate( $timestamp, true ) . '</span>'; 931 933 } elseif( $file->isDeleted(File::DELETED_FILE) ) { 934 $this->preventClickjacking(); 932 935 $revdel = SpecialPage::getTitleFor( 'Revisiondelete' ); 933 936 # Make a link to review the image … … 1016 1019 } 1017 1020 } 1021 1022 protected function preventClickjacking( $enable = true ) { 1023 $this->preventClickjacking = $enable; 1024 } 1025 1026 public function getPreventClickjacking() { 1027 return $this->preventClickjacking; 1028 } 1018 1029 } 1019 1030 1020 1031 class ImageHistoryPseudoPager extends ReverseChronologicalPager { 1032 protected $preventClickjacking = false; 1033 1021 1034 function __construct( $imagePage ) { 1022 1035 parent::__construct(); … … 1059 1072 } 1060 1073 $s .= $list->endImageHistoryList($navLink); 1074 1075 if ( $list->getPreventClickjacking() ) { 1076 $this->preventClickjacking(); 1077 } 1061 1078 } 1062 1079 return $s; … … 1141 1158 $this->mQueryDone = true; 1142 1159 } 1160 1161 protected function preventClickjacking( $enable = true ) { 1162 $this->preventClickjacking = $enable; 1163 } 1164 1165 public function getPreventClickjacking() { 1166 return $this->preventClickjacking; 1167 } 1168 1143 1169 } -
trunk/w/includes/OutputHandler.php
r1484 r1881 91 91 if ( !$foundVary ) { 92 92 header( 'Vary: Accept-Encoding' ); 93 header( 'X-Vary-Options: Accept-Encoding;list-contains=gzip' ); 93 global $wgUseXVO; 94 if ( $wgUseXVO ) { 95 header( 'X-Vary-Options: Accept-Encoding;list-contains=gzip' ); 96 } 94 97 } 95 98 return $s; -
trunk/w/includes/OutputPage.php
r1570 r1881 38 38 var $mParseWarnings = array(); 39 39 var $mSquidMaxage = 0; 40 var $mPreventClickjacking = true; 40 41 var $mRevisionId = null; 41 42 protected $mTitle = null; … … 1267 1268 foreach ( $cvCookies as $cookieName ) { 1268 1269 # Check for a simple string match, like the way squid does it 1269 if ( strpos( $cookieHeader, $cookieName ) ) {1270 if ( strpos( $cookieHeader, $cookieName ) !== false ) { 1270 1271 wfDebug( __METHOD__.": found $cookieName\n" ); 1271 1272 return true; … … 1345 1346 } 1346 1347 $this->addVaryHeader( 'Accept-Language', $aloption ); 1348 } 1349 } 1350 1351 /** 1352 * Set a flag which will cause an X-Frame-Options header appropriate for 1353 * edit pages to be sent. The header value is controlled by 1354 * $wgEditPageFrameOptions. 1355 * 1356 * This is the default for special pages. If you display a CSRF-protected 1357 * form on an ordinary view page, then you need to call this function. 1358 */ 1359 public function preventClickjacking( $enable = true ) { 1360 $this->mPreventClickjacking = $enable; 1361 } 1362 1363 /** 1364 * Turn off frame-breaking. Alias for $this->preventClickjacking(false). 1365 * This can be called from pages which do not contain any CSRF-protected 1366 * HTML form. 1367 */ 1368 public function allowClickjacking() { 1369 $this->mPreventClickjacking = false; 1370 } 1371 1372 /** 1373 * Get the X-Frame-Options header value (without the name part), or false 1374 * if there isn't one. This is used by Skin to determine whether to enable 1375 * JavaScript frame-breaking, for clients that don't support X-Frame-Options. 1376 */ 1377 public function getFrameOptions() { 1378 global $wgBreakFrames, $wgEditPageFrameOptions; 1379 if ( $wgBreakFrames ) { 1380 return 'DENY'; 1381 } elseif ( $this->mPreventClickjacking && $wgEditPageFrameOptions ) { 1382 return $wgEditPageFrameOptions; 1347 1383 } 1348 1384 } … … 1562 1598 $wgRequest->response()->header( 'Content-language: '.$wgContLanguageCode ); 1563 1599 1600 // Prevent framing, if requested 1601 $frameOptions = $this->getFrameOptions(); 1602 if ( $frameOptions ) { 1603 $wgRequest->response()->header( "X-Frame-Options: $frameOptions" ); 1604 } 1605 1606 1564 1607 if ($this->mArticleBodyOnly) { 1565 1608 $this->out($this->mBodytext); -
trunk/w/includes/Sanitizer.php
r1570 r1881 741 741 $value = StringUtils::delimiterReplace( '/*', '*/', ' ', $value ); 742 742 743 // Remove anything after a comment-start token, to guard against 744 // incorrect client implementations. 745 $commentPos = strpos( $value, '/*' ); 746 if ( $commentPos !== false ) { 747 $value = substr( $value, 0, $commentPos ); 748 } 749 743 750 // Decode escape sequences and line continuation 744 751 // See the grammar in the CSS 2 spec, appendix D. -
trunk/w/includes/Skin.php
r1570 r1881 414 414 'wgUserLanguage' => $wgLang->getCode(), 415 415 'wgContentLanguage' => $wgContLang->getCode(), 416 'wgBreakFrames' => $wg BreakFrames,416 'wgBreakFrames' => $wgOut->getFrameOptions() == 'DENY', 417 417 'wgCurRevisionId' => isset( $wgArticle ) ? $wgArticle->getLatest() : 0, 418 418 'wgVersion' => $wgVersion, … … 2083 2083 2084 2084 $bar = array(); 2085 $this->addToSidebar( $bar, wfMsgForContentNoTrans( 'sidebar' ));2085 $this->addToSidebar( $bar, 'sidebar' ); 2086 2086 2087 2087 wfRunHooks( 'SkinBuildSidebar', array( $this, &$bar ) ); … … 2092 2092 return $bar; 2093 2093 } 2094 2095 /**2096 * Add content to the sidebar from text2097 * @since 1.162094 /** 2095 * Add content from a sidebar system message 2096 * Currently only used for MediaWiki:Sidebar (but may be used by Extensions) 2097 * 2098 2098 * @param &$bar array 2099 * @param $text string 2100 * 2101 * @return array 2102 */ 2103 function addToSidebar( &$bar, $text ) { 2104 $lines = explode( "\n", $text ); 2099 * @param $message String 2100 */ 2101 function addToSidebar( &$bar, $message ) { 2102 $lines = explode( "\n", wfMsgForContent( $message ) ); 2105 2103 $heading = ''; 2106 2104 foreach( $lines as $line ) { … … 2115 2113 } else { 2116 2114 if( strpos( $line, '|' ) !== false ) { // sanity check 2117 global $wgMessageCache;2118 $line = $wgMessageCache->transform( $line );2119 2120 2115 $line = array_map( 'trim', explode( '|', trim( $line, '* ' ), 2 ) ); 2121 2116 $link = wfMsgForContent( $line[0] ); -
trunk/w/includes/StringUtils.php
r1484 r1881 78 78 79 79 if ( $tokenType == 'start' ) { 80 $inputPos = $tokenOffset + $tokenLength;81 80 # Only move the start position if we haven't already found a start 82 81 # This means that START START END matches outer pair 83 82 if ( !$foundStart ) { 84 83 # Found start 84 $inputPos = $tokenOffset + $tokenLength; 85 85 # Write out the non-matching section 86 86 $output .= substr( $subject, $outputPos, $tokenOffset - $outputPos ); … … 88 88 $contentPos = $inputPos; 89 89 $foundStart = true; 90 } else { 91 # Move the input position past the *first character* of START, 92 # to protect against missing END when it overlaps with START 93 $inputPos = $tokenOffset + 1; 90 94 } 91 95 } elseif ( $tokenType == 'end' ) { -
trunk/w/includes/StubObject.php
r1484 r1881 153 153 154 154 # Validate $code 155 if( empty( $code ) || ! preg_match( '/^[a-z-]+$/',$code ) || ( $code === 'qqq' ) ) {155 if( empty( $code ) || !Language::isValidCode( $code ) || ( $code === 'qqq' ) ) { 156 156 wfDebug( "Invalid user language code\n" ); 157 157 $code = $wgContLanguageCode; -
trunk/w/includes/Title.php
r1484 r1881 2607 2607 if($wgContLang->hasVariants()){ 2608 2608 $variants = $wgContLang->getVariants(); 2609 foreach($variants as $vCode){ 2610 if($vCode==$wgContLang->getCode()) continue; // we don't want default variant 2611 $urls[] = $this->getInternalURL('',$vCode); 2609 foreach ( $variants as $vCode ) { 2610 $urls[] = $this->getInternalURL( '', $vCode ); 2612 2611 } 2613 2612 } -
trunk/w/includes/WebRequest.php
r1484 r1881 437 437 */ 438 438 public function getRequestURL() { 439 if( isset( $_SERVER['REQUEST_URI'] 439 if( isset( $_SERVER['REQUEST_URI']) && strlen($_SERVER['REQUEST_URI']) ) { 440 440 $base = $_SERVER['REQUEST_URI']; 441 441 } elseif( isset( $_SERVER['SCRIPT_NAME'] ) ) { -
trunk/w/includes/api/ApiBase.php
r1570 r1881 58 58 59 59 private $mMainModule, $mModuleName, $mModulePrefix; 60 private $mParamCache = array(); 60 61 61 62 /** … … 473 474 */ 474 475 public function extractRequestParams( $parseLimit = true ) { 475 $params = $this->getFinalParams(); 476 $results = array(); 477 478 if ( $params ) { // getFinalParams() can return false 479 foreach ( $params as $paramName => $paramSettings ) { 480 $results[$paramName] = $this->getParameterFromSettings( $paramName, $paramSettings, $parseLimit ); 481 } 482 } 483 484 return $results; 476 // Cache parameters, for performance and to avoid bug 24564. 477 if ( !isset( $this->mParamCache[$parseLimit] ) ) { 478 $params = $this->getFinalParams(); 479 $results = array(); 480 481 if ( $params ) { // getFinalParams() can return false 482 foreach ( $params as $paramName => $paramSettings ) { 483 $results[$paramName] = $this->getParameterFromSettings( 484 $paramName, $paramSettings, $parseLimit ); 485 } 486 } 487 $this->mParamCache[$parseLimit] = $results; 488 } 489 return $this->mParamCache[$parseLimit]; 485 490 } 486 491 … … 1002 1007 1003 1008 /** 1009 * Returns whether this module requires a Token to execute 1010 * @returns bool 1011 */ 1012 public function needsToken() { 1013 return false; 1014 } 1015 1016 /** 1004 1017 * Returns the token salt if there is one, '' if the module doesn't require a salt, else false if the module doesn't need a token 1005 1018 * @returns bool … … 1029 1042 } 1030 1043 1031 if ( $this-> getTokenSalt() !== false) {1044 if ( $this->needsToken() ) { 1032 1045 $ret[] = array( 'missingparam', 'token' ); 1033 1046 $ret[] = array( 'sessionfailure' ); … … 1180 1193 */ 1181 1194 public static function getBaseVersion() { 1182 return __CLASS__ . ': $Id: ApiBase.php 65319 2010-04-20 14:19:12Z demon$';1195 return __CLASS__ . ': $Id: ApiBase.php 79562 2011-01-04 06:15:54Z tstarling $'; 1183 1196 } 1184 1197 } -
trunk/w/includes/api/ApiBlock.php
r1484 r1881 176 176 } 177 177 178 public function needsToken() { 179 return true; 180 } 181 178 182 public function getTokenSalt() { 179 183 return ''; … … 188 192 189 193 public function getVersion() { 190 return __CLASS__ . ': $Id: ApiBlock.php 62766 2010-02-21 12:32:46Z ashley $';194 return __CLASS__ . ': $Id: ApiBlock.php 74217 2010-10-03 15:53:07Z reedy $'; 191 195 } 192 196 } -
trunk/w/includes/api/ApiDelete.php
r1484 r1881 231 231 } 232 232 233 public function needsToken() { 234 return true; 235 } 236 233 237 public function getTokenSalt() { 234 238 return ''; … … 243 247 244 248 public function getVersion() { 245 return __CLASS__ . ': $Id: ApiDelete.php 62703 2010-02-19 12:54:09Z ashley $';249 return __CLASS__ . ': $Id: ApiDelete.php 74217 2010-10-03 15:53:07Z reedy $'; 246 250 } 247 251 } -
trunk/w/includes/api/ApiEditPage.php
r1484 r1881 455 455 } 456 456 457 public function needsToken() { 458 return true; 459 } 460 457 461 public function getTokenSalt() { 458 462 return ''; … … 471 475 472 476 public function getVersion() { 473 return __CLASS__ . ': $Id: ApiEditPage.php 62600 2010-02-16 22:01:38Z reedy $';477 return __CLASS__ . ': $Id: ApiEditPage.php 74217 2010-10-03 15:53:07Z reedy $'; 474 478 } 475 479 } -
trunk/w/includes/api/ApiEmailUser.php
r1484 r1881 113 113 } 114 114 115 public function needsToken() { 116 return true; 117 } 118 115 119 public function getTokenSalt() { 116 120 return ''; … … 124 128 125 129 public function getVersion() { 126 return __CLASS__ . ': $Id: ApiEmailUser.php 62599 2010-02-16 21:59:16Z reedy $';130 return __CLASS__ . ': $Id: ApiEmailUser.php 74217 2010-10-03 15:53:07Z reedy $'; 127 131 } 128 132 } -
trunk/w/includes/api/ApiExpandTemplates.php
r1484 r1881 43 43 44 44 public function execute() { 45 // Cache may vary on $wgUser because ParserOptions gets data from it 46 $this->getMain()->setCacheMode( 'anon-public-user-private' ); 47 45 48 // Get parameters 46 49 $params = $this->extractRequestParams(); … … 107 110 108 111 public function getVersion() { 109 return __CLASS__ . ': $Id: ApiExpandTemplates.php 6 1437 2010-01-23 22:26:40Z reedy$';112 return __CLASS__ . ': $Id: ApiExpandTemplates.php 69932 2010-07-26 08:03:21Z tstarling $'; 110 113 } 111 114 } -
trunk/w/includes/api/ApiFeedWatchlist.php
r1484 r1881 192 192 193 193 public function getVersion() { 194 return __CLASS__ . ': $Id: ApiFeedWatchlist.php 6 2686 2010-02-19 01:25:57Z reedy$';194 return __CLASS__ . ': $Id: ApiFeedWatchlist.php 69357 2010-07-14 22:39:23Z mah $'; 195 195 } 196 196 } -
trunk/w/includes/api/ApiImport.php
r1484 r1881 150 150 } 151 151 152 public function needsToken() { 153 return true; 154 } 155 152 156 public function getTokenSalt() { 153 157 return ''; … … 162 166 163 167 public function getVersion() { 164 return __CLASS__ . ': $Id: ApiImport.php 62599 2010-02-16 21:59:16Z reedy $';168 return __CLASS__ . ': $Id: ApiImport.php 74217 2010-10-03 15:53:07Z reedy $'; 165 169 } 166 170 } -
trunk/w/includes/api/ApiLogout.php
r1484 r1881 76 76 77 77 public function getVersion() { 78 return __CLASS__ . ': $Id: ApiLogout.php 6 0930 2010-01-11 15:55:52Z simetrical$';78 return __CLASS__ . ': $Id: ApiLogout.php 69578 2010-07-20 02:46:20Z tstarling $'; 79 79 } 80 80 } -
trunk/w/includes/api/ApiMain.php
r1484 r1881 127 127 private $mInternalMode, $mSquidMaxage, $mModule; 128 128 129 private $mCacheControl = array( 'must-revalidate' => true ); 129 private $mCacheMode = 'private'; 130 private $mCacheControl = array(); 130 131 131 132 /** … … 224 225 225 226 /** 227 * Set the type of caching headers which will be sent. 228 * 229 * @param $mode One of: 230 * - 'public': Cache this object in public caches, if the maxage or smaxage 231 * parameter is set, or if setCacheMaxAge() was called. If a maximum age is 232 * not provided by any of these means, the object will be private. 233 * - 'private': Cache this object only in private client-side caches. 234 * - 'anon-public-user-private': Make this object cacheable for logged-out 235 * users, but private for logged-in users. IMPORTANT: If this is set, it must be 236 * set consistently for a given URL, it cannot be set differently depending on 237 * things like the contents of the database, or whether the user is logged in. 238 * 239 * If the wiki does not allow anonymous users to read it, the mode set here 240 * will be ignored, and private caching headers will always be sent. In other words, 241 * the "public" mode is equivalent to saying that the data sent is as public as a page 242 * view. 243 * 244 * For user-dependent data, the private mode should generally be used. The 245 * anon-public-user-private mode should only be used where there is a particularly 246 * good performance reason for caching the anonymous response, but where the 247 * response to logged-in users may differ, or may contain private data. 248 * 249 * If this function is never called, then the default will be the private mode. 250 */ 251 public function setCacheMode( $mode ) { 252 if ( !in_array( $mode, array( 'private', 'public', 'anon-public-user-private' ) ) ) { 253 wfDebug( __METHOD__.": unrecognised cache mode \"$mode\"\n" ); 254 // Ignore for forwards-compatibility 255 return; 256 } 257 258 if ( !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) ) { 259 // Private wiki, only private headers 260 if ( $mode !== 'private' ) { 261 wfDebug( __METHOD__.": ignoring request for $mode cache mode, private wiki\n" ); 262 return; 263 } 264 } 265 266 wfDebug( __METHOD__.": setting cache mode $mode\n" ); 267 $this->mCacheMode = $mode; 268 } 269 270 /** 271 * @deprecated Private caching is now the default, so there is usually no 272 * need to call this function. If there is a need, you can use 273 * $this->setCacheMode('private') 274 */ 275 public function setCachePrivate() { 276 $this->setCacheMode( 'private' ); 277 } 278 279 /** 226 280 * Set directives (key/value pairs) for the Cache-Control header. 227 281 * Boolean values will be formatted as such, by including or omitting 228 282 * without an equals sign. 283 * 284 * Cache control values set here will only be used if the cache mode is not 285 * private, see setCacheMode(). 229 286 */ 230 287 public function setCacheControl( $directives ) { 231 288 $this->mCacheControl = $directives + $this->mCacheControl; 289 } 290 291 /** 292 * Make sure Vary: Cookie and friends are set. Use this when the output of a request 293 * may be cached for anons but may not be cached for logged-in users. 294 * 295 * WARNING: This function must be called CONSISTENTLY for a given URL. This means that a 296 * given URL must either always or never call this function; if it sometimes does and 297 * sometimes doesn't, stuff will break. 298 * 299 * @deprecated Use setCacheMode( 'anon-public-user-private' ) 300 */ 301 public function setVaryCookie() { 302 $this->setCacheMode( 'anon-public-user-private' ); 232 303 } 233 304 … … 281 352 282 353 // Error results should not be cached 283 $this->setCacheM axAge( 0);354 $this->setCacheMode( 'private' ); 284 355 285 356 $headerStr = 'MediaWiki-API-Error: ' . $errCode; … … 297 368 } 298 369 370 // Send cache headers after any code which might generate an error, to 371 // avoid sending public cache headers for errors. 372 $this->sendCacheHeaders(); 373 374 if ( $this->mPrinter->getIsHtml() ) { 375 echo wfReportTime(); 376 } 377 378 ob_end_flush(); 379 } 380 381 protected function sendCacheHeaders() { 382 if ( $this->mCacheMode == 'private' ) { 383 header( 'Cache-Control: private' ); 384 return; 385 } 386 387 if ( $this->mCacheMode == 'anon-public-user-private' ) { 388 global $wgUseXVO, $wgOut; 389 header( 'Vary: Accept-Encoding, Cookie' ); 390 if ( $wgUseXVO ) { 391 header( $wgOut->getXVO() ); 392 if ( $wgOut->haveCacheVaryCookies() ) { 393 // Logged in, mark this request private 394 header( 'Cache-Control: private' ); 395 return; 396 } 397 // Logged out, send normal public headers below 398 } elseif ( session_id() != '' ) { 399 // Logged in or otherwise has session (e.g. anonymous users who have edited) 400 // Mark request private 401 header( 'Cache-Control: private' ); 402 return; 403 } // else no XVO and anonymous, send public headers below 404 } else /* if public */ { 405 // Give a debugging message if the user object is unstubbed on a public request 406 global $wgUser; 407 if ( !( $wgUser instanceof StubUser ) ) { 408 wfDebug( __METHOD__." \$wgUser is unstubbed on a public request!\n" ); 409 } 410 } 411 299 412 // If nobody called setCacheMaxAge(), use the (s)maxage parameters 300 413 if ( !isset( $this->mCacheControl['s-maxage'] ) ) { … … 305 418 } 306 419 307 // Set the cache expiration at the last moment, as any errors may change the expiration. 308 // if $this->mSquidMaxage == 0, the expiry time is set to the first second of unix epoch 309 $exp = min( $this->mCacheControl['s-maxage'], $this->mCacheControl['max-age'] ); 310 $expires = ( $exp == 0 ? 1 : time() + $exp ); 311 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $expires ) ); 420 if ( !$this->mCacheControl['s-maxage'] && !$this->mCacheControl['max-age'] ) { 421 // Public cache not requested 422 // Sending a Vary header in this case is harmless, and protects us 423 // against conditional calls of setCacheMaxAge(). 424 header( 'Cache-Control: private' ); 425 return; 426 } 427 428 $this->mCacheControl['public'] = true; 429 430 // Send an Expires header 431 $maxAge = min( $this->mCacheControl['s-maxage'], $this->mCacheControl['max-age'] ); 432 $expiryUnixTime = ( $maxAge == 0 ? 1 : time() + $maxAge ); 433 header( 'Expires: ' . wfTimestamp( TS_RFC2822, $expiryUnixTime ) ); 312 434 313 435 // Construct the Cache-Control header … … 327 449 328 450 header( "Cache-Control: $ccHeader" ); 329 330 if ( $this->mPrinter->getIsHtml() )331 echo wfReportTime();332 333 ob_end_flush();334 451 } 335 452 … … 447 564 448 565 global $wgUser, $wgGroupPermissions; 449 if ( $module->isReadMode() && ! $wgGroupPermissions['*']['read']&& !$wgUser->isAllowed( 'read' ) )566 if ( $module->isReadMode() && !in_array( 'read', User::getGroupPermissions( array( '*' ) ), true ) && !$wgUser->isAllowed( 'read' ) ) 450 567 $this->dieUsageMsg( array( 'readrequired' ) ); 451 568 if ( $module->isWriteMode() ) { … … 742 859 $vers = array (); 743 860 $vers[] = 'MediaWiki: ' . SpecialVersion::getVersion() . "\n http://svn.wikimedia.org/viewvc/mediawiki/trunk/phase3/"; 744 $vers[] = __CLASS__ . ': $Id: ApiMain.php 62810 2010-02-22 03:34:56Z mah$';861 $vers[] = __CLASS__ . ': $Id: ApiMain.php 70066 2010-07-28 05:52:32Z tstarling $'; 745 862 $vers[] = ApiBase :: getBaseVersion(); 746 863 $vers[] = ApiFormatBase :: getBaseVersion(); -
trunk/w/includes/api/ApiMove.php
r1484 r1881 220 220 } 221 221 222 public function needsToken() { 223 return true; 224 } 225 222 226 public function getTokenSalt() { 223 227 return ''; … … 231 235 232 236 public function getVersion() { 233 return __CLASS__ . ': $Id: ApiMove.php 62810 2010-02-22 03:34:56Z mah$';237 return __CLASS__ . ': $Id: ApiMove.php 74217 2010-10-03 15:53:07Z reedy $'; 234 238 } 235 239 } -
trunk/w/includes/api/ApiOpenSearch.php
r1484 r1881 57 57 // time 58 58 $this->getMain()->setCacheMaxAge( $wgSearchSuggestCacheExpiry ); 59 $this->getMain()->setCache Control( array( 'must-revalidate' => false ));59 $this->getMain()->setCacheMode( 'public' ); 60 60 61 61 $srchres = PrefixSearch::titleSearch( $search, $limit, … … 107 107 108 108 public function getVersion() { 109 return __CLASS__ . ': $Id: ApiOpenSearch.php 6 2544 2010-02-15 20:42:43Z catrope$';109 return __CLASS__ . ': $Id: ApiOpenSearch.php 69932 2010-07-26 08:03:21Z tstarling $'; 110 110 } 111 111 } -
trunk/w/includes/api/ApiParse.php
r1484 r1881 39 39 40 40 public function execute() { 41 // The data is hot but user-dependent, like page views, so we set vary cookies 42 $this->getMain()->setCacheMode( 'anon-public-user-private' ); 43 41 44 // Get parameters 42 45 $params = $this->extractRequestParams(); … … 324 327 325 328 public function getVersion() { 326 return __CLASS__ . ': $Id: ApiParse.php 6 2712 2010-02-19 18:28:52Z reedy$';329 return __CLASS__ . ': $Id: ApiParse.php 69932 2010-07-26 08:03:21Z tstarling $'; 327 330 } 328 331 } -
trunk/w/includes/api/ApiPatrol.php
r1484 r1881 93 93 } 94 94 95 public function needsToken() { 96 return true; 97 } 98 95 99 public function getTokenSalt() { 96 100 return ''; … … 104 108 105 109 public function getVersion() { 106 return __CLASS__ . ': $Id: ApiPatrol.php 62599 2010-02-16 21:59:16Z reedy $';110 return __CLASS__ . ': $Id: ApiPatrol.php 74217 2010-10-03 15:53:07Z reedy $'; 107 111 } 108 112 } -
trunk/w/includes/api/ApiProtect.php
r1484 r1881 185 185 } 186 186 187 public function needsToken() { 188 return true; 189 } 190 187 191 public function getTokenSalt() { 188 return null;192 return ''; 189 193 } 190 194 … … 197 201 198 202 public function getVersion() { 199 return __CLASS__ . ': $Id: ApiProtect.php 62557 2010-02-15 23:53:43Z reedy $';203 return __CLASS__ . ': $Id: ApiProtect.php 74217 2010-10-03 15:53:07Z reedy $'; 200 204 } 201 205 } -
trunk/w/includes/api/ApiPurge.php
r1484 r1881 118 118 119 119 public function getVersion() { 120 return __CLASS__ . ': $Id: ApiPurge.php 6 2402 2010-02-13 00:09:05Z reedy$';120 return __CLASS__ . ': $Id: ApiPurge.php 69578 2010-07-20 02:46:20Z tstarling $'; 121 121 } 122 122 } -
trunk/w/includes/api/ApiQuery.php
r1484 r1881 207 207 $this->InstantiateModules( $modules, 'meta', $this->mQueryMetaModules ); 208 208 209 $cacheMode = 'public'; 210 209 211 // If given, execute generator to substitute user supplied data with generated data. 210 212 if ( isset ( $this->params['generator'] ) ) { 211 $this->executeGeneratorModule( $this->params['generator'], $modules ); 213 $generator = $this->newGenerator( $this->params['generator'] ); 214 $params = $generator->extractRequestParams(); 215 $cacheMode = $this->mergeCacheMode( $cacheMode, 216 $generator->getCacheMode( $params ) ); 217 $this->executeGeneratorModule( $generator, $modules ); 212 218 } else { 213 219 // Append custom fields and populate page/revision information … … 221 227 // Execute all requested modules. 222 228 foreach ( $modules as $module ) { 229 $params = $module->extractRequestParams(); 230 $cacheMode = $this->mergeCacheMode( 231 $cacheMode, $module->getCacheMode( $params ) ); 223 232 $module->profileIn(); 224 233 $module->execute(); … … 226 235 $module->profileOut(); 227 236 } 237 238 // Set the cache mode 239 $this->getMain()->setCacheMode( $cacheMode ); 240 } 241 242 /** 243 * Update a cache mode string, applying the cache mode of a new module to it. 244 * The cache mode may increase in the level of privacy, but public modules 245 * added to private data do not decrease the level of privacy. 246 */ 247 protected function mergeCacheMode( $cacheMode, $modCacheMode ) { 248 if ( $modCacheMode === 'anon-public-user-private' ) { 249 if ( $cacheMode !== 'private' ) { 250 $cacheMode = 'anon-public-user-private'; 251 } 252 } elseif ( $modCacheMode === 'public' ) { 253 // do nothing, if it's public already it will stay public 254 } else { // private 255 $cacheMode = 'private'; 256 } 257 return $cacheMode; 228 258 } 229 259 … … 402 432 403 433 /** 404 * For generator mode, execute generator, and use its output as new 405 * ApiPageSet 406 * @param $generatorName string Module name 407 * @param $modules array of module objects 408 */ 409 protected function executeGeneratorModule( $generatorName, $modules ) { 434 * Create a generator object of the given type and return it 435 */ 436 public function newGenerator( $generatorName ) { 410 437 411 438 // Find class that implements requested generator … … 425 452 if ( !$generator instanceof ApiQueryGeneratorBase ) 426 453 $this->dieUsage( "Module $generatorName cannot be used as a generator", "badgenerator" ); 427 428 454 $generator->setGeneratorMode(); 455 return $generator; 456 } 457 458 /** 459 * For generator mode, execute generator, and use its output as new 460 * ApiPageSet 461 * @param $generatorName string Module name 462 * @param $modules array of module objects 463 */ 464 protected function executeGeneratorModule( $generator, $modules ) { 465 // Generator results 466 $resultPageSet = new ApiPageSet( $this, $this->redirects, $this->convertTitles ); 429 467 430 468 // Add any additional fields modules may need … … 579 617 $psModule = new ApiPageSet( $this ); 580 618 $vers = array (); 581 $vers[] = __CLASS__ . ': $Id: ApiQuery.php 6 2406 2010-02-13 00:48:31Z reedy$';619 $vers[] = __CLASS__ . ': $Id: ApiQuery.php 69932 2010-07-26 08:03:21Z tstarling $'; 582 620 $vers[] = $psModule->getVersion(); 583 621 return $vers; -
trunk/w/includes/api/ApiQueryAllCategories.php
r1484 r1881 43 43 public function execute() { 44 44 $this->run(); 45 } 46 47 public function getCacheMode( $params ) { 48 return 'public'; 45 49 } 46 50 … … 176 180 177 181 public function getVersion() { 178 return __CLASS__ . ': $Id: ApiQueryAllCategories.php 6 0930 2010-01-11 15:55:52Z simetrical$';182 return __CLASS__ . ': $Id: ApiQueryAllCategories.php 69932 2010-07-26 08:03:21Z tstarling $'; 179 183 } 180 184 } -
trunk/w/includes/api/ApiQueryAllLinks.php
r1484 r1881 42 42 public function execute() { 43 43 $this->run(); 44 } 45 46 public function getCacheMode( $params ) { 47 return 'public'; 44 48 } 45 49 … … 206 210 207 211 public function getVersion() { 208 return __CLASS__ . ': $Id: ApiQueryAllLinks.php 6 2409 2010-02-13 01:05:14Z reedy$';212 return __CLASS__ . ': $Id: ApiQueryAllLinks.php 69932 2010-07-26 08:03:21Z tstarling $'; 209 213 } 210 214 } -
trunk/w/includes/api/ApiQueryAllUsers.php
r1570 r1881 185 185 } 186 186 187 $db->freeResult( $res ); 187 if ( is_array( $lastUserData ) ) { 188 $fit = $result->addValue( array( 'query', $this->getModuleName() ), 189 null, $lastUserData ); 190 if ( !$fit ) { 191 $this->setContinueEnumParameter( 'from', 192 $this->keyToTitle( $lastUserData['name'] ) ); 193 } 194 } 188 195 189 196 $result->setIndexedTagName_internal( array( 'query', $this->getModuleName() ), 'u' ); 197 } 198 199 public function getCacheMode( $params ) { 200 return 'public'; 190 201 } 191 202 … … 241 252 242 253 public function getVersion() { 243 return __CLASS__ . ': $Id: ApiQueryAllUsers.php 66947 2010-05-27 07:42:20Z tstarling $';254 return __CLASS__ . ': $Id: ApiQueryAllUsers.php 79562 2011-01-04 06:15:54Z tstarling $'; 244 255 } 245 256 } -
trunk/w/includes/api/ApiQueryAllimages.php
r1484 r1881 54 54 public function execute() { 55 55 $this->run(); 56 } 57 58 public function getCacheMode( $params ) { 59 return 'public'; 56 60 } 57 61 … … 213 217 214 218 public function getVersion() { 215 return __CLASS__ . ': $Id: ApiQueryAllimages.php 6 2406 2010-02-13 00:48:31Z reedy$';219 return __CLASS__ . ': $Id: ApiQueryAllimages.php 69932 2010-07-26 08:03:21Z tstarling $'; 216 220 } 217 221 } -
trunk/w/includes/api/ApiQueryAllmessages.php
r1484 r1881 121 121 } 122 122 123 public function getCacheMode( $params ) { 124 if ( is_null( $params['lang'] ) ) { 125 // Language not specified, will be fetched from preferences 126 return 'anon-public-user-private'; 127 } elseif ( $params['enableparser'] ) { 128 // User-specific parser options will be used 129 return 'anon-public-user-private'; 130 } else { 131 // OK to cache 132 return 'public'; 133 } 134 } 135 123 136 public function getAllowedParams() { 124 137 return array ( … … 168 181 169 182 public function getVersion() { 170 return __CLASS__ . ': $Id: ApiQueryAllmessages.php 6 2535 2010-02-15 18:47:32Z catrope$';183 return __CLASS__ . ': $Id: ApiQueryAllmessages.php 69932 2010-07-26 08:03:21Z tstarling $'; 171 184 } 172 185 } -
trunk/w/includes/api/ApiQueryAllpages.php
r1484 r1881 42 42 public function execute() { 43 43 $this->run(); 44 } 45 46 public function getCacheMode( $params ) { 47 return 'public'; 44 48 } 45 49 … … 283 287 284 288 public function getVersion() { 285 return __CLASS__ . ': $Id: ApiQueryAllpages.php 6 2406 2010-02-13 00:48:31Z reedy$';289 return __CLASS__ . ': $Id: ApiQueryAllpages.php 69932 2010-07-26 08:03:21Z tstarling $'; 286 290 } 287 291 } -
trunk/w/includes/api/ApiQueryBacklinks.php
r1484 r1881 91 91 public function execute() { 92 92 $this->run(); 93 } 94 95 public function getCacheMode( $params ) { 96 return 'public'; 93 97 } 94 98 … … 484 488 485 489 public function getVersion() { 486 return __CLASS__ . ': $Id: ApiQueryBacklinks.php 6 2461 2010-02-14 14:29:24Z reedy$';490 return __CLASS__ . ': $Id: ApiQueryBacklinks.php 69932 2010-07-26 08:03:21Z tstarling $'; 487 491 } 488 492 } -
trunk/w/includes/api/ApiQueryBase.php
r1484 r1881 45 45 $this->mDb = null; 46 46 $this->resetQueryParams(); 47 } 48 49 /** 50 * Get the cache mode for the data generated by this module. Override this 51 * in the module subclass. 52 * 53 * Public caching will only be allowed if *all* the modules that supply 54 * data for a given request return a cache mode of public. 55 */ 56 public function getCacheMode( $params ) { 57 return 'private'; 47 58 } 48 59 … … 421 432 */ 422 433 public static function getBaseVersion() { 423 return __CLASS__ . ': $Id: ApiQueryBase.php 6 2461 2010-02-14 14:29:24Z reedy$';434 return __CLASS__ . ': $Id: ApiQueryBase.php 69932 2010-07-26 08:03:21Z tstarling $'; 424 435 } 425 436 } -
trunk/w/includes/api/ApiQueryBlocks.php
r1484 r1881 279 279 280 280 public function getVersion() { 281 return __CLASS__ . ': $Id: ApiQueryBlocks.php 6 2513 2010-02-15 12:20:52Z catrope$';281 return __CLASS__ . ': $Id: ApiQueryBlocks.php 69578 2010-07-20 02:46:20Z tstarling $'; 282 282 } 283 283 } -
trunk/w/includes/api/ApiQueryCategories.php
r1484 r1881 42 42 public function execute() { 43 43 $this->run(); 44 } 45 46 public function getCacheMode( $params ) { 47 return 'public'; 44 48 } 45 49 … … 235 239 236 240 public function getVersion() { 237 return __CLASS__ . ': $Id: ApiQueryCategories.php 6 2466 2010-02-14 15:19:45Z reedy$';241 return __CLASS__ . ': $Id: ApiQueryCategories.php 69932 2010-07-26 08:03:21Z tstarling $'; 238 242 } 239 243 } -
trunk/w/includes/api/ApiQueryCategoryInfo.php
r1484 r1881 100 100 } 101 101 102 public function getCacheMode( $params ) { 103 return 'public'; 104 } 105 102 106 public function getAllowedParams() { 103 107 return array ( … … 121 125 122 126 public function getVersion() { 123 return __CLASS__ . ': $Id: ApiQueryCategoryInfo.php 6 1437 2010-01-23 22:26:40Z reedy$';127 return __CLASS__ . ': $Id: ApiQueryCategoryInfo.php 69932 2010-07-26 08:03:21Z tstarling $'; 124 128 } 125 129 } -
trunk/w/includes/api/ApiQueryCategoryMembers.php
r1484 r1881 42 42 public function execute() { 43 43 $this->run(); 44 } 45 46 public function getCacheMode( $params ) { 47 return 'public'; 44 48 } 45 49 … … 295 299 296 300 public function getVersion() { 297 return __CLASS__ . ': $Id: ApiQueryCategoryMembers.php 6 2410 2010-02-13 01:21:52Z reedy$';301 return __CLASS__ . ': $Id: ApiQueryCategoryMembers.php 69932 2010-07-26 08:03:21Z tstarling $'; 298 302 } 299 303 } -
trunk/w/includes/api/ApiQueryDeletedrevs.php
r1484 r1881 339 339 340 340 public function getVersion() { 341 return __CLASS__ . ': $Id: ApiQueryDeletedrevs.php 6 2410 2010-02-13 01:21:52Z reedy$';341 return __CLASS__ . ': $Id: ApiQueryDeletedrevs.php 69578 2010-07-20 02:46:20Z tstarling $'; 342 342 } 343 343 } -
trunk/w/includes/api/ApiQueryDuplicateFiles.php
r1484 r1881 42 42 public function execute() { 43 43 $this->run(); 44 } 45 46 public function getCacheMode( $params ) { 47 return 'public'; 44 48 } 45 49 … … 163 167 164 168 public function getVersion() { 165 return __CLASS__ . ': $Id: ApiQueryDuplicateFiles.php 6 2414 2010-02-13 01:38:12Z reedy$';169 return __CLASS__ . ': $Id: ApiQueryDuplicateFiles.php 69932 2010-07-26 08:03:21Z tstarling $'; 166 170 } 167 171 } -
trunk/w/includes/api/ApiQueryExtLinksUsage.php
r1484 r1881 40 40 public function execute() { 41 41 $this->run(); 42 } 43 44 public function getCacheMode( $params ) { 45 return 'public'; 42 46 } 43 47 … … 217 221 218 222 public function getVersion() { 219 return __CLASS__ . ': $Id: ApiQueryExtLinksUsage.php 6 2406 2010-02-13 00:48:31Z reedy$';223 return __CLASS__ . ': $Id: ApiQueryExtLinksUsage.php 69932 2010-07-26 08:03:21Z tstarling $'; 220 224 } 221 225 } -
trunk/w/includes/api/ApiQueryExternalLinks.php
r1484 r1881 84 84 } 85 85 86 public function getCacheMode( $params ) { 87 return 'public'; 88 } 89 86 90 public function getAllowedParams() { 87 91 return array( … … 116 120 117 121 public function getVersion() { 118 return __CLASS__ . ': $Id: ApiQueryExternalLinks.php 6 1444 2010-01-23 22:52:40Z reedy$';122 return __CLASS__ . ': $Id: ApiQueryExternalLinks.php 69932 2010-07-26 08:03:21Z tstarling $'; 119 123 } 120 124 } -
trunk/w/includes/api/ApiQueryImageInfo.php
r1484 r1881 245 245 } 246 246 247 public function getCacheMode( $params ) { 248 return 'public'; 249 } 250 247 251 private function getContinueStr( $img ) 248 252 { … … 335 339 336 340 public function getVersion() { 337 return __CLASS__ . ': $Id: ApiQueryImageInfo.php 6 2415 2010-02-13 01:41:37Z reedy$';341 return __CLASS__ . ': $Id: ApiQueryImageInfo.php 69932 2010-07-26 08:03:21Z tstarling $'; 338 342 } 339 343 } -
trunk/w/includes/api/ApiQueryImages.php
r1484 r1881 123 123 } 124 124 125 public function getCacheMode( $params ) { 126 return 'public'; 127 } 128 125 129 public function getAllowedParams() { 126 130 return array( … … 163 167 164 168 public function getVersion() { 165 return __CLASS__ . ': $Id: ApiQueryImages.php 6 2414 2010-02-13 01:38:12Z reedy$';169 return __CLASS__ . ': $Id: ApiQueryImages.php 69932 2010-07-26 08:03:21Z tstarling $'; 166 170 } 167 171 } -
trunk/w/includes/api/ApiQueryInfo.php
r1484 r1881 523 523 524 524 /** 525 * Get information about watched status and put it in $ watched525 * Get information about watched status and put it in $this->watched 526 526 */ 527 527 private function getWatchedInfo() … … 554 554 } 555 555 556 public function getCacheMode( $params ) { 557 $publicProps = array( 558 'protection', 559 'talkid', 560 'subjectid', 561 'url', 562 'preload', 563 ); 564 if ( !is_null( $params['prop'] ) ) { 565 foreach ( $params['prop'] as $prop ) { 566 if ( !in_array( $prop, $publicProps ) ) { 567 return 'private'; 568 } 569 } 570 } 571 if ( !is_null( $params['token'] ) ) { 572 return 'private'; 573 } 574 return 'public'; 575 } 576 556 577 public function getAllowedParams() { 557 578 return array ( … … 562 583 'protection', 563 584 'talkid', 564 'watched', 585 'watched', # private 565 586 'subjectid', 566 587 'url', 567 'readable', 588 'readable', # private 568 589 'preload' 590 // If you add more properties here, please consider whether they 591 // need to be added to getCacheMode() 569 592 ) ), 570 593 'token' => array ( … … 612 635 613 636 public function getVersion() { 614 return __CLASS__ . ': $Id: ApiQueryInfo.php 6 2415 2010-02-13 01:41:37Z reedy$';637 return __CLASS__ . ': $Id: ApiQueryInfo.php 69932 2010-07-26 08:03:21Z tstarling $'; 615 638 } 616 639 } -
trunk/w/includes/api/ApiQueryLangLinks.php
r1484 r1881 94 94 } 95 95 96 public function getCacheMode( $params ) { 97 return 'public'; 98 } 99 96 100 public function getAllowedParams() { 97 101 return array( … … 132 136 133 137 public function getVersion() { 134 return __CLASS__ . ': $Id: ApiQueryLangLinks.php 6 2414 2010-02-13 01:38:12Z reedy$';138 return __CLASS__ . ': $Id: ApiQueryLangLinks.php 69932 2010-07-26 08:03:21Z tstarling $'; 135 139 } 136 140 } -
trunk/w/includes/api/ApiQueryLinks.php
r1484 r1881 63 63 public function execute() { 64 64 $this->run(); 65 } 66 67 public function getCacheMode( $params ) { 68 return 'public'; 65 69 } 66 70 … … 205 209 206 210 public function getVersion() { 207 return __CLASS__ . ': $Id: ApiQueryLinks.php 6 1444 2010-01-23 22:52:40Z reedy$';211 return __CLASS__ . ': $Id: ApiQueryLinks.php 69932 2010-07-26 08:03:21Z tstarling $'; 208 212 } 209 213 } -
trunk/w/includes/api/ApiQueryLogEvents.php
r1484 r1881 286 286 } 287 287 288 public function getCacheMode( $params ) { 289 if ( !is_null( $params['prop'] ) && in_array( 'parsedcomment', $params['prop'] ) ) { 290 // formatComment() calls wfMsg() among other things 291 return 'anon-public-user-private'; 292 } else { 293 return 'public'; 294 } 295 } 296 288 297 public function getAllowedParams() { 289 298 global $wgLogTypes; … … 365 374 366 375 public function getVersion() { 367 return __CLASS__ . ': $Id: ApiQueryLogEvents.php 6 2406 2010-02-13 00:48:31Z reedy$';376 return __CLASS__ . ': $Id: ApiQueryLogEvents.php 69932 2010-07-26 08:03:21Z tstarling $'; 368 377 } 369 378 } -
trunk/w/includes/api/ApiQueryProtectedTitles.php
r1484 r1881 127 127 } 128 128 129 public function getCacheMode( $params ) { 130 if ( !is_null( $params['prop'] ) && in_array( 'parsedcomment', $params['prop'] ) ) { 131 // formatComment() calls wfMsg() among other things 132 return 'anon-public-user-private'; 133 } else { 134 return 'public'; 135 } 136 } 137 129 138 public function getAllowedParams() { 130 139 global $wgRestrictionLevels; … … 196 205 197 206 public function getVersion() { 198 return __CLASS__ . ': $Id: ApiQueryProtectedTitles.php 6 1761 2010-01-31 23:06:35Z reedy$';207 return __CLASS__ . ': $Id: ApiQueryProtectedTitles.php 69932 2010-07-26 08:03:21Z tstarling $'; 199 208 } 200 209 } -
trunk/w/includes/api/ApiQueryRandom.php
r1484 r1881 122 122 } 123 123 124 public function getCacheMode( $params ) { 125 return 'public'; 126 } 127 124 128 public function getAllowedParams() { 125 129 return array ( -
trunk/w/includes/api/ApiQueryRecentChanges.php
r1484 r1881 423 423 } 424 424 425 public function getCacheMode( $params ) { 426 if ( isset( $params['show'] ) ) { 427 foreach ( $params['show'] as $show ) { 428 if ( $show === 'patrolled' || $show === '!patrolled' ) { 429 return 'private'; 430 } 431 } 432 } 433 if ( isset( $params['token'] ) ) { 434 return 'private'; 435 } 436 if ( !is_null( $params['prop'] ) && in_array( 'parsedcomment', $params['prop'] ) ) { 437 // formatComment() calls wfMsg() among other things 438 return 'anon-public-user-private'; 439 } 440 return 'public'; 441 } 442 425 443 public function getAllowedParams() { 426 444 return array ( … … 543 561 544 562 public function getVersion() { 545 return __CLASS__ . ': $Id: ApiQueryRecentChanges.php 6 2466 2010-02-14 15:19:45Z reedy$';563 return __CLASS__ . ': $Id: ApiQueryRecentChanges.php 69932 2010-07-26 08:03:21Z tstarling $'; 546 564 } 547 565 } -
trunk/w/includes/api/ApiQueryRevisions.php
r1484 r1881 126 126 127 127 $db = $this->getDB(); 128 $this->addTables( array( 'page', 'revision' ));128 $this->addTables( 'page' ); 129 129 $this->addFields( Revision::selectFields() ); 130 130 $this->addWhere( 'page_id = rev_page' ); … … 189 189 $this->section = false; 190 190 } 191 192 //Bug 24166 - API error when using rvprop=tags 193 $this->addTables( 'revision' ); 191 194 192 195 $userMax = ( $this->fld_content ? ApiBase::LIMIT_SML1 : ApiBase::LIMIT_BIG1 ); … … 465 468 } 466 469 470 public function getCacheMode( $params ) { 471 if ( isset( $params['token'] ) ) { 472 return 'private'; 473 } 474 if ( !is_null( $params['prop'] ) && in_array( 'parsedcomment', $params['prop'] ) ) { 475 // formatComment() calls wfMsg() among other things 476 return 'anon-public-user-private'; 477 } 478 return 'public'; 479 } 480 467 481 public function getAllowedParams() { 468 482 return array ( … … 593 607 594 608 public function getVersion() { 595 return __CLASS__ . ': $Id: ApiQueryRevisions.php 62461 2010-02-14 14:29:24Z reedy $';609 return __CLASS__ . ': $Id: ApiQueryRevisions.php 72117 2010-09-01 16:50:07Z reedy $'; 596 610 } 597 611 } -
trunk/w/includes/api/ApiQuerySearch.php
r1484 r1881 156 156 } 157 157 158 public function getCacheMode( $params ) { 159 return 'public'; 160 } 161 158 162 public function getAllowedParams() { 159 163 return array ( … … 235 239 236 240 public function getVersion() { 237 return __CLASS__ . ': $Id: ApiQuerySearch.php 6 2412 2010-02-13 01:28:26Z reedy$';241 return __CLASS__ . ': $Id: ApiQuerySearch.php 69932 2010-07-26 08:03:21Z tstarling $'; 238 242 } 239 243 } -
trunk/w/includes/api/ApiQuerySiteinfo.php
r1484 r1881 422 422 } 423 423 424 public function getCacheMode( $params ) { 425 return 'public'; 426 } 424 427 425 428 public function getAllowedParams() { … … 498 501 499 502 public function getVersion() { 500 return __CLASS__ . ': $Id: ApiQuerySiteinfo.php 6 2406 2010-02-13 00:48:31Z reedy$';503 return __CLASS__ . ': $Id: ApiQuerySiteinfo.php 69932 2010-07-26 08:03:21Z tstarling $'; 501 504 } 502 505 } -
trunk/w/includes/api/ApiQueryTags.php
r1484 r1881 130 130 } 131 131 132 public function getCacheMode( $params ) { 133 return 'public'; 134 } 135 132 136 public function getAllowedParams() { 133 137 return array ( … … 173 177 174 178 public function getVersion() { 175 return __CLASS__ . ': $Id: ApiQueryTags.php 6 1442 2010-01-23 22:47:49Z reedy$';179 return __CLASS__ . ': $Id: ApiQueryTags.php 69932 2010-07-26 08:03:21Z tstarling $'; 176 180 } 177 181 } -
trunk/w/includes/api/ApiQueryUserContributions.php
r1484 r1881 339 339 } 340 340 341 public function getCacheMode( $params ) { 342 // This module provides access to deleted revisions and patrol flags if 343 // the requester is logged in 344 return 'anon-public-user-private'; 345 } 346 341 347 public function getAllowedParams() { 342 348 return array ( … … 436 442 437 443 public function getVersion() { 438 return __CLASS__ . ': $Id: ApiQueryUserContributions.php 6 2466 2010-02-14 15:19:45Z reedy$';444 return __CLASS__ . ': $Id: ApiQueryUserContributions.php 69932 2010-07-26 08:03:21Z tstarling $'; 439 445 } 440 446 } -
trunk/w/includes/api/ApiQueryUserInfo.php
r1484 r1881 201 201 202 202 public function getVersion() { 203 return __CLASS__ . ': $Id: ApiQueryUserInfo.php 6 1437 2010-01-23 22:26:40Z reedy$';203 return __CLASS__ . ': $Id: ApiQueryUserInfo.php 69578 2010-07-20 02:46:20Z tstarling $'; 204 204 } 205 205 } -
trunk/w/includes/api/ApiQueryUsers.php
r1484 r1881 208 208 } 209 209 210 public function getCacheMode( $params ) { 211 if ( isset( $params['token'] ) ) { 212 return 'private'; 213 } else { 214 return 'public'; 215 } 216 } 217 210 218 public function getAllowedParams() { 211 219 return array ( … … 257 265 258 266 public function getVersion() { 259 return __CLASS__ . ': $Id: ApiQueryUsers.php 6 1437 2010-01-23 22:26:40Z reedy$';267 return __CLASS__ . ': $Id: ApiQueryUsers.php 69932 2010-07-26 08:03:21Z tstarling $'; 260 268 } 261 269 } -
trunk/w/includes/api/ApiQueryWatchlist.php
r1484 r1881 155 155 } 156 156 157 // Check permissions. FIXME: should this check $user instead of $wgUser?157 // Check permissions. 158 158 if ( ( isset( $show['patrolled'] ) || isset( $show['!patrolled'] ) ) && !$wgUser->useRCPatrol() && !$wgUser->useNPPatrol() ) 159 159 $this->dieUsage( "You need the patrol right to request the patrolled flag", 'permissiondenied' ); … … 398 398 399 399 public function getVersion() { 400 return __CLASS__ . ': $Id: ApiQueryWatchlist.php 6 2466 2010-02-14 15:19:45Z reedy$';400 return __CLASS__ . ': $Id: ApiQueryWatchlist.php 69932 2010-07-26 08:03:21Z tstarling $'; 401 401 } 402 402 } -
trunk/w/includes/api/ApiQueryWatchlistRaw.php
r1484 r1881 187 187 188 188 public function getVersion() { 189 return __CLASS__ . ': $Id: ApiQueryWatchlistRaw.php 6 2466 2010-02-14 15:19:45Z reedy$';189 return __CLASS__ . ': $Id: ApiQueryWatchlistRaw.php 69578 2010-07-20 02:46:20Z tstarling $'; 190 190 } 191 191 } -
trunk/w/includes/api/ApiUnblock.php
r1484 r1881 117 117 } 118 118 119 public function needsToken() { 120 return true; 121 } 122 119 123 public function getTokenSalt() { 120 124 return ''; … … 129 133 130 134 public function getVersion() { 131 return __CLASS__ . ': $Id: ApiUnblock.php 62599 2010-02-16 21:59:16Z reedy $';135 return __CLASS__ . ': $Id: ApiUnblock.php 74217 2010-10-03 15:53:07Z reedy $'; 132 136 } 133 137 } -
trunk/w/includes/api/ApiUndelete.php
r1484 r1881 126 126 } 127 127 128 public function needsToken() { 129 return true; 130 } 131 128 132 public function getTokenSalt() { 129 133 return ''; … … 138 142 139 143 public function getVersion() { 140 return __CLASS__ . ': $Id: ApiUndelete.php 62599 2010-02-16 21:59:16Z reedy $';144 return __CLASS__ . ': $Id: ApiUndelete.php 74217 2010-10-03 15:53:07Z reedy $'; 141 145 } 142 146 } -
trunk/w/includes/api/ApiUpload.php
r1484 r1881 307 307 } 308 308 309 public function needsToken() { 310 return true; 311 } 312 309 313 public function getTokenSalt() { 310 314 return ''; -
trunk/w/includes/api/ApiUserrights.php
r1484 r1881 102 102 ) ); 103 103 } 104 105 public function needsToken() { 106 return true; 107 } 104 108 105 109 public function getTokenSalt() { … … 124 128 125 129 public function getVersion() { 126 return __CLASS__ . ': $Id: ApiUserrights.php 62686 2010-02-19 01:25:57Z reedy $';130 return __CLASS__ . ': $Id: ApiUserrights.php 74217 2010-10-03 15:53:07Z reedy $'; 127 131 } 128 132 } -
trunk/w/includes/api/ApiWatch.php
r1484 r1881 109 109 110 110 public function getVersion() { 111 return __CLASS__ . ': $Id: ApiWatch.php 6 2404 2010-02-13 00:28:27Z reedy$';111 return __CLASS__ . ': $Id: ApiWatch.php 69578 2010-07-20 02:46:20Z tstarling $'; 112 112 } 113 113 } -
trunk/w/includes/db/DatabaseOracle.php
r1570 r1881 768 768 function duplicateTableStructure( $oldName, $newName, $temporary = false, $fname = 'DatabaseOracle::duplicateTableStructure' ) { 769 769 $temporary = $temporary ? 'TRUE' : 'FALSE'; 770 return $this->query( 'BEGIN DUPLICATE_TABLE(\'' . $oldName . '\', \'' . $newName . '\', ' . $temporary . '); END;', $fname ); 770 $oldName = trim(strtoupper($oldName), '"'); 771 $oldParts = explode('_', $oldName); 772 773 $newName = trim(strtoupper($newName), '"'); 774 $newParts = explode('_', $newName); 775 776 $oldPrefix = ''; 777 $newPrefix = ''; 778 for ($i = count($oldParts)-1; $i >= 0; $i--) { 779 if ($oldParts[$i] != $newParts[$i]) { 780 $oldPrefix = implode('_', $oldParts).'_'; 781 $newPrefix = implode('_', $newParts).'_'; 782 break; 783 } 784 unset($oldParts[$i]); 785 unset($newParts[$i]); 786 } 787 788 $tabName = substr($oldName, strlen($oldPrefix)); 789 790 return $this->query( 'BEGIN DUPLICATE_TABLE(\'' . $tabName . '\', \'' . $oldPrefix . '\', \''.$newPrefix.'\', ' . $temporary . '); END;', $fname ); 771 791 } 772 792 … … 856 876 } 857 877 858 $fieldInfoStmt = oci_parse( $this->mConn, 'SELECT * FROM '.$this->tableName('wiki_field_info_full').'WHERE table_name '.$tableWhere.' and column_name = \''.$field.'\'' );878 $fieldInfoStmt = oci_parse( $this->mConn, 'SELECT * FROM wiki_field_info_full WHERE table_name '.$tableWhere.' and column_name = \''.$field.'\'' ); 859 879 if ( oci_execute( $fieldInfoStmt, OCI_DEFAULT ) === false ) { 860 880 $e = oci_error( $fieldInfoStmt ); -
trunk/w/includes/diff/DifferenceInterface.php
r1570 r1881 113 113 wfProfileIn( __METHOD__ ); 114 114 115 # Allow frames except in certain special cases 116 $wgOut->allowClickjacking(); 115 117 116 118 # If external diffs are enabled both globally and for the user, … … 200 202 $editable = $this->mNewRev->getTitle()->userCan( 'edit' ); 201 203 if ( $editable && $this->mNewRev->isCurrent() && $wgUser->isAllowed( 'rollback' ) ) { 204 $wgOut->preventClickjacking(); 202 205 $rollback = ' ' . $sk->generateRollback( $this->mNewRev ); 203 206 } else { -
trunk/w/includes/json/Services_JSON.php
r1570 r1881 51 51 * @author Brett Stimmerman <brettstimmerman[at]gmail[dot]com> 52 52 * @copyright 2005 Michal Migurski 53 * @version CVS: $Id: Services_JSON.php 65683 2010-04-30 05:56:15Z tstarling $53 * @version CVS: $Id: Services_JSON.php 79562 2011-01-04 06:15:54Z tstarling $ 54 54 * @license http://www.opensource.org/licenses/bsd-license.php 55 55 * @see http://pear.php.net/pepr/pepr-proposal-show.php?id=198 -
trunk/w/includes/search/SearchSqlite.php
r1484 r1881 324 324 325 325 $dbw->update( 'searchindex', 326 array( 'si_title' => $title ), 326 327 array( 'rowid' => $id ), 327 array( 'si_title' => $title ),328 328 __METHOD__ ); 329 329 } -
trunk/w/includes/specials/SpecialAllpages.php
r1484 r1881 41 41 $this->setHeaders(); 42 42 $this->outputHeader(); 43 $wgOut->allowClickjacking(); 43 44 44 45 # GET values -
trunk/w/includes/specials/SpecialCategories.php
r1484 r1881 13 13 $from = $par; 14 14 } 15 $wgOut->allowClickjacking(); 15 16 $cap = new CategoryPager( $from ); 16 17 $cap->doQuery(); -
trunk/w/includes/specials/SpecialContributions.php
r1484 r1881 108 108 ); 109 109 } 110 $wgOut->preventClickjacking( $pager->getPreventClickjacking() ); 110 111 111 112 … … 429 430 var $messages, $target; 430 431 var $namespace = '', $mDb; 432 var $preventClickjacking = false; 431 433 432 434 function __construct( $target, $namespace = false, $year = false, $month = false, $tagFilter = false ) { … … 566 568 && $page->quickUserCan( 'edit' ) ) 567 569 { 570 $this->preventClickjacking(); 568 571 $topmarktext .= ' '.$sk->generateRollback( $rev ); 569 572 } … … 672 675 } 673 676 677 protected function preventClickjacking() { 678 $this->preventClickjacking = true; 679 } 680 681 public function getPreventClickjacking() { 682 return $this->preventClickjacking; 683 } 674 684 } -
trunk/w/includes/specials/SpecialLinkSearch.php
r1484 r1881 45 45 } 46 46 47 $wgOut->allowClickjacking(); 48 47 49 $self = Title::makeTitle( NS_SPECIAL, 'Linksearch' ); 48 50 49 51 $wgOut->addWikiMsg( 'linksearch-text', '<nowiki>' . $wgLang->commaList( $wgUrlProtocols ) . '</nowiki>' ); 50 52 $s = Xml::openElement( 'form', array( 'id' => 'mw-linksearch-form', 'method' => 'get', 'action' => $GLOBALS['wgScript'] ) ) . -
trunk/w/includes/specials/SpecialSearch.php
r1484 r1881 365 365 // add javascript specific to special:search 366 366 $wgOut->addScriptFile( 'search.js' ); 367 $wgOut->allowClickjacking(); 367 368 } 368 369 -
trunk/w/includes/specials/SpecialSpecialpages.php
r1484 r1881 14 14 15 15 $wgOut->setRobotPolicy( 'noindex,nofollow' ); # Is this really needed? 16 $wgOut->allowClickjacking(); 16 17 $sk = $wgUser->getSkin(); 17 18 -
trunk/w/includes/specials/SpecialUpload.php
r1778 r1881 24 24 25 25 /** Misc variables **/ 26 p rotected$mRequest; // The WebRequest or FauxRequest this form is supposed to handle27 p rotected$mSourceType;28 p rotected$mUpload;29 p rotected$mLocalFile;30 p rotected$mUploadClicked;26 public $mRequest; // The WebRequest or FauxRequest this form is supposed to handle 27 public $mSourceType; 28 public $mUpload; 29 public $mLocalFile; 30 public $mUploadClicked; 31 31 32 32 /** User input variables from the "description" section **/ 33 public $mDesiredDestName; // The requested target file name 34 /** Xiping.Wang fix #162 **/ 33 public $mDesiredDestName; // The requested target file name 35 34 public $mComment; 36 p rotected$mLicense;37 35 public $mLicense; 36 38 37 /** User input variables from the root section **/ 39 p rotected$mIgnoreWarning;40 p rotected$mWatchThis;41 p rotected$mCopyrightStatus;42 p rotected$mCopyrightSource;38 public $mIgnoreWarning; 39 public $mWatchThis; 40 public $mCopyrightStatus; 41 public $mCopyrightSource; 43 42 44 43 /** Hidden variables **/ 45 p rotected$mDestWarningAck;46 p rotected$mForReUpload; // The user followed an "overwrite this file" link47 p rotected$mCancelUpload; // The user clicked "Cancel and return to upload form" button48 p rotected$mTokenOk;49 p rotected$mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded50 44 public $mDestWarningAck; 45 public $mForReUpload; // The user followed an "overwrite this file" link 46 public $mCancelUpload; // The user clicked "Cancel and return to upload form" button 47 public $mTokenOk; 48 public $mUploadSuccessful = false; // Subclasses can use this to determine whether a file was uploaded 49 51 50 /** Text injection points for hooks not using HTMLForm **/ 52 51 public $uploadFormTextTop; … … 886 885 ? 'filereuploadsummary' 887 886 : 'fileuploadsummary', 888 'cols' => 45,887 'cols' => $cols, 889 888 'rows' => 8, 890 889 ) … … 1005 1004 'wgAjaxUploadDestCheck' => $useAjaxDestCheck, 1006 1005 'wgAjaxLicensePreview' => $useAjaxLicensePreview, 1007 'wgUploadAutoFill' => !$this->mForReUpload, 1006 'wgUploadAutoFill' => !$this->mForReUpload && 1007 // If we received mDestFile from the request, don't autofill 1008 // the wpDestFile textbox 1009 $this->mDestFile === '', 1008 1010 'wgUploadSourceIds' => $this->mSourceIds, 1009 1011 ); -
trunk/w/includes/specials/SpecialVersion.php
r1484 r1881 33 33 $this->setHeaders(); 34 34 $this->outputHeader(); 35 $wgOut->allowClickjacking(); 35 36 36 37 $wgOut->addHTML( Xml::openElement( 'div', -
trunk/w/profileinfo.php
r1484 r1881 66 66 67 67 if ( !$wgEnableProfileInfo ) { 68 echo "disabled\n"; 68 echo "<p>Disabled</p>\n"; 69 echo "</body></html>"; 69 70 exit( 1 ); 70 71 } … … 103 104 if ( !$ex ) { 104 105 if ( count( $this->children ) ) { 105 $url = makeurl( false, false, $expand + array( $this->name() => true ) );106 $url = getEscapedProfileUrl( false, false, $expand + array( $this->name() => true ) ); 106 107 $extet = " <a href=\"$url\">[+]</a>"; 107 108 } else $extet = ''; … … 112 113 $e += array( $name => $ep ); 113 114 114 $extet = " <a href=\"" . makeurl( false, false, $e ) . "\">[–]</a>";115 $extet = " <a href=\"" . getEscapedProfileUrl( false, false, $e ) . "\">[–]</a>"; 115 116 } 116 117 ?> … … 231 232 <table cellspacing="0" border="1"> 232 233 <tr id="top"> 233 <th><a href="<?php echo makeurl( false, 'name' ) ?>">Name</a></th>234 <th><a href="<?php echo makeurl( false, 'time' ) ?>">Time (%)</a></th>235 <th><a href="<?php echo makeurl( false, 'memory' ) ?>">Memory (%)</a></th>236 <th><a href="<?php echo makeurl( false, 'count' ) ?>">Count</a></th>237 <th><a href="<?php echo makeurl( false, 'calls_per_req' ) ?>">Calls/req</a></th>238 <th><a href="<?php echo makeurl( false, 'time_per_call' ) ?>">ms/call</a></th>239 <th><a href="<?php echo makeurl( false, 'memory_per_call' ) ?>">kb/call</a></th>240 <th><a href="<?php echo makeurl( false, 'time_per_req' ) ?>">ms/req</a></th>241 <th><a href="<?php echo makeurl( false, 'memory_per_req' ) ?>">kb/req</a></th>234 <th><a href="<?php echo getEscapedProfileUrl( false, 'name' ) ?>">Name</a></th> 235 <th><a href="<?php echo getEscapedProfileUrl( false, 'time' ) ?>">Time (%)</a></th> 236 <th><a href="<?php echo getEscapedProfileUrl( false, 'memory' ) ?>">Memory (%)</a></th> 237 <th><a href="<?php echo getEscapedProfileUrl( false, 'count' ) ?>">Count</a></th> 238 <th><a href="<?php echo getEscapedProfileUrl( false, 'calls_per_req' ) ?>">Calls/req</a></th> 239 <th><a href="<?php echo getEscapedProfileUrl( false, 'time_per_call' ) ?>">ms/call</a></th> 240 <th><a href="<?php echo getEscapedProfileUrl( false, 'memory_per_call' ) ?>">kb/call</a></th> 241 <th><a href="<?php echo getEscapedProfileUrl( false, 'time_per_req' ) ?>">ms/req</a></th> 242 <th><a href="<?php echo getEscapedProfileUrl( false, 'memory_per_req' ) ?>">kb/req</a></th> 242 243 </tr> 243 244 <?php … … 246 247 $totalmemory = 0.0; 247 248 248 function makeurl( $_filter = false, $_sort = false, $_expand = false ) {249 function getEscapedProfileUrl( $_filter = false, $_sort = false, $_expand = false ) { 249 250 global $filter, $sort, $expand; 250 251 … … 252 253 $_expand = $expand; 253 254 254 $nfilter = $_filter ? $_filter : $filter; 255 $nsort = $_sort ? $_sort : $sort; 256 $exp = urlencode( implode( ',', array_keys( $_expand ) ) ); 257 return "?filter=$nfilter&sort=$nsort&expand=$exp"; 255 return htmlspecialchars( 256 '?' . 257 wfArrayToCGI( array( 258 'filter' => $_filter ? $_filter : $filter, 259 'sort' => $_sort ? $_sort : $sort, 260 'expand' => implode( ',', array_keys( $_expand ) ) 261 ) ) 262 ); 258 263 } 259 264 -
trunk/w/skins/Vector.php
r1484 r1881 449 449 $this->html( 'headelement' ); 450 450 ?> 451 <div id=" page-base" class="noprint"></div>452 <div id=" head-base" class="noprint"></div>451 <div id="mw-page-base" class="noprint"></div> 452 <div id="mw-head-base" class="noprint"></div> 453 453 <!-- content --> 454 454 <div id="content" <?php $this->html('specialpageattributes') ?>> … … 484 484 <!-- jumpto --> 485 485 <div id="jump-to-nav"> 486 <?php $this->msg( 'jumpto' ) ?> <a href="#head"><?php $this->msg( 'jumptonavigation' ) ?></a>,486 <?php $this->msg( 'jumpto' ) ?> <a href="#mw-head"><?php $this->msg( 'jumptonavigation' ) ?></a>, 487 487 <a href="#p-search"><?php $this->msg( 'jumptosearch' ) ?></a> 488 488 </div> … … 508 508 <!-- /content --> 509 509 <!-- header --> 510 <div id=" head" class="noprint">510 <div id="mw-head" class="noprint"> 511 511 <?php $this->renderNavigation( 'PERSONAL' ); ?> 512 512 <div id="left-navigation"> … … 519 519 <!-- /header --> 520 520 <!-- panel --> 521 <div id=" panel" class="noprint">521 <div id="mw-panel" class="noprint"> 522 522 <!-- logo --> 523 523 <div id="p-logo"><a style="background-image: url(<?php $this->text( 'logopath' ) ?>);" href="<?php echo htmlspecialchars( $this->data['nav_urls']['mainpage']['href'] ) ?>" <?php echo $this->skin->tooltipAndAccesskey( 'p-logo' ) ?>></a></div> -
trunk/w/skins/common/wikibits.js
r1570 r1881 30 30 // string (bug 23171) 31 31 var ie6_bugs = false; 32 if ( / MSIE([0-9]{1,}[\.0-9]{0,})/.exec( clientPC ) != null32 if ( /msie ([0-9]{1,}[\.0-9]{0,})/.exec( clientPC ) != null 33 33 && parseFloat( RegExp.$1 ) <= 6.0 ) { 34 34 ie6_bugs = true; … … 245 245 var linkContainers = [ 246 246 'column-one', // Monobook and Modern 247 ' head', 'panel', 'p-logo' // Vector247 'mw-head', 'mw-panel', 'p-logo' // Vector 248 248 ]; 249 249 for ( var i in linkContainers ) { … … 375 375 376 376 /* Dummy for deprecated function */ 377 window.ta = []; 377 378 function akeytt( doId ) { 378 379 } -
trunk/w/skins/vector/experiments/babaco-colors-a.css
r1484 r1881 14 14 15 15 /* Framework */ 16 # page-base {16 #mw-page-base { 17 17 background-color: inherit !important; 18 18 background-image: none !important; … … 66 66 font-weight:normal; 67 67 } 68 body # panel div.portal div.body {68 body #mw-panel div.portal div.body { 69 69 background-image:url(images/new-portal-break-ltr.png); 70 70 } 71 body.rtl # panel div.portal div.body {71 body.rtl #mw-panel div.portal div.body { 72 72 background-image:url(images/new-portal-break-rtl.png); 73 73 } … … 102 102 background-color: #f7f7f7; 103 103 } 104 # panel div.portal h5 {104 #mw-panel div.portal h5 { 105 105 font-weight:bold; 106 106 margin-bottom:0; -
trunk/w/skins/vector/experiments/babaco-colors-b.css
r1484 r1881 9 9 10 10 /* Framework */ 11 # page-base {11 #mw-page-base { 12 12 background-color: inherit !important; 13 13 background-image: none !important; -
trunk/w/skins/vector/experiments/babaco-colors-c.css
r1484 r1881 2 2 3 3 /* ridding ourselves of the gradient */ 4 # page-base {4 #mw-page-base { 5 5 background-color: inherit !important; 6 6 background-image: none !important; … … 54 54 font-weight:normal; 55 55 } 56 body # panel div.portal div.body {56 body #mw-panel div.portal div.body { 57 57 background-image:url(images/new-portal-break-ltr.png); 58 58 } … … 78 78 background-color: #f7f7f7; 79 79 } 80 # panel div.portal h5 {80 #mw-panel div.portal h5 { 81 81 font-weight:bold; 82 82 margin-bottom:0; -
trunk/w/skins/vector/experiments/new-tabs.css
r1484 r1881 192 192 } 193 193 /* @noflip */ 194 body # head div.vectorMenu h5 {194 body #mw-head div.vectorMenu h5 { 195 195 background-image: url(../images/arrow-down-icon.png); 196 196 background-position: center center; -
trunk/w/skins/vector/main-ltr.css
r1570 r1881 38 38 } 39 39 /* Head */ 40 # page-base {40 #mw-page-base { 41 41 height: 5em; 42 42 background-color: white; … … 45 45 background-repeat: repeat-x; 46 46 } 47 # head-base {47 #mw-head-base { 48 48 margin-top: -5em; 49 49 margin-left: 10em; … … 53 53 background-repeat: repeat-x; 54 54 } 55 # head {55 #mw-head { 56 56 position: absolute; 57 57 top: 0; … … 59 59 width: 100%; 60 60 } 61 # head h5 {61 #mw-head h5 { 62 62 margin: 0; 63 63 padding: 0; … … 213 213 /* OVERRIDDEN BY COMPLIANT BROWSERS */ 214 214 /* @noflip */ 215 # head div.vectorMenu h5 {215 #mw-head div.vectorMenu h5 { 216 216 float: left; 217 217 background-image: url(images/tab-break.png); … … 219 219 } 220 220 /* IGNORED BY IE6 */ 221 # head div.vectorMenu > h5 {221 #mw-head div.vectorMenu > h5 { 222 222 background-image: none; 223 223 } 224 # head div.vectorMenu h5 {224 #mw-head div.vectorMenu h5 { 225 225 background-position: bottom left; 226 226 margin-left: -1px; … … 386 386 } 387 387 /* Panel */ 388 # panel {388 #mw-panel { 389 389 position: absolute; 390 390 top: 160px; … … 393 393 left: 0; 394 394 } 395 # panel div.portal {395 #mw-panel div.portal { 396 396 padding-bottom: 1.5em; 397 397 } 398 # panel div.portal h5 {398 #mw-panel div.portal h5 { 399 399 font-weight: normal; 400 400 color: #444444; … … 406 406 font-size: 0.75em; 407 407 } 408 # panel div.portal div.body {408 #mw-panel div.portal div.body { 409 409 margin: 0; 410 410 padding-top: 0.5em; … … 414 414 background-position: top left; 415 415 } 416 # panel div.portal div.body ul {416 #mw-panel div.portal div.body ul { 417 417 list-style: none; 418 418 list-style-image: none; … … 421 421 margin: 0; 422 422 } 423 # panel div.portal div.body ul li {423 #mw-panel div.portal div.body ul li { 424 424 line-height: 1.125em; 425 425 padding: 0; … … 429 429 font-size: 0.75em; 430 430 } 431 # panel div.portal div.body ul li a {431 #mw-panel div.portal div.body ul li a { 432 432 color: #0645ad; 433 433 } 434 # panel div.portal div.body ul li a:visited {434 #mw-panel div.portal div.body ul li a:visited { 435 435 color: #0b0080; 436 436 } -
trunk/w/skins/vector/main-rtl.css
r1570 r1881 38 38 } 39 39 /* Head */ 40 # page-base {40 #mw-page-base { 41 41 height: 5em; 42 42 background-color: white; … … 45 45 background-repeat: repeat-x; 46 46 } 47 # head-base {47 #mw-head-base { 48 48 margin-top: -5em; 49 49 margin-right: 10em; … … 53 53 background-repeat: repeat-x; 54 54 } 55 # head {55 #mw-head { 56 56 position: absolute; 57 57 top: 0; … … 59 59 width: 100%; 60 60 } 61 # head h5 {61 #mw-head h5 { 62 62 margin: 0; 63 63 padding: 0; … … 213 213 /* OVERRIDDEN BY COMPLIANT BROWSERS */ 214 214 /* @noflip */ 215 # head div.vectorMenu h5 {215 #mw-head div.vectorMenu h5 { 216 216 float: left; 217 217 background-image: url(images/tab-break.png); … … 219 219 } 220 220 /* IGNORED BY IE6 */ 221 # head div.vectorMenu > h5 {221 #mw-head div.vectorMenu > h5 { 222 222 background-image: none; 223 223 } 224 # head div.vectorMenu h5 {224 #mw-head div.vectorMenu h5 { 225 225 background-position: bottom right; 226 226 margin-right: -1px; … … 386 386 } 387 387 /* Panel */ 388 # panel {388 #mw-panel { 389 389 position: absolute; 390 390 top: 160px; … … 393 393 right: 0; 394 394 } 395 # panel div.portal {395 #mw-panel div.portal { 396 396 padding-bottom: 1.5em; 397 397 } 398 # panel div.portal h5 {398 #mw-panel div.portal h5 { 399 399 font-weight: normal; 400 400 color: #444444; … … 406 406 font-size: 0.75em; 407 407 } 408 # panel div.portal div.body {408 #mw-panel div.portal div.body { 409 409 margin: 0; 410 410 padding-top: 0.5em; … … 414 414 background-position: top right; 415 415 } 416 # panel div.portal div.body ul {416 #mw-panel div.portal div.body ul { 417 417 list-style: none; 418 418 list-style-image: none; … … 421 421 margin: 0; 422 422 } 423 # panel div.portal div.body ul li {423 #mw-panel div.portal div.body ul li { 424 424 line-height: 1.125em; 425 425 padding: 0; … … 429 429 font-size: 0.75em; 430 430 } 431 # panel div.portal div.body ul li a {431 #mw-panel div.portal div.body ul li a { 432 432 color: #0645ad; 433 433 } 434 # panel div.portal div.body ul li a:visited {434 #mw-panel div.portal div.body ul li a:visited { 435 435 color: #0b0080; 436 436 }
Note: See TracChangeset
for help on using the changeset viewer.
