diff options
| author | Pierre Schmitz <pierre@archlinux.de> | 2014-03-28 05:41:12 +0100 |
|---|---|---|
| committer | Pierre Schmitz <pierre@archlinux.de> | 2014-03-28 05:41:12 +0100 |
| commit | 9441dde8bfb95277df073717ed7817dced40f948 (patch) | |
| tree | ba31c10147e91bda378b77c8cae90c5651af9bfe /includes | |
| parent | d417de70fcf39e0a7a15ba780b597914d16ca0f7 (diff) | |
Update to MediaWiki 1.22.5
Diffstat (limited to 'includes')
| -rw-r--r-- | includes/DefaultSettings.php | 2 | ||||
| -rw-r--r-- | includes/EditPage.php | 21 | ||||
| -rw-r--r-- | includes/db/DatabaseMysqli.php | 13 | ||||
| -rw-r--r-- | includes/specials/SpecialChangePassword.php | 16 | ||||
| -rw-r--r-- | includes/templates/Userlogin.php | 13 |
5 files changed, 59 insertions, 6 deletions
diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 2aa5b09f..c0228282 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -63,7 +63,7 @@ $wgConf = new SiteConfiguration; * MediaWiki version number * @since 1.2 */ -$wgVersion = '1.22.4'; +$wgVersion = '1.22.5'; /** * Name of the site. It must be changed in LocalSettings.php diff --git a/includes/EditPage.php b/includes/EditPage.php index 530e2674..16d9a5a4 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -2049,10 +2049,27 @@ class EditPage { } # Try to add a custom edit intro, or use the standard one if this is not possible. if ( !$this->showCustomIntro() && !$this->mTitle->exists() ) { + $helpLink = wfExpandUrl( Skin::makeInternalOrExternalUrl( + wfMessage( 'helppage' )->inContentLanguage()->text() + ) ); if ( $wgUser->isLoggedIn() ) { - $wgOut->wrapWikiMsg( "<div class=\"mw-newarticletext\">\n$1\n</div>", 'newarticletext' ); + $wgOut->wrapWikiMsg( + // Suppress the external link icon, consider the help url an internal one + "<div class=\"mw-newarticletext plainlinks\">\n$1\n</div>", + array( + 'newarticletext', + $helpLink + ) + ); } else { - $wgOut->wrapWikiMsg( "<div class=\"mw-newarticletextanon\">\n$1\n</div>", 'newarticletextanon' ); + $wgOut->wrapWikiMsg( + // Suppress the external link icon, consider the help url an internal one + "<div class=\"mw-newarticletextanon plainlinks\">\n$1\n</div>", + array( + 'newarticletextanon', + $helpLink + ) + ); } } # Give a notice if the user is editing a deleted/moved page... diff --git a/includes/db/DatabaseMysqli.php b/includes/db/DatabaseMysqli.php index 7761abe9..0ec54314 100644 --- a/includes/db/DatabaseMysqli.php +++ b/includes/db/DatabaseMysqli.php @@ -51,6 +51,17 @@ class DatabaseMysqli extends DatabaseMysqlBase { . " have you compiled PHP with the --with-mysqli option?\n" ); } + // Other than mysql_connect, mysqli_real_connect expects an explicit port + // parameter. So we need to parse the port out of $realServer + $port = null; + $hostAndPort = IP::splitHostAndPort( $realServer ); + if ( $hostAndPort ) { + $realServer = $hostAndPort[0]; + if ( $hostAndPort[1] ) { + $port = $hostAndPort[1]; + } + } + $connFlags = 0; if ( $this->mFlags & DBO_SSL ) { $connFlags |= MYSQLI_CLIENT_SSL; @@ -70,7 +81,7 @@ class DatabaseMysqli extends DatabaseMysqlBase { usleep( 1000 ); } if ( $mysqli->real_connect( $realServer, $this->mUser, - $this->mPassword, $this->mDBname, null, null, $connFlags ) ) + $this->mPassword, $this->mDBname, $port, null, $connFlags ) ) { return $mysqli; } diff --git a/includes/specials/SpecialChangePassword.php b/includes/specials/SpecialChangePassword.php index c54b5575..a75e7e83 100644 --- a/includes/specials/SpecialChangePassword.php +++ b/includes/specials/SpecialChangePassword.php @@ -52,6 +52,11 @@ class SpecialChangePassword extends UnlistedSpecialPage { $this->mDomain = $request->getVal( 'wpDomain' ); $user = $this->getUser(); + + if ( !$user->isLoggedIn() && !LoginForm::getLoginToken() ) { + LoginForm::setLoginToken(); + } + if ( !$request->wasPosted() && !$user->isLoggedIn() ) { $this->error( $this->msg( 'resetpass-no-info' )->text() ); @@ -81,6 +86,14 @@ class SpecialChangePassword extends UnlistedSpecialPage { return; } + if ( !$user->isLoggedIn() + && $request->getVal( 'wpLoginOnChangeToken' ) !== LoginForm::getLoginToken() + ) { + // Potential CSRF (bug 62497) + $this->error( $this->msg( 'sessionfailure' )->text() ); + return false; + } + $this->attemptReset( $this->mNewpass, $this->mRetype ); if ( $user->isLoggedIn() ) { @@ -157,6 +170,9 @@ class SpecialChangePassword extends UnlistedSpecialPage { 'wpName' => $this->mUserName, 'wpDomain' => $this->mDomain, ) + $this->getRequest()->getValues( 'returnto', 'returntoquery' ); + if ( !$user->isLoggedIn() ) { + $hiddenFields['wpLoginOnChangeToken'] = LoginForm::getLoginToken(); + } $hiddenFieldsStr = ''; foreach ( $hiddenFields as $fieldname => $fieldvalue ) { $hiddenFieldsStr .= Html::hidden( $fieldname, $fieldvalue ) . "\n"; diff --git a/includes/templates/Userlogin.php b/includes/templates/Userlogin.php index 5eb60948..9aedd3c7 100644 --- a/includes/templates/Userlogin.php +++ b/includes/templates/Userlogin.php @@ -154,9 +154,18 @@ class UserloginTemplate extends BaseTemplate { ) ); ?> </div> - <div id="mw-userlogin-help"> - <?php echo $this->getMsg( 'userlogin-helplink' )->parse(); ?> + <?php + echo Html::element( + 'a', + array( + 'href' => Skin::makeInternalOrExternalUrl( + wfMessage( 'helplogin-url' )->inContentLanguage()->text() + ), + ), + $this->getMsg( 'userlogin-helplink2' )->text() + ); + ?> </div> <?php if ( $this->haveData( 'createOrLoginHref' ) ) { ?> <?php if ( $this->data['loggedin'] ) { ?> |