From 3d92394be2570f9f49c7904cacc2bc8d790e72f2 Mon Sep 17 00:00:00 2001
From: Pierre Schmitz <pierre@archlinux.de>
Date: Fri, 30 May 2014 06:21:55 +0200
Subject: Update to MediaWiki 1.22.7

---
 includes/DefaultSettings.php               |  2 +-
 includes/HttpFunctions.php                 | 58 ++++++++++++++----------------
 includes/SkinTemplate.php                  |  5 +--
 includes/UserMailer.php                    |  1 +
 includes/installer/PostgresUpdater.php     |  1 +
 includes/specials/SpecialPasswordReset.php |  5 +--
 includes/upload/UploadStash.php            |  2 +-
 7 files changed, 37 insertions(+), 37 deletions(-)

(limited to 'includes')

diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php
index 32ad2db3..850c2cfb 100644
--- a/includes/DefaultSettings.php
+++ b/includes/DefaultSettings.php
@@ -63,7 +63,7 @@ $wgConf = new SiteConfiguration;
  * MediaWiki version number
  * @since 1.2
  */
-$wgVersion = '1.22.6';
+$wgVersion = '1.22.7';
 
 /**
  * Name of the site. It must be changed in LocalSettings.php
diff --git a/includes/HttpFunctions.php b/includes/HttpFunctions.php
index fa2fc12b..b405ede2 100644
--- a/includes/HttpFunctions.php
+++ b/includes/HttpFunctions.php
@@ -853,6 +853,7 @@ class PhpHttpRequest extends MWHttpRequest {
 		}
 
 		$this->reqHeaders['Accept'] = "*/*";
+		$this->reqHeaders['Connection'] = 'Close';
 		if ( $this->method == 'POST' ) {
 			// Required for HTTP 1.0 POSTs
 			$this->reqHeaders['Content-Length'] = strlen( $this->postData );
@@ -861,52 +862,47 @@ class PhpHttpRequest extends MWHttpRequest {
 			}
 		}
 
-		$options = array();
-		if ( $this->proxy ) {
-			$options['proxy'] = $this->urlToTCP( $this->proxy );
-			$options['request_fulluri'] = true;
-		}
+		// Set up PHP stream context
+		$options = array(
+			'http' => array(
+				'method' => $this->method,
+				'header' => implode( "\r\n", $this->getHeaderList() ),
+				'protocol_version' => '1.1',
+				'max_redirects' => $this->followRedirects ? $this->maxRedirects : 0,
+				'ignore_errors' => true,
+				'timeout' => $this->timeout,
+				// Curl options in case curlwrappers are installed
+				'curl_verify_ssl_host' => $this->sslVerifyHost ? 2 : 0,
+				'curl_verify_ssl_peer' => $this->sslVerifyCert,
+			),
+			'ssl' => array(
+				'verify_peer' => $this->sslVerifyCert,
+				'SNI_enabled' => true,
+			),
+		);
 
-		if ( !$this->followRedirects ) {
-			$options['max_redirects'] = 0;
-		} else {
-			$options['max_redirects'] = $this->maxRedirects;
+		if ( $this->proxy ) {
+			$options['http']['proxy'] = $this->urlToTCP( $this->proxy );
+			$options['http']['request_fulluri'] = true;
 		}
 
-		$options['method'] = $this->method;
-		$options['header'] = implode( "\r\n", $this->getHeaderList() );
-		// Note that at some future point we may want to support
-		// HTTP/1.1, but we'd have to write support for chunking
-		// in version of PHP < 5.3.1
-		$options['protocol_version'] = "1.0";
-
-		// This is how we tell PHP we want to deal with 404s (for example) ourselves.
-		// Only works on 5.2.10+
-		$options['ignore_errors'] = true;
-
 		if ( $this->postData ) {
-			$options['content'] = $this->postData;
+			$options['http']['content'] = $this->postData;
 		}
 
-		$options['timeout'] = $this->timeout;
-
 		if ( $this->sslVerifyHost ) {
-			$options['CN_match'] = $this->parsedUrl['host'];
-		}
-		if ( $this->sslVerifyCert ) {
-			$options['verify_peer'] = true;
+			$options['ssl']['CN_match'] = $this->parsedUrl['host'];
 		}
 
 		if ( is_dir( $this->caInfo ) ) {
-			$options['capath'] = $this->caInfo;
+			$options['ssl']['capath'] = $this->caInfo;
 		} elseif ( is_file( $this->caInfo ) ) {
-			$options['cafile'] = $this->caInfo;
+			$options['ssl']['cafile'] = $this->caInfo;
 		} elseif ( $this->caInfo ) {
 			throw new MWException( "Invalid CA info passed: {$this->caInfo}" );
 		}
 
-		$scheme = $this->parsedUrl['scheme'];
-		$context = stream_context_create( array( "$scheme" => $options ) );
+		$context = stream_context_create( $options );
 
 		$this->headerList = array();
 		$reqCount = 0;
diff --git a/includes/SkinTemplate.php b/includes/SkinTemplate.php
index 53f11998..581dbb34 100644
--- a/includes/SkinTemplate.php
+++ b/includes/SkinTemplate.php
@@ -1826,10 +1826,11 @@ abstract class BaseTemplate extends QuickTemplate {
 	 */
 	function makeListItem( $key, $item, $options = array() ) {
 		if ( isset( $item['links'] ) ) {
-			$html = '';
+			$links = array();
 			foreach ( $item['links'] as $linkKey => $link ) {
-				$html .= $this->makeLink( $linkKey, $link, $options );
+				$links[] = $this->makeLink( $linkKey, $link, $options );
 			}
+			$html = implode( ' ', $links );
 		} else {
 			$link = $item;
 			// These keys are used by makeListItem and shouldn't be passed on to the link
diff --git a/includes/UserMailer.php b/includes/UserMailer.php
index 8ab10b2d..163f8361 100644
--- a/includes/UserMailer.php
+++ b/includes/UserMailer.php
@@ -747,6 +747,7 @@ class EmailNotification {
 		}
 
 		$keys['$PAGEEDITOR_WIKI'] = $this->editor->getUserPage()->getCanonicalURL();
+		$keys['$HELPPAGE'] = wfExpandUrl( Skin::makeInternalOrExternalUrl( wfMessage( 'helppage' )->inContentLanguage()->text() ) );
 
 		# Replace this after transforming the message, bug 35019
 		$postTransformKeys['$PAGESUMMARY'] = $this->summary == '' ? ' - ' : $this->summary;
diff --git a/includes/installer/PostgresUpdater.php b/includes/installer/PostgresUpdater.php
index 599b523b..304c5466 100644
--- a/includes/installer/PostgresUpdater.php
+++ b/includes/installer/PostgresUpdater.php
@@ -169,6 +169,7 @@ class PostgresUpdater extends DatabaseUpdater {
 				"INTEGER NOT NULL PRIMARY KEY DEFAULT nextval('archive_ar_id_seq')" ),
 			array( 'addPgField', 'externallinks', 'el_id',
 				"INTEGER NOT NULL PRIMARY KEY DEFAULT nextval('externallinks_el_id_seq')" ),
+			array( 'addPgField', 'uploadstash', 'us_props', "BYTEA" ),
 
 			# type changes
 			array( 'changeField', 'archive', 'ar_deleted', 'smallint', '' ),
diff --git a/includes/specials/SpecialPasswordReset.php b/includes/specials/SpecialPasswordReset.php
index c486ba01..d9faacca 100644
--- a/includes/specials/SpecialPasswordReset.php
+++ b/includes/specials/SpecialPasswordReset.php
@@ -208,7 +208,8 @@ class SpecialPasswordReset extends FormSpecialPage {
 		$firstUser = $users[0];
 
 		if ( !$firstUser instanceof User || !$firstUser->getID() ) {
-			return array( array( 'nosuchuser', $data['Username'] ) );
+			// Don't parse username as wikitext (bug 65501)
+			return array( array( 'nosuchuser', wfEscapeWikiText( $data['Username'] ) ) );
 		}
 
 		// Check against the rate limiter
@@ -235,7 +236,7 @@ class SpecialPasswordReset extends FormSpecialPage {
 		// All the users will have the same email address
 		if ( $firstUser->getEmail() == '' ) {
 			// This won't be reachable from the email route, so safe to expose the username
-			return array( array( 'noemail', $firstUser->getName() ) );
+			return array( array( 'noemail', wfEscapeWikiText( $firstUser->getName() ) ) );
 		}
 
 		// We need to have a valid IP address for the hook, but per bug 18347, we should
diff --git a/includes/upload/UploadStash.php b/includes/upload/UploadStash.php
index 7db6c64b..ea117378 100644
--- a/includes/upload/UploadStash.php
+++ b/includes/upload/UploadStash.php
@@ -260,7 +260,7 @@ class UploadStash {
 			'us_key' => $key,
 			'us_orig_path' => $path,
 			'us_path' => $stashPath, // virtual URL
-			'us_props' => serialize( $fileProps ),
+			'us_props' => $dbw->encodeBlob( serialize( $fileProps ) ),
 			'us_size' => $fileProps['size'],
 			'us_sha1' => $fileProps['sha1'],
 			'us_mime' => $fileProps['mime'],
-- 
cgit v1.2.2