* PermissionsError now calls OutputPage::showPermissionsErrorPage() to display the error (this is needed to make the item above work correctly)
* Removed the override of the HTML title in OutputPage::showPermissionsErrorPage() so that it shows "Permission errors - Sitename" instead of simply "Permission errors" for consistency with the other things
* Pass the error array returned by Title::getUserPermissionsErrors() to PermissionsError where available
* Converted direct calls to OutputPage::showPermissionsErrorPage() to throw an PermissionsError error instead
* Added 'action-rollback' message that will be displayed when accessing action=rollback without sufficient rights
* Changed getRestriction() in subclasses of Action to return null when they previously returned 'read' so that user rights can be check with Title::getUserPermissionsErrors()
* Reordered checks to do first user rights, then block (if needed) and finally read only (also if needed) so that users don't think the error is temporary when they both don't have right and the database is locked
This code appears to be trying to output something like 'HTTP/1.1 500 MediaWiki Error', but using $_SERVER['SERVER_PROTOCOL']. And it seems to output it on things that run in phpunit tests.
Seems pretty broken?
Also removed htmlHeader() and htmlFooter() since it has zero callers anywhere.
Not sure why useOutputPage() was checking isArticleRelated(), we should be able do use it with other stuff too
* Encapsulate index.php in wfIndexMain() (similar to r77873)
* Kill $wgArticle check in Exception, not necessary anymore
* Kill $wgArticle in Setup, also not necessary
* Add angry note about $wgArticle to rebuildFileCache.
* Remove note about $wgArticle in Parser since it's dying anyway
* Clean up the ugly adding-then-removing-then-readding HTML <head> and <body> tags in DBConnectionError, deprecates MWException::htmlBodyOnly()
* Also deprecates MWException::htmlHeader(), removes code duplication since MWException::reportHTML() can safely call wfDie() and get an output format appropriate for the entry point
* Copy a couple of HTML headers (Cache-control, Pragma and Content-type) to the wfDie() implementation.
* Fix parsing of the three major entry points (index.php, api.php, load.php) back to PHP 4.4.9. We don't care what happens if you actually try to run these files on old versions, but the entry files need to parse correctly.
* consign /includes/templates/PHP4.php and /includes/templates/NoLocalSettings.php to the fiery pit of hell where they belong.
* Prevent loading of any other files for PHP < 5. WebStart.php was rendered unparseable in PHP 4 by the introduction of try/catch blocks in r85327.
* Die outright with a pretty error message on PHP < 5.2.3 as well as PHP 4. All versions of PHP below that throw parse errors of various sorts.
* Reimplement wfDie() to provide an entry-point-dependent die-with-readable-error-message function (for instance, we want a pretty human-readable page in index.php, something wrapped in CSS/JS /*...*/ comment block in load.php, etc).
* Standardise the appearance of the catastrophic errors thrown at the top of the stack with the ones lower down (exception-within-exception, etc). There isn't really a way to do this without duplication, AFAICT.
Wikis which set $wgServer in their LocalSettings or are in a virtual
host would never be vulnerable.
For sites which show the wiki in the default host, it will depend on how
forgiving is their webserver and php stack for that garbled input, although
some kind of foolable proxy —moreover wrongly caching errors (or the default
output buffering is disabled and something incorrectly sent a previous text)—
would also need to be present in order to make that useful for a
potential attacker.
* Made wfDeprecated() issue a notice only once for each function name instead of every time the function is called.
* Added exceptions for malformed keys input to $wgMessageCache->get(), per CR comments on r52503
* Fixed notice from MWException::useMessageCache()
* The serialized message cache, which would have been redundant, has been removed. Similar performance characteristics can be achieved with $wgLocalisationCacheConf['manualRecache'] = true;
* Added a maintenance script rebuildLocalisationCache.php for offline rebuilding of the localisation cache.
* Extension i18n files can now contain any of the variables which can be set in Messages*.php. It is possible, and recommended, to use this feature instead of the hooks for special page aliases and magic words.
* $wgExtensionAliasesFiles, LanguageGetMagic and LanguageGetSpecialPageAliases are retained for backwards compatibility. $wgMessageCache->addMessages() and related functions have been removed. wfLoadExtensionMessages() is a no-op and can continue to be called for b/c.
* Introduced $wgCacheDirectory as a default location for the various local caches that have accumulated. Suggested $IP/cache as a good place for it in the default LocalSettings.php and created this directory with a deny-all .htaccess.
* Patched Exception.php to avoid using the message cache when an exception is thrown from within LocalisationCache, since this tends to fail horribly.
* Removed Language::getLocalisationArray(), Language::loadLocalisation(), Language::load()
* Fixed FileDependency::__sleep()
* In Cdb.php, fixed newlines in debug messages
In MessageCache::get():
* Replaced calls to $wgContLang capitalisation functions with plain PHP functions, reducing the typical case from 99us to 93us. Message cache keys are already documented as being restricted to ASCII.
* Implemented a more efficient way to filter out bogus language codes, reducing the "foo/en" case from 430us to 101us
* Optimised wfRunHooks() in the typical do-nothing case, from ~30us to ~3us. This reduced MessageCache::get() typical case time from 93us to 38us.
* Removed hook MessageNotInMwNs to save an extra 3us per cache hit. Reimplemented the only user (LocalisationUpdate) using the new hook LocalisationCacheRecache.
