These are needed for OAuth grants.
Note that we don't bother with a 'viewmyoptions' right, since the
majority will be determinable from just observing the interface.
Note that the fact of having a confirmed email address cannot be
reliably hidden, and if the user has 'sendemail' they may be able to
determine the real name and email address by sending an email to another
account that they control.
Change-Id: I3f03dd010020e8d43cc2d3bca7b3ef7196d1c548
* WikiPage functions/fields are "magically" part of Article when accessed for b/c. Magic is kind of ugly but there are too many callers to make breaking changes atm. Some functions are just wrappers for WikiPage ones (were magic won't work).
* Added newFromID() to each WikiPage subclass (works around pre-existing inheritance problem).
* Added Page class for convenient type hinting and changed hints from Article -> Page. This lets things use WikiPage objects without getting type errors.
* Updated FlaggedPage to extend WikiPage. Worked around getOldIdFromRequest().
* Added setTimestamp() to WikiPage and moved some timestamp setting code from ParserCache to Article.
* Removed ampersands from $dbw arguments.
* @TODO: dependency inject user objects for WikiPage
The idea is to migrate things to use WikiPage, as the run-of-the-mill "new Article()" call doesn't care about $oldid and $wgRequest. After that, Article, ImagePage, and CategoryPage can be rewritten as an Action class or something sane (a Viewer class of sorts).
sed -i 's/$wgContLanguageCode/$wgLanguageCode/g'
These are now the same, always. Per and since r15827.
$wgLanguageCode wins due to being the one set by LocalSettings.
$wgContLanguageCode definition at includes/Setup.php kept for now.
* Put all functions into classed so that they can be autoloaded
* Marked all private methods as protected
* Article::getContributors() now returns UserArrayFromResult object
to forestall additional UTF-7-autodetect XSS issues. Probably not an
issue on Apache 2.0+, but most servers send only 'text/html' by default
when the script didn't specify more details.
This fixes an issue with the Ajax interface error message on MSIE when
$wgUseAjax is enabled (not default configuration); this UTF-7 variant
on a previously fixed attack vector was discovered by Moshe BA from BugSec:
http://www.bugsec.com/articles.php?Security=24
* Trackback responses now specify XML content type
change in the getContributors() method of Article, which in turn required
some code changes in the Metadata module.
However, it now seems to work.
If the number of contributors is greater than N, then show a link to the
full credits page.
An additional bit: it may be that we don't want to show _any_ contributors
if we are over the max. So, there's a flag to check this.
