LBFactory inherits $wgReadOnly, the LBs inherit
any LBFactory read only mode, and Database objects
inherit any LB read-only mode.
Add some methods callers can use to check if
a DB/LB handle is read-only before trying writes.
Additionally:
* Fix 5ec1e47475 regression where readOnlyBySection
read-only mode would not affect wfReadOnly() but only
lagged-slave read-only mode for LBFactoryMulti.
* Catch errors when getLaggedSlaveMode() is called after
master connection and object is established.
* Make getLaggedSlaveMode() a no-op if there are no slaves.
* Make string/false logic for read-only consistent everywhere.
* Remove mLaggedSlaveMode "m" prefix.
Change-Id: Ice3224caae564aa5ffb41b424c23d1593229117a
This fixes a few shortcomings in the chunked uploader:
* Raises an error if offset + chunksize > filesize.
* Enforces a minimum chunk size for non-final chunks.
* Refuses additional chunks after seeing a final chunk.
* Status of a chunked upload in progress is now available with
'checkstatus'.
Bug: T91203
Bug: T91205
Change-Id: I2262db1bc8460616b069c564475d2e4148001768
This allows empty lines inside the comment as found by the
MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.EmptyComment sniff
Change-Id: Iac155bbda4a84562db2b452baeae9b8973899453
* Add a string `keyspace` member to BagOStuff instances. The default
implementation, meant for simple key/value stores, treats the key space
as a string prefix to prepend to keys. By default, its value is `local`,
but any instance created via ObjectCache::newFromParams() (or or one of
its callers) will have that default to $wgCachePrefix / wfWikiID().
* Add `makeKey` and `makeGlobalKey` methods to the base BagOStuff class.
These methods are not static to allow for BagOStuff types which require
a configured instance to know the underlying storage engine's key semantics.
* Make wfMemcKey() and wfGlobalCacheKey() delegate to these methods on the main
ObjectCache instance.
Change-Id: Ib7fc2f939be3decfa97f66af8c2431c51039905f
Doxygen doesn't quite grok PHP's use of the reverse solidus (backslash)
character as a namespace separator. The C++ based parser it uses needs
them to be escaped in comments just as if they were being used in
a literal string context in PHP.
Change-Id: I9aff9dd0fb74a95039da1091c2f247cf71fd085a
* The '.php5' entrypoints were deprecated in I68b1ae842, $wgScriptExtension
in I3690f78bc.
* Drop the associated ResourceLoader configuration variable, too. `mwgrep`
shows no usage in the MediaWiki namespace.
* Keep the scriptExtension configuration parameter for FileRepo for people who
would like to interoperate with older MediaWiki installations that still use
'.php5'.
Change-Id: I17c8a15484b7e82cd5970d34e688109a2aae3840
* This is used to set sticky DC cookies to avoid
session replication lag (which also makes sure
ChronologyProtector works)
Bug: T91816
Change-Id: I7bc2f8185a3c05cb3ca5ccc42d300eccffae48e1
* Callers end up hitting wfFindFile() anyway, so we
may as well use/prime the process cache. By trying
to call checkRedirect() manually, it actually just
caused an extra memcached query.
* 404 pages are often customized to show various
icons file from sister sites, so this was taking
up a significant portion of rendering time.
Change-Id: I7e2a1c6acf853629fcca3a8b3c2c810ebacd2acb
Changed some old bugzilla links to new phabricator links in comments,
test data and error message. This reduces the need for redirects from
old bugzilla to new phabricator from our source code.
Change-Id: Id98278e26ce31656295a23f3cadb536859c4caa5
This adds a "requires" property to extension.json, which extensions and
skins can use to indicate which versions of MediaWiki core they support.
The hacky wfUseMW() is now deprecated in favor of this.
Rather than writing our own version constraint and parser library, we
can re-use composer's, which was recently split out into a separate
library named "composer/semver" for this patch.
Any syntax accepted by composer[1] is available for usage here. Test
cases have been provided to demonstrate how versions are parsed. For now
it is recommended that people stick to expressing compatability with
stable versions (e.g. ">= 1.26").
This patch does not support requiring specific MediaWiki core WMF
branches, since those do not follow the standard semver format that
composer parses. If we are unable to parse $wgVersion, all checking will
be skipped and reported as compatible.
[1] https://getcomposer.org/doc/01-basic-usage.md#package-versions
Bug: T99084
Change-Id: I7785827216e16c596356d0ae42d6b30f3f179f10
* LocalUserCreated: Replaces AuthPlugin::initUser()
* UserGroupsChanged: Replaces AuthPlugin::updateExternalDBGroups()
** The similar UserRights hook is deprecated, mainly to get rid of the
passing of $user by reference.
* UserIsHidden: Replaces AuthPluginUser::isHidden()
* UserIsLocked: Replaces AuthPluginUser::isLocked()
* UserLoggedIn: Replaces AuthPlugin::updateUser()
Also, AuthPlugin::updateExternalDB() is deprecated in favor of the
existing UserSaveSettings hook.
Also, 'ResetSessionID' has been removed. Nothing uses it, I don't know
why I even added it in the first place.
Also, replacing the User object passed to AuthPlugin::initUser() and
AuthPlugin::updateUser() will now raise a warning.
Change-Id: If7474cfb26a29b11c2e78147069419ca3b1cba95
This seems to cause redirect loops in current Firefox instead.
This reverts commit a89a21990e.
Bug: T106793
Change-Id: I18fac8ab0f94e2df8476131b132c9866902a02c4
Similar to 7b4df0e12e,
but for apostrophe instead of tilde and for Opera
instead of Chrome.
Bug: T106793
Change-Id: Ic54390434cebcc76a6c8ab49acc164d36e0cdff6
Moved the logic of ExtensionRegistrations array_plus_2d merge method out
to it's own global function wfArrayPlus2d, so any other function in mediawiki
core and it's extensions can use this method when they need to union
a 2d array.
Change-Id: I56afdf306e399a4a1505828ed76c60c1bfd033b6
There are imho too many ObjectCache methods, $wg*Cache* variables,
CACHE_ types, and wfGet*Cache() functions to know which ones
should actually be used publicly. This should make it easier to
know which ones should be used.
The difference between them was also harder to understand with the
main documentation sections about each of these living in
conceptually different places:
- classes (WANObjectCache)
- methods (ObjectCache::getMainStashInstance)
- variables (DefaultSettings: wgMainCacheType, wgMainWANCache, wgMainStash)
Also:
* Correct wfGetCache() documentation.
* Add the missing keywords for 'public' visibility.
Change-Id: I3b05fdb8b7888bf7e3f05bdca36538f3484556b8
If something being unit tested calls wfResetOutputBuffers(), it'll break
PHPUnit's attempt to capture output in order to fail tests. In the old
version we're currently using for Jenkins it will throw a warning
"ob_end_clean(): failed to delete buffer. No buffer to delete", while in
newer versions it'll detect that its buffer was removed and fail the
test as risky instead.
The solution here is to have MediaWikiTestCase add a buffer with a known
name in setUp() (and remove it in tearDown()), and have
wfResetOutputBuffers() stop when it sees that known name on the stack.
Bug: T109843
Change-Id: I8acd91ec9dd9c6d78a5d91d96202249f571d5d83
Sometime between 5.3 and 5.6, PHP changed from considering the default
output buffer (ob_start() or ob_start( null )) as "user" to considering
it as "internal", which prevents wfResetOutputBuffers() from removing
any buffers.
What we really should do here is test directly for whether the buffer
can be deleted, using the 'del' flag in PHP 5.3 or 'flags' in PHP 5.4+.
As for HHVM, we'll need to continue falling back to testing 'type' for
now thanks to https://github.com/facebook/hhvm/issues/5563.
Bug: T109842
Change-Id: If0163257a8fb471fd594a3754a20c65274f84a4c
* Potentially long running POST requests often use multiple transactions,
talk to multiple services, or defer updates. Try to make sure they have
a chance to complete all of the work. WMF already sets ignore_user_abort()
across the board in config, but this applies it to key spots for all
installs, in addition to bumping the time limit.
* Eventually this can lower the need for high overall time limits.
Bug: T102890
Change-Id: I893ddd773064dcd63b5b24c84c6391974f4b5aee
* This should trigger more reliably than the shutdown function
callback, which is really only there for sanity to make sure
session close/write happens.
Change-Id: I9a1aa76de121ba8de33b3fa850bd223929fae404
As of 155d555b83, we now redirect variations on hex escapes
into their canonical form. This was causing '~' to be redirected
to %7E. However google chrome seems to canonicalize %7E back
into ~, causing a redirect loop.
RFC 3986 says ~ is unreserved, so not hex encoding it should be
fine. To quote: "For consistency, percent-encoded octets in the
ranges of...tilde (%7E) should not be created by URI producers"
Bug: T105265
Change-Id: I01556eee496e2fb540de8ff09c082c1fedddb5f7
strtr() is marginally faster as it runs through the string only
once. A better fit for one-for-one character translation.
The strtr() function also supports an associative array as second
parameter for entire string replacements. This, too, has the same
performance and predictable behaviour (starts with the longest key).
Whereas str_replace is for more aggressive needs where you want
multiple passes until there are no further matches.
The associative array form is arguably also easier to understand
and harder to mess up since the needle/replacement pairs are
explicitly connected instead of two separate arrays.
Also:
* Use getFormattedNsText instead of strtr( getNsText, .. ) which
reduces duplication of this fact through a more semantic intent.
Change-Id: Ie23e4210a5b6908dd79eebc8a2b931d12fe31af6
Some code paths abuse wfForeignMemcKey() for this purpose. This is semantically
incorrect and seems fragile. Also the empty second argument (for db-prefix) is
either misused or akwardly set to the empty string.
It also creates a namespace conflict between arbitrary application keys (from
the software) and any database names (from users). This commit reduces the
conflict surface down to a single key (namely, "global").
Also added unit tests to assert the implicit restrictions and
assumptions between these cache key functions are valid.
Change-Id: Ia0953b51005fe3de3b881dd1bd64c9d3c85e8c66
wfSuppressWarnings() and wfRestoreWarnings() were split out into a
separate library. All usages in core were replaced with the new
functions, and the wf* global functions are marked as deprecated.
Additionally, some uses of @ were replaced due to composer's autoloader
being loaded even earlier.
Ie1234f8c12693408de9b94bf6f84480a90bd4f8e adds the library to
mediawiki/vendor.
Bug: T100923
Change-Id: I5c35079a0a656180852be0ae6b1262d40f6534c4
Also:
* Update wfHttpError() to use uppercase DOCTYPE, to match other code
such as Html.php, wfThumbError(), HttpError.php, etc.
Change-Id: I4027e7fe1a138b03f78797b6d1bfe7bd1064d360
The warning occurs when gmp_init() tries to convert the empty string
that came from ltrim(). This is causing tests to fail under HHVM 3.6.1.
Follows-up 5957856c46.
Bug: T98882
Change-Id: Ica86c91d7897db979e09d7cfc82fb3a20b95d4ce
Also sets default paths immediately (not in Setup.php) so
they are available before extensions register.
Bug: T98319
Change-Id: I41a8aec7a3e9c576ec7344abf51f8106248ade4b
A user just logged on to the #mediawiki channel to ask for help because his
webhost disallowed php_uname(), causing wfIsWindows() to crash. Google
autocompletes 'php_uname()' to 'php_uname() has been disabled for security
reasons', so it is probably not uncommon. Consulting the PHP_OS constant
instead side-steps the problem nicely.
Change-Id: I8d63826db4fc5d142eac53717d4f9fbbf9928de9
* Previously if it was called before a DB_SLAVE connection, it would not
be set. This is fixed now.
* Also set mLaggedSlaveMode in LoadBalancer as appropriate. Before, it
was only set in the "too lagged for ChronologyProtector" case.
Change-Id: Ic4dc555cf762653f157df1795f53f3577c1e587a
Move the MWLogger PSR-3 logging related classes into the
MediaWiki\Logger namespace. Create shim classes to ease migration of
existing MWLoggerFactory usage to the namespaced classes.
Bug: T93406
Change-Id: I359cc81fbd2dcf8937742311dcc7d3dee08747b0
* Associate Profiler objects with a request context by adding a $context
property with a getter and a setter.
* Introduce ProfilerOutputStats, which writes profiling data to the stats
buffer associated with the current request context.
* Make it the Profiler class's responsibility to enforce $wgProfilerLimit.
* Deprecate $wgProfilerLimit in favor of the (more aptly named, IMO)
$wgProfiler['threshold'] config setting.
* Tidy up Profiler instance creation code in Profiler::instance().
* Add Profiler::getOutputs, which returns an array of ProfilerOutput instances
which are configured for the current profiler and whose canUse() method
returns true.
* Make ProfilerStub not log by creating a stub ProfilerStub::logData() method
which does not call the parent. Previously the parent class checked if $this
was an instance of ProfilerStub and returned early if so.
Task: T90623
Task: T85641
Change-Id: Icf644ad3435c1f30d0a49957a97b481808a3153d
* Deprecate $wgRequestTime in favor of $_SERVER['REQUEST_TIME_FLOAT'], which is
more accurate. Because $_SERVER['REQUEST_TIME_FLOAT'] is only set for PHP
5.4+, set it to microtime( true ) in WebStart.php for back-compatibility.
* Add a 'requestTime' property to WebRequest objects, set to
$_SERVER['REQUEST_TIME_FLOAT'] for WebRequest or the instance creation time
for FauxRequest instances.
* Use that to provide WebRequest::getElapsedTime(), which gets the time since
the request was initiated.
* In wfLogProfilingData(), get the user and request objects from the context
object rather than from global scope.
Opportunistic clean-up: move the magic quotes check to WebStart.php and make
the error message more helpful.
Change-Id: I7e07e22eaf16b5141b80ad9f843285c542a127b7
Right now wfLoadExtension() and related functions explicitly load
extensions immediately, bypassing the queue. This was done to be
extremely backwards-compatible with the old require_once style of
loading which does the same.
However, for a future configuration database to work, we need to be able
to reliably load extensions after configuration (LocalSettings.php) is
loaded, which is currently at the top of Setup.php. Rather than doing
this later, we should do this now to make sure the registration system
will be able to handle it.
In Wikimedia production, excentions are currently being loaded with
direct calls to:
ExtensionRegistry::getInstance()->queue(...);
so we know that this should work, but that is not a nice API for sysadmins
and developers to be entering into LocalSettings.php.
If for some reason an extension really needs to be loaded immediately,
they can still call:
ExtensionRegistry::getInstance()->loadFromQueue();
But that should be the exception, not the norm.
Change-Id: I72672e5c9541ede02d09f548c39ef6c8df0ec78a
This function is backwards:
* The stated purpose is to generate a list of differences for callers to parse,
however we already have DiffEngine that returns a list of differences that you
don't need to parse manually shooting your feet off in process.
* With improvements in PHP performance in the last 10 years, shelling out instead of using
a pure-PHP diff has a doubtful performance benefit.
* Even in configurations where it's faster on predominant diffs (which have to be huge),
shelling out has its own security implications.
This function is not used in core. The only extensons using it are Echo (which just parses
its output so would be better off with DiffEngine) and AbuseFilter, let's not add more users
by tolerating this function.
Also, add error checking while I'm at it.
Change-Id: Ia67debce39de8252312fd887ebfbe6fb89f9edc9
Refactor out 'infinity' vartiant values which used in blocking and
protecting actions. This patchset adds GlobalFunction wfIsInfinity.
Bug: T68646
Change-Id: I60cc55a5bbd43c72916a1c2ea3807457d4e33765
This patch adds a metric data service object to the IContextSource interface,
with full support for StatsD meters, gauges, counters and timing metrics, via
the liuggio/statsd-php-client, which this patch also introduces.
Usage example:
$stats = $context->getStats();
$stats->increment( 'resourceloader.cache.hits' );
$stats->timing( 'resourceloader.cache.rtt', $rtt );
The metrics are flushed to a StatsD server, which may be specified via the
'StatsdServer' configuration key. If no such configuration key exists, the
metrics are discarded.
The StatsD client supplants MediaWiki's StatCounter class. wfIncrStats()
will continue to work, but it will delegate to the StatsD data object.
Change-Id: Ie10db1c154d225971398e189737de7c560bf0f90
wfEscapeShellArg() can handle multiple params, escaping each.
This patch changes wfShellExec() to call wfEscapeShellArg() directly
instead of doing the gluing itself.
This patch also extends wfEscapeShellArg() to accept an array parameter
optionally instead of as separate args, which is often useful.
Added also unit test cases for single, multiple args, and single array args.
Change-Id: I7a0761cc2ba98c210a9eacadd12da407d933e42a
Instead of instantiating this on every single request. Removes
wfGetLangConverterCacheStorage() and $wgLangConvMemc which were
otherwise unused.
Change-Id: Ic500944a92c2a94bc649e1b492c33714d81dca00
If $wgResponsiveImages is on, include the 1.5x and 2x multipliers
in the wfThumbIsStandard() standard image size comparisons.
Change-Id: I79d866387730cdd4d7c7a976e691192b2335b7ce
Time wounds all heels. During the code review for the PSR-3 logging
introduction, several people asked me why we needed a wrapper
for Psr\Log\LoggerInterface if the point was to use the standard. At the
time I was convinced that it would be better to introduce the dependency
via a wrapper class so that we could use the wrapper to patch over any
deficiencies that we might find in the PSR-3 API. After going on to work
on a project to disentangle other MediaWiki components from internal
project dependencies I have suddenly and clearly seen the error of my
ways.
We still need a logger factory as PSR-3 does not specify
a standard mechanism for creating Psr\Log\LoggerInterface instances. My
solution is to convert MWLogger into MWLoggerFactory to retain a static
factory interface for creating PSR-3 loggers but remove the MWLogger
wrapper class itself in favor of direct exposure of
Psr\Log\LoggerInterface to the MediaWiki consumer classes.
Change-Id: Ie47467657dcf341991ada00827dca5e8eff95438
For example, if the database cannot be connected to, the language is
something other than 'en', and the l10n cache is LCStoreDB, then the
call to Language::factory() in Setup.php line 604 will do it when it's
trying to get the fallback list.
Bug: T86398
Change-Id: Ia0e9ea440dcc4c8ab7bab1f33802aeff487eb3f0
Introduces wfLoadExtension()/wfLoadSkin() which should be used in
LocalSettings.php rather than require-ing a PHP entry point.
Extensions and skins would add "extension.json" or "skin.json" files
in their root, which contains all the information typically
present in PHP entry point files (classes to autoload, special pages,
API modules, etc.) A full schema can be found at
docs/extension.schema.json, and a script to validate these to the
schema is provided. An additional script is provided to convert
typical PHP entry point files into their JSON equivalents.
The basic flow of loading an extension goes like:
* Get the ExtensionRegistry singleton instance
* ExtensionRegistry takes a filename, reads the file or tries
to get the parsed JSON from APC if possible.
* The JSON is run through a Processor instance,
which registers things with the appropriate
global settings.
* The output of the processor is cached in APC if possible.
* The extension/skin is marked as loaded in the
ExtensionRegistry and a callback function is executed
if one was specified.
For ideal performance, a batch loading method is also provided:
* The absolute path name to the JSON file is queued
in the ExtensionRegistry instance.
* When loadFromQueue() is called, it constructs a hash
unique to the members of the current queue, and sees
if the queue has been cached in APC. If not, it processes
each file individually, and combines the result of each
Processor into one giant array, which is cached in APC.
* The giant array then sets various global settings,
defines constants, and calls callbacks.
To invalidate the cached processed info, by default the mtime
of each JSON file is checked. However that can be slow if you
have a large number of extensions, so you can set $wgExtensionInfoMTime
to the mtime of one file, and `touch` it whenever you update
your extensions.
Change-Id: I7074b65d07c5c7d4e3f1fb0755d74a0b07ed4596
Xhprof generates this data now. Custom profiling of various
sub-function units are kept.
Calls to profiler represented about 3% of page execution
time on Special:BlankPage (1.5% in/out); after this change
it's down to about 0.98% of page execution time.
Change-Id: Id9a1dc9d8f80bbd52e42226b724a1e1213d07af7
When a logging service other than MWLoggerLegacySpi is used, the
behavior of wfErrorLog is not guaranteed.
Change-Id: I8543bfd556aa752665f7a3daa855d3c2f7fc8956
Notice: Undefined index: line in
/var/www/wiki/includes/GlobalFunctions.php on line 1840
Caused by fc2e6df64f, previous versions
used isset here.
Change-Id: Ie9434f09e0905346ace19909fb316d47c75e0440
* It will also no longer call getReaderIndex( false, ... ) twice
* Removed various related ampersands
Change-Id: Ia79e2007dbf84e7437f9439aa6371333aa3e1b23
* Add optional $context parameter to wfDebug, wfDebugLog, wfLogDBError
and wfErrorLog that will be passed to MWLogger.
* Add support for PSR-3 style log message parameter interpolation in
MWLoggerLegacyLogger.
* Add context information to wfLogDBError calls made from DatabaseBase,
DatabaseMysqlBase and LoadBalancer instances.
* Deprecate wfDebugTimer() which now appears to be unused.
Change-Id: Ic90d593d00a2b0b5b80ed205908cbe624042603c
Make the profiler logging output introduced in Iae11e1e a little nicer.
Stop adding the Profiler::getRawData() information and add the URL and
textual report to the default log message. When testing with a Monolog
logger and Logstash the getRawData output from the Xhprof profiler was
found to be too big to be usable. The default message output was found
to be less informative than desirable when a PSR-3 logger other than
MWLoggerLegacyLogger was used. MWLoggerLegacyLogger implements special
backwards compatible formatting for the profileoutput channel that will
not be effected by this change.
Change-Id: Id326aed4f72a3489fac30661c101ac3bb3af2530
- Changed spaces to tabs for indentation
- space after 'function'/'if'
- Added/Removed space after parenthesis/brackets/end of line
- Removed space after cast
Change-Id: I0e8e6a19b84b5e1308b632a0266cb78f688494ee
Output structured profiling report data from wfLogProfilingData using
MWLogger.
Requires Ie667944, I5c82299, and I1e5596d.
Change-Id: Iae11e1e4fe970ada74136f0e969dc624c586ce17
Send wfDebug, wfDebugLog, wfLogDBError and wfLogDBError log messages to
the new MWLogger PSR-3 logger subsystem. Compatibility with the historic
logging operations of wfLogDBError are provided by MWLoggerLegacyLogger
and the MWLoggerLegacySpi logger factory.
Requires the MWLogger system introduced in I5c82299 and the Composer
managed libraries from Ie667944.
Change-Id: I1e5596d590144fbfdfd5f18bc42cf1ef0dbcac12
Per Tim Starling's review of Icb239471, reverted back to the version of
the function from Patch Set 1 of Iece006ec, which did not have the bug.
This version does not attempt to minimize the inevitable leakage of the
string's length.
Also revised the doc comment to explain more effectively what the problem
with a normal (===) string comparison is for the use cases of this function.
Follows-up b9e1d5f5c0.
Change-Id: I1b347e69b39af3d7d8ba6673af63f1a616befbdf
The replace of $n params can also be done using the Message class. In
case there are no message keys, the RawMessage class is used.
Deprecated wfMsgReplaceArgs, but added no warning, because it is used in
some extensions and from deprecated functions
Change-Id: I62091b09e4490e59ed7258566e0ddf2f8ee799d2
* Do not block forever, but wait up to 10 seconds. Likewise,
check the lag times in memcached on startup. This at least
lets runners avoid lagged wikis but still work on others.
* Made a few small related documentation and code cleanups.
Change-Id: Ic1339bab54cba6b6cbea7d97a80ff87c7c5c87af
The Message class constructor has long supported passing an array of
keys for fallback messages, and wfMessage passes the $keys parameter
through unchanged.
And since this is already in use in core, we may as well document it.
Change-Id: I8f7f9ade87e855300650b2e7e31b9303daa96ac5
Before php/php-src@834daa455b, PHP's gmp_init() function would try
to autodetect hex and binary numbers even when a base was explicitly
specified[1], so the results for some base-36 numbers having leading
zeros could be incorrect. Work around this bug by trimming off any
leading zeros before calling gmp_init().
[1]: https://bugs.php.net/bug.php?id=50175
Bug: 69249
Change-Id: I5f5458c1a1195f55fa12904c103da6ea7558010a
* All maintenance scripts pretty much assumed this behavior, but it
was not actually the case. This can avoid some massive lag problems.
Change-Id: I5894409d6abade16afd8144f6689c2aff3fa7327
- Swap "$variable type" to "type $variable"
- Added missing types
- Fixed spacing inside docs
- Makes beginning of @param/@return/@var/@throws in capital
- Changed some types to match the more common spelling
Change-Id: I783e4dbfe5f6f98b32b9a03ccf6439e13e132bcc
- Removed spaces after not operator (!)
- Removed spaces inside array index
- use tab as indent instead of spaces
- Add newline at end of file
- Removed spaces after casts
Change-Id: I9ba17c4385fcb43d38998d45f89cf42952bc791b
Command line may now be given as an array, where each value
will be escaped and glued together with a space.
Change-Id: I9237ec1fccc60c0c4a360562db1c050a3be7e6a3
Especially when executing commands that return a relatively lot of data in stdout
quickly, proc_get_status() may return that command has terminated before everything
has been read from pipes. Handle this case by continuing to perform
non-blocking select on the process's streams until all remaining data has been
read.
Bug: 67870
Change-Id: I050292dbb76821f66a15f937bf3aaf4defe67687
The iconv fallback is, for the most part, a remnant of PHP 4 support.
Though iconv was not enabled by default in PHP 4, it is in PHP 5. This
is the case even for Windows builds, which use GNU libiconv.
As for the major Linux distributions:
* Debian, CentOS, Ubuntu -> always enabled
* Fedora, Slackware -> .so in the same package, enabled by default
* Arch -> .so in the same package, disabled by default
* openSUSE -> separate package
Change-Id: Ie1112a5742646a0e1f951e188480c23851859320
* Made wfWaitForSlaves() use it instead of using isOpen() incorrectly.
The index for the master is 0, not DB_MASTER. This fixes 2979f0b6.
Change-Id: I48e5c7f10d8fe6b8bf6e830282352e3238b5d3ae
In wfDebugBacktrace() and wfShellExecDisabled(), use function_exists()
instead of getting the value of the disable_functions INI setting,
then splitting it into a list of functions, then checking that list
for the function to be called.
Also removed the check for Zend Optimizer, an old PHP extension that
does not work with PHP 5.3.
Change-Id: I04f0e026f8a6e0414f08d5302aff6c084a1d19a7
gute on irc just mentioned how his BusyBox server identifies as
linux but doesn't have bash installed. Additionally I see no
reason to limit limit.sh to linux, if for example somebody has
installed bash on a different *nix.
Change-Id: I51677295ab6bbc58fc5152106cf2c4c32bd1b0ea
This unprefixed function, added in r7198 (2b3f4c749d3d), has been
unused since r12411 (f2a59db33f).
It is short and simple enough that on the rare occasions it is needed,
it can be inlined or copied into the calling class as a private method.
Alternatively, the idiom `list( $a, $b ) = array( $b, $a )` can be used.
Change-Id: Ieb4602597a54eb21a5de177fee6dafa7ac71ce1d
Two classes (User and SpecialRunJobs) currently contain string
equality checks that purport to be timing-attack resistant.
Reduce code duplication by adding and using a fallback for the
hash_equals() function from PHP 5.6 (currently in beta), in a way
addressing the comment "@todo: make a common method for this".
Change-Id: Iece006ec0216edb3fc5fbef7cc6ec00a6d182775
* Fix: wfDebugMem no longer reports kibibytes as kilobytes
* Usability: wfDebugMem now uses unit symbols (e.g. KiB)
Change-Id: I1ab8aa3ccdb0fdea307913ada4ed42964d7fe960
Introduces wgHttpsPort configuration variable and makes use of it when
appropriate in wfExpandUrl()
Bug: 65184
Change-Id: I325ee0ff7be16de2a964fb7d8654b88cbd5fe239
This adds a new generic library class IPSet, which precomputes
a reasonably-efficient data structure from the input list of
addresses and CIDR net/mask specs for fast runtime matching,
and then uses it to check trusted XFF-setters.
See also: 32b4f19f173fc5cff1029eedee63a39a2d72dd3a
Bug: 57021
Change-Id: Ia3b12fb90c3e7e492374a128943b014481cc2730
We've had the logic for stripping the outer <p/> element in three
separate places. The version in OutputPage was missing the '$' at the
end of the regex, that was most likely a mistake caused by the
duplication.
Also, extend the logic in order not to generate invalid HTML if the
input contains more than one <p/> tag. Added tests for this and the
previous behaviour.
https://www.mail-archive.com/mediawiki-api@lists.wikimedia.org/msg03188.html
Change-Id: I6bb3597898324556df912a23a7ffc9ff250b8f58
Swapped some "$var type" to "type $var" or added missing types
before the $var. Changed some other types to match the more common
spelling. Makes beginning of some text in capital.
Change-Id: If8c0cf4627fc62ff288d33658e327ae80548f5c5
Variants included 'in <version>', 'as of <version>' and just the
version number.
Some @deprecated annotations do not have the version number at all,
I want to hunt them down separately.
Change-Id: I8208c6097098f4735d4f51bc42254675f1f27f6d
This patch replaces:
<!-- Served by mw1069 in 0.976 secs. -->
With:
<script>mw.config.set({"wgBackendResponseTime":976,"wgHostname":"mw1069"});</script>
In the default HTML output of MediaWiki.
While the latter is a nearly twice as long, it is almost as readable for human
beings, while being substantially easy to get via JavaScript.
To get the values from the comment, you have to do something like:
var comments, comment, hostname, duration;
comments = $.grep( document.body.childNodes, function ( el ) {
return el.nodeType === 8
} );
comment = comments.length
? comments.pop().nodeValue.match( /(\S+) in ([\d.]+)/ ).slice( 1 )
: [ null, null ];
hostname = comment[0];
respTime = parseFloat( comment[1] );
On the other hand, to get the values from the JavaScript code, you can simply:
var hostname = mw.config.get( 'wgHostname' );
var respTime = mw.config.get( 'wgBackendResponseTime' );
I believe that the ability to parse the number easily via JavaScript will make
it easier to include with other client-side measurements as part of reports on
site performance as experienced by users.
Change-Id: I895cd03f0968815484ff8cda4b23cc602ac555f0
And deprecate $wgProfileOnly in the same time.
This has the advantage of allowing profiler output to be separated
from the main debug log file; or even be completely disabled while
keeping the other debugging messages.
Also updated the checks in wfLogProfilingData() to detect the cases
where the output would not be sent anywhere to not execute the
last part of the method which would be useless otherwise.
Backward compatibility with installations having $wgProfileOnly
set to true is kept by moving the log file from $wgDebugLogFile
to $wgDebugLogGroups['profileoutput'] in Setup.php in that case.
Change-Id: I7b35195e527dfa7978b710126ed4599e75dab46b
I mainly fixed PHPDoc comments that are highlighted by PHPStorm
as being wrong or incomplete.
* Fixed some wrong inline documentations, e.g. wrong @return types.
* Used the style suggested by the Doxygen and phpDocumentor
documentations: @param type [$optional,...]
* Doxygen and phpDocumentor suggest the order: @param type $var
* Avoid unclear "varargs" and "mixed" if possible.
* Lowercased "array" and such, they are no classes.
Change-Id: Iff16e05fed6652cefec29e3d254807f52d84c9ab
Since Iffba121a99 (00b7f76) with the removal of wfHttpOnlySafe(),
session cookie's parameters are based only on configuration
settings, so there is no point to spam the "cookie" log group
with predicitible values.
Change-Id: I8b1cdea929cefc32dd8b01c2ecbf2d76bb64189f
I found two calls to wfLogDBError() that do not add a new line
at the end of the message. So instead of adding them to that
entries, I changed wfLogDBError() to automatically put it on
icoming messages; as for wfDebugLog().
Change-Id: Id014b5827a0aeef6873ebf08d78f0a3d7581d63b
This hack was added in r34083 / 6b16f44108 to support IE for Mac.
That browser is no longer supported, and no additional user-agent
strings have been added in WMF configuration.
Change-Id: Iffba121a9964e2ad387fad8827ddfd8dabcbd12e
- The parameter is now a string, making is more understandable than
boolean values
- It takes the same values in both wfDebug() and wfDebugLog() (except
for 'private' which is only used in the latter)
- This adds a new possibility to wfDebugLog() to log the message either
on the specific log or the general one, but not to the debug toolbar
- Old boolean values are still recognised for backward compatibility
- Also send the messages passed to wfDebugLog() to the debug toolbar
when they are written to a specific log and not restricted to logs
- Updated the calls of and wfDebug() and wfDebugLog() with the last
parameter to change it into a string
- Renamed MWDebug::sendWarning() to MWDebug::sendMessage() and added
$group parameter to it; will not break anything since that method
is marked as private
- Changed the call to wfDebug() from MWDebug::sendMessage() to use
wfDebugLog() with 'log' as thrid parameter, so that those messages
can be logged separately from the main log and they don't show up
a second time on the "debug log" tab of the debug toolbar
Change-Id: I1be09d4c1d3408ed5b26a5db02691c17c0ec0926
Some uses remained in Gerrit extensions, and patches have been submitted
to replace the usages. See below for details.
* in_string (deprecated in 1.21)
* wfGenerateToken (deprecated in 1.20) (had 2 uses)
* wfStreamFile (deprecated in 1.19) (had 1 use)
* wfUILang (deprecated in 1.18)
Change-Id: Ic67a968da8f37daf44503b98d00710eb99180805
Kept wfGetIP() for now because it is still in use in the SecurePoll
extension and in WMF configuration.
Change-Id: Id412e37743f89bb67eb329a2f475f8496cf7b006
The Line continuation Coding conventions prefers the closing parenthesis
on the same line than the beginning curly braces. This is done for ifs
and functions.
Also move some boolean operator from the end of a line to the beginning
and changed some indentation to make the condition hopefully better
readable.
Change-Id: Id0437b06bde86eb5a75bc59eefa19e7edb624426
- Removed double spaces
- Added space after if/switch/foreach
- Removed space on elseif
- Added space around parentheses
- Added newline at end of file
- Removed space before semicolon at end of line
Change-Id: Id40b87e04786c6111e6686d7f7eea1e588bdf37d
The use of static server detection outside of its intended use case
(i.e. at the start of DefaultSettings.php), for example in r93258, was
an architectural error. Every other bit of information about the web
request in non-setup code comes from non-static methods of WebRequest,
which allows the request object to be meaningfully replaced or
subclassed. The situation became increasingly ridiculous as more
callers of WebRequest::detectProtocol() were introduced. Two of the
callers were calling it non-statically! I suppose they had the right
idea, in a way.
Using a non-static call allows caching, which is a nice additional
benefit.
WebRequest::detectProtocolAndStdPort() was introduced in r93258 as part of
the introduction of WebRequest::detectProtocol(). It was basically
useless. Grep indicates there was only one caller in core and WMF
deployed extensions, and it is patched here.
Change-Id: Ia0a61e98fbff7a46ceaeebcb02236e5eac3df0e1
Adds release notes and fixes two inaccurate comments added in Ib0ece5d5d
("Configurable log sampling via $wgDebugLogGroups").
Change-Id: I224a0319b7432300d3cb6f4d14e61ea9d36ee228
Make it possible to configure a log-group-specific sampling factor by allowing
$wgDebugLogGroups values to be associative arrays with 'destination' & 'sample'
keys.
The immediate use-case I have in mind is the memcached log, which is too
verbose to enable in production. We could sample on the receiving end, but
doing so would not help MediaWiki, which would still be on the hook for
processing and dispatching every single record.
Idea was vetted by Dr. Manhattan:
<TimStarling> I think you could have each element in $wgDebugLogGroups be an
associative array
<TimStarling> e.g. array( 'sample' => 1000, 'target' => "$host:$port")
<TimStarling> that would allow for more features to be added to it in
future
Change-Id: Ib0ece5d5d9c2aadef13b77ac38995b0e47ac086f
The former is only really used to refer to the older hphp compiler.
Now all docs pretty much exclusively are referring to HHVM and
that's the project's name going forward.
While we're here, swap HPHP_VERSION for HHVM_VERSION. Either work,
but the latter is more correct.
Only affected extension (in Git or SVN) is GWToolset, fixing in
I3a490ef.
Change-Id: I81e4ce5d14e344e67045050261f91b3c0159f222
Allow limit.sh to log its errors to an MW debug log channel, by opening
a separate FD for private communication.
Ensure that the log FD is always closed (3>&-) before executing a
subprocess, so that MW will not hang waiting for background processes
to close the log FD. This means using a fixed FD number, since the bash
syntax for closing a file requires a literal FD number.
The "exec" debug channel is now intended for production monitoring. In
addition to errors from limit.sh, it also records when a subprocess is
terminated by a signal.
The case where stream_select() returns false was tested by patching PHP
to inject EINTR or EBADF into errno.
When wfShellExec() is used with a memory cgroup, and the cgroup is missing, log and continue with no cgroup instead of immediately exiting.
Bug: 55709
Change-Id: Ie40befe9c0d00c9a0ddb01077df4afb774d17e15
While reviewing Ia5a7661c I happened to stumble in to the dark labyrinth
of PHP's version_compare() function. This comment attempts to leave
bread crumbs behind for the next unwary adventurer who stumbles into the
same damp cave.
The tricky bit is that when '1.22wmf22' is compared with '1.22'
internally it is as though you are comparing '1.22.wmf.22' with
'1.22.0.0'. By the component-wise comparison then performed 'wmf' is
considered the lowest priority value that could be in the third
position. When using '1.22c' for the required version the 'c' is given
the same lowest priority as 'wmf'.
Change-Id: I58aeb8dc6b1ff31897d72eb44904d96487ad3653
* Separate code from data. $2 in limit.sh is an option list.
* Don't duplicate stderr on linux when limit.sh is not used, unless
duplicateStderr is specified
Change-Id: I8e6e74810864830c12af627bfbe75e74ba34e3e3
Per the bug report, the 'Debug' hook was triggering an infinite loop when
wgDebugFunctionEntry is enabled. The Debug hook is used if an extension wants
to stop a debug message from being sent out. Ideally the wfDebug and related
functions should be as low-level and avoid calling other code as much as
possible to avoid situations like this.
Bug: 55818
Change-Id: I679782489b683503fc624cfea3c7ad72a989b005
wfDl() is a wrapper around dl(), which is an evil function and
basically only works from the command line of Zend. Luckily
no extension has ever used this thing, so let's just remove it
outright.
For comparison, here's a list of places it does not work:
- hhvm
- php as apache module
- php compiled with zts support
- safe_mode
- Basically any shared host that cares about security
Most callers are using it to check for extension support and are
actually failing gracefully when wfDl() returns false. In these
places we're just going to use extension_loaded().
While we're at it, clean up some of the test skip logic in the
media tests so we can bail as early as possible if we know we
can't complete the test.
This also immediately removes $wgLoadFileinfoExtension. It's been
enabled by default since 5.3 and falls back gracefully when the
support isn't available.
Change-Id: Ieb430dfc74483731dde51d6e20fa700d641ba1f4
This adds an option to wfShellExec (and convenience function
wfShellExecWithStderr), to make sure all stderr is duplicated
to stdout. The previous method of doing this was to include
2>&1 on the command line. However this did not redirect errors
from limit.sh (For example cgroups not set up, or if a command
reached the file size limit set by ulimit).
Not sure if this is the best approach, but it seems to work well,
and compared to most other approaches I considered, actually gets
the ulimit errors redirected too.
Currently some files fail to render with no error whatsoever,
hopefully this patch will make what went wrong more obvious.
Also fix a comment in wfShellExec that was incorrect (trailing \n),
and make the initial value of the return value variable be 200, so
if there's ever a bug in php where its not being set properly, it
would be immediately obvious what is happening.
Bug: 53824
Change-Id: I833aeb3ab9da726ecb97331369ea187daad7e795
Noticed during bug 54662
Warning: strcmp() expects parameter 2 to be string, array given in
/usr/local/apache/common-local/php-1.22wmf19/includes/GlobalFunctions.php on
line 127
Bug: 54662
Change-Id: Icdd7fa229e49d7e83aa2a7992895f497806448e1
The following are now correctly escaped:
* Blank lines (including those with only tabs)
* ---- at the start of a line
Bug: 53658
Change-Id: I300e15a22c93ca542913135c9c83913c18c99faf
If mkdir fails, check again to see if dir has been created
since our initial check, and return true if so.
Also, in initial check, only return true if $dir is really
a directory, not a file.
Bug: 49391
Change-Id: I2b331669fae70948ce79ba1477c05968a3095c3d
Also removed some unnecessary ones. I think I've caught them all.
The spaceless version already appears in core ~300 times (after
accounting for false positives when grepping). Some consistency would
be nice.
Change-Id: I607655b5f4366e66dc78730d5fd2f57ed8776cae
The following are now correctly escaped:
* Space at the start of a line
* Start-of-line characters after \r
* Magic links such as "RFC 123" with non-space whitespace
* URIs that don't use "://", such as "urn:foo"
* Double-underscore magic words
Bug: 53658
Change-Id: Ie8803a03b20e3fd7e5cc7e55829f24bb86f60b17
* Introduce a hook allowing automatic redirects to HTTPS to be
disabled on the basis of client IP address.
* Make User::requiresHTTPS() return false if the client IP is
blacklisted as such.
* On login, make the "stick HTTPS" option default to false if the
client IP address is blacklisted as such.
* Do not redirect anonymous requests to HTTPS.
* If $wgSecureLogin is enabled, link to the HTTPS login page *via*
the HTTP redirect, so that there is no need to vary the cache of
anonymous page view HTML on client IP address.
Change-Id: Iaa9dd2108431b8c35e05db4bfe78a629018a003c
This makes more sense than having wfReadOnlyReason() call
wfReadOnly() for its side effect of setting $wgReadOnly
to the contents of $wgReadOnlyFile if the file exists.
Change-Id: Ic723aed368915ac3757f3100ddbbeb3b5a4cdc15
The code for changing the session id cookie from Special:Userlogin is
also needed in CentralAuth. So let's factor it out to avoid code
duplication.
Change-Id: I777f76ee8e2b953a1e972327bedc28e0ab1acf0d
The wfMemcKey function converts any spaces in the key into _, while
the wfForeignMemcKey does not. As such they would not return the same
key in certain corner cases.
Change-Id: I520dacdce953414dee5907324c2c98db858bcd42
These functions existed to work around a bug (fixed in PHP 5.3) and
a missing feature (added in PHP 5.2) in older versions of PHP;
therefore, they are no longer necessary.
Change-Id: Ifebbe3d449fc57fd83f8350c28f467605c1a07b7
Additions to the PHP language made these redundant.
* wfArrayLookup() is similar to PHP 5.1's array_intersect_key()
yet has serious limitations. For example, integer string values
are implicitly cast to integers.
* wfArrayMerge() can be replaced by PHP 5.3's array_replace().
* wfTime() just returns microtime( true ).
Change-Id: I2c6844fc48a265d2d885083b5bed8df846e0aaf4
count( $codeSegment ) > 0 should be never true in a foreach loop of
$codeSegment itself. See also Iffe166f3.
Change-Id: I453b5ec3379951a2ad6e34b9835907c2eba3046b
The debug output written with the function wfDebugLog should be
printed to the debug toolbar in the same way as wfDebug does.
Change-Id: Ib979df080332e16c8e0e6a89eab8741986ab39c3
We were calling strtolower() up to three times. As a micro optimization,
call it once around ini_get() and do the logical checks against the
variable containing the lower case output.
Change-Id: I16c149fbb9de84d7b6f3e68da06de208c5572b7c
* $wgHtml5 = false; is now ignored completely.
* $wgDocType and $wgDTD have been removed.
* $wgXhtmlDefaultNamespace is now ignored.
* XHTML5 will be output if $wgMimeType is set to an XML mime type (according to HTML5's rules).
* For backwards compatibility with extensions $wgHtml5 and $wgXhtmlDefaultNamespace are set
in Setup.php but depending on them is deprecated.
Change-Id: Iad9634e2ee420b5a3bbffe550421fde4fa1819b0
Venema's taint feature was apparently never publicised beyond the
php-dev mailing list, and now there is a PECL taint extension which is
incompatible with the interface assumed here.
Grep confirms that wfArrayMap() is not used in any extensions.
Change-Id: I17d8d302947443262474c608829c7c7504bef589
af125df519 broke importing
because Import.php was calling wfRunHooks() improperly.
Fixing the calls and making the wfRunHooks() signature
match Hooks::run() to make call errors immediately detectable.
Change-Id: If44292fedf6917cde1dae7f0391231a18d414610
Two problems with a single line of code:
* dechex() does not include leading zeros, so the first digit
generated in each iteration cannot be zero unless the return
value of mt_rand() is 0.
This also means wfRandomString() is extremely unlikely to
start a string with '0'.
* mt_rand() does not actually uniformly distribute values over
[0,2^32-1]; it actually right-shifts one of the bits off (just
because "[...] the previous php_rand only returns 31 at most"),
so the maximum value is 0x7fffffff, not 0xffffffff.
This means wfRandomString() will never start a string with
any of the digits 8-f.
Including leading zeros and using only the 28 LSBs to form seven
hex digits at a time is the simplest fix.
Change-Id: Ic19b5b97c582485780b24fd35ffef2111cc8b3ca
* Also factored out a new wfShellExecDisabled() function.
* This will keep the process in the background if possible to avoid
killing site performance, especially with slow jobs.
* This also keep fatals and uncatcheable exceptions from
hitting the user.
* If $wgPhpCli is not set to an actual path or safe mode
is on, then the old code will be used.
Change-Id: I6a28152251659ee53eee2604f16d5bf02c85a44f
And added/removed spaces around some other tokens,
like +, -, *, /, <, >, =, !
Fixed windows newline style
Change-Id: I0b9c8c408f3f6bfc0d685a074d7ec468fb848fc8
The error was:
Catchable fatal error: Argument 1 passed to DatabaseMysql::masterPosWait()
must implement interface DBMasterPos, boolean given, called in
/var/www/DevWiki/core/includes/db/LoadBalancer.php on line 419
Change-Id: I230585930c1424b0868f9aa290167c66bc6848bd
* Removed spaces around array index
* Removed double spaces or added spaces to begin or end of function
calls, method signature, conditions or foreachs
* Added braces to one-line ifs
* Changed multi line conditions to one line conditions
* Realigned some arrays
Change-Id: Ia04d2a99d663b07101013c2d53b3b2e872fd9cc3
Currently, trigger_error() is used to report non-fatal problems in
production. It seems more consistent to have our own function to do
that, with behavior consistent with wfWarn().
Change-Id: I531b7ceec089978c2832721486f277fdfca65270
* Ran spell-checker over code comments in /includes/
* A few spellchecking fixes for wfDebug() calls
Found one very strange (NOOP?) line in Linker.php - see "TODO: BUG?"
Change-Id: Ibb86b51073b980eda9ecce2cf0b8dd33f058adbf
Doxygen expects parameter types to come before the
parameter name in @param tags. Used a quick regex
to switch everything around where possible. This
only fixes cases where a primitve variable (or a
primitive followed by other types) is the variable
type. Other cases will need to be fixed manually.
Change-Id: Ic59fd20856eb0489d70f3469a56ebce0efb3db13
Added/removed spaces around logical/arithmetic operator
Reduced multiple empty lines to one empty line
Removed wrong tabs before comments at end of line
Removed too many spaces in assigments
Change-Id: I2bba4e72f9b5f88c53324d7b70e6042f1aad8f6b
