This way the messages are generated in the correct language instead
of relying on the user language from global context.
This should ideally become a non-static method at some point,
but currently there currently many out-of-class callers.
Change-Id: Ifb1756c1a3bddc717387ed66a58dedd4c1a7dab9
This also removes assumptions that when a page
in one Namespace should be watched / removed
that the page in the talk / subject ns for the
page should have the same action applied
This should maintain all backward compatability
for the WatchedItem class
This also includes tests written by:
- WMDE-leszek
- Addshore
Bug: T127956
Change-Id: Iad9abafe4417bb479151a3bfbee6e1c78a3afe3c
This breaks out the toggle checkbox code into a separate class in
includes/ListToggle.php
Bug: T92230
Change-Id: I8d1aefb83008053e63d59abf8b8915b93e15fcc2
Using IContextSource avoids the use of $wgLang and wfMessage which make
use of global $wgTtle.
Add IContextSource as parameter to ChangeTags::formatSummaryRow to avoid
globals. Define an IContextSource instance in all functions which
reference ChangeTags::formatSummaryRow and pass it in ChangeTags::formatSummaryRow
function call.
Also make the default value of IContextSource $context as null in
parameter, to avoid breaking changes for old callers in extensions.
Document default null value of IContextSource and add a @note to prefer
IContextSource over null value.
Remove trailing whitespace, and make code order according to parameter
order.
Bug: T105648
Change-Id: Ib54a6a96b73f6cd8fcdf8e520db2448a1e811cfa
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
* 6acd424e0d SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8a Close a loophole in CookieSessionProvider
* fcdd643a46 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb7 SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a19 SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d21 RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f677 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b0 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f70 Call session_cache_limiter() before starting a session
* 2c34aeea72 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a5 Ignore auth cookies with value 'deleted'
* 43f904b51a SessionManager: Kill getPersistedSessionId()
* 50c5256352 SessionManager: Add SessionBackend::setProviderMetadata()
* f640d40315 SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78 Do not raise a PHP warning when session write fails
* 722a7331ad Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b SessionManager: Change behavior of getSessionById()
* 66e82e614e Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d9 Add "bot passwords"
* d7716f1df0 Add missing argument for wfDebugLog
* a73c5b7395 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
The "return to" guess of the patrol action for non-JS users now also
checks uploads, and in that case let users return to Special:NewFiles.
Change-Id: Ib8e472c16b7034524ef3b79a5eb426f7edda6ec2
SessionManager is a general-purpose session management framework, rather
than the cookie-based sessions that PHP wants to provide us.
While fallback is provided for using $_SESSION and other PHP session
management functions, they should be avoided in favor of using
SessionManager directly.
For proof-of-concept extensions, see OAuth change Ib40b221 and
CentralAuth change I27ccabdb.
Bug: T111296
Change-Id: Ic1ffea74f3ccc8f93c8a23b795ecab6f06abca72
The next revision in the page history isn't necessarily the previous
revision (due to selective undeletions, history merges, etc). This
passes the next revision to HistoryRevisionTools so extensions can check
if needed. Also, it passes the user to this hook and DiffRevisionTools
to avoid use of wgUser or having to retrieve context.
Change-Id: Ibc68f19040eebe3614e07f753f26bbfd376ae28d
* This gets lag information that is useful when
the calling code is about to run queries that
will have their results cached.
* This is now used in place of trxTimestamp() for
WANObjectCache set() and getWithSetCallback().
* The WAN cache will use a low TTL if the lag is
too high to avoid caching stale data for weeks.
* Bumped MAX_COMMIT_DELAY as nothing enforces it.
Bug: T113204
Change-Id: I2a95b4088cff42d6e980351555f81a4b13519e24
* Make FormAction::getFormFields not abstract. In most cases this will just
be an empty array. This is in prep for RollbackAction as well.
* Remove redundant show() in WatchAction. This used to do custom stuff,
but after 77cdf1919 it does exactly the same as the parent FormAction::show.
* Don't add 'redirectparams' hidden field if there were no custom query parameters
(e.g. plain index.php?title=..&action=..)
Change-Id: Ia7f9bb0367c49a23179e9fefa9f529fa8aef8f52
The GET variant was already rarely used because our frontend enchances these links
with a click handler that uses AJAX to make a POST request to the API.
The index.php url, nor its token, were used for the majority of users.
Simplify this by stripping the 'token' query from these urls and requiring a POST
request for index.php?action=watch and unwatch.
* FormAction: Actually set a proper '<form action>' instead of letting HTMLForm
default to a confusing title path (e.g. /wiki/Pagename). Article path should
not be used for POST requests.
* WatchAction: Group all FormAction-related methods together.
* WatchAction: Make token consistent with other actions now that it is POST-only
(no "stronger" salt containing the page title).
* Remove ununsed mediawiki.page.startup dependency from mediawiki.page.watch.ajax.
* WatchAction: If accessed over GET directly (e.g. for users without javascript)
display a confirmation form that submits the token. Similar to PurgeAction.
Change-Id: I504f457e68a133bcfc418cff13b838080fec1008
* The random I/O due to secondary lookups causes timeouts on
larges pages that keep showing up in the logs.
Change-Id: I9bddcd3ba9ad5ff2f26ccec4553906ecc4a8129b
MWTimestamp::getTimezoneString() returns the timezone name as a message,
that supports wiki localization. The code is moved from Parser::pstPass2.
The default file revert message is currently always in UTC.
This patch sets the default timestamp to be in the wiki timezone (similar
to ~~~~). The timezone is passed as a new parameter to the message, with
the date / time parameters being merged and handled by
$wgContentLang->timeanddate
Bug: T36948
Change-Id: I48772f5f3b1635d33b6185776cedfc4ee1882494
* Potentially long running POST requests often use multiple transactions,
talk to multiple services, or defer updates. Try to make sure they have
a chance to complete all of the work. WMF already sets ignore_user_abort()
across the board in config, but this applies it to key spots for all
installs, in addition to bumping the time limit.
* Eventually this can lower the need for high overall time limits.
Bug: T102890
Change-Id: I893ddd773064dcd63b5b24c84c6391974f4b5aee
We just saved the page, so we know the revision id. Pass it on to
InfoAction::invalidateCache() so it doesn't have to be looked up again.
Follows-up 0452855044.
Change-Id: I990c0da09fae94f403f3550069036d3f208090a6
No behavioural change, but makes the code easier to understand.
It was somewhat all scattered.
* Remove outdated comment about 24 hours.
- ForcedRawSMaxage defaults to 5 minutes.
- SquidMaxage defaults to 5 hours (wmf-config: 31 days).
Change-Id: I7f3b67780ba9e8c024dcbd68772495b91abb2d01
Followup to 09a21c4af8
Now with `|| $user->isAllowed( 'unwatchedpages' )` we can enter
line 337 without having any count to show.
Change-Id: I6826e1c59899d2c8cbbc6d079874d0d583f8783a
Proposed threshold to be considered an "active" watcher:
two times $wgRCMaxAge, configurable with the new
configuration setting $wgWatchersMaxAge.
The information is not displayed when the number given would
be 1 or 0, so that the number (or absence thereof) doesn't
"disclose" that the page is (potentially) unpatrolled or
completely unwatched and hence easier to vandalise.
Configurable with $wgUnwatchedPageSecret too.
Also, we don't display this row at all when the user doesn't
have the right to see the count of total watchers.
Bug: T51506
Change-Id: I10d294a339b131eee94839ed7088ab20d746d881
The info page of a page with {{DEFAULTSORT:0}} shows the page title
as default sort value.
Using empty() will consider the string '0' to be false, so use isset() instead.
Bug: T103745
Change-Id: I56ea5a38dcd33e822e0fc5b8685777fe1d212b22
This avoids muliple cache calls to explicitly defined tags by
calling the showTagEditUI of ChangeTags only once in logs and
histories.
Change-Id: I2e36dbd96d3fcca06de0bf418bc6dc294d8d18d3
* Convert existing use of WebResponse::header() for HTTP status headers
to use this new statusHeader() method.
* Extend unit test forFauxResponse.
I'm not calling HttpStatus::header directly in code. We keep the abstraction
layer of WebResponse so that responses can continue to be mocked/fauxed without
affecting the outer HTTP response.
Change-Id: I8a536e16659fa88b54cffa1457efb889efa5fcd6
Method similar to SpecialPage::outputHeader() to avoid registering
tons of system messages and to have -summary and -helppage tidily
listed together in Special:AllMessages by default.
Bug: T45591
Change-Id: Ic849dde00be7379c1909a8486cf20f48c5aea5cf
The number of pages was always the total count of all members of that
category, not just pages. Correct that and also show the total count.
Change-Id: I246d92b35d508e10fd93f9c7209db11a6e0eeb7a
The intention of the new hook is to allow extensions to prefetch
any information that may be needed for displaying history rows.
In particular, this is needed by Wikibase to allow us to inject
localized entity labels into the edit summaries.
Bug: T95672
Change-Id: Ie10ef99154da35713a4f583e2de2162fba28eef2
There is a new special page, Special:EditTags, which is very similar to
Special:RevisionDelete in a lot of ways. In fact, the SpecialEditTags class
started off as a copy-paste of SpecialRevisiondelete.
You invoke this special page by going to an article history page, checking
some revisions, and clicking "Edit tags of selected revisions". Then you
pick the modifications you want to make and click "Apply". Very much like
the revision deletion workflow.
I had to restructure some of the Action routing code, which was only
designed to handle revision deletion. Also removing some code from
SpecialRevisiondelete which didn't work as advertised in the first place,
and definitely doesn't work now.
Change-Id: I7d3ef927b5686f6211bc5817776286ead19d916b
All the chosen targets are translatable public domain help pages
on MediaWiki.org. Mostly special pages and actions for privileged
users for now.
Adapted from the Translate extension, credit to Niklas Laxström
(TranslateUtils::addSpecialHelpLink).
Depends on 6f5b29ff4e, whose commit
message has a typo addIndicator() instead of setIndicator().
Bug: T45591
Change-Id: I2934b1708a0d207dcf3d940264f140613646f203
This change will not break the usage of the messages, because there are
usually used escaped in mediawiki/core.
Change-Id: I049134e2fbfadab04ac228090d17fd18c5baca3d
Xhprof generates this data now. Custom profiling of various
sub-function units are kept.
Calls to profiler represented about 3% of page execution
time on Special:BlankPage (1.5% in/out); after this change
it's down to about 0.98% of page execution time.
Change-Id: Id9a1dc9d8f80bbd52e42226b724a1e1213d07af7
Special:WhatLinksHere gets now passed hideimages=1
if the concerned page is in the File namespace.
A bit of history:
the 'hideimages' parameter has been added to Special:WhatLinksHere
with commit 06ad0d25 (r34267), then removed with commit cdc7e22d
(r34277), and finally added back with 725cb284 (r34320).
Change-Id: I0f358e52c38bb525cee8085ca206118ee276889d
RevertAction::getDescription cannot set subtitle on OutputPage,
because the subtitle on OutputPage gets cleared before the
result of getDescription is added and than the subtitle is gone.
Refactored the code for building the backlink into a static function
and use it.
Change-Id: Iedad0b8e040035a9a10a0b140d2322357e6b539a
Replaced by an array() and removed an unused variable near by.
Follow-Up: I61bb3c358f755ed9f2153d94b744c1a9da02c456
Change-Id: I5c4dc22e1e9346bfc410a9dda4353d5297a5825e
Stop littering MediaWiki with globals, provide a common
api for generating them similar to how we do text input
attributes before things get out of control.
Adds
* submitButton
* linkButton
Change-Id: I61bb3c358f755ed9f2153d94b744c1a9da02c456
This provides better mobile experiences on various pages
and a more consistent UI across both mobile and desktop.
It does this in two ways.
1) Forces HTMLForms to not use table based layouts so as
not to interfere with responsive nature of mediawiki ui elements
2) Applies MediaWiki.UI classes to most pages
If a page is created via Xml or Html classes it will use mediawiki ui
Where possible I've added classes unconditionally, but for cases of buttons
this is behind the $wgUseMediaWikiUIEverywhere global since button styling is
enabled on pages by default and for checkboxes since it is changes HTML markup.
3) Adds all MediaWiki.UI styles to pages which can use it
When enabled:
* Apply these styles to all pages which use HTMLForms
* Apply to EditPage
* Apply to anything that uses certain elements outputted by the
Xml or HTML helper classes
* Apply to History page
* Apply to protection page
* Apply to move page
* Apply to deletion page
Currently kept behind a global to allow us time to finetune
existing elements. After further testing we will look to kill the
globals and make mediawiki.ui the default
See: I430c0fbb79d2a33bb828b2427bda0ee01115d73f
Change-Id: I47db5eab4569514d039261d11b6dedb0eeae17b5
Changed InfoAction::pageCounts to be non-static, so
it's able to access $this to get the Config object.
Also replaced instances of $wgScript with wfScript().
Change-Id: I4a6a3224e762f13640af04a73e2934b887dffedd
No need to return true on success, because failure gives Exception,
so the return value needs no checking.
Change-Id: Id59bfaebc14bd1c638a721c303f585c1de627508
For pages like Special:Watchlist that throw
a UserNotLoggedIn exception when the user is
anonymous, this patch makes the page redirect
to the login page automatically.
This is instead
of the current behavior of showing a link to
the login page that the user must click.
(Also, Special:Userlogin has existing functionality
that will redirect the user back once they are
logged in.)
Bug: 15484
Change-Id: Idd9325374cb5dc13c4c057f45f88a33bdff523a9
This change adds a preference in the 'watchlist' section to
automatically watchlist a page after rollbacking.
The setting is only visible, if the user has the 'rollback'-right.
I have removed the watch reverts function per advice by Vogone.
Bug: 4488
Change-Id: I3aa831c9c04d627684641af0ca5a332795c87062
- Swap "$variable type" to "type $variable"
- Added missing types
- Fixed spacing inside docs
- Makes beginning of @param/@return/@var/@throws in capital
- Changed some types to match the more common spelling
Change-Id: I7b65fe04db431342cc58b469dc48f41a50c4e891
RevertAction was simply a dummy class for outputting an error message
if the action was not done in the file namespace. I've instead
moved RevertFileAction to RevertAction and threw an exception
from within checkCanExecute().
Change-Id: I7b87de60680009bf4e74d33342cbe81cc0d211b5
Title::getDBkey() only returns the page name without the namespace
which means that "Test" and "User:Test" (for example) pages would
have the same token; use Title::getPrefixedDBkey() instead to
avoid this.
Change-Id: I80333b23cec0cfe6546f6e7776b0a77b56ee20c8
- Describe the possible types of $next parameter in the documentation
rather than inline along with the possible values
- Split the big if ... elseif block into separate blocks. The elseif
are not needed since each path returns
- Only create the revision object when really necessary
Change-Id: Ic92a6f6bd405d3f820d562a7322d34e3d9d33d17
Special page PageLanguage to set the page language of a page.
To enable the feature, set $wgPageLanguageUseDB to true
and assign the 'pagelang' user right to a user group.
Bug: 35489
Change-Id: I0f82b146fbe948f917c1c5d29f7469644d797e80
Variants included 'in <version>', 'as of <version>' and just the
version number.
Some @deprecated annotations do not have the version number at all,
I want to hunt them down separately.
Change-Id: I8208c6097098f4735d4f51bc42254675f1f27f6d
Swapped some "$var type" to "type $var" or added missing types
before the $var. Changed some other types to match the more common
spelling. Makes beginning of some text in captial.
Change-Id: I64e8cfe478cb0ba438f40b0631d6e9049cdab567
Also removed true as second parameter to it from CloneDatabase.php
since it is the default value of that parameter.
Change-Id: I727ebae2bd4df0e26019985ce8c7ce73381c5642
When $wgNamespaceRobotPolicies contains a noindex for a namespace and
the page contains __INDEX__, the index status on action=info was
"Disallowed", but that is wrong, because the page is indexed.
Pass the 'index' to the robot policy logic.
Change-Id: Ib77c3e73968cdc72f657e50371a2372564a1c618
These types of requests can be cached for a short time (~5 min) in
Squid/Varnish.
Change importScript to be consistent with importStylesheet in the query
parameter order (title, action, ctype).
We only send purges for the exact urls as used by importScript and
importStylesheet.
Note: ResourceLoader things have their cache handled separately and
aren't affected by this change.
Users like instant updating of scripts after having changed them.
Bug: 56874
Change-Id: Idaa8552cf371dbafeb8b730f35b3b5c4fc339fb0
This function calls $page->getUserText() and $page->getTimestamp(). These
functions are not specified in the interface Page (which actually specifies
nothing at all). Page is only implemented by WikiPage and Article. Article
does not implement getUserText() and getTimestamp(). WikiPage does.
CreditsAction::getAuthor() cannot ever be given an Article, because that
would cause a fatal error "call to undefined method".
Change-Id: I0ba29622b7307845345ce645cb63b53614aaf2ab
Callers should use SpecialPage::getPageTitle, which is
exactly identical.
This is so that in the future we can turn SpecialPage
into a ContextSource, which requires getTitle to return
getContext()->getTitle.
Change-Id: Icdcf5d5295ef5e7f08b1d403e0c123f78738fd40
Fixes for action=raw (used when sites include other site's javascript),
and stashed images.
Bug: 53032
Change-Id: I8f915f6a4756f750c74d9ee9bec58f7ba6c0c827
This patch adds a new table row with the content model of the page, this
is usally wikitext, can also be javascript or CSS.
Bug: 56033
Change-Id: If91f6c20d79cd7b3b8924ab6c3df5f90acd8c7a1
