* Moved most of the bug 28235 code out to a separate library class, since I was running out of distinct function names.
* Merged the QUERY_STRING and PATH_INFO security checks, since they are dealing with the exact same problem. Removed WebRequest::isQueryStringBad().
* Deal with img_auth.php by having it specify what extension it expects to be streaming out. This extension can then be compared with the extension that IE might detect.
Per CR http://www.mediawiki.org/wiki/Special:Code/MediaWiki/89406#c17545 :
'Here is a third one: Strict Standards: Only variables should be passed by reference in /www/sandwiki/includes/Wiki.php on line 177 '
Offending bit is this:
- SpecialPageFactory::executePath( $this->context->title, $this->context );
+ SpecialPageFactory::executePath( $this->getTitle(), $this->getContext() );
That function demands reference paramters for $title and $context, which is being violated here where we now pass function return values:
public static function executePath( Title &$title, RequestContext &$context, $including = false ) {
The $title does sometimes get replaced within the function body, but $context does not appear to ever be replaced (its *contents* are modified, which does not require passing by reference)
If replacing it is something it should be doing, then we need to be able to replace it upstream presumably, so $this->getTitle() probably isn't appropriate.
The $context probably should have the reference simply removed.
* One less entry point to worry about
* Completely obsolete by load.php and api.php
* Left $wgDebugRawPage in place, also affects load.php requests (docs already reflect)
* Affects dumpHTML (probably broken anyway, has anyone RL-ified this?), and two abandoned/obsolete extensions
* Set EnableHipHopSyntax=true to enable string and integer type hints. I gave the file a .hphp extension to avoid false alarms in syntax checking scripts.
* Made sure almost all the local variables in preprocessToObj() have a specific type, instead of being variants. This is useful for integers, but has the largest impact for objects, since dynamic method calls can be avoided.
* Stopped using extract() since it forces all local variables to be variants, and adds some hashtable initialisation overhead.
* Found a way to cast a variant to a specific object class, by abusing argument type hinting. The method does not require special syntax; it is harmless in Zend PHP.
* Wrapped various internal function calls with type casts. strspn() and substr() need to be wrapped with intval() and strval() respectively, since they return a variant to support special error return values. HipHop isn't smart enough to know whether the error case will be triggered.
* Replaced most instances of double-equals with triple-equals. Profiling indicates that this makes a very large difference when comparing strings, much more so than in Zend.
Also removed htmlHeader() and htmlFooter() since it has zero callers anywhere.
Not sure why useOutputPage() was checking isArticleRelated(), we should be able do use it with other stuff too
* Common use case is Conf::get( 'myVar' );
* Support for default install (new `config` table) added, should be trivial to add backends for CDB, Memcache, etc...
*
to stop mostly irrelevent classes from getting it.
Also remove a method that is an exact duplicate of a base class (not sure whats with that).
This also coincidently fixes the issue with when a foreign file repo uses PagedTiffHandler
and the local one does not, and the builtin Tiff handler tries to treat the metadata as if
it was its own form.
* Refactor with all the latest bells and whistles
* Allow wikis to enable resettting by entering an email address (bug 13015). This is currently an unindexed query, but it is disabled by default so no immediate problem.
* Allow resetting to be disabled entirely (bug 20473).
* Don't send registered users' IP addresses in the emails (bug 18347)
* Check that a user is not globally blocked before letting them send messages (bug 23669)
* Display a more useful error message when an account exists globally but not locally (bug 18996).
Also make a few changes to the functions available. SpecialPageFactory::resolveAlias() now takes an optional subpage and returns array(<name>,<subpage>). Similarly merge getPage() and getPageByAlias(). There were many examples of (extensions particularly) making dubious assumptions about the presence or absence of subpages or canonical-ness.
I didn't deprecate SpecialPage::getTitleFor() as it's got over six hundred calls. I'm rather undecided on the best position of getPage()/executePath(). Although the latter needs cleanup anyway.
* Move them all to includes/profiling/* - If you're using StartProfiler, you'll need to update that
* Make ProfileStub subclass the Profiler rather than duplicating function definitions conditionally
* Removed unused params to wfGetProfilingOutput(), only used in the stub, and they didn't do anything with them
* TODO: Kill $wgProfiling, make $wgProfiler a config array and move the various options to that. Also make into a singleton, rather than global (not much calls it outside of core)
Hope I did this in an ok fashion. svn merge --re-integrate was giving me issues
so I just essentially over-wrote my working copy with the version at img_metadata.
Per CR at the time: this creates a nearly irreversable action that is not nearly well documented enough (even if disabled by default).
We already have the $wgBlockDisablesLogin kludge in place for this. If we're going to do more work on this idea, it should be well thought out, not another hack.
* Actions come in two flavours: the show-a-form-then-do-something-with-the-result (delete, protect, edit, etc) and the just-do-something (watch, rollback, patrol, etc). Create abstract base classes Action and FormlessAction to support these two cases. HTMLForm is an integral part of the form-based structure.
* Look mum, no globals! :D Fully context-based.
* Implement watch/unwatch, credits and delete actions in the new system as proof-of-concept. This also gives the delete frontend a much-needed overhaul.
* Stub out the newly-deprecated functions from Article.php. This already reduces its linecount by about 15%, and there are plenty more actions still to do.
* Centralising actions like this is going to render a lot of hooks type-incompatible. There's simply nowhere you can put the ArticleConfirmDelete hook, for instance, where it can be passed an OutputPage as the second parameter. On the other hand, we can implement new hooks like ActionModifyFormFields and ActionBeforeFormDisplay, which can do much prettier stuff to the forms, like adding extra fields the 'right' way. Update LiquidThreads to use these new hooks where appropriate.
* (bug 14202) $wgUseTeX has been superseded by the Math extension. To re-enable
math conversion after upgrading, obtain the Math extension from SVN or from
http://www.mediawiki.org/wiki/Extension:Math and add to LocalSettings.php:
require_once "$IP/extensions/Math/Math.php";
This is an initial stab, and a few things remain to be cleaned up:
* messages need to be moved from core to extension
* MW_MATH_* constants should be moved to the extension from core
* old back-compat math names interfaces using those constants should be removed from message files
* classic edit toolbar's math button should be added from the extension (or else dropped) -- currently there's not a clean hook, but could do it by JS
* couple of things like the 'armourMath' function on Language & LanguageConverter may want to be redone just as an unconditional, if that's simpler.
Setting $wgUseTeX alone will no longer have any affect. The var's still there for the moment as a few bits still need to be fully moved out from core.
* Work around HipHop issue 314 (volatile broken) and issue 308 (no compilation detection) by adding some large and ugly compilation detection code to WebStart.php and doMaintenance.php.
* Provide an MW_COMPILED constant which can be used to detect compiled mode throughout the codebase.
* Introduced wfIsHipHop(), which detects either compiled or interpreted mode. Used this to work around unusual eval() return value in eval.php.
* Work around lack of ini_get() in Maintenance.php, by duplicating wfIsHipHop().
* In Maintenance::shouldExecute(), accept "include" as an inclusion function name, since all kinds of inclusion give this string in HipHop.
* Introduced new class MWInit, which provides some static functions in the pre-autoloader environment.
* Introduced MWInit::compiledPath(), which provides a relative path for invoking a compiled file, and MWInit::interpretedPath(), which provides an absolute path for interpreting a PHP file. Used these new functions in the appropriate places.
* When we are running compiled code, don't include files which would generate duplicate class, function or constant definitions. Documented the new requirements on the contents of Defines.php and UtfNormalDefines.php.
* In HipHop compiled mode, it's not possible to have executable code in the same file as a class definition.
** Moved MimeMagic initialisation to the constructor.
** Moved Namespace.php global variable initialisation to Setup.php.
** Moved MemcachedSessions.php initialisation to the caller in GlobalFunctions.php.
** Moved Sanitizer.php constants and global variables to static class members. Introduced an accessor function for the attribs regex, as a new place to put code formerly at file level.
** Moved Language.php initialisation of $wgLanguageNames to Language::getLanguageNames(). Removed the global variable, marked "private" since forever.
* In two places: don't use error_log() with type=3 to append to a file, HipHop doesn't support it. Use file_put_contents() with FILE_APPEND instead.
* Work around the terrible breakage of class_exists() by using MWInit::classExists() instead in various places. In WebInstaller::getPageByName(), the class_exists() was marked with a fixme comment already, so I replaced it with an autoloader solution.
* Don't stub RequestContext. The chances of us getting away without needing to access *any* of the six major globals is nil, and in the meantime it's screwing up strong function typing and throwing catchable fatals everywhere.
* Stop stubbing $wgOut. The only path where we can avoid unstubbing it is if we immediately die due to maxlag overflow, and that's a) a pretty uncommon code path, and b) a DB issue which won't be affected by a tiny bit of extra apache load. That allows us to do strong typing on function parameters with it, which is a Good Thing (TM).
Also make OutputPage::getContext() private; I'm not convinced that a context belongs here (it's *part of* the context, not a consumer of it), let's work through it a it more before we advertise its existence.
* Move and rename to SpecialBlockList
* Use an HTMLForm in GET mode for the options form
* Use TablePager to organise the results more nicely
* Standardise the filtration for IPs and IP ranges, so looking at blocks for a range will now also show rangeblocks which contain the range
* General tidy up
* Move to SpecialBlock.php, and rename class appropriately
* Complete refactor
* Use HTMLForm in block form. This changes most of the ids and field names on the form, but allows proper validation, nicer formatting, clears up several fixmes, and is generally Better(TM).
* Spin various parts out into static functions, several of which properly belong in the backend (but Block.php is a worse mess still)
* Invert some of the block options so that every checkbox makes the block more severe (so "check to disable email" is fine, but "check to allow usertalk edit" (default true) is inverted to "check to disable usertalk edit" (default false).
* revert r40359 (move doMassUserBlock() to core). No one seems to be using this function, which has nothing to do with the frontend UI in SpecialBlock (it might perhaps belong in Block.php); it is pretty bespoke for CheckUser, doesn't seem to have very much utility elsewhere.
Further changes:
* Added Status::getErrorsByType() which returns the internal error array untouched
* Added ApiResult::convertStatusToArray() which converts a Status object to something useful for the Api
* Moved the global functions to GlobalFunctions.php, where they are now just convenience wrappers. Made them return non-references. Updated callers (none found in extensions).
* Added an advanced configuration method, $wgObjectCaches, which allows a lot more detail in the object cache configuration than $wgMainCacheType.
* Made all object cache classes derive from BagOStuff.
* Split the MWMemcached class into a generic client class and a MediaWiki-specific wrapper class. The wrapper class presents a simple BagOStuff interface to calling code, hiding memcached client internals, and will simplify the task of supporting the PECL extension.
* Added some extra constructor parameters to MWMemcached, configurable via $wgObjectCaches.
* Removed the *_multi() methods from BagOStuff, my grepping indicates that they are not used.
* Rewrote FakeMemCachedClient as a BagOStuff subclass, called EmptyBagOStuff.
* Added an optional "server" parameter to SQLBagOStuff. This allows the server holding the objectcache table to be different from the server holding the core DB.
* Added MultiWriteBagOStuff: a cache class which writes to multiple locations, and reads from them in a defined fallback sequence. This can be used to extend the cache space by adding disk-backed storage to existing in-memory caches.
* Made MWMemcached::get() return false on failure instead of null, to match the BagOStuff documentation and the other BagOStuff subclasses. Anything that was relying on it returning null would have already been broken with SqlBagOStuff.
* Fixed a bug in the memcached client causing keys with spaces or line breaks in them to break the memcached protocol, injecting arbitrary commands or parameters. Since the PECL client apparently also has this flaw, I implemented the fix in the wrapper class.
* Renamed BagOStuff::set_debug() to setDebug(), since we aren't emulating the memcached client anymore
* Fixed spelling error in MWMemcached: persistant -> persistent
* Removed the ZIP subtypes from $wgMimeTypeBlacklist, they no longer need to be there.
* Added ZipDirectoryReader. Added some small ZIP files which are used to test its various error cases. Most were constructed with a hex editor.
* Fixed getStatusArray() to return a consistent type regardless of whether the error message has parameters. This allows error messages with no parameters to work with the Status object conversion code in UploadBase::verifyFile().
* It was not necessary to preserve the $stripState->general->setPair() interface since it wasn't used by any extensions.
* Moved StripState to its own file.
* Refactored serialiseHalfParsedText() and unserialiseHalfParsedText() so that the bulk of the functionality is in the relevant modules, instead of using scary direct access to object member variables. Made it support the new StripState. It seemed like a lot of work to go to to support an "emergency optimisation" feature in Cite. Cite updates will be in a subsequent commit.
* Fixed spelling of serialiseHalfParsedText() and unserialiseHalfParsedText(), there is unavoidable interface breakage anyway, due to cache object versioning.
* Moved transparent tags to their own function, as requested in a fixme comment.
* Added documentation for markerSkipCallback().
* Removed OnlyIncludeReplacer, unused since MW 1.12.
* Fixed a bug causing the engine and charset settings to not be properly preserved when adding new tables on upgrade.
* Fixed total breakage of SQLite upgrade, by reusing the administrative connection to the SQLite database instead of creating a new one when wfGetDB() is called. Added LBFactory_Single to support this.
* Introduced a "schema variable" concept to DatabaseBase to avoid the use of globals for communication between the installer and the Database. Removed a lot of old global variable names from Database::replaceVars(), most were only added on a whim and were never used.
* Introduced DatabaseInstaller::getSchemaVars(), to allow schema variables to be supplied by the DatabaseInstaller child classes.
* Removed messages config-mysql-egine-mismatch [sic] and config-mysql-charset-mismatch. In the old installer it was possible for users to request a certain character set for an upgrade, but in the new installer the question is never asked. So these warnings were shown whenever a non-default character set or engine was used in the old database.
* In MysqlInstaller::preUpgrade(), fixed the incorrect strings used to identify the MySQL character sets: mysql5 instead of utf8 and mysql5-binary instead of binary.
* On install, initialise the site_stats table, using code copied from the old installer. Unlike the old installer, use SiteStats to increment the user count when the initial user is added.
* Fixed several instances of inappropriate call-by-reference.
* Replaced call_user_func_array() with call_user_func() where possible, it is shorter and simpler.
* Moved the caching boilerplate for DatabaseInstaller::getConnection() to the base class, and have the derived classes override an uncached function openConnection() instead. Updates r80892.
* In MysqlInstaller::getLocalSettings(), escape PHP strings correctly with LocalSettingsGenerator::escapePhpString().
* Reduce timeout for checks in dirIsExecutable() to 3 seconds, so that it doesn't take 30s to run when apache is in single-threaded mode for debugging.
* MySQL and SQLite have been tested and they appear to work. PostgreSQL upgrade is totally broken, apparently it was like that before I started. The Oracle code is untested.
* Added a maintenance script which generates a list of first letters. Unified Han are omitted for performance, and because they shouldn't be used as headings anyway. A future collation specific to Chinese would provide the KangXi radicals as "first letters".
* Provided a precomputed list of first letters. Used Unicode 6.0.0 data and ICU 4.2.
* Moved collation functionality from Language to a Collation class hierarchy with factory function. Removed the recently-added methods from Language and updated all callers.
* Changed Title::getCategorySortkey() to separate its parts with a line break instead of a null character. All collations supported by the intl extension ignore the null character, i.e. "ab" == "a\0b". It would have required a lot of hacking to make it work.
* Fixed the uppercase collation to handle non-ASCII characters, redundantly with r80436. I don't think it's necessary to change the collation name as was done there, so I reverted that in the course of my conflict merge. A --force option to updateCollation.php might be nice though.
It's arguable whether the code is cleaner either way, and adding all this code for the (relatively few) places we do file listings just isn't worth it.
* QueryPage now uses array-based query building instead of raw SQL
* Converted all QueryPage-based special pages that were using old-style wfSpecialFoo functions to new-style SpecialPage subclasses; this is possible because QueryPage is changed to extend SpecialPage
* Backward compatibility for extensions is partly preserved: getSQL() is fallen back on for QueryPage subclasses that don't implement getQueryInfo(), but getOrder() will be ignored (implement getOrderFields() instead). This also means that dual compatibility (1.18 compat and b/c with pre-1.18) is trivial
Extension changes will be merged after this commit.
These changes make it easier to write an API module for QueryPages (bug 14869); this wasn't done in the branch but will be done in trunk soon.
Add Abstract classes explicitally to the autoloader
Move abstract classes from RevisionDelete.php to RevisionDeleteAbstracts.php (svn copy and remove of redundant classes)
* Made them all implement one common interface (might add more functions to it later)
* Moved MySQLField to DatabaseMysql.php
* Renamed nullable() to isNullable()
* Removed maxLength() from:
** SQLiteField: makes no sense
** MySQLField: doesn't do what people may think, useless for this class' purpose of assisting querying the DB schema
This fixes the more general problem that the imageinfo returned with stashed uploads was inaccurate, since it was relying on
code that only worked with non-stashed files.
So, I had to:
- move the ApiQueryStashImageInfo module into core. Which others had asked for anyway, and was anticipated sometime later.
- add lines to AutoLoader and ApiQuery to accomodate the new module
- add an ugly if/then to UploadBase -- based on the type of uploaded file, it will use a different API module to simulate a getImageInfo call.
I left a TODO that this situation wasn't ideal, but the way things are now, imageInfo is constructed by the API modules, when it should probably
really be the File modules. Then the API can wrap that info into various formats.
- add a few new lines to the tests to check imageinfo information in both regular and stashed upload files
Diff.php -> WikiDiff3.php, more descriptive
DifferenceEngine.php -> WikiDiff.php, for consistency with the above and to make way for the file below
DifferenceInterface.php -> DifferenceEngine.php, since it contains the DifferenceEngine class
* Cripple the old installer (entry point is gone, supporting code immediately exits). Keeping the latter for reference still :)
* Move posix_isatty() wrapper to Maintenance.php, all CLI scripts include this
* Clarify docs on archive() deprecation and removal - hasn't been used going back thru 1.15
* Clarify docs on dbsource() deprecation and removal - was in wide use thru 1.15. 1.16 removed all extension usages
* Move the two PHP bug tests to a file with the other installer files, moved them to more logical places in new install/update sequence
* Remove mw_have_dl/mw_get_session_save_path, zero callers
* Move readconsole() and helpers to be a static method on Maintenance, no extensions have used it since 1.15 either
* Modified Xml::encodeJsVar() to allow it to pass through JS expressions without encoding, using a special object.
* In ResourceLoader::makeModuleResponse(), renamed $messages to $messagesBlob to make it clear that it's JSON-encoded, not an array.
* Fixed MessageBlobStore to store {} for an empty message array instead of [].
* In ResourceLoader::makeMessageSetScript(), fixed call to non-existent function mediaWiki.msg.set.
* For security, changed the calling convention of makeMessageSetScript() and makeLoaderImplementScript() to require explicit object construction of XmlJsCode() before interpreting their input as JS code.
* Documented several ResourceLoader static functions.
* In ResourceLoaderWikiModule, for readability, reduced the indenting level by flipping some if blocks and adding continue statements.
* In makeCustomLoaderScript(), allow non-numeric $version. The only caller I can find is already sending a non-numeric $version, presumably it was broken. Luckily there aren't any loader scripts in existence, I had to make one to test it.
* wfGetDb -> wfGetDB
* Added an extra line break in the startup module output, for readability.
* In ResourceLoaderStartUpModule::getModuleRegistrations(), fixed another assignment expression
* SVG metadata is now stored and versioned.
Chosing not to provide fallback for these functions as they seem unused outside of SVG.php (per Google) and grep.
* Moved test record stuff to testHelpers.inc, could be useful for non-parser test stuff?
* Everything else in tests/parser
* parserTestsParserTime from r12533 doesn't seem used?
* Renamed user.preferences to user.options
* Fixed bug that caused anonomous usernames (such as IP addresses) to be used in user style and script requests
* Fixed user options styles not loading for anon users
This way the required method names will show up when grepping
Database.php. I thought we had no affectedRows() method for a minute
there, until G_SabinoMullane corrected me (good thing I think aloud
in #mediawiki).
It wasn't finished, so it's not a big deal.
* Use the term workers instead of threads, which fits better for a multiserver setup.
* The API is now more accurate for our goals (I hope).
* Add support for using the parse from another worker.
* Use child classes instead of array callbacks.
* The daemon is written in C using libevent instead of python using twistd.
* The hash function used is that of Bob Jenkins, with files hash.c and hash.h directly copied from memcached 1.4.5
* Although similar in a few aspects to memcached assoc.c hash table, this is a different hash table implementation. Most important:
** The usage of a double linked list in the hash table.
** Growing is not performed using a maintenance thread. Since the entries are shortlived, it just waits for the old hash table to disappear.
* Note: valgrind 3.5.0 (2009-8-19) does not support accept4 (added in r10955, 2009-11-25). In the meantime you need to use HAVE_ACCEPT4=0 for running with valgrind (as you would need for a non-linux system).
* Sending SIGUSR1 to the daemon gracefully restarts it. The maximum limits will be doubled until the old instance finishes (ie. all its client connections expire).
* Do not try to test it with instances calling an ?action=purge They will serialize on the "UPDATE `page` SET page_touched" query instead of being serialized by the PoolCounter.
* The workers parameter is not stored by the poolcounter. It is expected that all requests with the same key will also have the same value. A reduction in new entries will not take effect if that number is working (not even when they end, if there are waiting entries). But an increase will increase throughput even for old queued requests.
Introduced a WebRequestUpload class which is a wrapper around $_FILES and contains all getUpload* and getFile* methods. This has as advantage that the upload can be passed along without $wgRequest. Also because I like objects.
* Rename Update -> DatabaseUpdaters to be more consistent with DatabaseInstaller
* Made DatabaseUpdaters abstract and merged the Updaters interface in, had Mysql/Oracle/Sqlite subclass it. Entry point is now factory DatabaseUpdaters::newForDB()
* Make sure output only happens in the top-level Installer implementations.
* Differentiate Status warning messages from Status error messages in the Installer.
* Change abstract method from Install::showStatusError() to Install::showStatusMessage() since we'll use it to show warnings now, too.
* TODO Need a better way to extract/display Status warning messages since, from my look at the Status class, it looks like warnings are implemented, but not really used.
* add beginning of CliInstallerOutput class
* make it possible to override LocalSettings from a maint script
* make basic cli installation possible (only tested mysql so far)
* Removed the insecure web entry point hiding in the maintenance directory, in RunSeleniumTests.php. Replaced it with a special page interface, with CSRF protection and access control. If you wanted a secure web entry point, then I suppose this is how it would be done, but I think it should be killed ASAP.
* As in r68544, removed as many require() calls as possible, since nobody seems to know how to do them properly. Made the usual changes to make classes autoloader-compatible: class constants instead of define(), no file-scope registration code.
* Rearranged PHPUnit startup so that MediaWiki can be started from the file scope, as required by Setup.php and other core MediaWiki startup files. The custom entry point maintenance/tests/phpunit starts MediaWiki and then passes its arguments through to PHPUnit.
* Moved the parser test tag hooks into classes and moved their registration to parserTests.inc, to allow autoloading.
* Renamed ApiSetup to ApiTestSetup, MediaWiki_Setup to MediaWikiTestSetup, PTShell to ParserTestSuiteBackend.
* Moved command-line initialisation code from the file scope of parserTests.inc to parserTests.php to allow autoloading
* Rewrote the interface between PHPUnit and the parser tests. Removed all the hacks designed to make the rest of the PHPUnit tests work without proper teardown of the parser test environment. Moved the PHPUnit_Framework_TestSuite subclass to a file that's not scanned by PHPUnit, to avoid "no tests found" warnings".
* Removed the {{NUMBEROFARTICLES}} parser test, too hard to make it work consistently.
