The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
* 6acd424e0d SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8a Close a loophole in CookieSessionProvider
* fcdd643a46 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb7 SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a19 SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d21 RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f677 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b0 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f70 Call session_cache_limiter() before starting a session
* 2c34aeea72 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a5 Ignore auth cookies with value 'deleted'
* 43f904b51a SessionManager: Kill getPersistedSessionId()
* 50c5256352 SessionManager: Add SessionBackend::setProviderMetadata()
* f640d40315 SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78 Do not raise a PHP warning when session write fails
* 722a7331ad Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b SessionManager: Change behavior of getSessionById()
* 66e82e614e Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d9 Add "bot passwords"
* d7716f1df0 Add missing argument for wfDebugLog
* a73c5b7395 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
Bot passwords are something like OAuth-lite, or Google's application
passwords: the bot can use API action=login to log in with the special
username and password, and will then be allowed to use the API with a
restricted set of rights.
This is intended to provide an easy migration path for legacy bots and
for bots on wikis without OAuth, since AuthManager is going to greatly
complicate non-interactive authentication. If OAuth is available, an
owner-only consumer would be a better choice.
Bug: T121113
Change-Id: Iaa4015e00edbfbfaedcc8b2d27a2d3fd25009159
Depends-On: I7e15331efb162275c4116bcae61f19d6b884cbe3
AuthManager is coming, which will make it easier to add alternative
methods of authentication. But in order to do that, we need to finally
get around to ripping the password-related bits out of the User class.
The password expiration handling isn't used anywhere in core or
extensions in Gerrit beyond testing for expired passwords on login and
resetting the expiry date on password change. Those bits have been
inlined and the functions removed; AuthManager will allow each
"authentication provider" to handle its own password expiration.
The methods for fetching passwords, including the fact that mPassword
and other fields are public, has also been removed. This is already
broken in combination with basically any extension that messes with
authentication, and the major use outside of that was in creating
system users like MassMessage's "MediaWiki message delivery" user.
Password setting methods are silently deprecated, since most of the
replacements won't be available until AuthManager. But uses in unit
testing can be replaced with TestUser::setPasswordForUser() immediately.
User::randomPassword() and User::getPasswordFactory() don't really
belong in User either. For the former a new PasswordFactory method has
been created, while the latter should just be replaced by the two lines
to create a PasswordFactory via its constructor.
Bug: T47716
Change-Id: I2c736ad72d946fa9b859e6cd335fa58aececc0d5
Re-use the md_skin database field for now as to not need a
schema change, beause this table is going away soon (T113916).
Bug: T113868
Change-Id: I7c7546ec58fd9be0447604989b908dd2084b0fe3
This is just the db part. The changes to UI validation code will
come in a dependent patch later.
This changes the max size of various *_comment, *_description
and *_reason fields to be 767 bytes. This size is chosen to
be consistent with the largest we can get away with while
still having covering indexes.
It also unifies the various data types of these fields to
varbinary. (Note, this was previously done and reverted in
r80547, but I don't think the reason for revert applies to
the edit summary fields)
MyISAM has a much smaller max index size, and this wouldn't
work with that storage engine. However, none of these fields
are used in default indexes (only in WMF indexes), so this
should not be an issue for anyone using MyISAM. Postgress
and sqlite already supported the larger edit summary size.
Note: This patch increases min mysql version to 5.0.3.
Bug: T6715
Change-Id: I8558e80a18e4591f07f2c3e80f792ea4435c4e71
The primary key of the user table is an unsigned int, the column
user_newtalk.user_id refer the id and should have the same typ to store
the same values as the user table does.
No pre-deployment activity necessary; no need to sync deployment
and merge; can be done at any time (now or later)
Bug: T77005
Change-Id: I641dc1fad0a5bb14815f55e0357243a562fd672b
* Changed the name of the 'utf8' flag to 'utf-8', as that is what
Revision stores. (This was already corrected in the mediawiki.org
manual page by RichF.) Noted that 'utf8' was, however, mistakenly
used in an old version of recompressTracked.php.
* Added 'external' to the list of flags. This was already added
to the manual page (by GreenReaper) yet not here. Copied the
description from there and added a couple of clarifications.
Change-Id: If15b49a28d7d4b0397481d21e30d877298fc7955
The American Chemical Society suggested a new major MIME type for files
containing chemical data in 1998: http://dx.doi.org/10.1021/ci9803233
This suggestion got widely adopted and is now a de-facto-standard despite
not registered with IANA.
Applying this patch will allow us to continue with extension MolHandler
and PDBHandler.
http://fab.wmflabs.org/T352
- Fixes bug 66412 by creating a logic that will prevent running unneeded
updates.
Bug: 66412
Change-Id: Ic45dc1bce796a0406ed8a84e6274df1c4bda4967
* Also tweaked the query so MySQL avoids doing a page_name
index scan when it should start with the link table index
* Added population script (triggered by update.php)
* Also removed uniqueness from some indexes where it is redundant
* Renamed two confusing variables
Bug: 60618
Change-Id: Icca99b6ae0ef76cb77695faf82c615516191da36
Special page PageLanguage to set the page language of a page.
To enable the feature, set $wgPageLanguageUseDB to true
and assign the 'pagelang' user right to a user group.
Bug: 35489
Change-Id: I0f82b146fbe948f917c1c5d29f7469644d797e80
Field was removed in 1.23 from sql statements, but kept to allow easier
rollback on version update from 1.22 -> 1.23, when something gets wrong
with the new version.
Bug: 40667
Follow-Up: I4a9c2fa813d1f25dfb755e564f7677a212934d7b
Change-Id: I48989aceec31019f0b6c98aaeafaf60e975244df
This adds the pp_sortkey column to the page_props table.
pp_sortkeys allows for top-k queries for pages, e.g.
the 100 pages with the most language links, etc. It is also
possible to query for exact values.
For now, pp_sortkey will contain pp_value's numeric value if
the value was set to a float, int or boolean.
Associated tasks:
* create a maintenance script for populating pp_sortkey. Tricky,
because when reading from the database, all values are strings.
* create an API module for querying pages by property value.
bug: 58032
Change-Id: I217c42656fb877ff35a36eb446a22bdaf119faac
Add functionality to expire users' passwords:
* Adds column to the user table to keep a password expiration
* Adds $wgPasswordExpirationDays, which will force users to reset
their passwords after a set number of days. By default, this set
to false, so passwords never expire.
* Adds a default grace period of 7 days, where if the user's password
is expired, they can still login, but are encouraged to reset their
password.
* Adds hook 'LoginPasswordResetMessage' to update reset message, in
case an extension wants to vary the message on a particular reset
event.
* Adds hook 'ResetPasswordExpiration' to allow extensions to change
the expiration date when the user resets their password. E.g., if
an extension wants to vary the expiration based on the user's group.
If the user is in the grace period, they get a password reset form
added to the login successful page. If an extension prevents showing
the login successful page (like CentralAuth), it should be updated to
show a password change form during the grace period. After the grace
period, the user will not be able to login without changing their
password.
Also prevents a successful reset if the user is "changing" their
password to their existing password.
No passwords will expire by default. Sites will have to call
User->expirePassword() from their own maintenance script to trigger a
password reset for a user.
Bug: 54997
Change-Id: I92a9fc63b409b182b1d7b48781d73fc7216f8061
Fixing bug #54404 requires querying against logging.log_user_text, which
is currently unindexed. Add an index, to prevent performance from being
adversely affected by the fix.
Bug: 54432
Change-Id: I6b2af65c75bbee57377cb1ec2e75ea41a5091f80
Having the primary key at the top of the column definition looks nicer
and helps by finding him.
Oracle and Postgres already have this moved up.
Change-Id: Id8afbff35e165919f55dfcf1fd1dfaf1805d6aab
Field is unused since many versions, so remove the use in sql
statements, to allow dropping in a later version.
The field must not be reference from INSERT because it has a default
value, which is used, when no value is specified in the statement.
Keeping the field allows easier rollback on version update, when
something gets wrong with the new version.
Existing Comment in tables.sql was added with r101293, was already
disused in r11088
Bug: 40667
Change-Id: I4a9c2fa813d1f25dfb755e564f7677a212934d7b
== Prelude ==
wl_notificationtimestamp controls sending the user e-mail
notifications about changes to pages, as well as showing the "updated
since last visit" markers on history pages, recent changes and
watchlist.
== The bug ==
Previously, on every view of a page, the notification timestamp was
cleared, regardless of whether the user as actually viewing the latest
revision. When viewing a diff, however, the timestamp was cleared only
if one of the revisions being compared was the latest one of its page.
The same behavior applied to talk page message indicators (which are
actually stored sepately to cater to anonymous users).
This was inconsistent and surprising when one was attempting to, say,
go through the 50 new posts to a discussion page in a peacemeal
fashion.
== The fix ==
If the revision being viewed is the latest (or can't be determined),
the timestamp is cleared as previously, as this is necessary to
reenable e-mail notifications for given user and page.
If the revision isn't the latest, the timestamp is updated to
revision's timestamp plus one second. This uses up to two simple
(selectField) indexed queries per page view, only fired when we
do not already know we're looking at the latest version.
Talk page indicator is updated to point at the next revision after the
one being viewed, or cleared if viewing the latest revision. The
UserClearNewTalkNotification hook gained $oldid as the second argument
(a backwards-compatible change). In Skin, we no longer ignore the
indicator being present if we're viewing the talk page, as it might
still be valid.
== The bonus ==
Comments and formatting was updated in a few places, including
tables.sql and Wiki.php.
The following functions gained a second, optional $oldid parameter
(holy indirection, Batman!):
* WikiPage#doViewUpdates()
* User#clearNotification()
* WatchedItem#resetNotificationTimestamp()
DifferenceEngine gained a public method mapDiffPrevNext() used
to parse the ids from URL parameters like oldid=12345&diff=prev,
factored out of loadRevisionIds(). A bug where the NewDifferenceEngine
hook would not be called in some cases, dating back to its
introduction in r45518, was fixed in the process.
Bug: 41759
Change-Id: I4144ba1987b8d7a7e8b24f4f067eedac2ae44459
* New fields: ar_id, el_id. el_id is presently not used for
anything, but will help with online schema changes.
Bug: 15441
Bug: 39675
Change-Id: Ib6b0fc3736d173fa4ba7b786ecfc710b2f4711bb
No feature flag, and also not deployed on WMF wikis. Asking for schema changes by the time we branch tomorrow is just unfair
This reverts commit e478c230f6.
Change-Id: I125c30e76fa04679cc04ae7b8728ae3a61f35194
The existing field to differentiate between kinds of recentchanges rows is
the rc_type field. We want to allow extensions to insert their own custom
data into recentchanges, but we have learned via the NS_* series of constants
that requiring extensions to "register" a specific number is very error prone.
The solution, which this commit implements the first phase of, is to utilize
a new 16 byte string field rc_source. Within that field change types will be
prefixed strings such as 'mw.edit' and 'mw.new'.
This commit adds the new field and begins populating it with data. At some
point in the future the rc_type field will be dropped. While WMF wiki's will
simply wait out the 30 day recentchanges history, other wiki's have the option
of letting update.php populate rc_source, or manually applying the db change and
utilizing the PopulateRecentChangeSource maintenance script.
Change-Id: Iaddd6c446373a68d31586ed54346db7d04e13b2c
This prevents the DB error "1283 Column 'si_title' cannot be part of
FULLTEXT index", which happens when the "binary" charset is used.
Note that 2ab7c9ec3b fixed the problem for creation of new DBs, though
not for reuse of existing DBs. It is still necessary to specify the
character set for the table itself.
Bug: 47191
Change-Id: Ib4f30fd2730839af1323295898e6dce47b27068d
Disable of MessageBlobStore clear
Reset $wgAutopromote (should be moved to a config change!!)
Disable setting of wgStyleSheetPath
Throttle page_touched
Add apc htcp packet numbers to SquidUpdate
Disable set names binary/utf8
Commment out searchindex table indexes
Was c532e81d583d3d0439fe76eea4d105d675461b56
Original revision Change-Id I42c4f859e55eb198f6c6841e582b3552aad7b31f
https://gerrit.wikimedia.org/r/#/c/7606
Change-Id: I5ec8dd53188e9e4128f99ceaff38ebf9dcf570bb
This was an experimental authentication system intoduced a couple
of years ago with a pretty narrow use-case. It's been pretty much
ignored since introduction, and makes login more complicated than
it needs to be.
I didn't drop the external_user table on the off-chance someone
out there actually has data in it, but they should use AuthPlugin
for their external authentication needs.
Change-Id: I794338dbb75961ee033d41fa44bb7aa22e54f447
The iwlinks and langlinks modules continue parameters imply ordering by
page then prefix then title. But in certain modes, the actual queries
use a different ordering, which may result in skipped or repeated
results.
This changeset fixes that. To do so, it needs to re-add an index
iwl_prefix_from_title which was mistakenly removed in 2010 (r69721). And
while it's doing that, it cleans up errors in the sqlite and postgresql
handling of the iwlinks indexes too.
Also, per Asher, make the iwl_prefix_from_title and
iwl_prefix_title_from indexes non-UNIQUE.
Change-Id: I607e8bf9183a2d8152a6127a81c83a0b5bba0c61
Have updateCollation.php order by cl_to, so that each category is
updated all at once. This minimises the time during which a category
will appear to be incorrectly sorted, while the maintenance script is in
progress.
Mark the cl_collation index as needing deletion, it was always pretty
pointless. You can't do much better than a full table scan when you're
changing the collation value on a wiki.
Increase the batch size since the lack of a cl_to,cl_from index means
that it will have to filesort each category. A larger batch size means
less sorts. As noted by Liangent on bug 45970, you can't order by
cl_sortkey since that will change during execution.
Also fix an inappropriate use of $wgMiserMode and remove a no-op from
the SET clause of the UPDATE.
Very lightly tested.
Change-Id: I19bc8d6701f5f78040aa9c521427ac98ef488d89
