Some uses remained in Gerrit extensions, and patches have been submitted
to replace the usages. See below for details.
* in_string (deprecated in 1.21)
* wfGenerateToken (deprecated in 1.20) (had 2 uses)
* wfStreamFile (deprecated in 1.19) (had 1 use)
* wfUILang (deprecated in 1.18)
Change-Id: Ic67a968da8f37daf44503b98d00710eb99180805
Kept wfGetIP() for now because it is still in use in the SecurePoll
extension and in WMF configuration.
Change-Id: Id412e37743f89bb67eb329a2f475f8496cf7b006
The Line continuation Coding conventions prefers the closing parenthesis
on the same line than the beginning curly braces. This is done for ifs
and functions.
Also move some boolean operator from the end of a line to the beginning
and changed some indentation to make the condition hopefully better
readable.
Change-Id: Id0437b06bde86eb5a75bc59eefa19e7edb624426
- Removed double spaces
- Added space after if/switch/foreach
- Removed space on elseif
- Added space around parentheses
- Added newline at end of file
- Removed space before semicolon at end of line
Change-Id: Id40b87e04786c6111e6686d7f7eea1e588bdf37d
The use of static server detection outside of its intended use case
(i.e. at the start of DefaultSettings.php), for example in r93258, was
an architectural error. Every other bit of information about the web
request in non-setup code comes from non-static methods of WebRequest,
which allows the request object to be meaningfully replaced or
subclassed. The situation became increasingly ridiculous as more
callers of WebRequest::detectProtocol() were introduced. Two of the
callers were calling it non-statically! I suppose they had the right
idea, in a way.
Using a non-static call allows caching, which is a nice additional
benefit.
WebRequest::detectProtocolAndStdPort() was introduced in r93258 as part of
the introduction of WebRequest::detectProtocol(). It was basically
useless. Grep indicates there was only one caller in core and WMF
deployed extensions, and it is patched here.
Change-Id: Ia0a61e98fbff7a46ceaeebcb02236e5eac3df0e1
Adds release notes and fixes two inaccurate comments added in Ib0ece5d5d
("Configurable log sampling via $wgDebugLogGroups").
Change-Id: I224a0319b7432300d3cb6f4d14e61ea9d36ee228
Make it possible to configure a log-group-specific sampling factor by allowing
$wgDebugLogGroups values to be associative arrays with 'destination' & 'sample'
keys.
The immediate use-case I have in mind is the memcached log, which is too
verbose to enable in production. We could sample on the receiving end, but
doing so would not help MediaWiki, which would still be on the hook for
processing and dispatching every single record.
Idea was vetted by Dr. Manhattan:
<TimStarling> I think you could have each element in $wgDebugLogGroups be an
associative array
<TimStarling> e.g. array( 'sample' => 1000, 'target' => "$host:$port")
<TimStarling> that would allow for more features to be added to it in
future
Change-Id: Ib0ece5d5d9c2aadef13b77ac38995b0e47ac086f
The former is only really used to refer to the older hphp compiler.
Now all docs pretty much exclusively are referring to HHVM and
that's the project's name going forward.
While we're here, swap HPHP_VERSION for HHVM_VERSION. Either work,
but the latter is more correct.
Only affected extension (in Git or SVN) is GWToolset, fixing in
I3a490ef.
Change-Id: I81e4ce5d14e344e67045050261f91b3c0159f222
Allow limit.sh to log its errors to an MW debug log channel, by opening
a separate FD for private communication.
Ensure that the log FD is always closed (3>&-) before executing a
subprocess, so that MW will not hang waiting for background processes
to close the log FD. This means using a fixed FD number, since the bash
syntax for closing a file requires a literal FD number.
The "exec" debug channel is now intended for production monitoring. In
addition to errors from limit.sh, it also records when a subprocess is
terminated by a signal.
The case where stream_select() returns false was tested by patching PHP
to inject EINTR or EBADF into errno.
When wfShellExec() is used with a memory cgroup, and the cgroup is missing, log and continue with no cgroup instead of immediately exiting.
Bug: 55709
Change-Id: Ie40befe9c0d00c9a0ddb01077df4afb774d17e15
While reviewing Ia5a7661c I happened to stumble in to the dark labyrinth
of PHP's version_compare() function. This comment attempts to leave
bread crumbs behind for the next unwary adventurer who stumbles into the
same damp cave.
The tricky bit is that when '1.22wmf22' is compared with '1.22'
internally it is as though you are comparing '1.22.wmf.22' with
'1.22.0.0'. By the component-wise comparison then performed 'wmf' is
considered the lowest priority value that could be in the third
position. When using '1.22c' for the required version the 'c' is given
the same lowest priority as 'wmf'.
Change-Id: I58aeb8dc6b1ff31897d72eb44904d96487ad3653
* Separate code from data. $2 in limit.sh is an option list.
* Don't duplicate stderr on linux when limit.sh is not used, unless
duplicateStderr is specified
Change-Id: I8e6e74810864830c12af627bfbe75e74ba34e3e3
Per the bug report, the 'Debug' hook was triggering an infinite loop when
wgDebugFunctionEntry is enabled. The Debug hook is used if an extension wants
to stop a debug message from being sent out. Ideally the wfDebug and related
functions should be as low-level and avoid calling other code as much as
possible to avoid situations like this.
Bug: 55818
Change-Id: I679782489b683503fc624cfea3c7ad72a989b005
wfDl() is a wrapper around dl(), which is an evil function and
basically only works from the command line of Zend. Luckily
no extension has ever used this thing, so let's just remove it
outright.
For comparison, here's a list of places it does not work:
- hhvm
- php as apache module
- php compiled with zts support
- safe_mode
- Basically any shared host that cares about security
Most callers are using it to check for extension support and are
actually failing gracefully when wfDl() returns false. In these
places we're just going to use extension_loaded().
While we're at it, clean up some of the test skip logic in the
media tests so we can bail as early as possible if we know we
can't complete the test.
This also immediately removes $wgLoadFileinfoExtension. It's been
enabled by default since 5.3 and falls back gracefully when the
support isn't available.
Change-Id: Ieb430dfc74483731dde51d6e20fa700d641ba1f4
This adds an option to wfShellExec (and convenience function
wfShellExecWithStderr), to make sure all stderr is duplicated
to stdout. The previous method of doing this was to include
2>&1 on the command line. However this did not redirect errors
from limit.sh (For example cgroups not set up, or if a command
reached the file size limit set by ulimit).
Not sure if this is the best approach, but it seems to work well,
and compared to most other approaches I considered, actually gets
the ulimit errors redirected too.
Currently some files fail to render with no error whatsoever,
hopefully this patch will make what went wrong more obvious.
Also fix a comment in wfShellExec that was incorrect (trailing \n),
and make the initial value of the return value variable be 200, so
if there's ever a bug in php where its not being set properly, it
would be immediately obvious what is happening.
Bug: 53824
Change-Id: I833aeb3ab9da726ecb97331369ea187daad7e795
Noticed during bug 54662
Warning: strcmp() expects parameter 2 to be string, array given in
/usr/local/apache/common-local/php-1.22wmf19/includes/GlobalFunctions.php on
line 127
Bug: 54662
Change-Id: Icdd7fa229e49d7e83aa2a7992895f497806448e1
The following are now correctly escaped:
* Blank lines (including those with only tabs)
* ---- at the start of a line
Bug: 53658
Change-Id: I300e15a22c93ca542913135c9c83913c18c99faf
If mkdir fails, check again to see if dir has been created
since our initial check, and return true if so.
Also, in initial check, only return true if $dir is really
a directory, not a file.
Bug: 49391
Change-Id: I2b331669fae70948ce79ba1477c05968a3095c3d
Also removed some unnecessary ones. I think I've caught them all.
The spaceless version already appears in core ~300 times (after
accounting for false positives when grepping). Some consistency would
be nice.
Change-Id: I607655b5f4366e66dc78730d5fd2f57ed8776cae
The following are now correctly escaped:
* Space at the start of a line
* Start-of-line characters after \r
* Magic links such as "RFC 123" with non-space whitespace
* URIs that don't use "://", such as "urn:foo"
* Double-underscore magic words
Bug: 53658
Change-Id: Ie8803a03b20e3fd7e5cc7e55829f24bb86f60b17
* Introduce a hook allowing automatic redirects to HTTPS to be
disabled on the basis of client IP address.
* Make User::requiresHTTPS() return false if the client IP is
blacklisted as such.
* On login, make the "stick HTTPS" option default to false if the
client IP address is blacklisted as such.
* Do not redirect anonymous requests to HTTPS.
* If $wgSecureLogin is enabled, link to the HTTPS login page *via*
the HTTP redirect, so that there is no need to vary the cache of
anonymous page view HTML on client IP address.
Change-Id: Iaa9dd2108431b8c35e05db4bfe78a629018a003c
This makes more sense than having wfReadOnlyReason() call
wfReadOnly() for its side effect of setting $wgReadOnly
to the contents of $wgReadOnlyFile if the file exists.
Change-Id: Ic723aed368915ac3757f3100ddbbeb3b5a4cdc15
The code for changing the session id cookie from Special:Userlogin is
also needed in CentralAuth. So let's factor it out to avoid code
duplication.
Change-Id: I777f76ee8e2b953a1e972327bedc28e0ab1acf0d
