When temp users are enabled, logged-out authority may not have the
permission to perform some action, but the user (as in, the person)
may still be able to perform it through the magic of having a temp
user created for them.
Bug: T350039
Change-Id: I5e776d670f0d487346191fa99596dc5d6809a414
Remove hardcoded "Main Page" and use whatever the main page of
the wiki is. Many wikis have their main page in a different
title than the default or even in a different namespace entirely.
With the hardcoded title this produces broken/redlink for the doc
examples and makes it overall less useful.
Most typical examples; Mediawiki.org itself, Wikidata.org, etc.
Bug: T235207
Change-Id: Ia9eee76544cad153166dd5a2eb8e8c1bf3a38b74
Mostly used find-and-replace:
Find:
/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?)[\s\*]+/\s*(private|protected|public) (\$[a-z]\w+;\n)((?=\s*/\*[\*\s]+@var (I?[A-Z](\w+)(?:Interface)?))\n|)
Replace with:
\3 \1 \4
Followed by some manual review to make sure I'm not changing too much,
omitting some changes that looked too complicated and anything that
caused test failures, and some whitespace fixes.
Change-Id: Ie78be1c614985d7c2964156e454cc9266515dc18
Deprecate 'preload', which only supported one way of generating
preloaded content, and was confused about empty string and null.
Bug: T45683
Change-Id: Ie9f123920b69e41a186bc1c1c5db1bc0a6092a75
action=query&prop=info&intestactions=...:
Add &intestactionsautocreate=1 to also check whether the actions
would result in a creation of a temporary user account.
action=query&meta=siteinfo:
Add &siprop=autocreatetempuser to output the configuration
of temporary user accounts.
Bug: T335532
Change-Id: I62b4bb630decac92cbb8c7ddf00307df0dadb516
These three classes:
- TitleArray
- TitleArrayFromResult
- TitleFactory
We need to move these and the rest of files under title/ to Title/ (and
namespace them) but the patch will become way too big given that Title class is
also one of them.
Bug: T321882
Change-Id: Iac1688172ee457348a08a470c86e047571feb8e0
30+ API modules had nearly identical code to split and validate
the value of the 'continue' parameter.
Introduce the ApiBase::parseContinueParamOrDie() method and use it to
replace most usages of ApiBase::dieContinueUsageIf(). A few remain in
modules with more complex continuation handling.
Inline most single-use variables that remained after validation was
moved into the new method.
Change-Id: I66bd59ecd4ad16e2039e90f7d66cfa276e6c1c2a
Currently, it's picking up tl_target_id index which leads to massive row
scans when it tries to check cascade protection of highly used
templates.
Tested locally and it works just fine.
Bug: T308207
Change-Id: Id0e6ff623be8e23619961730e012b6b0fcb4723d
Even the service does not long stay in that classes,
it should be injected to avoid global state
Bug: T304780
Change-Id: Ib488037f5a6966ab61042ed3cd889ddc50f1ba8e
This covers all occurrences of /onfig->.*get( '/ in includes/.
Undoubtedly there are still plenty more to go.
Change-Id: I33196c4153437778496f40436bcde399638ac361
- In Info action and its API counter part
- In LinkBatch::constructSet
- In Title::getLinksFrom
Bug: T304780
Change-Id: I449f041986acdd16feecac818e3579987b4b11be
Make phan stricter about null types by setting null_casts_as_any_type to
false (the default in mediawiki-phan-config)
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T242536
Bug: T301991
Change-Id: I0f295382b96fb3be8037a01c10487d9d591e7e01
The value in the attribute displaytitle must contain valid HTML. The
sanitizer of the {{DISPLAYTITLE}} parser ensures that only valid HTML
is accepted.
If there is no {{DISPLAYTITLE}} in the wikitext then displaytitle
falls back to $title->getPrefixedText(). Here an HTML encoding of
special characters is necessary. This affects only the replacement of
& by & because other special characters like < and > are not
allowed in the title.
This change affects the displaytitle fallback on the following places:
* ApiParse
* ApiQueryInfo
* InfoAction
* Parser
The displaytitle fallback in OutputPage is also updated to this
behavior although
Sanitizer::normalizeCharReferences( Sanitizer::removeHTMLtags( $html )
also replaces & by &.
Also add test cases with & in the displaytitle to:
* ApiParseTest
* ApiQueryInfoTest
* parserTests
Bug: T291985
Change-Id: I8ee1e2731d9bfa49725d663b34986e7e3073e4ca
Removes deprecated API endpoints and modules for dealing with
CSRF tokens.
Note: i18n messages are removed in a followup for ease of revert.
Bug: T280806
Depends-On: Ic83f44587db119ff2e3e6d5ff33a10894e0695e7
Change-Id: I58aedec6942ac5d3c21574cb0072f00ef365098c
Returns the prefixed title for the associated page,
if it could exist (i.e. does not do anything for special pages)
Bug: T257014
Change-Id: I49cdc138c6182b323c4933e90dc96c5e06b6ccba
array_fill_keys() was introduced in PHP 5.2.0 and works like
array_flip() except that it does only one thing (copying keys) instead
of two things (copying keys and values). That makes it faster and more
obvious.
When array_flip() calls were paired, I left them as is, because that
pattern is too cute. I couldn't kill something so cute.
Sometimes it was hard to figure out whether the values in array_flip()
result were used. That's the point of this change. If you use
array_fill_keys(), the intention is obvious.
Change-Id: If8d340a8bc816a15afec37e64f00106ae45e10ed
Replaces calls directly to PermissionManager with calls to
the Authority object available from Context or the
GroupPermissionLookup service.
This patch does not address use of PermissionManager for
blocks.
Deprecations:
- ApiBase::checkUserRightsAny deprecated passing optional
User parameter
- ApiBase::checkTitleUserPermissions deprecated passing
LinkTarget as first parameter, takes PageIdentity instead
Bug: T271462
Bug: T271854
Change-Id: I5d7cac1c28a37e074750c46cda03283980a07fca
This is micro-optimization of closure code to avoid binding the closure
to $this where it is not needed.
Created by I25a17fb22b6b669e817317a0f45051ae9c608208
Change-Id: I0ffc6200f6c6693d78a3151cb8cea7dce7c21653
The code didn't properly handle requests for info about non-existing
pages.
Bug: T271804
Bug: T271815
Change-Id: If4e56ff5ecb4a048767833c89847bb58269cad43
The expiry is returned as a separate key, 'watchlistexpiry', to match
other APIs, and because some clients might expect 'watched' to be a
boolean (or blank string depending on the formatversion).
Bug: T268834
Change-Id: I227d6ed42e70ba1ddec0139e8198f536dfba0b46
Several important extensions (Disambiguator, ProofreadPage, and
SoftRedirector) use the GetLinkColours hook to add additional CSS
classes to links on article pages. Parsoid previously relied on
backdoor knowledge of the way Disambiguator used the page property
table to support these, but they should be exported properly from the
API.
Bug: T237538
Change-Id: I945940aa872541d7e01f1e543ca854231c857fe2
