* allow css classes to be specified in form descriptors
* Don't overwrite $field['name'] if it's set
* Allow IDs on hidden fields
* Enforce 'required' validation on Text fields
* Fix type validation on Int fields to correctly handle numbers larger than PHP_MAX_INT or with leading zeroes (eg phone numbers on 32 bit systems)
* Fix weak-typing error in MultiSelect field
* Formatting and doc fixes
* Reverted HttpFunctions.php to r45549 and renamed wgSyncHTTPTimeout back to wgHTTPTimeout
* Edited out the asynchronous features from UploadFromUrl. Made fetchFile() use the curlCopy() function from new-upload r47811 instead of Http::doDownload(). Wrote my own URL validity check to avoid having to use either of the two buggy precedents.
* Removed UploadFromChunk
* Removed chunk upload and background status from ApiUpload.php
* Reverted r54669, use of addScriptClass()
* Left getHeadScripts() in its current location (OutputPage) instead of moving it back to SkinTemplate, just added wikibits.js to it to replace the removed addCoreScripts2Top()
Html::rawElement() should strip out any invalid attributes if $wgHtml5
is off. This commit should introduce no functional change. Any future
problems with attributes being added incorrectly should be fixed in
Html.php, not callers.
Follow-up to r57096.
* Add support for edittools
* Add support for multipart/form-data
* Set id for wpEditToken
* Add support for tooltip and accesskey
* Allow setting a name for the submit button
* Give sections an id
* ExternalUser::getLocalUser() from r56683
* Documentation and style tweaks for HTMLForm from r56682
* HTMLForm::add{HiddenField|(Pre|Post|Header)Text|Button}() functions, from 56782 and r56896.
Frontend stuff will wait until after 1.16 is branched.
* Login doesn't attach to session properly, so can't stay logged in!
* Password field shown in plaintext!
If it just DOESN'T WORK please keep it on a work branch, don't put it in trunk!
Reverted:
r56682
r56683
r56684
r56686
r56688
r56696
r56699
r56702
r56703
r56704
r56782
r56896
Also change the wrapping on both forms to use a <fieldset>, which is visually more consistent with the other forms we have floating around the site. Add visualClear to all HTMLForm forms, and remove all the redundant CSS for the login form, quite a bit of which has been dead for a while.
* also fix a bug in the detection if the "other" value is passed in the predefined options, remember: 0 == 'other' returns true (thank you, PHP, really)
This fixes some possible XML invalidity from r54767: CDATA stuff was
being added only if $wgHtml5 was false, instead of whenever
$wgWellFormedXml is true. Also, it uses CDATA for script as well as
style, but in both cases only uses it if there's a & or < somewhere.
autofocus attribute added in some places; this looks like it's respected
by both recent Opera and recent WebKit. Its function is
self-explanatory. :) I used this in a few obvious places like
Special:UserLogin and Special:ResetPass to focus the first field in the
form. Could be used in other places too: Special:Search, etc.
required attribute added in some places. This is only supported in
recent Opera at the moment. Also self-explanatory: it won't allow form
submission if the field is empty.
For stuff using HTMLForm (i.e., Special:Preferences), validation will be
done for integers and floats. Browsers that support this (recent Opera)
will not allow non-integers to be submitted for integer fields, will not
allow non-floating-point values to be submitted for float fields, and
will enforce any min/max values specified. Opera also gives little up
and down arrows to allow the user to increment/decrement the value in
addition to letting them edit the field as text.
For HTMLForm and account creation, the email input type is used for
e-mails. This enforces a sane set of values for e-mails (alphanumerics
plus some ASCII punctuation, with an @ in it). Again, this is supported
only by recent Opera (yay Opera!). Note that this is actually more
restrictive than what we currently check for on the server side; it
might be sane to tighten up our server-side checks to forbid e-mail
addresses that HTML 5 forbids.
In all cases, the extra features aren't added if $wgHtml5 is false, and
will be ignored by non-supporting browsers.
The major room for further improvement here is use of the pattern
attribute. We can have the client refuse to submit the form unless it
matches a regex! The HTML 5 spec says that if a title attribute is
provided, it should be a message that explains what the valid values
are and browsers should provide it to the user if the regex doesn't
match, so it's not a usability problem. I didn't bother adding that
anywhere at this point because it would require adding new messages, but
it should be easy to do. Note of course that HTMLForm should be updated
to verify that pattern matches on the server side as well -- this way we
have a clean, unified way of ensuring that our client and server checks
are the same.
Authentication is via a token entered in preferences, if not blank. If
you set a token in your preferences, the following sort of link will
generate the RSS feed:
api.php?action=feedwatchlist&list=watchlist&wluser=Simetrical&wltoken=91c1ef18279f9c24ccf67a79e899ae4d2a3201bc
I haven't actually added the <link> tag to Special:Watchlist, since I've
done enough coding for one night. Someone else can feel free to do
that (otherwise people might get kind of confused :) ).
An auto-generated random token is suggested to the user on the pref page
so that they don't have to be too creative. Pref help text is rather
underemphasized in the default style, though.
It would be worth considering making this opt-out instead of opt-in,
but that would require some voodoo magic to get the default prefs to
work right (since we'd need a different value for each user). We might
set the default to some function of user id + secret site-specific value
to avoid having to store the values in the database.
Since the feature is implemented via the API, it only works if the API
is enabled. Some API people might want to review my code for sanity.
Bug: 471
Now running auto-generated id/names for radio group items through Sanitizer::escapeId().
For good measure, also manually checking the input 'name' and 'id' field values for base fields against validation and throwing an exception if we ain't got em.
* Bug 18949 LiquidThreads allows threads to be moved to pages without LiquidThreads enabled.
* You could move a thread to the page it was already on, which would leave strange placeholders that don't make sense.
* Allowing wikitext in some new places where it makes sense.
