* added an id to the debug data list
* allow to use $wgShowDebug with $wgDebugComments set to false
* update HTMLFileCache to use full method name in debug output
* Bump interval from 30s to 60s.
* Add an "update" link (text changed, sorry translators :(), which reloads the thread from the server.
* Fix bug in continuation caused by last-minute changes.
* Fix bug where only one reply per thread was being loaded.
* Fix bug where AJAX-loaded threads were loading one level too few.
* Fix bug in interpretation of API parameters.
While not too awful on smallish strings, the way it worked was *murder* on large input:
the *entire string* would be broken up into an array of individual characters, sliced up,
then merged back together.
In my testing I couldn't even get the function to complete in a reasonable time for, say,
127k worth of text... not only did the regex split take forever, but it would eat an insane
amount of memory, likely triggering memory_limit hits in a sane world.
The new implementation counts characters from the beginning or end of a string to determine
the byte-based offsets to use for substr() start and count parameters, and only uses
a couple temporary dupes of the string in memory. For typical short offset/count cases
(take or trim one or a few characters) this performs about 3-5x worse than native mb_substr()
for in my testing.
Large offsets are optimized by first skipping the same number of bytes as characters, since all
characters take at least one byte. On primarily Latin text this made some of my test cases
actually *faster* than native mb_substr()! ;) For non-Latin texts this takes out a fair chunk
of our work, but can still leave us with very slow execution -- eg ~30ms to get through a few
dozens of kilobytes worth of offset on Japanese text. But at least it completes now!
This could probably be optimized further, perhaps skipping progressively smaller chunks in
binary-chop fashion. :)
For fun, my profiling results (profiling & test scripts are in a little git repo which I would
push to gitorious to poke at, but gitorious hates me right now and won't finish my repo setup):
strlen mb_strlen short ascii - 0.0019ms - 19
strlen xmb_strlen short ascii - 0.0672ms - 19
strlen mb_strlen short unicode - 0.0019ms - 19
strlen xmb_strlen short unicode - 0.0657ms - 19
strlen mb_strlen long ascii - 0.0826ms - 20000
strlen xmb_strlen long ascii - 0.1236ms - 20000
strlen mb_strlen long unicode - 0.0774ms - 20000
strlen xmb_strlen long unicode - 0.1901ms - 20000
strlen mb_strlen san francisco - 0.4775ms - 126700
strlen xmb_strlen san francisco - 0.4474ms - 126700
substr mb_substr short ascii first - 0.0022ms - 1-byte string ("s") <- native
substr xmb_substr short ascii first - 0.0168ms - 1-byte string ("s") <- old fallback
substr xmb_substr3 short ascii first - 0.0069ms - 1-byte string ("s") <- new fallback
substr mb_substr short ascii last - 0.0023ms - 1-byte string ("s")
substr xmb_substr short ascii last - 0.0171ms - 1-byte string ("s")
substr xmb_substr3 short ascii last - 0.0113ms - 1-byte string ("s")
substr mb_substr short ascii trim last 9 - 0.0023ms - 10-byte string ("short asci")
substr xmb_substr short ascii trim last 9 - 0.0183ms - 10-byte string ("short asci")
substr xmb_substr3 short ascii trim last 9 - 0.0119ms - 10-byte string ("short asci")
substr mb_substr short ascii middle 3 - 0.0022ms - 3-byte string ("sci")
substr xmb_substr short ascii middle 3 - 0.0171ms - 3-byte string ("sci")
substr xmb_substr3 short ascii middle 3 - 0.0149ms - 3-byte string ("sci")
substr mb_substr short unicode first - 0.0022ms - 1-byte string ("s")
substr xmb_substr short unicode first - 0.0184ms - 1-byte string ("s")
substr xmb_substr3 short unicode first - 0.0071ms - 1-byte string ("s")
substr mb_substr short unicode last - 0.0026ms - 2-byte string ("ß")
substr xmb_substr short unicode last - 0.0187ms - 2-byte string ("ß")
substr xmb_substr3 short unicode last - 0.0130ms - 2-byte string ("ß")
substr mb_substr short unicode trim last 9 - 0.0024ms - 14-byte string ("short áéíó")
substr xmb_substr short unicode trim last 9 - 0.0200ms - 14-byte string ("short áéíó")
substr xmb_substr3 short unicode trim last 9 - 0.0137ms - 14-byte string ("short áéíó")
substr mb_substr short unicode middle 3 - 0.0022ms - 6-byte string ("éíó")
substr xmb_substr short unicode middle 3 - 0.0188ms - 6-byte string ("éíó")
substr xmb_substr3 short unicode middle 3 - 0.0189ms - 6-byte string ("éíó")
substr mb_substr san fran first - 0.0022ms - 1-byte string ("{")
substr xmb_substr3 san fran first - 0.0069ms - 1-byte string ("{")
substr mb_substr san fran last - 0.8914ms - 1-byte string ("\n")
substr xmb_substr3 san fran last - 0.0109ms - 1-byte string ("\n")
substr mb_substr san fran non-first - 0.5995ms - 127318-byte string (c00cabc812ac347bd2e81a3e3f04e23d)
substr xmb_substr3 san fran non-first - 0.0213ms - 127318-byte string (c00cabc812ac347bd2e81a3e3f04e23d)
substr mb_substr san fran middle 1k - 0.2218ms - 1025-byte string (c42eb5c511670f72ff4593a39219682c)
substr xmb_substr3 san fran middle 1k - 0.3883ms - 1025-byte string (c42eb5c511670f72ff4593a39219682c)
substr mb_substr boston-ja first - 0.0021ms - 1-byte string ("{")
substr xmb_substr3 boston-ja first - 0.0068ms - 1-byte string ("{")
substr mb_substr boston-ja last - 0.5497ms - 1-byte string ("\n")
substr xmb_substr3 boston-ja last - 0.0110ms - 1-byte string ("\n")
substr mb_substr boston-ja non-first - 0.4128ms - 127637-byte string (933e70d1d10f4d64cdfbd69b58592cd4)
substr xmb_substr3 boston-ja non-first - 0.0216ms - 127637-byte string (933e70d1d10f4d64cdfbd69b58592cd4)
substr mb_substr boston-ja middle 1k - 0.2237ms - 2006-byte string (1eaa8554ff4507109b1cba7a597d82bf)
substr xmb_substr3 boston-ja middle 1k - 30.6811ms - 2006-byte string (1eaa8554ff4507109b1cba7a597d82bf)
* Fixed the formal parameter bloat in the file finding functions by making wfFindFile(), RepoGroup::findFile() and FileRepo::findFile() take an associative array of options instead of a rapidly growing collection of formal parameters. Maintained backwards compatibility for the $time parameter, which was the only one used in an extension.
* Took the advice of the todo comment on FileRepo::findFiles() and implemented a calling convention for specifying times (and other options)
* Removed the file object cache from Parser, redundant with the RepoGroup file cache
* Deleted clueless and non-functional LocalRepo::findFiles(). Does not respect redirects, deletion bitfields, or anything else nuanced about FileRepo::findFile(). Does not have the same calling convention as FileRepo::findFiles().
* put a @ in front of get_headers() should hopefully avoid errors where allow_url_fopen=0
* combined $wgPhpCliPath into the similar used $wgPhpCli var
* minor js & example file mwEmbed fixes
Here is a short overview of changes and associated default configuration variables (most everything is off by default) also see ~soon to be updated~: http://www.mediawiki.org/wiki/Media_Projects_Overview
= Upload Improvements =
==Upload API ==
* Based on the early work of Bryan Tong and others it adds the upload option to the api.
* We rewrite Special:Upload page to include use the new refactoring
* Added in token checks in both the SpecialUpload.php page so avoids DOS / xss copy-by-url JavaScript based cross site POST file submissions
== Copy by URL==
$wgAllowCopyUploads = false;
* http class rewrite includes a new http background download see: includes/HttpFunctions.php
* spins off a php process that calls: maintenance/http_session_download.php
* pushes updates to the session and gives the user a progress bar on http copy uploads from other server progress (using js2 upload interface) (if not using the js2 upload interface it does the request in-place but the download is limited to the php ini timeout time)
== Firefogg ==
* Firefogg enables resumable upload by chunks
* progress indicators and conditional invokation (js2 system)
* and of-course client side transcoding.
= Script Server =
$wgEnableScriptLoader = false;
* off by default if $wgEnableScriptLoader is turned on script files are grouped, gziped, cached etc.
for more info see: http://www.mediawiki.org/wiki/Extension:ScriptLoader
* Includes some early skin js include fixes (skin/script system still lots of love)
* Includes a "javascript class autoloader" this is packaged into mwEmbed so that the mwEmbed library can work in stand alone mode (while retaining localization and script serving) (one such application is the make page for firefogg.org : http://www.firefogg.org/make/index.html )
* The file that contains the autojavascript loading classes is: js2/php/jsAutoloadLocalClasses.php
* One can use this auto class loading dependency system with extensions and add-ons but I need to better document that.
= js2 system / mwEmbed=
$wgEnableJS2system = false
* includes initial rewrite towards more jquery based javascript code
* especially for the Special:Upload page.
* Also the edit page include support for the "add-media-wizard"
* includes dependency loader for javascript that optionally takes advantage of the script-loader
* remote embedding of javascript interfaces (like embedding video, or commons media searching)
* $wgDebugJavaScript = false; .. .this variable lets you always get "always fresh javascript". When used with the script-loader it does not minify the script-loader output.
= mwEmbed =
* Will commit a separate patch to oggHandler that conditionally outputs <video tag> to use the new javascript video player.
** mv_embed player includes: play-head, volume control, remote embedding, oggz-chop support across plugins.
* add-media-wizard adds easy inserts of media to pages (with import)
== jQuery==
* we include a base install of jQuery, jQuery ui and some plugins.
* all the javascript classes are in the scriptloader so its easy to load any set of jquery ui components that you may need using the script-server. You get a callback so you can then execute js with dependencies loaded.
== other stuff ==
there is a bit more code in js2 that pertains to sequence editing, timed text display and basic image editing. We include a base import of pixastic-lib & pixastic-editor... will work with the pixastic developer to try and ensure upstream compatibility on our usage of the library for in-browser photo and sequence manipulation.
* Made wfDeprecated() issue a notice only once for each function name instead of every time the function is called.
* Added exceptions for malformed keys input to $wgMessageCache->get(), per CR comments on r52503
* Fixed notice from MWException::useMessageCache()
* The serialized message cache, which would have been redundant, has been removed. Similar performance characteristics can be achieved with $wgLocalisationCacheConf['manualRecache'] = true;
* Added a maintenance script rebuildLocalisationCache.php for offline rebuilding of the localisation cache.
* Extension i18n files can now contain any of the variables which can be set in Messages*.php. It is possible, and recommended, to use this feature instead of the hooks for special page aliases and magic words.
* $wgExtensionAliasesFiles, LanguageGetMagic and LanguageGetSpecialPageAliases are retained for backwards compatibility. $wgMessageCache->addMessages() and related functions have been removed. wfLoadExtensionMessages() is a no-op and can continue to be called for b/c.
* Introduced $wgCacheDirectory as a default location for the various local caches that have accumulated. Suggested $IP/cache as a good place for it in the default LocalSettings.php and created this directory with a deny-all .htaccess.
* Patched Exception.php to avoid using the message cache when an exception is thrown from within LocalisationCache, since this tends to fail horribly.
* Removed Language::getLocalisationArray(), Language::loadLocalisation(), Language::load()
* Fixed FileDependency::__sleep()
* In Cdb.php, fixed newlines in debug messages
In MessageCache::get():
* Replaced calls to $wgContLang capitalisation functions with plain PHP functions, reducing the typical case from 99us to 93us. Message cache keys are already documented as being restricted to ASCII.
* Implemented a more efficient way to filter out bogus language codes, reducing the "foo/en" case from 430us to 101us
* Optimised wfRunHooks() in the typical do-nothing case, from ~30us to ~3us. This reduced MessageCache::get() typical case time from 93us to 38us.
* Removed hook MessageNotInMwNs to save an extra 3us per cache hit. Reimplemented the only user (LocalisationUpdate) using the new hook LocalisationCacheRecache.
* Don't connect to the commons DB on cache hits, in order to determine the cache key name. Removed remnants of that bright idea from GlobalFunctions.php.
* Fixed total failure of negative caching in checkRedirect() due to memcached stripping trailing spaces from string values. Probably never worked.
Also:
* Respect hasSharedCache in foreign repos. Recently-added code was apparently ignorant of this setting.
* Renamed getMemcKey() to getSharedCacheKey() to make its function more clear, introduced getLocalCacheKey() to do the other thing. Fixed its parameters to be like wfMemcKey() and used it in more places.
* Used getLocalCacheKey() in various places instead of wfMemc(), to avoid having multiple repositories overwrite each others' caches.
* Fixed the BagOStuff bug that the FIXME in LocalRepo::checkRedirect() appears to refer to.
* Removed getMasterDB() and getSlaveDB() from FileRepo, it's incorrect to assume that a repo other than a LocalRepo has an associated database.
* Made FileRepo::invalidateImageRedirect() a stub, to match FileRepo::checkRedirect(). Moved the functionality to LocalRepo where checkRedirect() is concretely implemented.
* Removed counter.php. Whoever heard of adding a file for a single line of code? Refactored the callers to GlobalFunctions.php wfCountDown().
* Removed the requirement for $wgDBadminuser to be set in update.php. There really is no security benefit, it's just there to annoy users and cause bugs like #19127. Just use $wgDBuser, commandLine.inc will automatically set it to $wgDBadminuser if it's available.
* Since we're using $wgDBuser now, we may as well just use wfGetDB(DB_MASTER) instead of the rubbish special-case code that was already there. There's no need for special-case error handling, there's already special-case code for command line connection errors, if you don't think that message is informative enough then you can change it there.
* Don't set $options before including commandLine.inc, it doesn't do anything.
* Use require not require_once
Rewriten tables.sql, added user.sql (creating db user with privileges)
Fixed epoch in Special Ancientpages and Unusedimages
Timestamp default format altered in db abstraction and changed wfTimestamp function
SearchOracle changed to return empty resultset on empty term search (query error in oracle)
TODO: Maintenance scripts update
* Added a new config variable, $wgSessionHandler to control what value the save_handler is set to
* Setting to null allows you to disable setting it entirely, which was the primary complaint of the two bugs, but it also allows you to set it to whatever you'd like
diff and cur links are now created using raw HTML instead of link(),
which they didn't really need anyway. I didn't see any other obvious
candidates for conversion to raw HTML, since other things tend to need
fancy classes and have lots of other logic. It's possible link() could
be made faster, too.
While having the parser functions in the message strings work is a laudable goal, the problem here is that it'll *also* execute parser functions it finds in the replaced parameter strings, which may include, say, comment plaintext talking *about* parser functions.
A better fix for this is probably to expand the message placeholders when the parameters are passed in to the parser functions.
* Take out some hard coded pipe characters. Replace by message or Language::pipeList
* Take out a hard coded comma list SpecialIpblocklist.php. Replace by Language::commaList
XXX: The code seems to more or less work, but it obviously needs more testing, regarding both stability and memory usage. In particular, I have not tested file uploads yet -- there may be consistency issues there.
Doesn't seem like a proper fix here... At best, this'll be dumping random crap to some random file unless the user has a local copy of the /dev/null device file, which seems.... wrong. :)
For anything generating command lines, it probably won't make any difference (assuming exec() is enabled at all!) since open_basedir won't be searching through the command line (I think).
Assuming the core use case actually happens (open_basedir is set, but proc_open() is available to run tidy), a more correct fix is probably to go ahead and read in stderr and toss the results, or maybe better pass it through to PHP's stderr FD instead of opening /dev/null ourselves. Tidy has a -q option which should suppress random "hi i'm tidy version XYZ" if it's currently present.
Uses $dir in extension files, and assumes that it remains unchanged in require_once( 'maintenance/commandLine.inc' ).
In fact, it is likely that '$dir' will be set when setting up command-line, as some extensions will use the same var.
Recommended fix: Use $CentralAuth_dir, $EmailPage_dir, etc.
NOTE: the old code used to ignore the umask by explicitly forcing the permissions with chmod(). If this is desired behavior, it can be achieved by temporarily setting the umask to 0, as in:
$oldmask = umask( 0 );
$rv = mkdir( $dir, $mode, true );
umask( $oldmask );
return $rv;
However, I can't see why we'd want to do this. In the worst case, users with excessively tight umasks can find themselves with unusable directories, but the proper solution to that is to fix the umask rather than to
ignore it. In the best case, we've just plugged a security hole the user didn't realize they had (because they assumed their umask would Just Work).
Since we're only checking for exact strings, an exact match is just fine and it stops the whinging. (Saw no such problem on 5.2.6.)
Example whinge:
Notice: Object of class Language could not be converted to int in /Library/WebServer/Documents/trunk/includes/GlobalFunctions.php on line 742
Previously we only passed on if we were interface or content, but if we're rendering for some third alternative it didn't get used.
Note that parse and parseinline are probably still wrong.... some better model may be required here.
Also it may be wrong in the case of fallbacks ... if you get an English message, is it right to use the Czech magic word parsing?
Hmm.
Might back it out if there's a better way. :)
* Two callers of wfArrayMerge() were bugs, both assuming strange and complex behaviour in wfArrayMerge() which has never been present or documented.
* Introduced wfMergeErrorArrays() to remove duplicates from merged error arrays, e.g. from getUserPermissionsErrors().
* Rewrote the remaining callers of wfArrayMerge() to use array plus. It makes the code clearer, assuming the reader knows more about basic PHP operators than GlobalFunctions.php. Considering the two bugs discussed above, this seems like a fair assumption. If you don't know PHP, you shouldn't be writing MediaWiki code.
* Improved blob_tracking.sql docs
* Allow testCompression.php to run until happy instead of a specified revision count
* Added docs for some debugging globals in DefaultSettings.php
In experimental script recompressTracked.php:
* Fixed crippling bugs, seems to work now. Needs more testing.
* Improved usage documentation
* Use DiffHistoryBlob by default if available
* Set a process-specific log prefix, added more debugging output
* Optimised commit() slightly by merging the locking read queries using IN()
* Fixed finishIncompleteMoves() so doPage() acts on only that page. Also run finishIncompleteMoves() for orphan lists.
* The sitenotice_id hack is virtually unusable and needs to be replaced with a dedicated message update interface.
* There's a need for automatic message expiry.
* The Wikimedia-specific "spite the anons" feature, preventing anonymous users from dismissing site notices because they allegedly don't contribute to the wiki enough to deserve it, needs to be made optional.
* Don't call quickUserCan('edit') unless section edit is enabled
* In DatabasePostgres and DatabaseSqlite: throw an exception on connection error
* In DatabasePostgres: don't send an invalid connection string whenever one of the fields is empty. Use quoting.
* In Database: make the captured PHP error prettier
* Display a descriptive error message when the user navigates to index.php with PHP 4, not a parse error. Check to see if the *.php5 extension works, using file_get_contents().
* The default port number for PostgreSQL is 5432, not blank.
* Better default for $wgDBname
The documentation didn't make it clear that the wfMsgExt() array can take a single associative parameter. I've clarified this, and fixed error-checking for that. Also adjusted indentation in the comment for clarity (one space isn't enough).
This seems to make code much uglier and harder to maintain -- there are a bajillion new calls to "wfMsgExt( 'pipe-separator' , 'escapenoentities' )" which is not trivial or easy to remember. This makes code uglier, harder to read, harder to maintain, and more prone to error.
This seems to be a little funny, though, at least on commons -- the commonswiki:sitenotice:https=1 key is just storing 'false' so it presumably gets reparsed on each run. I can't see any way that this should be happening, which is a little intimidating...
* (bug 13815) In the comment for page moves, use the colon-separator message instead of a hardcoded colon.
* So that this works properly, don't escape HTML entities in edit summaries. I don't see any good reason for them to be escaped there. Of course, this may result in old edit summaries displaying slightly differently if for some reason they included an entity, but in that case there's at least a 50% chance that they intended it to not be escaped in the first place.
* Do not add action=edit to nonexistent special pages.
* Add profiling point for the bit where we add classes in linkAttribs().
* Turn makeLinkObj(), makeKnownLinkObj(), makeBrokenLinkObj() into wrappers for link(). This requires the creation of two new functions to turn query strings/attribute strings into arrays, but still results in fewer LOC (-11 lines) due to less code duplication. This should be well-tested by the parser tests, because pretty much all link creation now goes through link(), but the only changes are encoding single quotes in attributes, which is a good change. I find no additional database queries, so since this isn't a CPU bottleneck, there should be no performance issues.
"* (bug 13815) In the comment for page moves, use the colon-separator message instead of a hardcoded colon."
"* So that this works properly, don't escape HTML entities in edit summaries. I don't see any good reason for them to be escaped there. Of course, this may result in old edit summaries displaying slightly differently if for some reason they included an entity, but in that case there's at least a 50% chance that they intended it to not be escaped in the first place."
This breaks the ability to easily discuss entities in summaries such as "add ".
* So that this works properly, don't escape HTML entities in edit summaries. I don't see any good reason for them to be escaped there. Of course, this may result in old edit summaries displaying slightly differently if for some reason they included an entity, but in that case there's at least a 50% chance that they intended it to not be escaped in the first place.
This implements an mb_str_pad fallback function, but there is no mb_str_pad in PHP documentation, and the doc comments are really weird -- it says it returns an integer!
If this function is created from whole cloth and doesn't exist in PHP, it should be given a MediaWiki style name and not be done with a function_exists check as though it were a compat function.
As a general rule, it would be a good idea to first split the functions off into their own file without changing them, and then refactor them in a separate commit. Otherwise it's very hard to follow what's actually being changed. (git actually tracks changes to functions when they're moved across files, incidentally, which is quite awesome.)
* Code duplication of validity checks between wfIsValidFileName() and UploadForm::internalProcessUpload() -- this guarantees behavior will become inconsistent over time. Move the normalization into a single place.
* The additional chars excluded for Windows don't cover the entire set of illegal chars. There are several more punctuation characters, plus general issues such as all non-ASCII characters.
* Application of filesystem rules based on OS could result in strange inconsistent behavior; alternate filestore backends could support different sets of legal characters.
* No clear reason for the change to wfVarDump(); var_export works just fine and doesn't use the fragile output buffering
This would make maintenance harder by duplicating information between GlobalFunctions.php and CompatibilityFunctions.php. If you forget to add a function to the list, the compat functions might not get loaded and you'll run into surprise errors.
Removing the wfSharedTable function.
The function uses a $wgExternalSharedDB which is not part of Core, and has not been defined in default settings. The variable itself has no apparent purpose and is likely to make the existing use of $wgSharedDB even more complex and prone to breakage.
The function wfSharedTable itself, appears more like a Wikia made function to support transition of 1.12 wiki in which $wgSharedTables did not exist over to 1.13 in which it does exist.
If this is the actual point of it, then it serves no point in being added to core. 1.13 already has $wgSharedTables and it serves better to append to that, than to use wfSharedTable. This is something that extensions should be defining themselves if they need it for transition from old 1.12 wiki to 1.13.
* Made the PasswordReset and Maintenance extensions, and maintenance/changePassword.php work with CentralAuth, by calling User::setPassword() instead of updating the database directly. They work now even if you use an object cache.
* Don't automatically log in as the user in question when CentralAuthUser::setPassword() is called, it's kind of uncool when an administrator is setting the password of another user.
* Fix bug 14330 by setting the local passwords on demerge
10 previously passing test(s) now FAILING! :(
* Thumbnail image caption with a free URL [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* BUG 1887: A ISBN with a thumbnail [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* BUG 1887: A RFC with a thumbnail [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* BUG 1887: A mailto link with a thumbnail [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* BUG 1887: A <math> with a thumbnail- we don't render math in the parsertests by default,
so math is not stripped and turns up as escaped <math> tags. [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* BUG 1887, part 2: A <math> with a thumbnail- math enabled [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* Image caption containing another image [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* Bug 3090: External links other than http: in image captions [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* Width + Height sized image (using px) (height is ignored) [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* <references> after <gallery> (bug 6164) [Introduced between 03-Jun-2008 19:49:16, 1.13alpha (r35816) and 03-Jun-2008 23:42:22, 1.13alpha (r35827)]
* For some reason PHP doesn't always report errors even when error reporting is set to maxmium.
* The date\time system needs some sort of work doing to it, there is stuff for it spread everywhere and no definite timezone.
* Regardless, an E_STRICT level error does not constitute a major severity and High priority bug.
* Add two conditional functions date_default_timezone_get() and date_default_timezone_set()
which are created if they are not available (PHP <5.1.0).
* Replace setenv( TZ= ) and getenv( TZ ) calls with date_default_timezone_get( TZ ) and
date_default_timezone_set( TZ ).
* Remove some warning supression calls, they were suppressing an E_STRICT level error that
is thrown in PHP >5.1.0, however the above changes stop that error from ever occurring
in the first place.
* Alter comment in DefaultSettings.php to refer to this function rather than the old
method of using setenv().
* Add item to RELEASE-NOTES bug fixes section and fix line width of one item.
Based on attachment 2577 by nekocue.
GlobalFunctions.php now has 2 new functions:
wfBuildQuery and wfParseQuery.
These are similar to the PHP http_build_query and parse_str for query handling. However they don't have the issues which those ones suffer from.
* getFullURL and getLocalUrl now accept arrays and objects as valid input.
* Use wfAppendQuery in getLocalUrl to match up with getFullURL.
* wfArrayToCgi is now a alias to wfBuildQuery (Parameters are in the OPPOSITE order so wfBuildQuery takes defaults as second param and wfArrayToCgi takes them as first parameter like it always did)
* New function wfBuildQuery.
** The code moved here from what once was wfArrayToCgi has been changed from a set of plain loops to a wrapper around http_build_query so that complex data is handled correctly.
** We now support strings and objects as input, and we even parse strings when necessary to merge queries.
* New function wfForeignWikiID to pair with wfWikiID like wfForeignMemcKey. The foreign id can take 2 parameters, if omitted it falls back to the shared db, then to the local db if not set.
* wfMemcKey and wfForeignMemcKey now call the respective wf(Foreign)WikiID function, this simplifies the functions, and avoids code duplication making sure things always match even if for some strange reason it's changed.
I'll likely be using the forign functions later to improve the use of a shared interwiki map to avoid redundant caches.
I could always make the local MemcKey and WikiID functions depend on the foreign ones in a sane way
* Follow redirects on image pages if the redirect is actually an image redirect
* Add comments to the check for redirect code in MediaWiki::initializeArticle so that I actually understand what it does
God I wish this browser would finish dying. :D
The particular situation was that the session cookie was getting eaten as "disabled", thus not sent back to the server so your session state never quite happened. Other cookies on submit seemed to come in intact, but without the session cookie you'd get a big fat error message, even if you set the long-term login cookie option.
Mac/IE seems to always *see* the HttpOnly cookies, but it sometimes marks them as "disabled". It seems to be incorrectly parsing the options after the path, sometimes seeing "/;" as the path instead of "/". Failure is more likely if there's no expiration option (as with the session cookie), or if there *is* a secure option set.
Anyway, just set up a user-agent blacklist $wgHttpOnlyBlacklist and copied the Mac/IE entry over. The HttpOnly setting now gets ignored for blacklist hits as well as for old PHP versions, the check being encapsulated into wfHttpOnlySafe().
Also added some logging for cookie settings, around the setcookie() and session_set_cookie_params() calls.
