← Back to branch summary

~ubuntu-branches/ubuntu/maverick/mediawiki/maverick

~ubuntu-branches/ubuntu/maverick/mediawiki/maverick

« back to all changes in this revision

Viewing changes to includes/api/ApiQuery.php

Committer: Bazaar Package Importer
Author(s): Jonathan Wiltshire, Thorsten Glaser, Jonathan Wiltshire
Date: 2010-07-28 12:23:04 UTC
mfrom: (16.1.9 sid)
Revision ID: james.westby@ubuntu.com-20100728122304-l7cklondi123hl7v

Tags: 1:1.15.5-1

http://bugs.debian.org/590660

https://launchpad.net/bugs/610782

http://bugs.debian.org/590669

https://launchpad.net/bugs/610819

[ Thorsten Glaser ]
* debian/patches/suppress_warnings.patch: new, suppress warnings
  about session_start() being called twice also in the PHP error
  log, not just MediaWiki’s, for example run from FusionForge

[ Jonathan Wiltshire ]
* New upstream security release:
  - correctly set caching headers to prevent private data leakage
       (closes: #590660, LP: #610782)
  - fix XSS vulnerability in profileinfo.php
       (closes: #590669, LP: #610819)

files added:
.pc/suppress_warnings.patch

.pc/suppress_warnings.patch/includes

.pc/suppress_warnings.patch/includes/GlobalFunctions.php

debian/patches/suppress_warnings.patch

files modified:
.pc/applied-patches

.pc/mimetypes.patch/includes/DefaultSettings.php

.pc/texvc_location.patch/includes/DefaultSettings.php

CREDITS

RELEASE-NOTES

debian/changelog

debian/patches/series

includes/DefaultSettings.php

includes/GlobalFunctions.php

includes/OutputPage.php

includes/api/ApiExpandTemplates.php

includes/api/ApiLogin.php

includes/api/ApiLogout.php

includes/api/ApiMain.php

includes/api/ApiOpenSearch.php

includes/api/ApiParse.php

includes/api/ApiPatrol.php

includes/api/ApiPurge.php

includes/api/ApiQuery.php

includes/api/ApiQueryAllCategories.php

includes/api/ApiQueryAllLinks.php

includes/api/ApiQueryAllUsers.php

includes/api/ApiQueryAllimages.php

includes/api/ApiQueryAllmessages.php

includes/api/ApiQueryAllpages.php

includes/api/ApiQueryBacklinks.php

includes/api/ApiQueryBase.php

includes/api/ApiQueryBlocks.php

includes/api/ApiQueryCategories.php

includes/api/ApiQueryCategoryInfo.php

includes/api/ApiQueryCategoryMembers.php

includes/api/ApiQueryDeletedrevs.php

includes/api/ApiQueryDuplicateFiles.php

includes/api/ApiQueryExtLinksUsage.php

includes/api/ApiQueryExternalLinks.php

includes/api/ApiQueryImageInfo.php

includes/api/ApiQueryImages.php

includes/api/ApiQueryInfo.php

includes/api/ApiQueryLangLinks.php

includes/api/ApiQueryLinks.php

includes/api/ApiQueryLogEvents.php

includes/api/ApiQueryProtectedTitles.php

includes/api/ApiQueryRandom.php

includes/api/ApiQueryRecentChanges.php

includes/api/ApiQueryRevisions.php

includes/api/ApiQuerySearch.php

includes/api/ApiQuerySiteinfo.php

includes/api/ApiQueryUserContributions.php

includes/api/ApiQueryUserInfo.php

includes/api/ApiQueryUsers.php

includes/api/ApiQueryWatchlist.php

includes/api/ApiQueryWatchlistRaw.php

includes/api/ApiWatch.php

languages/messages/MessagesAb.php

languages/messages/MessagesAce.php

languages/messages/MessagesAf.php

languages/messages/MessagesAln.php

languages/messages/MessagesAm.php

languages/messages/MessagesAn.php

languages/messages/MessagesAng.php

languages/messages/MessagesAr.php

languages/messages/MessagesArc.php

languages/messages/MessagesArz.php

languages/messages/MessagesAs.php

languages/messages/MessagesAst.php

languages/messages/MessagesAvk.php

languages/messages/MessagesAy.php

languages/messages/MessagesAz.php

languages/messages/MessagesBa.php

languages/messages/MessagesBar.php

languages/messages/MessagesBat_smg.php

languages/messages/MessagesBcc.php

languages/messages/MessagesBcl.php

languages/messages/MessagesBe.php

languages/messages/MessagesBe_tarask.php

languages/messages/MessagesBg.php

languages/messages/MessagesBh.php

languages/messages/MessagesBn.php

languages/messages/MessagesBpy.php

languages/messages/MessagesBqi.php

languages/messages/MessagesBr.php

languages/messages/MessagesBs.php

languages/messages/MessagesBug.php

languages/messages/MessagesCa.php

languages/messages/MessagesCdo.php

languages/messages/MessagesCe.php

languages/messages/MessagesCeb.php

languages/messages/MessagesCh.php

languages/messages/MessagesCrh_cyrl.php

languages/messages/MessagesCrh_latn.php

languages/messages/MessagesCs.php

languages/messages/MessagesCsb.php

languages/messages/MessagesCu.php

languages/messages/MessagesCv.php

languages/messages/MessagesCy.php

languages/messages/MessagesDa.php

languages/messages/MessagesDe.php

languages/messages/MessagesDe_formal.php

languages/messages/MessagesDiq.php

languages/messages/MessagesDsb.php

languages/messages/MessagesDv.php

languages/messages/MessagesDz.php

languages/messages/MessagesEe.php

languages/messages/MessagesEl.php

languages/messages/MessagesEn.php

languages/messages/MessagesEo.php

languages/messages/MessagesEs.php

languages/messages/MessagesEt.php

languages/messages/MessagesEu.php

languages/messages/MessagesExt.php

languages/messages/MessagesFa.php

languages/messages/MessagesFi.php

languages/messages/MessagesFo.php

languages/messages/MessagesFr.php

languages/messages/MessagesFrc.php

languages/messages/MessagesFrp.php

languages/messages/MessagesFur.php

languages/messages/MessagesFy.php

languages/messages/MessagesGa.php

languages/messages/MessagesGag.php

languages/messages/MessagesGan_hans.php

languages/messages/MessagesGan_hant.php

languages/messages/MessagesGd.php

languages/messages/MessagesGl.php

languages/messages/MessagesGrc.php

languages/messages/MessagesGsw.php

languages/messages/MessagesGu.php

languages/messages/MessagesGv.php

languages/messages/MessagesHak.php

languages/messages/MessagesHaw.php

languages/messages/MessagesHe.php

languages/messages/MessagesHi.php

languages/messages/MessagesHif_latn.php

languages/messages/MessagesHil.php

languages/messages/MessagesHr.php

languages/messages/MessagesHsb.php

languages/messages/MessagesHt.php

languages/messages/MessagesHu.php

languages/messages/MessagesHy.php

languages/messages/MessagesIa.php

languages/messages/MessagesId.php

languages/messages/MessagesIe.php

languages/messages/MessagesIg.php

languages/messages/MessagesIlo.php

languages/messages/MessagesIo.php

languages/messages/MessagesIs.php

languages/messages/MessagesIt.php

languages/messages/MessagesJa.php

languages/messages/MessagesJbo.php

languages/messages/MessagesJut.php

languages/messages/MessagesJv.php

languages/messages/MessagesKa.php

languages/messages/MessagesKaa.php

languages/messages/MessagesKab.php

languages/messages/MessagesKk_arab.php

languages/messages/MessagesKk_cyrl.php

languages/messages/MessagesKk_latn.php

languages/messages/MessagesKm.php

languages/messages/MessagesKn.php

languages/messages/MessagesKo.php

languages/messages/MessagesKsh.php

languages/messages/MessagesKu_latn.php

languages/messages/MessagesKw.php

languages/messages/MessagesKy.php

languages/messages/MessagesLa.php

languages/messages/MessagesLad.php

languages/messages/MessagesLb.php

languages/messages/MessagesLfn.php

languages/messages/MessagesLi.php

languages/messages/MessagesLij.php

languages/messages/MessagesLmo.php

languages/messages/MessagesLo.php

languages/messages/MessagesLt.php

languages/messages/MessagesLv.php

languages/messages/MessagesLzh.php

languages/messages/MessagesLzz.php

languages/messages/MessagesMdf.php

languages/messages/MessagesMg.php

languages/messages/MessagesMhr.php

languages/messages/MessagesMi.php

languages/messages/MessagesMk.php

languages/messages/MessagesMl.php

languages/messages/MessagesMn.php

languages/messages/MessagesMr.php

languages/messages/MessagesMs.php

languages/messages/MessagesMt.php

languages/messages/MessagesMwl.php

languages/messages/MessagesMyv.php

languages/messages/MessagesMzn.php

languages/messages/MessagesNah.php

languages/messages/MessagesNan.php

languages/messages/MessagesNap.php

languages/messages/MessagesNds.php

languages/messages/MessagesNds_nl.php

languages/messages/MessagesNe.php

languages/messages/MessagesNl.php

languages/messages/MessagesNn.php

languages/messages/MessagesNo.php

languages/messages/MessagesNov.php

languages/messages/MessagesNso.php

languages/messages/MessagesOc.php

languages/messages/MessagesOs.php

languages/messages/MessagesPa.php

languages/messages/MessagesPag.php

languages/messages/MessagesPam.php

languages/messages/MessagesPdc.php

languages/messages/MessagesPfl.php

languages/messages/MessagesPl.php

languages/messages/MessagesPms.php

languages/messages/MessagesPnb.php

languages/messages/MessagesPnt.php

languages/messages/MessagesPs.php

languages/messages/MessagesPt.php

languages/messages/MessagesPt_br.php

languages/messages/MessagesQqq.php

languages/messages/MessagesQu.php

languages/messages/MessagesRif.php

languages/messages/MessagesRm.php

languages/messages/MessagesRo.php

languages/messages/MessagesRoa_tara.php

languages/messages/MessagesRu.php

languages/messages/MessagesSa.php

languages/messages/MessagesSah.php

languages/messages/MessagesSc.php

languages/messages/MessagesScn.php

languages/messages/MessagesSco.php

languages/messages/MessagesSd.php

languages/messages/MessagesSdc.php

languages/messages/MessagesSe.php

languages/messages/MessagesSei.php

languages/messages/MessagesSh.php

languages/messages/MessagesShi.php

languages/messages/MessagesSi.php

languages/messages/MessagesSk.php

languages/messages/MessagesSl.php

languages/messages/MessagesSq.php

languages/messages/MessagesSr_ec.php

languages/messages/MessagesSr_el.php

languages/messages/MessagesSrn.php

languages/messages/MessagesStq.php

languages/messages/MessagesSu.php

languages/messages/MessagesSv.php

languages/messages/MessagesSw.php

languages/messages/MessagesSzl.php

languages/messages/MessagesTa.php

languages/messages/MessagesTe.php

languages/messages/MessagesTet.php

languages/messages/MessagesTg_cyrl.php

languages/messages/MessagesTh.php

languages/messages/MessagesTk.php

languages/messages/MessagesTl.php

languages/messages/MessagesTo.php

languages/messages/MessagesTr.php

languages/messages/MessagesTt_cyrl.php

languages/messages/MessagesTt_latn.php

languages/messages/MessagesTyv.php

languages/messages/MessagesUk.php

languages/messages/MessagesUr.php

languages/messages/MessagesUz.php

languages/messages/MessagesVec.php

languages/messages/MessagesVep.php

languages/messages/MessagesVi.php

languages/messages/MessagesVo.php

languages/messages/MessagesVro.php

languages/messages/MessagesWa.php

languages/messages/MessagesWo.php

languages/messages/MessagesWuu.php

languages/messages/MessagesXal.php

languages/messages/MessagesXmf.php

languages/messages/MessagesYi.php

languages/messages/MessagesYo.php

languages/messages/MessagesYue.php

languages/messages/MessagesZh_hans.php

languages/messages/MessagesZh_hant.php

languages/messages/MessagesZh_tw.php

languages/messages/MessagesZu.php

maintenance/parserTests.txt

profileinfo.php

Show diffs side-by-side

added added

removed removed

includes/api/ApiQuery.php

209

209

$this->InstantiateModules($modules, 'list', $this->mQueryListModules);

210

210

$this->InstantiateModules($modules, 'meta', $this->mQueryMetaModules);

211

211

212

$cacheMode = 'public';

213

212

214

//

213

215

// If given, execute generator to substitute user supplied data with generated data.

214

216

//

215

if (isset ($this->params['generator'])) {

216

$this->executeGeneratorModule($this->params['generator'], $modules);

217

if ( isset ( $this->params['generator'] ) ) {

218

$generator = $this->newGenerator( $this->params['generator'] );

219

$params = $generator->extractRequestParams();

220

$cacheMode = $this->mergeCacheMode( $cacheMode,

221

$generator->getCacheMode( $params ) );

222

$this->executeGeneratorModule( $generator, $modules );

217

223

} else {

218

224

// Append custom fields and populate page/revision information

219

225

$this->addCustomFldsToPageSet($modules, $this->mPageSet);

229

235

// Execute all requested modules.

230

236

//

231

237

foreach ($modules as $module) {

238

$params = $module->extractRequestParams();

239

$cacheMode = $this->mergeCacheMode(

240

$cacheMode, $module->getCacheMode( $params ) );

232

241

$module->profileIn();

233

242

$module->execute();

234

243

wfRunHooks('APIQueryAfterExecute', array(&$module));

235

244

$module->profileOut();

236

245

}

246

247

// Set the cache mode

248

$this->getMain()->setCacheMode( $cacheMode );

249

}

250

251

/**

252

* Update a cache mode string, applying the cache mode of a new module to it.

253

* The cache mode may increase in the level of privacy, but public modules

254

* added to private data do not decrease the level of privacy.

255

*/

256

protected function mergeCacheMode( $cacheMode, $modCacheMode ) {

257

if ( $modCacheMode === 'anon-public-user-private' ) {

258

if ( $cacheMode !== 'private' ) {

259

$cacheMode = 'anon-public-user-private';

260

}

261

} elseif ( $modCacheMode === 'public' ) {

262

// do nothing, if it's public already it will stay public

263

} else { // private

264

$cacheMode = 'private';

265

}

266

return $cacheMode;

237

267

}

238

268

239

269

/**

409

439

}

410

440

411

441

/**

412

* For generator mode, execute generator, and use its output as new

413

* ApiPageSet

414

* @param $generatorName string Module name

415

* @param $modules array of module objects

442

* Create a generator object of the given type and return it

416

443

*/

417

protected function executeGeneratorModule($generatorName, $modules) {

418

444

public function newGenerator( $generatorName ) {

419

445

// Find class that implements requested generator

420

446

if (isset ($this->mQueryListModules[$generatorName])) {

421

447

$className = $this->mQueryListModules[$generatorName];

432

458

$generator = new $className ($this, $generatorName);

433

459

if (!$generator instanceof ApiQueryGeneratorBase)

434

460

$this->dieUsage("Module $generatorName cannot be used as a generator", "badgenerator");

435

436

461

$generator->setGeneratorMode();

462

return $generator;

463

}

464

465

/**

466

* For generator mode, execute generator, and use its output as new

467

* ApiPageSet

468

* @param $generatorName string Module name

469

* @param $modules array of module objects

470

*/

471

protected function executeGeneratorModule( $generator, $modules ) {

472

// Generator results

473

$resultPageSet = new ApiPageSet( $this, $this->redirects, $this->convertTitles );

437

474

438

475

// Add any additional fields modules may need

439

476

$generator->requestExtraData($this->mPageSet);

580

617

public function getVersion() {

581

618

$psModule = new ApiPageSet($this);

582

619

$vers = array ();

583

$vers[] = __CLASS__ . ': $Id: ApiQuery.php 48629 2009-03-20 11:40:54Z catrope $';

620

$vers[] = __CLASS__ . ': $Id: ApiQuery.php 69986 2010-07-27 03:57:39Z tstarling $';

584

621

$vers[] = $psModule->getVersion();

585

622

return $vers;

586

623

}

587

}

b'\\ No newline at end of file'

624

}

Older »