| Index: trunk/phase3/includes/Parser.php |
| — | — | @@ -3803,11 +3803,16 @@ |
| 3804 | 3804 | * @private |
| 3805 | 3805 | */ |
| 3806 | 3806 | function getUserSig( &$user ) { |
| | 3807 | + global $wgMaxSigChars; |
| | 3808 | + |
| 3807 | 3809 | $username = $user->getName(); |
| 3808 | 3810 | $nickname = $user->getOption( 'nickname' ); |
| 3809 | 3811 | $nickname = $nickname === '' ? $username : $nickname; |
| 3810 | | - |
| 3811 | | - if( $user->getBoolOption( 'fancysig' ) !== false ) { |
| | 3812 | + |
| | 3813 | + if( strlen( $nickname ) > $wgMaxSigChars ) { |
| | 3814 | + $nickname = $username; |
| | 3815 | + wfDebug( __METHOD__ . ": $username has overlong signature.\n" ); |
| | 3816 | + } elseif( $user->getBoolOption( 'fancysig' ) !== false ) { |
| 3812 | 3817 | # Sig. might contain markup; validate this |
| 3813 | 3818 | if( $this->validateSig( $nickname ) !== false ) { |
| 3814 | 3819 | # Validated; clean up (if needed) and return it |
| Index: trunk/phase3/includes/SpecialPreferences.php |
| — | — | @@ -241,7 +241,13 @@ |
| 242 | 242 | } |
| 243 | 243 | |
| 244 | 244 | # Validate the signature and clean it up as needed |
| 245 | | - if( $this->mToggles['fancysig'] ) { |
| | 245 | + global $wgMaxSigChars; |
| | 246 | + if( strlen( $this->mNick ) > $wgMaxSigChars ) { |
| | 247 | + global $wgLang; |
| | 248 | + $this->mainPrefsForm( 'error', |
| | 249 | + wfMsg( 'badsiglength', $wgLang->formatNum( $wgMaxSigChars ) ) ); |
| | 250 | + return; |
| | 251 | + } elseif( $this->mToggles['fancysig'] ) { |
| 246 | 252 | if( Parser::validateSig( $this->mNick ) !== false ) { |
| 247 | 253 | $this->mNick = $wgParser->cleanSig( $this->mNick ); |
| 248 | 254 | } else { |
| — | — | @@ -603,8 +609,14 @@ |
| 604 | 610 | ); |
| 605 | 611 | } |
| 606 | 612 | |
| 607 | | - global $wgParser; |
| 608 | | - if( !empty( $this->mToggles['fancysig'] ) && |
| | 613 | + global $wgParser, $wgMaxSigChars; |
| | 614 | + if( strlen( $this->mNick ) > $wgMaxSigChars ) { |
| | 615 | + $invalidSig = $this->tableRow( |
| | 616 | + ' ', |
| | 617 | + Xml::element( 'span', array( 'class' => 'error' ), |
| | 618 | + wfMsg( 'badsiglength', $wgLang->formatNum( $wgMaxSigChars ) ) ) |
| | 619 | + ); |
| | 620 | + } elseif( !empty( $this->mToggles['fancysig'] ) && |
| 609 | 621 | false === $wgParser->validateSig( $this->mNick ) ) { |
| 610 | 622 | $invalidSig = $this->tableRow( |
| 611 | 623 | ' ', |
| — | — | @@ -617,7 +629,14 @@ |
| 618 | 630 | $wgOut->addHTML( |
| 619 | 631 | $this->tableRow( |
| 620 | 632 | Xml::label( wfMsg( 'yournick' ), 'wpNick' ), |
| 621 | | - Xml::input( 'wpNick', 25, $this->mNick, array( 'id' => 'wpNick' ) ) |
| | 633 | + Xml::input( 'wpNick', 25, $this->mNick, |
| | 634 | + array( |
| | 635 | + 'id' => 'wpNick', |
| | 636 | + // Note: $wgMaxSigChars is currently enforced in UTF-8 bytes, |
| | 637 | + // but 'maxlength' attribute is enforced in characters. |
| | 638 | + // It's still possible to put in an overlong string |
| | 639 | + // 'legitimately' by typing non-ASCII chars. |
| | 640 | + 'maxlength' => $wgMaxSigChars ) ) |
| 622 | 641 | ) . |
| 623 | 642 | $invalidSig . |
| 624 | 643 | $this->tableRow( ' ', $this->getToggle( 'fancysig' ) ) |
| Index: trunk/phase3/includes/DefaultSettings.php |
| — | — | @@ -857,6 +857,7 @@ |
| 858 | 858 | |
| 859 | 859 | $wgShowIPinHeader = true; # For non-logged in users |
| 860 | 860 | $wgMaxNameChars = 255; # Maximum number of bytes in username |
| | 861 | +$wgMaxSigChars = 255; # Maximum number of bytes in signature |
| 861 | 862 | $wgMaxArticleSize = 2048; # Maximum article size in kilobytes |
| 862 | 863 | |
| 863 | 864 | $wgExtraSubtitle = ''; |
| Index: trunk/phase3/languages/messages/MessagesEn.php |
| — | — | @@ -830,6 +830,7 @@ |
| 831 | 831 | 'yourvariant' => 'Variant', |
| 832 | 832 | 'yournick' => 'Nickname:', |
| 833 | 833 | 'badsig' => 'Invalid raw signature; check HTML tags.', |
| | 834 | +'badsiglength' => 'Nickname too long; must be under $1 characters.', |
| 834 | 835 | 'email' => 'E-mail', |
| 835 | 836 | 'prefs-help-realname' => 'Real name is optional and if you choose to provide it this will be used for giving you attribution for your work.', |
| 836 | 837 | 'loginerror' => 'Login error', |
| Index: trunk/phase3/RELEASE-NOTES |
| — | — | @@ -82,7 +82,9 @@ |
| 83 | 83 | Common.css and MediaWiki:Monobook.css. |
| 84 | 84 | * (bug 8869) Introduce Special:Uncategorizedtemplates |
| 85 | 85 | * (bug 8734) Different log message when article protection level is changed |
| | 86 | +* (bug 8458) Limit custom signature length to $wgMaxSigChars bytes |
| 86 | 87 | |
| | 88 | + |
| 87 | 89 | == Bugfixes since 1.10 == |
| 88 | 90 | |
| 89 | 91 | * (bug 9712) Use Arabic comma in date/time formats for Arabic and Farsi |