r43106 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r43105‎ \| r43106 \| r43107 >
Date:	00:33, 3 November 2008
Author:	siebrand
Status:	old (Comments)
Tags:
Comment:	(bug 15544) Non-index entry points cause the "Wiki not set up" message to have corrupt URLs. Patch by Matt Johnston with tiny changes in comments. Fixed patch compared to r40719, finds the correct path if in any subdirectory (of those listed) or if in the main directory. Also validates if it has the right place.
Modified paths:	/trunk/phase3/RELEASE-NOTES (modified) (history) /trunk/phase3/includes/templates/NoLocalSettings.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/templates/NoLocalSettings.php
—	—	@@ -10,12 +10,31 @@
11	11	} else {
12	12	$wgVersion = 'VERSION';
13	13	}
14		~~-# Set the path in case we hit a page such as /index.php/Main_Page~~
15		~~-# Could use <base href> but then we have to worry about http[s]/port #/etc.~~
16		~~-$ext = strpos( $_SERVER['SCRIPT_NAME'], 'index.php5' ) === false ? 'php' : 'php5';~~
	14	+
	15	+$scriptName = $_SERVER['SCRIPT_NAME'];
	16	+$ext = substr( $scriptName, strpos( $scriptName, "." ) + 1 );
17	17	$path = '';
18		~~-if( isset( $_SERVER['SCRIPT_NAME'] )) {~~
19		~~- $path = htmlspecialchars( preg_replace('/index.php5?/', '', $_SERVER['SCRIPT_NAME']) );~~
	18	+# Add any directories in the main folder that could contain an entrypoint (even possibly).
	19	+# We cannot just do a dir listing here, as we do not know where it is yet
	20	+# These must not also be the names of subfolders that may contain an entrypoint
	21	+$topdirs = array( 'extensions', 'includes' );
	22	+foreach( $topdirs as $dir ){
	23	+ # Check whether a directory by this name is in the path
	24	+ if( strrpos( $scriptName, "/" . $dir . "/" ) ){
	25	+ # If so, check whether it is the right folder
	26	+ # First, get the number of directories up it is (to generate path)
	27	+ $numToGoUp = substr_count( substr( $scriptName, strrpos( $scriptName, "/" . $dir . "/" ) + 1 ), "/" );
	28	+ # And generate the path using ..'s
	29	+ for( $i = 0; $i < $numToGoUp; $i++ ){
	30	+ $realPath = "../" . $realPath;
	31	+ }
	32	+ # Checking existance (using the image here as it is something not likely to change, and to always be here)
	33	+ if( file_exists( $realPath . "skins/common/images/mediawiki.png" ) ) {
	34	+ # If so, get the path that we can use in this file, and stop looking
	35	+ $path = substr( $scriptName, 0, strrpos( $scriptName, "/" . $dir . "/" ) + 1 );
	36	+ break;
	37	+ }
	38	+ }
20	39	}
21	40	?>
22	41	<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
Index: trunk/phase3/RELEASE-NOTES
—	—	@@ -311,6 +311,8 @@
312	312	a warning
313	313	* (bug 16143) Fix redirect loop on special pages starting with lower case letters
314	314	* (bug 15737) Fix notices while expanding using PPCustomFrame
	315	+* (bug 15544) Non-index entry points cause the "Wiki not set up" message to
	316	+ have corrupt URLs
315	317
316	318	=== API changes in 1.14 ===
317	319

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r40719	(bug 15544) non-index.php entry points prior to setup produced a bad /config/...	demon	00:07, 11 September 2008

Comments

#Comment by Tim Starling (talk | contribs) 12:38, 13 November 2008

Needs escaping on the output side to avoid XSS
Every strpos/strrpos needs to explicitly check for false
Redundant strrpos calls should be removed

#Comment by Brion VIBBER (talk | contribs) 01:03, 14 November 2008

Reverted in r41047

Status & tagging log

09:06, 18 January 2012 Siebrand (talk | contribs) changed the tags for r43106 [removed: reverted]
15:36, 12 September 2011 Meno25 (talk | contribs) changed the status of r43106 [removed: resolved added: old]
01:03, 14 November 2008 Brion VIBBER (talk | contribs) changed the tags for r43106 [added: reverted]
01:03, 14 November 2008 Brion VIBBER (talk | contribs) changed the status of r43106 [removed: fixme added: resolved]