r53416 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r53415‎ \| r53416 \| r53417 >
Date:	20:26, 17 July 2009
Author:	dale
Status:	resolved (Comments)
Tags:
Comment:	* fixed filldestination with for non-js2 version of special upload page. * fixed some other warnings that come up in strict compliance mode * removed double httpspecialchars on token
Modified paths:	/trunk/phase3/includes/specials/SpecialUpload.php (modified) (history) /trunk/phase3/includes/upload/UploadBase.php (modified) (history) /trunk/phase3/includes/upload/UploadFromStash.php (modified) (history) /trunk/phase3/includes/upload/UploadFromUrl.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/upload/UploadFromStash.php
—	—	@@ -10,15 +10,17 @@
11	11	$sessionData[$key]['version'] == self::SESSION_VERSION;
12	12	}
13	13
14		~~- static function isValidRequest( &$request ) {~~
	14	+ static function isValidRequest( $request ) {
15	15	$sessionData = $request->getSessionData( 'wsUploadData' );
16	16	return self::isValidSessionKey(
17	17	$request->getInt( 'wpSessionKey' ),
18	18	$sessionData
19	19	);
20	20	}
21		-
22		~~- function initialize( $name, $sessionData ) {~~
	21	+ /*
	22	+ * some $na vars for uploadBase method compatibility.
	23	+ */
	24	+ function initialize( $name, $sessionData, $na, $na2=false ) {
23	25	/**
24	26	* Confirming a temporarily stashed upload.
25	27	* We don't want path names to be forged, so we keep
—	—	@@ -41,7 +43,7 @@
42	44	$desiredDestName = $request->getText( 'wpDestFile' );
43	45	if( !$desiredDestName )
44	46	$desiredDestName = $request->getText( 'wpUploadFile' );
45		~~- return $this->initialize( $desiredDestName, $sessionData[$sessionKey] );~~
	47	+ return $this->initialize( $desiredDestName, $sessionData[$sessionKey], false );
46	48	}
47	49
48	50	/**
Index: trunk/phase3/includes/upload/UploadFromUrl.php
—	—	@@ -61,7 +61,8 @@
62	62	$desiredDestName = $request->getText( 'wpUploadFile' );
63	63	return $this->initialize(
64	64	$desiredDestName,
65		~~- $request->getVal( 'wpUploadFileURL' )~~
	65	+ $request->getVal( 'wpUploadFileURL' ),
	66	+ $asyncdownload = false
66	67	);
67	68	}
68	69
Index: trunk/phase3/includes/upload/UploadBase.php
—	—	@@ -463,12 +463,12 @@
464	464	return false;
465	465	}
466	466	$mTempPath = $status->value;
467		~~- session_start(); // start up the session (might have been previously closed to prevent php session locking)~~
	467	+ if(!isset($_SESSION))
	468	+ session_start(); // start up the session (might have been previously closed to prevent php session locking)
468	469	$key = $this->getSessionKey();
469	470	$_SESSION['wsUploadData'][$key] = array(
470	471	'mTempPath' => $mTempPath,
471	472	'mFileSize' => $this->mFileSize,
472		~~- 'mSrcName' => $this->mSrcName,~~
473	473	'mFileProps' => $this->mFileProps,
474	474	'version' => self::SESSION_VERSION,
475	475	);
Index: trunk/phase3/includes/specials/SpecialUpload.php
—	—	@@ -543,7 +543,7 @@
544	544
545	545	$this->mSessionKey = $this->mUpload->stashSession();
546	546
547		~~- if( $sessionData === false ) {~~
	547	+ if( $this->mSessionKey === false ) {
548	548	# Couldn't save file; an error has been displayed so let's go.
549	549	return;
550	550	}
—	—	@@ -591,12 +591,10 @@
592	592	} else {
593	593	$copyright = '';
594	594	}
595		~~- //add the wpEditToken~~
596		~~- $token = htmlspecialchars( $wgUser->editToken() );~~
597	595	$wgOut->addHTML(
598	596	Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ),
599	597	'enctype' => 'multipart/form-data', 'id' => 'uploadwarning' ) ) . "\n" .
600		~~- Xml::hidden('wpEditToken', $token) .~~
	598	+ Xml::hidden('wpEditToken', $wgUser->editToken()) .
601	599	Xml::hidden( 'wpIgnoreWarning', '1' ) . "\n" .
602	600	Xml::hidden( 'wpSourceType', 'stash' ) . "\n" .
603	601	Xml::hidden( 'wpSessionKey', $this->mSessionKey ) . "\n" .
—	—	@@ -788,16 +786,16 @@
789	787	wfMsgHtml( 'upload_source_url' ) ;
790	788	}else{
791	789	//@@todo depreciate (not needed once $wgEnableJS2system is turned on)
792		~~- $filename_form =~~
	790	+ $filename_form =
793	791	"<input type='radio' id='wpSourceTypeFile' name='wpSourceType' value='file' " .
794	792	"onchange='toggle_element_activation(\"wpUploadFileURL\",\"wpUploadFile\")' checked='checked' />" .
795	793	"<input tabindex='1' type='file' name='wpUploadFile' id='wpUploadFile' " .
796		~~- "onfocus='" .~~
	794	+ " onfocus='" .
797	795	"toggle_element_activation(\"wpUploadFileURL\",\"wpUploadFile\");" .
798	796	"toggle_element_check(\"wpSourceTypeFile\",\"wpSourceTypeURL\")' " .
799	797	"onchange='fillDestFilename(\"wpUploadFile\")' size='60' />" .
800	798	wfMsgHTML( 'upload_source_file' ) . "<br/>" .
801		~~- "<input type='radio' id='wpSourceTypeURL' name='wpSourceType' value='Url' " .~~
	799	+ "<input type='radio' id='wpSourceTypeURL' name='wpSourceType' value='web' " .
802	800	"onchange='toggle_element_activation(\"wpUploadFile\",\"wpUploadFileURL\")' />" .
803	801	"<input tabindex='1' type='text' name='wpUploadFileURL' id='wpUploadFileURL' " .
804	802	"onfocus='" .
—	—	@@ -808,9 +806,16 @@
809	807
810	808	}
811	809	} else {
812		~~- $filename_form =~~
813		~~- "<input tabindex='1' type='file' name='wpUploadFile' id='wpUploadFile' size='60' />" .~~
814		~~- "<input type='hidden' name='wpSourceType' value='upload' />" ;~~
	810	+ if($wgEnableJS2system){
	811	+ $filename_form =
	812	+ Xml::input( 'wpUploadFile', 60, false, array( 'id'=>'wpUploadFile', 'type'=>'file', 'tabindex' => '1' ) ) .
	813	+ Xml::hidden( 'wpSourceType', 'file');
	814	+ }else{
	815	+ $filename_form =
	816	+ "<input tabindex='1' type='file' name='wpUploadFile' id='wpUploadFile' size='60' ".
	817	+ "onchange='fillDestFilename(\"wpUploadFile\")' />" .
	818	+ "<input type='hidden' name='wpSourceType' value='file' />" ;
	819	+ }
815	820	}
816	821
817	822	if ( $useAjaxDestCheck ) {
—	—	@@ -826,11 +831,10 @@
827	832	$encComment = htmlspecialchars( $this->mComment );
828	833
829	834	//add the wpEditToken
830		~~- $token = htmlspecialchars( $wgUser->editToken() );~~
831	835	$wgOut->addHTML(
832	836	Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ),
833	837	'enctype' => 'multipart/form-data', 'id' => 'mw-upload-form' ) ) .
834		~~- Xml::hidden('wpEditToken', $token) .~~
	838	+ Xml::hidden('wpEditToken', $wgUser->editToken()) .
835	839	Xml::openElement( 'fieldset' ) .
836	840	Xml::element( 'legend', null, wfMsg( 'upload' ) ) .
837	841	Xml::openElement( 'table', array( 'border' => '0', 'id' => 'mw-upload-table' ) ) .

Comments

#Comment by OverlordQ (talk | contribs) 07:22, 31 July 2009

Breaks URL uploads, see bug #20020

#Comment by Mdale (talk | contribs) 08:11, 31 July 2009

opps don't know why value='Url' was changed value='web' anyway should be working now r54076

Status & tagging log

00:35, 22 August 2009 Brion VIBBER (talk | contribs) changed the status of r53416 [removed: new added: resolved]