r57064 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r57063‎ | r57064 | r57065 >
Date:17:27, 29 September 2009
Author:brion
Status:ok
Tags:
Comment:
Fix regression from r54429 "(bug 17864 + bug 19519) - Do input normalization on the username before doing existence/permission checks"

This did some overactive canonicalization of the input username before username and database were split, breaking access to remote users where the database name contained an underscore -- it was changed to space.
This would also have broken numeric access, I think, but I didn't bother to test that. :)
Fix moves the username canonicalization down into fetchUser() after we split the name and database, so we now can access remote folks via non-canonical forms and we don't break the dbnames.
Modified paths:
  • /trunk/phase3/includes/specials/SpecialUserrights.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/specials/SpecialUserrights.php
@@ -54,7 +54,6 @@
5555 } else {
5656 $this->mTarget = $wgRequest->getVal( 'user' );
5757 }
58 - $this->mTarget = User::getCanonicalName( $this->mTarget );
5958
6059 /*
6160 * If the user is blocked and they only have "partial" access
@@ -312,6 +311,12 @@
313312 if( !$name ) {
314313 return new WikiErrorMsg( 'noname' );
315314 }
 315+ } else {
 316+ $name = User::getCanonicalName( $name );
 317+ if( !$name ) {
 318+ // invalid name
 319+ return new WikiErrorMsg( 'nosuchusershort', $username );
 320+ }
316321 }
317322
318323 if( $database == '' ) {

Follow-up revisions

RevisionCommit summaryAuthorDate
r57065merge from trunk r57064 regression fixbrion17:30, 29 September 2009
r66258Special:Userrights didn't recognize user as self if person didn't capitalize...bawolff06:31, 12 May 2010

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r54429(bug 17864 + bug 19519) - Do input normalization on the username before doing...mrzman04:42, 5 August 2009

Status & tagging log