r70571 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r70570‎ | r70571 | r70572 >
Date:15:00, 6 August 2010
Author:demon
Status:ok (Comments)
Tags:
Comment:
Cleanup getCookie() and use it all over the place instead of using $_COOKIE directly
Modified paths:
  • /trunk/phase3/includes/Setup.php (modified) (history)
  • /trunk/phase3/includes/User.php (modified) (history)
  • /trunk/phase3/includes/WebRequest.php (modified) (history)
  • /trunk/phase3/includes/extauth/vB.php (modified) (history)
  • /trunk/phase3/includes/specials/SpecialUserlogin.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/User.php
@@ -816,7 +816,7 @@
817817 function loadDefaults( $name = false ) {
818818 wfProfileIn( __METHOD__ );
819819
820 - global $wgCookiePrefix;
 820+ global $wgRequest;
821821
822822 $this->mId = 0;
823823 $this->mName = $name;
@@ -827,8 +827,8 @@
828828 $this->mOptionOverrides = null;
829829 $this->mOptionsLoaded = false;
830830
831 - if ( isset( $_COOKIE[$wgCookiePrefix.'LoggedOut'] ) ) {
832 - $this->mTouched = wfTimestamp( TS_MW, $_COOKIE[$wgCookiePrefix.'LoggedOut'] );
 831+ if( $wgRequest->getCookie( 'LoggedOut' ) ) {
 832+ $this->mTouched = wfTimestamp( TS_MW, $wgRequest->getCookie( 'LoggedOut' ) );
833833 } else {
834834 $this->mTouched = '0'; # Allow any pages to be cached
835835 }
@@ -859,7 +859,7 @@
860860 * @return \bool True if the user is logged in, false otherwise.
861861 */
862862 private function loadFromSession() {
863 - global $wgCookiePrefix, $wgExternalAuthType, $wgAutocreatePolicy;
 863+ global $wgRequest, $wgExternalAuthType, $wgAutocreatePolicy;
864864
865865 $result = null;
866866 wfRunHooks( 'UserLoadFromSession', array( $this, &$result ) );
@@ -875,8 +875,8 @@
876876 }
877877 }
878878
879 - if ( isset( $_COOKIE["{$wgCookiePrefix}UserID"] ) ) {
880 - $sId = intval( $_COOKIE["{$wgCookiePrefix}UserID"] );
 879+ if ( $wgRequest->getCookie( 'UserID' ) ) {
 880+ $sId = intval( $wgRequest->getCookie( 'UserID' ) );
881881 if( isset( $_SESSION['wsUserID'] ) && $sId != $_SESSION['wsUserID'] ) {
882882 $this->loadDefaults(); // Possible collision!
883883 wfDebugLog( 'loginSessions', "Session user ID ({$_SESSION['wsUserID']}) and
@@ -898,8 +898,8 @@
899899
900900 if ( isset( $_SESSION['wsUserName'] ) ) {
901901 $sName = $_SESSION['wsUserName'];
902 - } else if ( isset( $_COOKIE["{$wgCookiePrefix}UserName"] ) ) {
903 - $sName = $_COOKIE["{$wgCookiePrefix}UserName"];
 902+ } else if ( $wgRequest->getCookie('UserName') ) {
 903+ $sName = $wgRequest->getCookie('UserName');
904904 $_SESSION['wsUserName'] = $sName;
905905 } else {
906906 $this->loadDefaults();
@@ -923,8 +923,8 @@
924924 if ( isset( $_SESSION['wsToken'] ) ) {
925925 $passwordCorrect = $_SESSION['wsToken'] == $this->mToken;
926926 $from = 'session';
927 - } else if ( isset( $_COOKIE["{$wgCookiePrefix}Token"] ) ) {
928 - $passwordCorrect = $this->mToken == $_COOKIE["{$wgCookiePrefix}Token"];
 927+ } else if ( $wgRequest->getCookie( 'Token' ) ) {
 928+ $passwordCorrect = $this->mToken == $wgRequest->getCookie( 'Token' );
929929 $from = 'cookie';
930930 } else {
931931 # No session or persistent login cookie
Index: trunk/phase3/includes/Setup.php
@@ -305,7 +305,7 @@
306306 session_name( $wgSessionName ? $wgSessionName : $wgCookiePrefix . '_session' );
307307
308308 if( !defined( 'MW_NO_SESSION' ) ) {
309 - if( !$wgCommandLineMode && ( $wgRequest->checkSessionCookie() || isset( $_COOKIE[$wgCookiePrefix.'Token'] ) ) ) {
 309+ if( !$wgCommandLineMode && ( $wgRequest->checkSessionCookie() || $wgRequest->getCookie( 'Token' ) ) ) {
310310 wfIncrStats( 'request_with_session' );
311311 wfSetupSession();
312312 $wgSessionStarted = true;
Index: trunk/phase3/includes/WebRequest.php
@@ -427,19 +427,19 @@
428428 * @return Boolean
429429 */
430430 public function checkSessionCookie() {
431 - return isset( $_COOKIE[session_name()] );
 431+ return isset( $_COOKIE[ session_name() ] );
432432 }
433433
434434 /**
435435 * Get a cookie from the $_COOKIE jar
436436 *
437437 * @param $key String: the name of the cookie
 438+ * @param $prefix String: a prefix to use for the cookie name, if not $wgCookiePrefix
438439 * @param $default Mixed: what to return if the value isn't found
439 - * @param $prefix String: a prefix to use for the cookie name, if not $wgCookiePrefix
440440 * @return Mixed: cookie value or $default if the cookie not set
441441 */
442 - public function getCookie( $key, $default = null, $prefix = '' ) {
443 - if( !$prefix ) {
 442+ public function getCookie( $key, $prefix = null, $default = null ) {
 443+ if( $prefix === null ) {
444444 global $wgCookiePrefix;
445445 $prefix = $wgCookiePrefix;
446446 }
Index: trunk/phase3/includes/specials/SpecialUserlogin.php
@@ -936,7 +936,7 @@
937937 */
938938 function mainLoginForm( $msg, $msgtype = 'error' ) {
939939 global $wgUser, $wgOut, $wgHiddenPrefs, $wgEnableEmail;
940 - global $wgCookiePrefix, $wgLoginLanguageSelector;
 940+ global $wgRequest, $wgLoginLanguageSelector;
941941 global $wgAuth, $wgEmailConfirmToEdit, $wgCookieExpiration;
942942
943943 $titleObj = SpecialPage::getTitleFor( 'Userlogin' );
@@ -961,7 +961,7 @@
962962 if ( $wgUser->isLoggedIn() ) {
963963 $this->mName = $wgUser->getName();
964964 } else {
965 - $this->mName = isset( $_COOKIE[$wgCookiePrefix.'UserName'] ) ? $_COOKIE[$wgCookiePrefix.'UserName'] : null;
 965+ $this->mName = $wgRequest->getCookie( 'UserName' );
966966 }
967967 }
968968
Index: trunk/phase3/includes/extauth/vB.php
@@ -50,13 +50,13 @@
5151 # Try using the session table. It will only have a row if the user has
5252 # an active session, so it might not always work, but it's a lot easier
5353 # than trying to convince PHP to give us vB's $_SESSION.
54 - global $wgExternalAuthConf;
 54+ global $wgExternalAuthConf, $wgRequest;
5555 if ( !isset( $wgExternalAuthConf['cookieprefix'] ) ) {
5656 $prefix = 'bb';
5757 } else {
5858 $prefix = $wgExternalAuthConf['cookieprefix'];
5959 }
60 - if ( !isset( $_COOKIE["{$prefix}sessionhash"] ) ) {
 60+ if ( !$wgRequest->getCookie( 'sessionhash', $prefix ) ) {
6161 return false;
6262 }
6363
@@ -67,7 +67,7 @@
6868 $this->getFields(),
6969 array(
7070 'session.userid = user.userid',
71 - 'sessionhash' => $_COOKIE["{$prefix}sessionhash"]
 71+ 'sessionhash' => $wgRequest->getCookie( 'sessionhash', $prefix ),
7272 ),
7373 __METHOD__
7474 );

Follow-up revisions

RevisionCommit summaryAuthorDate
r70596Fix for r70571, still have to use $_COOKIE here too, $wgContLang is undefined...demon21:10, 6 August 2010
r70814Cleanup r70571, more strict checks for getCookie() return valuesdemon13:30, 10 August 2010

Comments

#Comment by Raymond (talk | contribs)   16:47, 6 August 2010

Seen on Translatewiki:

PHP Fatal error: Call to a member function normalize() on a non-object in /www/w/includes/WebRequest.php on line 203

#Comment by 😂 (talk | contribs)   21:10, 6 August 2010

Fixed in r70596?

#Comment by Simetrical (talk | contribs)   20:25, 8 August 2010

You have to use === null and !== null checks here to maintain the functionality of the code you're replacing. For example,

- if( !$wgCommandLineMode && ( $wgRequest->checkSessionCookie() || isset( $_COOKIE[$wgCookiePrefix.'Token'] ) ) ) { + if( !$wgCommandLineMode && ( $wgRequest->checkSessionCookie() || $wgRequest->getCookie( 'Token' ) ) ) {

is a functional change if the "Token" cookie is equal to or '0'.

#Comment by 😂 (talk | contribs)   13:31, 10 August 2010

Fixed User.php and vB.php in r70814. The rest should be fine.

#Comment by Simetrical (talk | contribs)   18:52, 10 August 2010

Why is the one in Setup.php unproblematic?

#Comment by Simetrical (talk | contribs)   18:53, 10 August 2010

[100810 14:53:09] <^demon> AryehGregor: The one in Setup.php was changed back to using $_COOKIE itself since $wgContLang wasn't defined yet so I couldn't use getCookie() [100810 14:53:16] <AryehGregor> Ah, okay. [100810 14:53:24] <^demon> r70596

Status & tagging log