r77168 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r77167‎ | r77168 | r77169 >
Date:16:24, 23 November 2010
Author:demon
Status:deferred
Tags:
Comment:
Extension authors (in general, as this gets brought up time and again): trying to set your default configuration values with if( !$wgMyVar ) or isset( $wgMyVar ) are opening yourself up to register-globals vulnerabilities. Please unconditionally set all configuration options for your extension in your setup file. LocalSettings.php configuration *must* come after your setup, *never* before.
Modified paths:
  • /trunk/extensions/WikiTrust/WikiTrust.php (modified) (history)

Diff [purge]

Index: trunk/extensions/WikiTrust/WikiTrust.php
@@ -20,21 +20,11 @@
2121
2222 if (!defined('MEDIAWIKI')) die();
2323
24 -# We use a lot of config vars.
25 -global $wgWikiTrustVersion, $wgWikiTrustGadget, $wgWikiTrustShowVoteButton, $wgWikiTrustContentServerURL;
26 -global $wgWikiTrustLog, $wgWikiTrustDebugLog, $wgWikiTrustDebugVerbosity;
27 -global $wgWikiTrustCmd, $wgWikiTrustCmdExtraArgs, $wgWikiTrustShowMouseOrigin,
28 - $wgWikiTrustBlobPath, $wgWikiTrustRepSpeed, $wgWikiTrustApiURL, $wgWikiTrustRobots;
29 -
3024 # There isn't a built in enum for php
31 -if (!$wgWikiTrustVersion)
32 - $wgWikiTrustVersion = "local"; ## This needs to be one of local, remote, wmf.
33 -if (!$wgWikiTrustGadget)
34 - $wgWikiTrustGadget = null;
35 -if (!$wgWikiTrustShowVoteButton)
36 - $wgWikiTrustShowVoteButton = true; // If true, the vote button is shown.
37 -if (!$wgWikiTrustContentServerURL)
38 - $wgWikiTrustContentServerURL = "http://localhost:10303/?";
 25+$wgWikiTrustVersion = "local"; ## This needs to be one of local, remote, wmf.
 26+$wgWikiTrustGadget = null;
 27+$wgWikiTrustShowVoteButton = true; // If true, the vote button is shown.
 28+$wgWikiTrustContentServerURL = "http://localhost:10303/?";
3929
4030 // Debugging Verbosity
4131 define(WIKITRUST_DEBUG, 0);
@@ -48,31 +38,20 @@
4939 #$wgWikiTrustLog = "/tmp/{$wgDBname}-trust.log";
5040 #$wgWikiTrustDebugLog = "/tmp/{$wgDBname}-trust-debug.log";
5141
52 -if (!$wgWikiTrustDebugVerbosity)
53 - $wgWikiTrustDebugVerbosity = WIKITRUST_WARN; // how much information to write;
54 -if (!$wgWikiTrustLog)
55 - $wgWikiTrustLog = "/dev/null";
56 -if (!$wgWikiTrustDebugLog)
57 - $wgWikiTrustDebugLog = "/dev/null";
58 -if (!$wgWikiTrustShowMouseOrigin)
59 - $wgWikiTrustShowMouseOrigin = false;
60 -if (!$wgWikiTrustCmd)
61 - $wgWikiTrustCmd = dirname(__FILE__) . "/eval_online_wiki";
62 -if (!$wgWikiTrustCmdExtraArgs)
63 - $wgWikiTrustCmdExtraArgs = "";
64 -if (!$wgWikiTrustBlobPath)
65 - $wgWikiTrustBlobPath = null;
66 -if (!$wgWikiTrustRepSpeed)
67 - $wgWikiTrustRepSpeed = 1.0;
68 -if (!$wgWikiTrustApiURL)
69 - $wgWikiTrustApiURL = "http://en.wikipedia.org/w/api.php";
70 -if (!$wgWikiTrustRobots)
71 - $wgWikiTrustRobots = null;
 42+$wgWikiTrustDebugVerbosity = WIKITRUST_WARN; // how much information to write;
 43+$wgWikiTrustLog = "/dev/null";
 44+$wgWikiTrustDebugLog = "/dev/null";
 45+$wgWikiTrustShowMouseOrigin = false;
 46+$wgWikiTrustCmd = dirname(__FILE__) . "/eval_online_wiki";
 47+$wgWikiTrustCmdExtraArgs = "";
 48+$wgWikiTrustBlobPath = null;
 49+$wgWikiTrustRepSpeed = 1.0;
 50+$wgWikiTrustApiURL = "http://en.wikipedia.org/w/api.php";
 51+$wgWikiTrustRobots = null;
7252
73 -global $wgExtensionFunctions, $wgExtensionCredits;
7453 $wgExtensionCredits['other'][] = array(
7554 'name' => 'WikiTrust',
76 - 'author' => 'Ian Pye, Luca de Alfaro, Bo Adler',
 55+ 'author' => array( 'Ian Pye', 'Luca de Alfaro', 'Bo Adler' ),
7756 'url' => 'http://wikitrust.soe.ucsc.edu',
7857 'description' => 'Adds wikitrust tab to visualize article trust and provide origin rev on click.'
7958 );

Status & tagging log