r87479 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r87478‎ \| r87479 \| r87480 >
Date:	03:15, 5 May 2011
Author:	tstarling
Status:	ok
Tags:
Comment:	Fixed some register_globals vulnerabilities.
Modified paths:	/branches/REL1_17/extensions/Cassandra/Cassandra_body.php (modified) (history) /branches/REL1_17/extensions/Cassandra/lib/Cassandra.php (modified) (history) /branches/REL1_17/extensions/Cassandra/lib/cassandra_constants.php (modified) (history) /branches/REL1_17/extensions/Cassandra/lib/cassandra_types.php (modified) (history) /branches/REL1_17/extensions/CreateRedirect/CreateRedirect.body.php (modified) (history) /branches/REL1_17/extensions/FirefoggChunkedUpload/tests/UploadFromChunksTest.php (modified) (history) /branches/REL1_17/extensions/HtmlUi/templates/HtmlUiFieldset.php (modified) (history) /branches/REL1_17/extensions/RDFIO/stores/SMW_ARC2Store.php (modified) (history)

Diff [purge]

Index: branches/REL1_17/extensions/Cassandra/Cassandra_body.php
—	—	@@ -1,4 +1,7 @@
2	2	<?php
	3	+if ( !defined( 'MEDIAWIKI' ) ) {
	4	+ exit;
	5	+}
3	6
4	7	global $wgThriftRoot, $wgAutoloadClasses;
5	8	$GLOBALS['THRIFT_ROOT'] = $wgThriftRoot;
—	—	@@ -115,4 +118,4 @@
116	119	. "\n\nStack trace: " . $e->getTraceAsString()
117	120	);
118	121	}
119		-}
\ No newline at end of file
	122	+}
Index: branches/REL1_17/extensions/Cassandra/lib/cassandra_constants.php
—	—	@@ -1,4 +1,7 @@
2	2	<?php
	3	+if ( !defined( 'MEDIAWIKI' ) ) {
	4	+ exit;
	5	+}
3	6	/**
4	7	* Autogenerated by Thrift
5	8	*
—	—	@@ -10,4 +13,4 @@
11	14
12	15	$GLOBALS['cassandra_CONSTANTS']['VERSION'] = "0.5.1";
13	16
14		~~-?>~~
\ No newline at end of file
	17	+?>
Index: branches/REL1_17/extensions/Cassandra/lib/Cassandra.php
—	—	@@ -1,4 +1,7 @@
2	2	<?php
	3	+if ( !defined( 'MEDIAWIKI' ) ) {
	4	+ exit;
	5	+}
3	6	/**
4	7	* Autogenerated by Thrift
5	8	*
—	—	@@ -4584,4 +4587,4 @@
4585	4588
4586	4589	}
4587	4590
4588		~~-?>~~
\ No newline at end of file
	4591	+?>
Index: branches/REL1_17/extensions/Cassandra/lib/cassandra_types.php
—	—	@@ -1,4 +1,7 @@
2	2	<?php
	3	+if ( !defined( 'MEDIAWIKI' ) ) {
	4	+ exit;
	5	+}
3	6	/**
4	7	* Autogenerated by Thrift
5	8	*
—	—	@@ -1168,4 +1171,4 @@
1169	1172
1170	1173	}
1171	1174
1172		~~-?>~~
\ No newline at end of file
	1175	+?>
Index: branches/REL1_17/extensions/RDFIO/stores/SMW_ARC2Store.php
—	—	@@ -1,13 +1,13 @@
2	2	<?php
3	3
	4	+if ( !defined( 'MEDIAWIKI' ) ) {
	5	+ die( 'Not a valid entry point.' );
	6	+}
	7	+
4	8	global $IP;
5	9
6	10	require_once( "$IP/extensions/SemanticMediaWiki/includes/storage/SMW_SQLStore2.php" );
7	11
8		~~-if ( !defined( 'MEDIAWIKI' ) ) {~~
9		~~- die( 'Not a valid entry point.' );~~
10		-}
11		-
12	12	/**
13	13	* SMWARC2Store extends SMWSQLStore2 and forwards all update/delete to ARC2 via SPARQL+
14	14	* queries. The class was based on JosekiStore in the SparqlExtension, which in turn is
Index: branches/REL1_17/extensions/FirefoggChunkedUpload/tests/UploadFromChunksTest.php
—	—	@@ -1,4 +1,7 @@
2	2	<?php
	3	+if ( !defined( 'MEDIAWIKI' ) ) {
	4	+ exit;
	5	+}
3	6
4	7	global $IP;
5	8	require_once( "$IP/maintenance/tests/ApiSetup.php" );
Index: branches/REL1_17/extensions/HtmlUi/templates/HtmlUiFieldset.php
—	—	@@ -1,3 +1,4 @@
	2	+<?php if ( !defined( 'MEDIAWIKI' ) ) exit; ?>
2	3	<fieldset class="htmlUiFieldset" rel="<?php echo $id ?>">
3	4	<?php foreach( $elements as $element ): ?>
4	5	<?php echo $element->render(); ?>
Index: branches/REL1_17/extensions/CreateRedirect/CreateRedirect.body.php
—	—	@@ -28,7 +28,7 @@
29	29	if ( !defined( 'MEDIAWIKI' ) ) {
30	30	echo <<<EOT
31	31	To install the CreateRedirect extension, put the following line in LocalSettings.php:
32		~~-require_once( "$IP/extensions/CreateRedirect/CreateRedirect.php" );~~
	32	+require_once( "\$IP/extensions/CreateRedirect/CreateRedirect.php" );
33	33	EOT;
34	34	exit( 1 );
35	35	}

Status & tagging log

20:36, 7 June 2011 😂 (talk | contribs) changed the status of r87479 [removed: new added: ok]