r88591 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r88590‎ | r88591 | r88592 >
Date:18:09, 22 May 2011
Author:ashley
Status:deferred
Tags:
Comment:
WhosOnline: register_globals fix in main setup file, coding style tweaks everywhere + applied patch from http://www.mediawiki.org/wiki/Extension_talk:WhosOnline#Allow_inclusion_of_the_page
Modified paths:
  • /trunk/extensions/WhosOnline/WhosOnline.php (modified) (history)
  • /trunk/extensions/WhosOnline/WhosOnlineSpecialPage.php (modified) (history)

Diff [purge]

Index: trunk/extensions/WhosOnline/WhosOnlineSpecialPage.php
@@ -1,31 +1,30 @@
22 <?php
33 /**
 4+ * @file
45 * @ingroup Extensions
5 - *
66 * @author Maciej Brencz <macbre(at)-spam-wikia.com>
77 */
88
9 -if (!defined('MEDIAWIKI')) {
 9+if ( !defined( 'MEDIAWIKI' ) ) {
1010 exit( 1 );
1111 }
1212
1313 class PagerWhosOnline extends IndexPager {
1414 function __construct() {
1515 parent::__construct();
16 -
1716 $this->mLimit = $this->mDefaultLimit;
1817 }
1918
2019 function getQueryInfo() {
2120 global $wgWhosOnlineShowAnons;
2221
23 - return array (
24 - 'tables' => array('online'),
25 - 'fields' => array('username'),
26 - 'options' => array('ORDER BY' => 'timestamp DESC'),
 22+ return array(
 23+ 'tables' => array( 'online' ),
 24+ 'fields' => array( 'username' ),
 25+ 'options' => array( 'ORDER BY' => 'timestamp DESC' ),
2726 'conds' => $wgWhosOnlineShowAnons
2827 ? array()
29 - : array('userid != 0')
 28+ : array( 'userid != 0' )
3029 );
3130 }
3231
@@ -37,8 +36,8 @@
3837 $conds = isset( $info['conds'] ) ? $info['conds'] : array();
3938 $options = isset( $info['options'] ) ? $info['options'] : array();
4039
41 - $options['LIMIT'] = intval($limit);
42 - $options['OFFSET'] = intval($offset);
 40+ $options['LIMIT'] = intval( $limit );
 41+ $options['OFFSET'] = intval( $offset );
4342
4443 $res = $this->mDb->select( $tables, $fields, $conds, __METHOD__, $options );
4544
@@ -49,20 +48,26 @@
5049 return 'username'; // dummy
5150 }
5251
53 - function formatRow($row) {
54 - $userPageLink = Title::makeTitle(NS_USER, $row->username)->getFullURL();
 52+ function formatRow( $row ) {
 53+ $userPageLink = Title::makeTitle( NS_USER, $row->username )->getFullURL();
5554
56 - return '<li><a href="'.htmlspecialchars($userPageLink).'">' . htmlspecialchars($row->username) . '</a></li>';
 55+ return '<li><a href="' . htmlspecialchars( $userPageLink ) . '">' .
 56+ htmlspecialchars( $row->username ) . '</a></li>';
5757 }
5858
5959 // extra methods
6060 function countUsersOnline() {
61 - wfProfileIn(__METHOD__);
 61+ wfProfileIn( __METHOD__ );
6262
63 - $row = $this->mDb->selectRow('online', 'count(*) as cnt', 'userid != 0', __METHOD__);
 63+ $row = $this->mDb->selectRow(
 64+ 'online',
 65+ 'COUNT(*) AS cnt',
 66+ 'userid != 0',
 67+ __METHOD__
 68+ );
6469 $users = (int) $row->cnt;
6570
66 - wfProfileOut(__METHOD__);
 71+ wfProfileOut( __METHOD__ );
6772
6873 return $users;
6974 }
@@ -73,50 +78,73 @@
7479 return wfViewPrevNext(
7580 $this->mOffset,
7681 $this->mLimit,
77 - $wgContLang->specialpage('WhosOnline'),
 82+ $wgContLang->specialpage( 'WhosOnline' ),
7883 '',
79 - $this->countUsersOnline() < ($this->mLimit + $this->mOffset) // show next link
 84+ $this->countUsersOnline() < ( $this->mLimit + $this->mOffset ) // show next link
8085 );
8186 }
8287 }
8388
84 -class SpecialWhosOnline extends SpecialPage {
85 - public function SpecialWhosOnline() {
86 - parent::__construct('WhosOnline' );
 89+class SpecialWhosOnline extends IncludableSpecialPage {
 90+ public function __construct() {
 91+ parent::__construct( 'WhosOnline' );
8792 }
8893
89 -
9094 // get list of logged-in users being online
9195 protected function getAnonsOnline() {
92 - wfProfileIn(__METHOD__);
 96+ wfProfileIn( __METHOD__ );
9397
94 - $dbr = wfGetDB(DB_SLAVE);
 98+ $dbr = wfGetDB( DB_SLAVE );
9599
96 - $row = $dbr->selectRow('online', 'count(*) as cnt', 'userid = 0', __METHOD__);
 100+ $row = $dbr->selectRow(
 101+ 'online',
 102+ 'COUNT(*) AS cnt',
 103+ 'userid = 0',
 104+ __METHOD__
 105+ );
97106 $guests = (int) $row->cnt;
98107
99 - wfProfileOut(__METHOD__);
 108+ wfProfileOut( __METHOD__ );
100109
101110 return $guests;
102111 }
103112
104113 public function execute( $para ) {
105 - global $wgRequest, $wgOut, $wgDBname;
 114+ global $wgOut, $wgDBname;
106115
107 -
108 -
109116 $db = wfGetDB( DB_MASTER );
110117 $db->selectDB( $wgDBname );
111 - $old = gmdate("YmdHis", time() - 3600);
112 - $db->delete('online', array('timestamp < "'.$old.'"'), __METHOD__);
 118+ $old = gmdate( 'YmdHis', time() - 3600 );
 119+ $db->delete( 'online', array( 'timestamp < "' . $old . '"' ), __METHOD__ );
113120
114121 $this->setHeaders();
115122
116123 $pager = new PagerWhosOnline();
117124
 125+ $showNavigation = !$this->including();
 126+ if ( $para ) {
 127+ $bits = preg_split( '/\s*,\s*/', trim( $para ) );
 128+ foreach ( $bits as $bit ) {
 129+ if ( $bit == 'shownav' ) {
 130+ $showNavigation = true;
 131+ }
 132+ if ( is_numeric( $bit ) ) {
 133+ $pager->mLimit = $bit;
 134+ }
 135+
 136+ $m = array();
 137+ if ( preg_match( '/^limit=(\d+)$/', $bit, $m ) ) {
 138+ $pager->mLimit = intval( $m[1] );
 139+ }
 140+ }
 141+ }
 142+
118143 $body = $pager->getBody();
119144
120 - $wgOut->addHTML($pager->getNavigationBar());
121 - $wgOut->addHTML('<ul>'.$body.'</ul>');
 145+ if ( $showNavigation ) {
 146+ $wgOut->addHTML( $pager->getNavigationBar() );
 147+ }
 148+
 149+ $wgOut->addHTML( '<ul>' . $body . '</ul>' );
122150 }
123151 }
Index: trunk/extensions/WhosOnline/WhosOnline.php
@@ -5,56 +5,65 @@
66 *
77 * @file
88 * @ingroup Extensions
9 - *
109 * @author Maciej Brencz <macbre(at)-spam-wikia.com> - minor fixes and improvements
1110 * @author ChekMate Security Group - original code
1211 * @see http://www.chekmate.org/wiki/index.php/MW:_Whos_Online_Extension
1312 * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later
1413 */
1514
16 -$wgWhosOnlineShowAnons = FALSE; // Showing anonymous users IP addresses can be a security threat!
 15+/**
 16+ * Protect against arbitrary execution
 17+ * This line must be present before any global variable is referenced.
 18+ */
 19+if ( !defined( 'MEDIAWIKI' ) ) {
 20+ die( 'This is not a valid entry point.' );
 21+}
1722
18 -$wgHooks['BeforePageDisplay'][] = 'wfWhosOnline_update_data';
19 -
 23+// Extension credits that show up on Special:Version
2024 $wgExtensionCredits['other'][] = array(
2125 'path' => __FILE__,
2226 'name' => 'WhosOnline',
23 - 'version' => '1.3',
 27+ 'version' => '1.3.1',
2428 'author' => 'Maciej Brencz',
2529 'descriptionmsg' => 'whosonline-desc',
2630 'url' => 'http://www.mediawiki.org/wiki/Extension:WhosOnline',
2731 );
2832
29 -$dir = dirname(__FILE__) . '/';
 33+// Showing anonymous users' IP addresses can be a security threat!
 34+$wgWhosOnlineShowAnons = false;
 35+
 36+// Set up the special page
 37+$dir = dirname( __FILE__ ) . '/';
3038 $wgAutoloadClasses['SpecialWhosOnline'] = $dir . 'WhosOnlineSpecialPage.php';
3139 $wgExtensionMessagesFiles['WhosOnline'] = $dir . 'WhosOnline.i18n.php';
3240 $wgExtensionAliasesFiles['WhosOnline'] = $dir . 'WhosOnline.alias.php';
3341 $wgSpecialPages['WhosOnline'] = 'SpecialWhosOnline';
3442
 43+$wgHooks['BeforePageDisplay'][] = 'wfWhosOnline_update_data';
3544 // update online data
3645 function wfWhosOnline_update_data() {
3746 global $wgUser, $wgDBname;
3847
39 - wfProfileIn(__METHOD__);
 48+ wfProfileIn( __METHOD__ );
4049
4150 // write to DB (use master)
42 - $db = wfGetDB(DB_MASTER);
 51+ $db = wfGetDB( DB_MASTER );
4352 $db->selectDB( $wgDBname );
4453
45 - $now = gmdate("YmdHis", time());
 54+ $now = gmdate( 'YmdHis', time() );
4655
4756 // row to insert to table
48 - $row = array (
 57+ $row = array(
4958 'userid' => $wgUser->getID(),
5059 'username' => $wgUser->getName(),
5160 'timestamp' => $now
5261 );
5362
5463 $ignore = $db->ignoreErrors( true );
55 - $db->insert('online', $row, __METHOD__, 'DELAYED');
 64+ $db->insert( 'online', $row, __METHOD__, 'DELAYED' );
5665 $db->ignoreErrors( $ignore );
5766
58 - wfProfileOut(__METHOD__);
 67+ wfProfileOut( __METHOD__ );
5968
6069 return true;
6170 }

Status & tagging log