r94640 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r94639‎ \| r94640 \| r94641 >
Date:	14:45, 16 August 2011
Author:	ialex
Status:	resolved (Comments)
Tags:
Comment:	Removed usage of internal API call in Special:AddComment that was broken by r83080; using WikiPage::doEdit() (or Article::doEdit() in earlier MW versions) instead.
Modified paths:	/trunk/extensions/Commentbox/SpecialAddComment_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/Commentbox/SpecialAddComment_body.php
—	—	@@ -75,37 +75,15 @@
76	76	// Append <br /> after each newline, except if the user started a new paragraph
77	77	$Comment = preg_replace( '/(?<!\n)\n(?!\n)/', "<br />\n", $Comment );
78	78	$text .= "\n\n" . $subject . $Comment . "\n<br />" . $sig;
79		~~- try {~~
80		~~- $req = new FauxRequest( array(~~
81		~~- 'action' => 'edit',~~
82		~~- 'title' => $title->getPrefixedText(),~~
83		~~- 'text' => $text,~~
84		~~- 'summary' => wfMsgForContent( 'commentbox-log' ),~~
85		~~- 'token' => $wgUser->editToken(),~~
86		~~- ), true );~~
87		~~- $api = new ApiMain( $req, true );~~
88		~~- $api->execute();~~
89		~~- wfDebug( "Completed API-Save\n" );~~
90		~~- // we only reach this point if Api doesn't throw an exception~~
91		~~- $data = $api->getResultData();~~
92		~~- if ( $data['edit']['result'] == 'Failure' ) {~~
93		~~- $spamurl = $data['edit']['spamblacklist'];~~
94		~~- if ( $spamurl != '' )~~
95		~~- throw new Exception( "Die Seite enthaelt die Spam-Url ``{$spamurl}''" );~~
96		~~- else~~
97		~~- throw new Exception( "Unbekannter Fehler" );~~
98		~~- }~~
99		~~- } catch ( Exception $e ) {~~
100		~~- global $wgOut;~~
	79	+ $status = $article->doEdit( $text, wfMsgForContent( 'commentbox-log' ) );
	80	+
	81	+ if ( $status->isOK() ) {
	82	+ $wgOut->redirect( $title->getFullURL() );
	83	+ } else {
101	84	$wgOut->setPageTitle( wfMsg( 'commentbox-errorpage-title' ) );
102		~~- $wgOut->addHTML( "<div class='errorbox'>" . htmlspecialchars( $e->getMessage() ) . "</div><br clear='both' />" );~~
103		~~- if ( $title != null )~~
104		~~- $wgOut->returnToMain( false, $title );~~
105		~~- return;~~
	85	+ $wgOut->addWikiText( $status->getWikiText() );
	86	+ $wgOut->returnToMain( false, $title );
106	87	}
107		-
108		~~- $wgOut->redirect( $title->getFullURL() );~~
109		~~- return;~~
110	88	}
111	89
112	90	function fail( $str, $title = null ) {

Follow-up revisions

Revision	Commit summary	Author	Date
r95082	Per Tbleher, fix for r94640: use EditPage instead of directly WikiPage::doEdi...	ialex	13:32, 20 August 2011

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r83080	Per Platonides, fix for r82686: make ApiUploadTest work again...	ialex	12:52, 2 March 2011

Comments

#Comment by Tbleher (talk | contribs) 19:56, 16 August 2011

I think this commit is wrong, unfortunately. $article->doEdit() is an internal function and doesn't for example check if the user doing the edit is blocked.

I ran into this while implementing this extension (it originally used doEdit()). The intention here is that the comment box should work exactly the same as the normal edit form from a user rights POV (ie all edit restrictions on namespaces, blocks, spam filters and so on should work there). After looking at all the edit code, I concluded that the only way to do this was to issue a fake request to the API. (I got this idea from another extension which was doing basically the same).

I can't check right now using current SVN, but looking through trunk it seems like the code still works that way and so doEdit() can't be used here. I'd love to be proven wrong of course :)

#Comment by Tbleher (talk | contribs) 20:15, 16 August 2011

Proposed alternative patch to fix this issue:

--- a/SpecialAddComment_body.php
+++ b/SpecialAddComment_body.php
@@ -81,8 +81,8 @@ class SpecialAddComment extends UnlistedSpecialPage {
                                                'title'   => $title->getPrefixedText(),
                                                'text'    => $text,
                                                'summary' => wfMsgForContent( 'commentbox-log' ),
-                                               'token'   => $wgUser->editToken(),
                                                ), true );
+                       $req->setVal( 'token', $wgUser->editToken( '', $req ) );
                        $api = new ApiMain( $req, true );
                        $api->execute();
                        wfDebug( "Completed API-Save\n" );

#Comment by IAlex (talk | contribs) 20:17, 16 August 2011

I think in such case the extension should directly use EditPage and not wrapping the call to it in an API request.

#Comment by IAlex (talk | contribs) 13:33, 20 August 2011

Done in r95082.

Status & tagging log

15:05, 26 September 2011 😂 (talk | contribs) changed the tags for r94640 [removed: nodeploy]
15:05, 26 September 2011 😂 (talk | contribs) changed the status of r94640 [removed: new added: resolved]
13:33, 20 August 2011 IAlex (talk | contribs) changed the status of r94640 [removed: fixme added: new]
22:56, 17 August 2011 Siebrand (talk | contribs) changed the tags for r94640 [added: nodeploy]
19:56, 16 August 2011 Tbleher (talk | contribs) changed the status of r94640 [removed: ok added: fixme]
18:04, 16 August 2011 😂 (talk | contribs) changed the status of r94640 [removed: new added: ok]