// available in doDelete etc.
function view() {
- if ( Namespace::getImage() == $this->mTitle->getNamespace() ) {
+ if( $this->mTitle->getNamespace() == NS_IMAGE ) {
$this->openShowImage();
}
# follow it with the history list and link list for the image
# it describes.
- if ( Namespace::getImage() == $this->mTitle->getNamespace() ) {
+ if( $this->mTitle->getNamespace() == NS_IMAGE ) {
$this->closeShowImage();
$this->imageHistory();
$this->imageLinks();
$full_url = $this->img->getViewURL();
$anchoropen = '';
$anchorclose = '';
- if ( $wgUseImageResize ) {
- if( $wgUser->getOption( 'imagesize' ) == '' ) {
- $sizeSel = User::getDefaultOption( 'imagesize' );
- } else {
- $sizeSel = IntVal( $wgUser->getOption( 'imagesize' ) );
- }
- if( !isset( $wgImageLimits[$sizeSel] ) ) {
- $sizeSel = User::getDefaultOption( 'imagesize' );
- }
- $max = $wgImageLimits[$sizeSel];
- $maxWidth = $max[0];
- $maxHeight = $max[1];
+
+ if( $wgUser->getOption( 'imagesize' ) == '' ) {
+ $sizeSel = User::getDefaultOption( 'imagesize' );
+ } else {
+ $sizeSel = IntVal( $wgUser->getOption( 'imagesize' ) );
+ }
+ if( !isset( $wgImageLimits[$sizeSel] ) ) {
+ $sizeSel = User::getDefaultOption( 'imagesize' );
}
+ $max = $wgImageLimits[$sizeSel];
+ $maxWidth = $max[0];
+ $maxHeight = $max[1];
if ( $this->img->exists() ) {
$width = $this->img->getWidth();
$height = $this->img->getHeight();
$msg = wfMsg('showbigimage', $width, $height, intval( $this->img->getSize()/1024 ) );
- if ( $width > $maxWidth && $wgUseImageResize ) {
+ if ( $width > $maxWidth ) {
$height = floor( $height * $maxWidth / $width );
$width = $maxWidth;
}
- if ( $height > $maxHeight && $wgUseImageResize ) {
+ if ( $height > $maxHeight ) {
$width = floor( $width * $maxHeight / $height );
$height = $maxHeight;
}
if ( $width != $this->img->getWidth() || $height != $this->img->getHeight() ) {
- $url = $this->img->createThumb( $width );
+ if( $wgUseImageResize ) {
+ $thumbnail = $this->img->getThumbnail( $width );
+
+ if ( ( ! $this->img->mustRender() )
+ && ( $thumbnail->getSize() > $this->img->getSize() ) ) {
+ # the thumbnail is bigger thatn the original image.
+ # show the original image instead of the thumb.
+ $url = $full_url;
+ $width = $this->img->getWidth();
+ $height = $this->img->getHeight();
+ } else {
+ $url = $thumbnail->getUrl();
+ }
+ } else {
+ # No resize ability? Show the full image, but scale
+ # it down in the browser so it fits on the page.
+ $url = $full_url;
+ }
$anchoropen = "<a href=\"{$full_url}\">";
- $anchorclose = "<br>{$msg}</a>";
+ $anchorclose = "</a><br />\n$anchoropen{$msg}</a>";
} else {
$url = $full_url;
}
{
global $wgUser, $wgOut, $wgRequest;
- $confirm = $wgRequest->getBool( 'wpConfirm' );
+ $confirm = $wgRequest->getBool( 'wpConfirmB' );
$image = $wgRequest->getVal( 'image' );
$oldimage = $wgRequest->getVal( 'oldimage' );
# Deleting old images doesn't require confirmation
if ( !is_null( $oldimage ) || $confirm ) {
- $this->doDelete();
+ if( $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ), $oldimage ) ) {
+ $this->doDelete();
+ } else {
+ $wgOut->fatalError( wfMsg( 'sessionfailure' ) );
+ }
return;
}
$fname = 'ImagePage::doDelete';
$reason = $wgRequest->getVal( 'wpReason' );
- $image = $wgRequest->getVal( 'image' );
$oldimage = $wgRequest->getVal( 'oldimage' );
$dbw =& wfGetDB( DB_MASTER );
if ( !is_null( $oldimage ) ) {
+ if ( strlen( $oldimage ) < 16 ) {
+ $wgOut->unexpectedValueError( 'oldimage', htmlspecialchars($oldimage) );
+ return;
+ }
+ if ( strstr( $oldimage, "/" ) || strstr( $oldimage, "\\" ) ) {
+ $wgOut->unexpectedValueError( 'oldimage', htmlspecialchars($oldimage) );
+ return;
+ }
# Squid purging
if ( $wgUseSquid ) {
$urlArr = Array(
$dbw->delete( 'oldimage', array( 'oi_archive_name' => $oldimage ) );
$deleted = $oldimage;
} else {
- if ( is_null ( $image ) ) {
- $image = $this->mTitle->getDBkey();
- }
+ $image = $this->mTitle->getDBkey();
$dest = wfImageDir( $image );
$archive = wfImageDir( $image );
# Image itself is now gone, and database is cleaned.
# Now we remove the image description page.
- $nt = Title::newFromText( $wgContLang->getNsText( Namespace::getImage() ) . ":" . $image );
+ $nt = Title::makeTitleSafe( NS_IMAGE, $image );
$article = new Article( $nt );
$article->doDeleteArticle( $reason ); # ignore errors
+ /* refresh image metadata cache */
+ new Image( $image, true );
+
$deleted = $image;
}
$wgOut->setRobotpolicy( 'noindex,nofollow' );
$sk = $wgUser->getSkin();
- $loglink = $sk->makeKnownLink( $wgContLang->getNsText(
- Namespace::getWikipedia() ) .
- ':' . wfMsg( 'dellogpage' ), wfMsg( 'deletionlog' ) );
+ $loglink = $sk->makeKnownLinkObj(
+ Title::makeTitle( NS_SPECIAL, 'Delete/log' ),
+ wfMsg( 'deletionlog' ) );
$text = wfMsg( 'deletedtext', $deleted, $loglink );
function revert()
{
- global $wgOut, $wgRequest;
+ global $wgOut, $wgRequest, $wgUser;
global $wgUseSquid, $wgInternalServer, $wgDeferredUpdateList;
$oldimage = $wgRequest->getText( 'oldimage' );
$wgOut->readOnlyPage();
return;
}
+ if( $wgUser->isAnon() ) {
+ $wgOut->errorpage( 'uploadnologin', 'uploadnologintext' );
+ return;
+ }
if ( ! $this->mTitle->userCanEdit() ) {
$wgOut->sysopRequired();
return;
}
+ if( !$wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ), $oldimage ) ) {
+ $wgOut->errorpage( 'internalerror', 'sessionfailure' );
+ return;
+ }
$name = substr( $oldimage, 15 );
$dest = wfImageDir( $name );
$wgOut->fileCopyError( "${archive}/{$oldimage}", $curfile );
}
wfRecordUpload( $name, $oldver, $size, wfMsg( "reverted" ) );
+
+ /* refresh image metadata cache */
+ new Image( $name, true );
+
# Squid purging
if ( $wgUseSquid ) {
$urlArr = Array(
}
}
+/**
+ * @todo document
+ * @package MediaWiki
+ */
class ImageHistoryList {
function ImageHistoryList( &$skin ) {
$this->skin =& $skin;
} else {
$url = htmlspecialchars( wfImageArchiveUrl( $img ) );
if( $wgUser->getID() != 0 && $wgTitle->userCanEdit() ) {
+ $token = urlencode( $wgUser->editToken( $img ) );
$rlink = $this->skin->makeKnownLink( $wgTitle->getPrefixedText(),
wfMsg( 'revertimg' ), 'action=revert&oldimage=' .
- urlencode( $img ) );
+ urlencode( $img ) . "&wpEditToken=$token" );
$dlink = $this->skin->makeKnownLink( $wgTitle->getPrefixedText(),
- $del, 'action=delete&oldimage=' . urlencode( $img ) );
+ $del, 'action=delete&oldimage=' . urlencode( $img ) .
+ "&wpEditToken=$token" );
} else {
# Having live active links for non-logged in users
# means that bots and spiders crawling our site can
if ( 0 == $user ) {
$userlink = $usertext;
} else {
- $userlink = $this->skin->makeLink( $wgContLang->getNsText( Namespace::getUser() ) .
- ':'.$usertext, $usertext );
+ $userlink = $this->skin->makeLinkObj(
+ Title::makeTitle( NS_USER, $usertext ),
+ $usertext );
}
$nbytes = wfMsg( 'nbytes', $size );
$style = $this->skin->getInternalLinkAttributes( $url, $datetime );
$s = "<li> ({$dlink}) ({$rlink}) <a href=\"{$url}\"{$style}>{$datetime}</a>"
. " . . {$userlink} ({$nbytes})";
- if ( '' != $description && '*' != $description ) {
- $sk=$wgUser->getSkin();
- $s .= $wgContLang->emphasize(' (' . $sk->formatComment($description,$wgTitle) . ')');
- }
+ $s .= $this->skin->commentBlock( $description, $wgTitle );
$s .= "</li>\n";
return $s;
}