<?php
/**
* Provide an administration interface
- * DO NOT USE: INSECURE.
* @package MediaWiki
* @subpackage SpecialPage
*/
require_once('Group.php');
/** Entry point */
-function wfSpecialGroups($par=null) {
+function wfSpecialGroups() {
global $wgRequest;
- # Debug statement
- // print_r($_POST);
+
$form = new GroupsForm($wgRequest);
$form->execute();
}
global $wgUser;
$this->mPosted = $request->wasPosted();
- $this->mRequest = $request;
+ $this->mRequest =& $request;
$this->mName = 'groups';
$this->mNewName = trim( $request->getText('editgroup-name') );
}
/**
- * Manage forms to be shown according to posted datas.
- * Depending on the submit button used : Call a form or a saving function.
+ * Manage forms to be shown according to posted data
+ * Depending on the submit button used, call a form or a saving function.
*/
function execute() {
global $wgOut;
/**
* Save a group
- * @todo FIXME : Log is incorrect.
*/
function saveGroup() {
global $wgOut;
}
// Create a new group
- $g = new group();
+ $g = new Group();
$g->addToDatabase();
} else {
$add = false;
$g = Group::newFromID($groupID);
$fieldname = 'editgroup';
} else {
- // default datas when we add a group
- $g = new group();
+ // default data when we add a group
+ $g = new Group();
$fieldname = 'addgroup';
}
- $gName = $g->getName();
- $gDescription = $g->getDescription();
+ $gName = htmlspecialchars( $g->getName() );
+ $gDescription = htmlspecialchars( $g->getDescription() );
- $wgOut->addHTML( "<form name=\"editGroup\" action=\"$this->action\" method=\"post\">\n".
+ $wgOut->addHTML( "<form name=\"editGroup\" action=\"{$this->action}\" method=\"post\">\n".
'<input type="hidden" name="editgroup-oldname" value="'.$gName."\" />\n" );
$wgOut->addHTML( $this->fieldset( $fieldname,
$groups =& Group::getAllGroups();
$rec = serialize( $groups );
- // Escape it for PHP
- $rec = str_replace( array( '\\', "'" ), array( '\\\\', "\\'" ), $rec );
- // Escape it for HTML
- $rec = htmlspecialchars( $rec );
+ // Split it into lines
+ $rec = explode( "\r\n", chunk_split( $rec ) );
+ $s = '';
+ foreach ( $rec as $index => $line ) {
+ if ( trim( $line ) != '' ) {
+ if ( $s ) {
+ $s .= "' .\n\t'";
+ }
+ // Escape it for PHP
+ $line = str_replace( array( '\\', "'" ), array( '\\\\', "\\'" ), $line );
+ // Escape it for HTML
+ $line = htmlspecialchars( $line );
+ // Add it to the string
+ $s .= $line;
+ }
+ }
+ $s .= "';";
$s = "<p>Copy the following into LocalSettings.php:</p>\n" .
"<textarea readonly rows=20>\n" .
- "\$wgStaticGroups = '$rec';\n" .
+ "\$wgStaticGroups = \n\t'$s\n" .
"</textarea>";
$wgOut->addHTML( $s );
}