*/
/**
- *
+ * @todo document
*/
function wfSpecialIpblocklist() {
global $wgUser, $wgOut, $wgRequest;
if ( "success" == $action ) {
$msg = wfMsg( "ipusuccess", htmlspecialchars( $ip ) );
$ipu->showList( $msg );
- } else if ( "submit" == $action && $wgRequest->wasPosted() ) {
- if ( ! $wgUser->isSysop() ) {
+ } else if ( "submit" == $action && $wgRequest->wasPosted() &&
+ $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+ if ( ! $wgUser->isAllowed('block') ) {
$wgOut->sysopRequired();
return;
}
$wgOut->setSubtitle( wfMsg( "formerror" ) );
$wgOut->addHTML( "<p class='error'>{$err}</p>\n" );
}
+ $token = htmlspecialchars( $wgUser->editToken() );
$wgOut->addHTML( "
<form id=\"unblockip\" method=\"post\" action=\"{$action}\">
</td>
</tr>
</table>
+ <input type='hidden' name='wpEditToken' value=\"{$token}\" />
</form>\n" );
}
$addr = $block->mAuto ? "#{$block->mId}" : $block->mAddress;
$name = User::whoIs( $block->mBy );
- $ulink = $sk->makeKnownLink( $wgContLang->getNsText( Namespace::getUser() ). ":{$name}", $name );
+ $ulink = $sk->makeKnownLinkObj( Title::makeTitle( NS_USER, $name ), $name );
$formattedTime = $wgLang->timeanddate( $block->mTimestamp, true );
if ( $block->mExpiry === "" ) {
$wgOut->addHTML( " ({$clink})" );
}
- if ( $wgUser->isSysop() ) {
+ if ( $wgUser->isAllowed('block') ) {
$titleObj = Title::makeTitle( NS_SPECIAL, "Ipblocklist" );
$ublink = "<a href=\"" .
$titleObj->escapeLocalURL( "action=unblock&ip=" . urlencode( $addr ) ) . "\">" .
wfMsg( "unblocklink" ) . "</a>";
$wgOut->addHTML( " ({$ublink})" );
}
- if ( "" != $block->mReason ) {
- $wgOut->addHTML( " <em>(" . htmlspecialchars( $block->mReason ) .
- ")</em>" );
- }
+ $wgOut->addHTML( $sk->commentBlock( $block->mReason ) );
$wgOut->addHTML( "</li>\n" );
}