<?php
+/**
+ *
+ * @package MediaWiki
+ * @subpackage SpecialPage
+ */
+
+/**
+ *
+ */
require_once( "LinksUpdate.php" );
-function wfSpecialMovepage()
-{
+/**
+ * Constructor
+ */
+function wfSpecialMovepage( $par = null ) {
global $wgUser, $wgOut, $wgRequest, $action, $wgOnlySysopMayMove;
- if ( 0 == $wgUser->getID() or $wgUser->isBlocked() or ($wgOnlySysopMayMove and $wgUser->isNewbie())) {
+ # check rights. We don't want newbies to move pages to prevents possible attack
+ if ( $wgUser->isAnon() or $wgUser->isBlocked() or ($wgOnlySysopMayMove and $wgUser->isNewbie())) {
$wgOut->errorpage( "movenologin", "movenologintext" );
return;
}
+ # We don't move protected pages
if ( wfReadOnly() ) {
$wgOut->readOnlyPage();
return;
}
- $f = new MovePageForm();
+ $f = new MovePageForm( $par );
- if ( "success" == $action ) { $f->showSuccess(); }
- else if ( "submit" == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
- else { $f->showForm( "" ); }
+ if ( 'success' == $action ) {
+ $f->showSuccess();
+ } else if ( 'submit' == $action && $wgRequest->wasPosted()
+ && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+ $f->doSubmit();
+ } else {
+ $f->showForm( '' );
+ }
}
+/**
+ *
+ * @package MediaWiki
+ * @subpackage SpecialPage
+ */
class MovePageForm {
- var $oldTitle, $newTitle; # Text input
+ var $oldTitle, $newTitle, $reason; # Text input
+ var $moveTalk, $deleteAndMove;
- function MovePageForm() {
+ function MovePageForm( $par ) {
global $wgRequest;
- $this->oldTitle = $wgRequest->getText( 'wpOldTitle', $wgRequest->getVal( 'target' ) );
+ $target = isset($par) ? $par : $wgRequest->getVal( 'target' );
+ $this->oldTitle = $wgRequest->getText( 'wpOldTitle', $target );
$this->newTitle = $wgRequest->getText( 'wpNewTitle' );
+ $this->reason = $wgRequest->getText( 'wpReason' );
+ $this->moveTalk = $wgRequest->getBool( 'wpMovetalk', true );
+ $this->deleteAndMove = $wgRequest->getBool( 'wpDeleteAndMove' );
}
- function showForm( $err )
- {
+ function showForm( $err ) {
global $wgOut, $wgUser, $wgLang;
- $wgOut->setPagetitle( wfMsg( "movepage" ) );
+ $wgOut->setPagetitle( wfMsg( 'movepage' ) );
- if ( empty( $this->oldTitle ) ) {
- $wgOut->errorpage( "notargettitle", "notargettext" );
+ $ot = Title::newFromURL( $this->oldTitle );
+ if( is_null( $ot ) ) {
+ $wgOut->errorpage( 'notargettitle', 'notargettext' );
return;
}
+ $oldTitle = $ot->getPrefixedText();
- $encOldTitle = htmlspecialchars( $this->oldTitle );
- $encNewTitle = htmlspecialchars( $this->newTitle );
- $ot = Title::newFromURL( $this->oldTitle );
- $ott = $ot->getPrefixedText();
+ $encOldTitle = htmlspecialchars( $oldTitle );
+ if( $this->newTitle == '' ) {
+ # Show the current title as a default
+ # when the form is first opened.
+ $encNewTitle = $encOldTitle;
+ } else {
+ if( $err == '' ) {
+ $nt = Title::newFromURL( $this->newTitle );
+ if( $nt ) {
+ # If a title was supplied, probably from the move log revert
+ # link, check for validity. We can then show some diagnostic
+ # information and save a click.
+ $newerr = $ot->isValidMoveOperation( $nt );
+ if( is_string( $newerr ) ) {
+ $err = $newerr;
+ }
+ }
+ }
+ $encNewTitle = htmlspecialchars( $this->newTitle );
+ }
+ $encReason = htmlspecialchars( $this->reason );
- $wgOut->addWikiText( wfMsg( "movepagetext" ) );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
- $wgOut->addWikiText( wfMsg( "movepagetalktext" ) );
+ if ( $err == 'articleexists' && $wgUser->isAllowed( 'delete' ) ) {
+ $wgOut->addWikiText( wfMsg( 'delete_and_move_text', $encNewTitle ) );
+ $movepagebtn = wfMsgHtml( 'delete_and_move' );
+ $submitVar = 'wpDeleteAndMove';
+ $err = '';
+ } else {
+ $wgOut->addWikiText( wfMsg( 'movepagetext' ) );
+ $movepagebtn = wfMsgHtml( 'movepagebtn' );
+ $submitVar = 'wpMove';
}
- $ma = wfMsg( "movearticle" );
- $newt = wfMsg( "newtitle" );
- $mpb = wfMsg( "movepagebtn" );
- $movetalk = wfMsg( "movetalk" );
+ if ( !$ot->isTalkPage() ) {
+ $wgOut->addWikiText( wfMsg( 'movepagetalktext' ) );
+ }
+
+ $movearticle = wfMsgHtml( 'movearticle' );
+ $newtitle = wfMsgHtml( 'newtitle' );
+ $movetalk = wfMsgHtml( 'movetalk' );
+ $movereason = wfMsgHtml( 'movereason' );
- $titleObj = Title::makeTitle( NS_SPECIAL, "Movepage" );
- $action = $titleObj->escapeLocalURL( "action=submit" );
+ $titleObj = Title::makeTitle( NS_SPECIAL, 'Movepage' );
+ $action = $titleObj->escapeLocalURL( 'action=submit' );
+ $token = htmlspecialchars( $wgUser->editToken() );
- if ( "" != $err ) {
- $wgOut->setSubtitle( wfMsg( "formerror" ) );
- $wgOut->addHTML( "<p class='error'>{$err}</p>\n" );
+ if ( $err != '' ) {
+ $wgOut->setSubtitle( wfMsg( 'formerror' ) );
+ $wgOut->addWikiText( '<p class="error">' . wfMsg($err) . "</p>\n" );
}
+
+ $moveTalkChecked = $this->moveTalk ? ' checked="checked"' : '';
+
$wgOut->addHTML( "
<form id=\"movepage\" method=\"post\" action=\"{$action}\">
<table border='0'>
<tr>
- <td align='right'>{$ma}:</td>
- <td align='left'><strong>{$ott}</strong></td>
+ <td align='right'>{$movearticle}:</td>
+ <td align='left'><strong>{$oldTitle}</strong></td>
</tr>
<tr>
- <td align='right'>{$newt}:</td>
+ <td align='right'>{$newtitle}:</td>
<td align='left'>
<input type='text' size='40' name=\"wpNewTitle\" value=\"{$encNewTitle}\" />
<input type='hidden' name=\"wpOldTitle\" value=\"{$encOldTitle}\" />
</td>
+ </tr>
+ <tr>
+ <td align='right'>{$movereason}:</td>
+ <td align='left'>
+ <input type='text' size='40' name=\"wpReason\" value=\"{$encReason}\" />
+ </td>
</tr>" );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
+ if ( ! $ot->isTalkPage() ) {
$wgOut->addHTML( "
<tr>
<td align='right'>
- <input type='checkbox' name=\"wpMovetalk\" checked='checked' value=\"1\" />
+ <input type='checkbox' name=\"wpMovetalk\"{$moveTalkChecked} value=\"1\" />
</td>
<td>{$movetalk}</td>
</tr>" );
<tr>
<td> </td>
<td align='left'>
- <input type='submit' name=\"wpMove\" value=\"{$mpb}\" />
+ <input type='submit' name=\"{$submitVar}\" value=\"{$movepagebtn}\" />
</td>
</tr>
</table>
+ <input type='hidden' name='wpEditToken' value=\"{$token}\" />
</form>\n" );
}
- function doSubmit()
- {
+ function doSubmit() {
global $wgOut, $wgUser, $wgLang;
global $wgDeferredUpdateList, $wgMessageCache;
global $wgUseSquid, $wgRequest;
$fname = "MovePageForm::doSubmit";
+
+ if ( $wgUser->pingLimiter( 'move' ) ) {
+ $wgOut->rateLimited();
+ return;
+ }
+
+ # Variables beginning with 'o' for old article 'n' for new article
$ot = Title::newFromText( $this->oldTitle );
$nt = Title::newFromText( $this->newTitle );
- $error = $ot->moveTo( $nt );
+ # Delete to make way if requested
+ if ( $wgUser->isAllowed( 'delete' ) && $this->deleteAndMove ) {
+ $article = new Article( $nt );
+ // This may output an error message and exit
+ $article->doDelete( wfMsgForContent( 'delete_and_move_reason' ) );
+ }
+
+ # don't allow moving to pages with # in
+ if ( !$nt || $nt->getFragment() != '' ) {
+ $this->showForm( 'badtitletext' );
+ return;
+ }
+
+ $error = $ot->moveTo( $nt, true, $this->reason );
if ( $error !== true ) {
- $this->showForm( wfMsg( $error ) );
+ $this->showForm( $error );
return;
}
# (1) the checkbox says to,
# (2) the namespaces are not themselves talk namespaces, and of course
# (3) it exists.
-
- $ons = $ot->getNamespace();
- $nns = $nt->getNamespace();
-
- if ( ( 1 == $wgRequest->getVal('wpMovetalk') ) &&
- ( ! Namespace::isTalk( $ons ) ) &&
- ( ! Namespace::isTalk( $nns ) ) ) {
+ if ( ( $wgRequest->getVal('wpMovetalk') == 1 ) &&
+ !$ot->isTalkPage() &&
+ !$nt->isTalkPage() ) {
- # get old talk page namespace
- $ons = Namespace::getTalk( $ons );
- # get new talk page namespace
- $nns = Namespace::getTalk( $nns );
-
- # make talk page title objects
- $ott = Title::makeTitle( $ons, $ot->getDBkey() );
- $ntt = Title::makeTitle( $nns, $nt->getDBkey() );
+ $ott = $ot->getTalkPage();
+ $ntt = $nt->getTalkPage();
# Attempt the move
- $error = $ott->moveTo( $ntt );
+ $error = $ott->moveTo( $ntt, true, $this->reason );
if ( $error === true ) {
$talkmoved = 1;
} else {
$talkmoved = $error;
}
+ } else {
+ # Stay silent on the subject of talk.
+ $talkmoved = '';
}
- $titleObj = Title::makeTitle( NS_SPECIAL, "Movepage" );
+ # Give back result to user.
+ $titleObj = Title::makeTitle( NS_SPECIAL, 'Movepage' );
$success = $titleObj->getFullURL(
- "action=success&oldtitle=" . wfUrlencode( $ot->getPrefixedText() ) .
- "&newtitle=" . wfUrlencode( $nt->getPrefixedText() ) .
- "&talkmoved={$talkmoved}" );
+ 'action=success&oldtitle=' . wfUrlencode( $ot->getPrefixedText() ) .
+ '&newtitle=' . wfUrlencode( $nt->getPrefixedText() ) .
+ '&talkmoved='.$talkmoved );
$wgOut->redirect( $success );
}
- function showSuccess()
- {
- global $wgOut, $wgUser, $wgRequest;
+ function showSuccess() {
+ global $wgOut, $wgRequest, $wgRawHtml;
- $wgOut->setPagetitle( wfMsg( "movepage" ) );
- $wgOut->setSubtitle( wfMsg( "pagemovedsub" ) );
+ $wgOut->setPagetitle( wfMsg( 'movepage' ) );
+ $wgOut->setSubtitle( wfMsg( 'pagemovedsub' ) );
$oldtitle = $wgRequest->getVal('oldtitle');
$newtitle = $wgRequest->getVal('newtitle');
$talkmoved = $wgRequest->getVal('talkmoved');
- $text = wfMsg( "pagemovedtext", $oldtitle, $newtitle );
+ $text = wfMsg( 'pagemovedtext', $oldtitle, $newtitle );
+
+ # Temporarily disable raw html wikitext option out of XSS paranoia
+ $marchingantofdoom = $wgRawHtml;
+ $wgRawHtml = false;
$wgOut->addWikiText( $text );
+ $wgRawHtml = $marchingantofdoom;
- if ( 1 == $talkmoved ) {
- $wgOut->addHTML( "\n<p>" . wfMsg( "talkpagemoved" ) . "</p>\n" );
+ if ( $talkmoved == 1 ) {
+ $wgOut->addWikiText( wfMsg( 'talkpagemoved' ) );
} elseif( 'articleexists' == $talkmoved ) {
- $wgOut->addHTML( "\n<p><strong>" . wfMsg( "talkexists" ) . "</strong></p>\n" );
+ $wgOut->addWikiText( wfMsg( 'talkexists' ) );
} else {
$ot = Title::newFromURL( $oldtitle );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
- $wgOut->addHTML( "\n<p>" . wfMsg( "talkpagenotmoved", wfMsg( $talkmoved ) ) . "</p>\n" );
+ if ( ! $ot->isTalkPage() ) {
+ $wgOut->addWikiText( wfMsg( 'talkpagenotmoved', wfMsg( $talkmoved ) ) );
}
}
}