* (bug 25303) Fix API parameter integer validation to actually enforce validation
on the input values in addition to giving a warning. Also add flag to enforce (die)
if integer out of range (breaking change!)
-* (bug 24792) API help caching doesn't vary on $wgUser->isAnon(), causes staleness
+* (bug 24792) API help for action=purge sometimes wrongly stated whether a
+ POST request was needed due to cache pollution
=== Languages updated in 1.17 ===
'createonly-exists' => array( 'code' => 'articleexists', 'info' => "The article you tried to create has been created already" ),
'nocreate-missing' => array( 'code' => 'missingtitle', 'info' => "The article you tried to edit doesn't exist" ),
'nosuchrcid' => array( 'code' => 'nosuchrcid', 'info' => "There is no change with rcid ``\$1''" ),
- 'cantpurge' => array( 'code' => 'cantpurge', 'info' => "Only users with the 'purge' right can purge pages via the API" ),
'protect-invalidaction' => array( 'code' => 'protect-invalidaction', 'info' => "Invalid protection type ``\$1''" ),
'protect-invalidlevel' => array( 'code' => 'protect-invalidlevel', 'info' => "Invalid protection level ``\$1''" ),
'toofewexpiries' => array( 'code' => 'toofewexpiries', 'info' => "\$1 expiry timestamps were provided where \$2 were needed" ),
* Override the parent to generate help messages for all available modules.
*/
public function makeHelpMsg() {
- global $wgMemc, $wgAPICacheHelp, $wgAPICacheHelpTimeout, $wgUser;
+ global $wgMemc, $wgAPICacheHelp, $wgAPICacheHelpTimeout;
$this->setHelp();
// Get help text from cache if present
- $key = wfMemcKey( 'apihelp', $this->getModuleName(), $wgUser->isAnon(),
+ $key = wfMemcKey( 'apihelp', $this->getModuleName(),
SpecialVersion::getVersion( 'nodb' ) .
$this->getMain()->getShowVersions() );
if ( $wgAPICacheHelp ) {
public function execute() {
global $wgUser;
$params = $this->extractRequestParams();
- if ( !$wgUser->isAllowed( 'purge' ) ) {
- $this->dieUsageMsg( array( 'cantpurge' ) );
+ if ( !$wgUser->isAllowed( 'purge' ) && !$this->getMain()->isInternalMode() &&
+ !$this->getMain()->getRequest()->wasPosted() ) {
+ $this->dieUsageMsg( array( 'mustbeposted', $this->getModuleName() ) );
}
$result = array();
foreach ( $params['titles'] as $t ) {
$this->getResult()->addValue( null, $this->getModuleName(), $result );
}
- public function mustBePosted() {
- global $wgUser;
- return $wgUser->isAnon();
- }
-
public function isWriteMode() {
return true;
}
}
public function getDescription() {
- return 'Purge the cache for the given titles';
+ return array( 'Purge the cache for the given titles.',
+ 'This module requires a POST request if the user is not logged in.'
+ );
}
public function getPossibleErrors() {
dépôts / lhc / web / wiklou.git / commitdiff