*
* @file
*/
+
+use Wikimedia\Rdbms\IDatabase;
use MediaWiki\Linker\LinkTarget;
use MediaWiki\Interwiki\InterwikiLookup;
use MediaWiki\MediaWikiServices;
return $url;
}
+ /**
+ * Get a url appropriate for making redirects based on an untrusted url arg
+ *
+ * This is basically the same as getFullUrl(), but in the case of external
+ * interwikis, we send the user to a landing page, to prevent possible
+ * phishing attacks and the like.
+ *
+ * @note Uses current protocol by default, since technically relative urls
+ * aren't allowed in redirects per HTTP spec, so this is not suitable for
+ * places where the url gets cached, as might pollute between
+ * https and non-https users.
+ * @see self::getLocalURL for the arguments.
+ * @param array|string $query
+ * @param string $proto Protocol type to use in URL
+ * @return String. A url suitable to use in an HTTP location header.
+ */
+ public function getFullUrlForRedirect( $query = '', $proto = PROTO_CURRENT ) {
+ $target = $this;
+ if ( $this->isExternal() ) {
+ $target = SpecialPage::getTitleFor(
+ 'GoToInterwiki',
+ $this->getPrefixedDBKey()
+ );
+ }
+ return $target->getFullUrl( $query, false, $proto );
+ }
+
/**
* Get a URL with no fragment or server name (relative URL) from a Title object.
* If this page is generated with action=render, however,
) {
$errors[] = [ 'delete-toobig', $wgLang->formatNum( $wgDeleteRevisionsLimit ) ];
}
+ } elseif ( $action === 'undelete' ) {
+ if ( count( $this->getUserPermissionsErrorsInternal( 'edit', $user, $rigor, true ) ) ) {
+ // Undeleting implies editing
+ $errors[] = [ 'undelete-cantedit' ];
+ }
+ if ( !$this->exists()
+ && count( $this->getUserPermissionsErrorsInternal( 'create', $user, $rigor, true ) )
+ ) {
+ // Undeleting where nothing currently exists implies creating
+ $errors[] = [ 'undelete-cantcreate' ];
+ }
}
return $errors;
}
* protection, or false if there's none.
*/
public function getTitleProtection() {
+ $protection = $this->getTitleProtectionInternal();
+ if ( $protection ) {
+ if ( $protection['permission'] == 'sysop' ) {
+ $protection['permission'] = 'editprotected'; // B/C
+ }
+ if ( $protection['permission'] == 'autoconfirmed' ) {
+ $protection['permission'] = 'editsemiprotected'; // B/C
+ }
+ }
+ return $protection;
+ }
+
+ /**
+ * Fetch title protection settings
+ *
+ * To work correctly, $this->loadRestrictions() needs to have access to the
+ * actual protections in the database without munging 'sysop' =>
+ * 'editprotected' and 'autoconfirmed' => 'editsemiprotected'. Other
+ * callers probably want $this->getTitleProtection() instead.
+ *
+ * @return array|bool
+ */
+ protected function getTitleProtectionInternal() {
// Can't protect pages in special namespaces
if ( $this->getNamespace() < 0 ) {
return false;
// fetchRow returns false if there are no rows.
$row = $dbr->fetchRow( $res );
if ( $row ) {
- if ( $row['permission'] == 'sysop' ) {
- $row['permission'] = 'editprotected'; // B/C
- }
- if ( $row['permission'] == 'autoconfirmed' ) {
- $row['permission'] = 'editsemiprotected'; // B/C
- }
$row['expiry'] = $dbr->decodeExpiry( $row['expiry'] );
}
$this->mTitleProtection = $row;
continue;
}
- // This code should be refactored, now that it's being used more generally,
- // But I don't really see any harm in leaving it in Block for now -werdna
$expiry = $dbr->decodeExpiry( $row->pr_expiry );
// Only apply the restrictions if they haven't expired!
$this->loadRestrictionsFromRows( $rows, $oldFashionedRestrictions );
} else {
- $title_protection = $this->getTitleProtection();
+ $title_protection = $this->getTitleProtectionInternal();
if ( $title_protection ) {
$now = wfTimestampNow();
* categories' names.
*
* @return array Array of parents in the form:
- * $parent => $currentarticle
+ * $parent => $currentarticle
*/
public function getParentCategories() {
global $wgContLang;
* @return int|bool Old revision ID, or false if none exists
*/
public function getPreviousRevisionID( $revId, $flags = 0 ) {
- $db = ( $flags & self::GAID_FOR_UPDATE ) ? wfGetDB( DB_MASTER ) : wfGetDB( DB_REPLICA );
+ /* This function and getNextRevisionID have bad performance when
+ used on a page with many revisions on mysql. An explicit extended
+ primary key may help in some cases, if the PRIMARY KEY is banned:
+ T159319 */
+ if ( $flags & self::GAID_FOR_UPDATE ) {
+ $db = wfGetDB( DB_MASTER );
+ } else {
+ $db = wfGetDB( DB_REPLICA, 'contributions' );
+ }
$revId = $db->selectField( 'revision', 'rev_id',
[
'rev_page' => $this->getArticleID( $flags ),
'rev_id < ' . intval( $revId )
],
__METHOD__,
- [ 'ORDER BY' => 'rev_id DESC' ]
+ [ 'ORDER BY' => 'rev_id DESC', 'IGNORE INDEX' => 'PRIMARY' ]
);
if ( $revId === false ) {
* @return int|bool Next revision ID, or false if none exists
*/
public function getNextRevisionID( $revId, $flags = 0 ) {
- $db = ( $flags & self::GAID_FOR_UPDATE ) ? wfGetDB( DB_MASTER ) : wfGetDB( DB_REPLICA );
+ if ( $flags & self::GAID_FOR_UPDATE ) {
+ $db = wfGetDB( DB_MASTER );
+ } else {
+ $db = wfGetDB( DB_REPLICA, 'contributions' );
+ }
$revId = $db->selectField( 'revision', 'rev_id',
[
'rev_page' => $this->getArticleID( $flags ),
'rev_id > ' . intval( $revId )
],
__METHOD__,
- [ 'ORDER BY' => 'rev_id' ]
+ [ 'ORDER BY' => 'rev_id', 'IGNORE INDEX' => 'PRIMARY' ]
);
if ( $revId === false ) {
$row = $db->selectRow( 'revision', Revision::selectFields(),
[ 'rev_page' => $pageId ],
__METHOD__,
- [ 'ORDER BY' => 'rev_timestamp ASC', 'LIMIT' => 1 ]
+ [
+ 'ORDER BY' => 'rev_timestamp ASC',
+ 'IGNORE INDEX' => 'rev_timestamp'
+ ]
);
if ( $row ) {
return new Revision( $row );