Disable $wgServer autodetection to prevent cache poisoning attacks

[lhc/web/wiklou.git] / includes / installer / CliInstaller.php

diff --git a/includes/installer/CliInstaller.php b/includes/installer/CliInstaller.php
index 424c9d7..6f39f01 100644 (file)
--- a/includes/installer/CliInstaller.php
+++ b/includes/installer/CliInstaller.php
@@ -120,7 +120,11 @@ class CliInstaller extends Installer {
                        }
                        $this->setVar( '_Extensions', $status->value );
                } elseif ( isset( $options['with-extensions'] ) ) {
-                       $this->setVar( '_Extensions', array_keys( $this->findExtensions() ) );
+                       $status = $this->findExtensions();
+                       if ( !$status->isOK() ) {
+                               throw new InstallException( $status );
+                       }
+                       $this->setVar( '_Extensions', array_keys( $status->value ) );
                }
 
                // Set up the default skins
@@ -131,7 +135,11 @@ class CliInstaller extends Installer {
                        }
                        $skins = $status->value;
                } else {
-                       $skins = array_keys( $this->findExtensions( 'skins' ) );
+                       $status = $this->findExtensions( 'skins' );
+                       if ( !$status->isOK() ) {
+                               throw new InstallException( $status );
+                       }
+                       $skins = array_keys( $status->value );
                }
                $this->setVar( '_Skins', $skins );
 
@@ -269,7 +277,8 @@ class CliInstaller extends Installer {
        }
 
        protected function envGetDefaultServer() {
-               return null; // Do not guess if installing from CLI
+               // Use a basic value if the user didn't pass in --server
+               return 'http://localhost';
        }
 
        public function dirIsExecutable( $dir, $url ) {