dépôts
/
lhc
/
web
/
wiklou.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
WatchedItemStore::getWatchedItem returns a WatchedItem
[lhc/web/wiklou.git]
/
includes
/
AjaxDispatcher.php
diff --git
a/includes/AjaxDispatcher.php
b/includes/AjaxDispatcher.php
index
75fcff3
..
f6c9075
100644
(file)
--- a/
includes/AjaxDispatcher.php
+++ b/
includes/AjaxDispatcher.php
@@
-23,6
+23,9
@@
use MediaWiki\MediaWikiServices;
use MediaWiki\MediaWikiServices;
+// Use superglobals, but since it's deprecated, it's not worth fixing
+// phpcs:disable MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals
+
/**
* @defgroup Ajax Ajax
*/
/**
* @defgroup Ajax Ajax
*/
@@
-73,7
+76,7
@@
class AjaxDispatcher {
switch ( $this->mode ) {
case 'get':
switch ( $this->mode ) {
case 'get':
- $this->func_name =
isset( $_GET["rs"] ) ? $_GET["rs"] :
'';
+ $this->func_name =
$_GET["rs"] ??
'';
if ( !empty( $_GET["rsargs"] ) ) {
$this->args = $_GET["rsargs"];
} else {
if ( !empty( $_GET["rsargs"] ) ) {
$this->args = $_GET["rsargs"];
} else {
@@
-81,7
+84,7
@@
class AjaxDispatcher {
}
break;
case 'post':
}
break;
case 'post':
- $this->func_name =
isset( $_POST["rs"] ) ? $_POST["rs"] :
'';
+ $this->func_name =
$_POST["rs"] ??
'';
if ( !empty( $_POST["rsargs"] ) ) {
$this->args = $_POST["rsargs"];
} else {
if ( !empty( $_POST["rsargs"] ) ) {
$this->args = $_POST["rsargs"];
} else {
@@
-101,6
+104,9
@@
class AjaxDispatcher {
* they should be carefully handled in the function processing the
* request.
*
* they should be carefully handled in the function processing the
* request.
*
+ * phan-taint-check triggers as it is not smart enough to understand
+ * the early return if func_name not in AjaxExportList.
+ * @suppress SecurityCheck-XSS
* @param User $user
*/
function performAction( User $user ) {
* @param User $user
*/
function performAction( User $user ) {