<?php
/**
*
+ * @package MediaWiki
+ * @subpackage SpecialPage
*/
/**
/**
* Constructor
*/
-function wfSpecialMovepage() {
+function wfSpecialMovepage( $par = null ) {
global $wgUser, $wgOut, $wgRequest, $action, $wgOnlySysopMayMove;
# check rights. We don't want newbies to move pages to prevents possible attack
- if ( 0 == $wgUser->getID() or $wgUser->isBlocked() or ($wgOnlySysopMayMove and $wgUser->isNewbie())) {
+ if ( $wgUser->isAnon() or $wgUser->isBlocked() or ($wgOnlySysopMayMove and $wgUser->isNewbie())) {
$wgOut->errorpage( "movenologin", "movenologintext" );
return;
}
return;
}
- $f = new MovePageForm();
+ $f = new MovePageForm( $par );
- if ( 'success' == $action ) { $f->showSuccess(); }
- else if ( 'submit' == $action && $wgRequest->wasPosted() ) { $f->doSubmit(); }
- else { $f->showForm( '' ); }
+ if ( 'success' == $action ) {
+ $f->showSuccess();
+ } else if ( 'submit' == $action && $wgRequest->wasPosted()
+ && $wgUser->matchEditToken( $wgRequest->getVal( 'wpEditToken' ) ) ) {
+ $f->doSubmit();
+ } else {
+ $f->showForm( '' );
+ }
}
/**
*
+ * @package MediaWiki
+ * @subpackage SpecialPage
*/
class MovePageForm {
- var $oldTitle, $newTitle; # Text input
+ var $oldTitle, $newTitle, $reason; # Text input
+ var $moveTalk, $deleteAndMove;
- function MovePageForm() {
+ function MovePageForm( $par ) {
global $wgRequest;
- $this->oldTitle = $wgRequest->getText( 'wpOldTitle', $wgRequest->getVal( 'target' ) );
+ $target = isset($par) ? $par : $wgRequest->getVal( 'target' );
+ $this->oldTitle = $wgRequest->getText( 'wpOldTitle', $target );
$this->newTitle = $wgRequest->getText( 'wpNewTitle' );
+ $this->reason = $wgRequest->getText( 'wpReason' );
+ $this->moveTalk = $wgRequest->getBool( 'wpMovetalk', true );
+ $this->deleteAndMove = $wgRequest->getBool( 'wpDeleteAndMove' );
}
function showForm( $err ) {
$wgOut->setPagetitle( wfMsg( 'movepage' ) );
- if ( empty( $this->oldTitle ) ) {
+ if ( $this->oldTitle == '' ) {
$wgOut->errorpage( 'notargettitle', 'notargettext' );
return;
}
+
+ $ot = Title::newFromURL( $this->oldTitle );
+ $oldTitle = $ot->getPrefixedText();
$encOldTitle = htmlspecialchars( $this->oldTitle );
- $encNewTitle = htmlspecialchars( $this->newTitle );
- $ot = Title::newFromURL( $this->oldTitle );
- $ott = $ot->getPrefixedText();
+ if( $this->newTitle == '' ) {
+ # Show the current title as a default
+ # when the form is first opened.
+ $encNewTitle = $oldTitle;
+ } else {
+ if( $err == '' ) {
+ $nt = Title::newFromURL( $this->newTitle );
+ if( $nt ) {
+ # If a title was supplied, probably from the move log revert
+ # link, check for validity. We can then show some diagnostic
+ # information and save a click.
+ $newerr = $ot->isValidMoveOperation( $nt );
+ if( is_string( $newerr ) ) {
+ $err = $newerr;
+ }
+ }
+ }
+ $encNewTitle = htmlspecialchars( $this->newTitle );
+ }
+ $encReason = htmlspecialchars( $this->reason );
+
+ if ( $err == 'articleexists' && $wgUser->isAllowed( 'delete' ) ) {
+ $wgOut->addWikiText( wfMsg( 'delete_and_move_text', $encNewTitle ) );
+ $movepagebtn = wfMsg( 'delete_and_move' );
+ $submitVar = 'wpDeleteAndMove';
+ $err = '';
+ } else {
+ $wgOut->addWikiText( wfMsg( 'movepagetext' ) );
+ $movepagebtn = wfMsg( 'movepagebtn' );
+ $submitVar = 'wpMove';
+ }
- $wgOut->addWikiText( wfMsg( 'movepagetext' ) );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
+ if ( !$ot->isTalkPage() ) {
$wgOut->addWikiText( wfMsg( 'movepagetalktext' ) );
}
- $ma = wfMsg( 'movearticle' );
- $newt = wfMsg( 'newtitle' );
- $mpb = wfMsg( 'movepagebtn' );
+ $movearticle = wfMsg( 'movearticle' );
+ $newtitle = wfMsg( 'newtitle' );
$movetalk = wfMsg( 'movetalk' );
+ $movereason = wfMsg( 'movereason' );
$titleObj = Title::makeTitle( NS_SPECIAL, 'Movepage' );
$action = $titleObj->escapeLocalURL( 'action=submit' );
+ $token = htmlspecialchars( $wgUser->editToken() );
if ( $err != '' ) {
$wgOut->setSubtitle( wfMsg( 'formerror' ) );
- $wgOut->addHTML( '<p class="error">'.$err."</p>\n" );
+ $wgOut->addHTML( '<p class="error">' . wfMsg($err) . "</p>\n" );
}
+
+ $moveTalkChecked = $this->moveTalk ? ' checked="checked"' : '';
+
$wgOut->addHTML( "
<form id=\"movepage\" method=\"post\" action=\"{$action}\">
<table border='0'>
<tr>
- <td align='right'>{$ma}:</td>
- <td align='left'><strong>{$ott}</strong></td>
+ <td align='right'>{$movearticle}:</td>
+ <td align='left'><strong>{$oldTitle}</strong></td>
</tr>
<tr>
- <td align='right'>{$newt}:</td>
+ <td align='right'>{$newtitle}:</td>
<td align='left'>
<input type='text' size='40' name=\"wpNewTitle\" value=\"{$encNewTitle}\" />
<input type='hidden' name=\"wpOldTitle\" value=\"{$encOldTitle}\" />
</td>
+ </tr>
+ <tr>
+ <td align='right'>{$movereason}:</td>
+ <td align='left'>
+ <input type='text' size='40' name=\"wpReason\" value=\"{$encReason}\" />
+ </td>
</tr>" );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
+ if ( ! $ot->isTalkPage() ) {
$wgOut->addHTML( "
<tr>
<td align='right'>
- <input type='checkbox' name=\"wpMovetalk\" checked='checked' value=\"1\" />
+ <input type='checkbox' name=\"wpMovetalk\"{$moveTalkChecked} value=\"1\" />
</td>
<td>{$movetalk}</td>
</tr>" );
<tr>
<td> </td>
<td align='left'>
- <input type='submit' name=\"wpMove\" value=\"{$mpb}\" />
+ <input type='submit' name=\"{$submitVar}\" value=\"{$movepagebtn}\" />
</td>
</tr>
</table>
+ <input type='hidden' name='wpEditToken' value=\"{$token}\" />
</form>\n" );
}
global $wgUseSquid, $wgRequest;
$fname = "MovePageForm::doSubmit";
+ if ( $wgUser->pingLimiter( 'move' ) ) {
+ $wgOut->rateLimited();
+ return;
+ }
+
# Variables beginning with 'o' for old article 'n' for new article
- # Attempt to move the article
-
$ot = Title::newFromText( $this->oldTitle );
$nt = Title::newFromText( $this->newTitle );
- $error = $ot->moveTo( $nt );
+ # Delete to make way if requested
+ if ( $wgUser->isAllowed( 'delete' ) && $this->deleteAndMove ) {
+ $article = new Article( $nt );
+ // This may output an error message and exit
+ $article->doDelete( wfMsgForContent( 'delete_and_move_reason' ) );
+ }
+
+ # don't allow moving to pages with # in
+ if ( !$nt || $nt->getFragment() != '' ) {
+ $this->showForm( 'badtitletext' );
+ return;
+ }
+
+ $error = $ot->moveTo( $nt, true, $this->reason );
if ( $error !== true ) {
- $this->showForm( wfMsg( $error ) );
+ $this->showForm( $error );
return;
}
-
+
# Update counters if the article got moved into or out of NS_MAIN namespace
$ons = $ot->getNamespace();
$nns = $nt->getNamespace();
# (1) the checkbox says to,
# (2) the namespaces are not themselves talk namespaces, and of course
# (3) it exists.
-
if ( ( $wgRequest->getVal('wpMovetalk') == 1 ) &&
( ! Namespace::isTalk( $ons ) ) &&
( ! Namespace::isTalk( $nns ) ) ) {
$ntt = Title::makeTitle( $nns, $nt->getDBkey() );
# Attempt the move
- $error = $ott->moveTo( $ntt );
+ $error = $ott->moveTo( $ntt, true, $this->reason );
if ( $error === true ) {
$talkmoved = 1;
} else {
$talkmoved = $error;
}
+ } else {
+ # Stay silent on the subject of talk.
+ $talkmoved = '';
}
# Give back result to user.
-
$titleObj = Title::makeTitle( NS_SPECIAL, 'Movepage' );
$success = $titleObj->getFullURL(
'action=success&oldtitle=' . wfUrlencode( $ot->getPrefixedText() ) .
}
function showSuccess() {
- global $wgOut, $wgUser, $wgRequest;
+ global $wgOut, $wgRequest, $wgRawHtml;
$wgOut->setPagetitle( wfMsg( 'movepage' ) );
$wgOut->setSubtitle( wfMsg( 'pagemovedsub' ) );
$talkmoved = $wgRequest->getVal('talkmoved');
$text = wfMsg( 'pagemovedtext', $oldtitle, $newtitle );
+
+ # Temporarily disable raw html wikitext option out of XSS paranoia
+ $marchingantofdoom = $wgRawHtml;
+ $wgRawHtml = false;
$wgOut->addWikiText( $text );
+ $wgRawHtml = $marchingantofdoom;
if ( $talkmoved == 1 ) {
$wgOut->addHTML( "\n<p>" . wfMsg( 'talkpagemoved' ) . "</p>\n" );
$wgOut->addHTML( "\n<p><strong>" . wfMsg( 'talkexists' ) . "</strong></p>\n" );
} else {
$ot = Title::newFromURL( $oldtitle );
- if ( ! Namespace::isTalk( $ot->getNamespace() ) ) {
+ if ( ! $ot->isTalkPage() ) {
$wgOut->addHTML( "\n<p>" . wfMsg( 'talkpagenotmoved', wfMsg( $talkmoved ) ) . "</p>\n" );
}
}
dépôts / lhc / web / wiklou.git / blobdiff