$this->mSessionKey = $request->getInt( 'wpSessionKey' );
if( !empty( $this->mSessionKey ) &&
- isset( $_SESSION['wsUploadData'][$this->mSessionKey]['version'] ) &&
+ isset( $_SESSION['wsUploadData'][$this->mSessionKey]['version'] ) &&
$_SESSION['wsUploadData'][$this->mSessionKey]['version'] == self::SESSION_VERSION ) {
/**
* Confirming a temporarily stashed upload.
case self::FILETYPE_BADTYPE:
$finalExt = $details['finalExt'];
- $this->uploadError(
+ $this->uploadError(
wfMsgExt( 'filetype-banned-type',
array( 'parseinline' ),
htmlspecialchars( $finalExt ),
* If the image is protected, non-sysop users won't be able
* to modify it by uploading a new revision.
*/
- if( !$nt->userCan( 'edit' ) || !$nt->userCan( 'create' ) ) {
+ if( !$nt->userCan( 'edit' ) ||
+ !$nt->userCan( 'create' ) ||
+ !$nt->userCan( 'upload' ) ){
return self::PROTECTED_PAGE;
}
$file->getName(), $align, array(), false, true );
} elseif ( !$file->allowInlineDisplay() && $file->isSafeFile() ) {
$icon = $file->iconThumb();
- $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
+ $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
$icon->toHtml( array( 'desc-link' => true ) ) . '<br />' . $dlink . '</div>';
} else {
$dlink2 = '';
$nt_lc->getText(), $align, array(), false, true );
} elseif ( !$file_lc->allowInlineDisplay() && $file_lc->isSafeFile() ) {
$icon = $file_lc->iconThumb();
- $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
+ $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
$icon->toHtml( array( 'desc-link' => true ) ) . '<br />' . $dlink . '</div>';
} else {
$dlink2 = '';
}
- $warning .= '<li>' . wfMsgExt( 'fileexists-extension', 'parsemag', $file->getName(), $dlink ) . '</li>' . $dlink2;
+ $warning .= '<li>' . wfMsgExt( 'fileexists-extension', 'parsemag', $file->getName(), $dlink ) . '</li>' . $dlink2;
- } elseif ( ( substr( $partname , 3, 3 ) == 'px-' || substr( $partname , 2, 3 ) == 'px-' )
+ } elseif ( ( substr( $partname , 3, 3 ) == 'px-' || substr( $partname , 2, 3 ) == 'px-' )
&& ereg( "[0-9]{2}" , substr( $partname , 0, 2) ) )
{
# Check for filenames like 50px- or 180px-, these are mostly thumbnails
# Check if an image without leading '180px-' (or similiar) exists
$dlink = $sk->makeKnownLinkObj( $nt_thb);
if ( $file_thb->allowInlineDisplay() ) {
- $dlink2 = $sk->makeImageLinkObj( $nt_thb,
+ $dlink2 = $sk->makeImageLinkObj( $nt_thb,
wfMsgExt( 'fileexists-thumb', 'parseinline' ),
$nt_thb->getText(), $align, array(), false, true );
} elseif ( !$file_thb->allowInlineDisplay() && $file_thb->isSafeFile() ) {
$icon = $file_thb->iconThumb();
- $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
- $icon->toHtml( array( 'desc-link' => true ) ) . '<br />' .
+ $dlink2 = '<div style="float:' . $align . '" id="mw-media-icon">' .
+ $icon->toHtml( array( 'desc-link' => true ) ) . '<br />' .
$dlink . '</div>';
} else {
$dlink2 = '';
}
- $warning .= '<li>' . wfMsgExt( 'fileexists-thumbnail-yes', 'parsemag', $dlink ) .
- '</li>' . $dlink2;
+ $warning .= '<li>' . wfMsgExt( 'fileexists-thumbnail-yes', 'parsemag', $dlink ) .
+ '</li>' . $dlink2;
} else {
# Image w/o '180px-' does not exists, but we do not like these filenames
- $warning .= '<li>' . wfMsgExt( 'file-thumbnail-no', 'parseinline' ,
+ $warning .= '<li>' . wfMsgExt( 'file-thumbnail-no', 'parseinline' ,
substr( $partname , 0, strpos( $partname , '-' ) +1 ) ) . '</li>';
}
}
# If the file existed before and was deleted, warn the user of this
# Don't bother doing so if the file exists now, however
$ltitle = SpecialPage::getTitleFor( 'Log' );
- $llink = $sk->makeKnownLinkObj( $ltitle, wfMsgHtml( 'deletionlog' ),
+ $llink = $sk->makeKnownLinkObj( $ltitle, wfMsgHtml( 'deletionlog' ),
'type=delete&page=' . $file->getTitle()->getPrefixedUrl() );
$warning .= '<li>' . wfMsgWikiHtml( 'filewasdeleted', $llink ) . '</li>';
}
}
return $s;
}
-
+
/**
* Render a preview of a given license for the AJAX preview on upload
*
$text = '{{' . $license . '}}';
$title = Title::makeTitle( NS_IMAGE, 'Sample.jpg' );
$options = ParserOptions::newFromUser( $wgUser );
-
+
// Expand subst: first, then live templates...
$text = $wgParser->preSaveTransform( $text, $title, $wgUser, $options );
$output = $wgParser->parse( $text, $title, $options );
-
+
return $output->getText();
}
}
$wgOut->addHTML(
- Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ),
+ Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL( 'action=submit' ),
'enctype' => 'multipart/form-data', 'id' => 'uploadwarning' ) ) . "\n" .
Xml::hidden( 'wpIgnoreWarning', '1' ) . "\n" .
Xml::hidden( 'wpSessionKey', $this->mSessionKey ) . "\n" .
wfMsgWikiHtml( 'upload-prohibited', implode( $wgFileBlacklist, $delim ) ) .
"</div>\n";
}
+ } else {
+ # Everything is permitted.
+ $extensionsList = '';
}
# Get the maximum file size from php.ini as $wgMaxUploadSize works for uploads from URL via CURL only
$encDestName = htmlspecialchars( $this->mDesiredDestName );
- $watchChecked =
- ( $wgUser->getOption( 'watchdefault' ) ||
- ( $wgUser->getOption( 'watchcreations' ) && $this->mDesiredDestName == '' ) )
+ $watchChecked = $this->watchCheck()
? 'checked="checked"'
: '';
$warningChecked = $this->mIgnoreWarning ? 'checked' : '';
"<input type='radio' id='wpSourceTypeFile' name='wpSourceType' value='file' " .
"onchange='toggle_element_activation(\"wpUploadFileURL\",\"wpUploadFile\")' checked='checked' />" .
"<input tabindex='1' type='file' name='wpUploadFile' id='wpUploadFile' " .
- "onfocus='" .
+ "onfocus='" .
"toggle_element_activation(\"wpUploadFileURL\",\"wpUploadFile\");" .
"toggle_element_check(\"wpSourceTypeFile\",\"wpSourceTypeURL\")' " .
"onchange='fillDestFilename(\"wpUploadFile\")' size='60' />" .
$encComment = htmlspecialchars( $this->mComment );
$wgOut->addHTML(
- Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL(),
+ Xml::openElement( 'form', array( 'method' => 'post', 'action' => $titleObj->getLocalURL(),
'enctype' => 'multipart/form-data', 'id' => 'mw-upload-form' ) ) .
Xml::openElement( 'fieldset' ) .
Xml::element( 'legend', null, wfMsg( 'upload' ) ) .
<label for='wpDestFile'>{$destfilename}</label>
</td>
<td class='mw-input'>
- <input tabindex='2' type='text' name='wpDestFile' id='wpDestFile' size='60'
+ <input tabindex='2' type='text' name='wpDestFile' id='wpDestFile' size='60'
value=\"{$encDestName}\" onchange='toggleFilenameFiller()' $destOnkeyup />
</td>
</tr>
<label for='wpUploadDescription'>{$summary}</label>
</td>
<td class='mw-input'>
- <textarea tabindex='3' name='wpUploadDescription' id='wpUploadDescription' rows='6'
+ <textarea tabindex='3' name='wpUploadDescription' id='wpUploadDescription' rows='6'
cols='{$cols}'{$width}>$encComment</textarea>
{$this->uploadFormTextAfterSummary}
</td>
<td class='mw-label' style='white-space: nowrap;'>
<label for='wpUploadCopyStatus'>$filestatus</label></td>
<td class='mw-input'>
- <input tabindex='5' type='text' name='wpUploadCopyStatus' id='wpUploadCopyStatus'
+ <input tabindex='5' type='text' name='wpUploadCopyStatus' id='wpUploadCopyStatus'
value=\"$copystatus\" size='60' />
</td>
</tr>
<label for='wpUploadCopyStatus'>$filesource</label>
</td>
<td class='mw-input'>
- <input tabindex='6' type='text' name='wpUploadSource' id='wpUploadCopyStatus'
+ <input tabindex='6' type='text' name='wpUploadSource' id='wpUploadCopyStatus'
value=\"$uploadsource\" size='60' />
</td>
</tr>
}
/* -------------------------------------------------------------- */
+
+ /**
+ * See if we should check the 'watch this page' checkbox on the form
+ * based on the user's preferences and whether we're being asked
+ * to create a new file or update an existing one.
+ *
+ * In the case where 'watch edits' is off but 'watch creations' is on,
+ * we'll leave the box unchecked.
+ *
+ * Note that the page target can be changed *on the form*, so our check
+ * state can get out of sync.
+ */
+ function watchCheck() {
+ global $wgUser;
+ if( $wgUser->getOption( 'watchdefault' ) ) {
+ // Watch all edits!
+ return true;
+ }
+
+ $local = wfLocalFile( $this->mDesiredDestName );
+ if( $local && $local->exists() ) {
+ // We're uploading a new version of an existing file.
+ // No creation, so don't watch it if we're not already.
+ return $local->getTitle()->userIsWatching();
+ } else {
+ // New page should get watched if that's our option.
+ return $wgUser->getOption( 'watchcreations' );
+ }
+ }
/**
* Split a file into a base name and all dot-delimited 'extensions'
*/
function verify( $tmpfile, $extension ) {
#magically determine mime type
- $magic=& MimeMagic::singleton();
- $mime= $magic->guessMimeType($tmpfile,false);
+ $magic = MimeMagic::singleton();
+ $mime = $magic->guessMimeType($tmpfile,false);
#check mime type, if desired
global $wgVerifyMimeType;
* @return bool
*/
function verifyExtension( $mime, $extension ) {
- $magic =& MimeMagic::singleton();
+ $magic = MimeMagic::singleton();
if ( ! $mime || $mime == 'unknown' || $mime == 'unknown/unknown' )
if ( ! $magic->isRecognizableExtension( $extension ) ) {
}
}
- /**
+ /**
* Heuristic for detecting files that *could* contain JavaScript instructions or
* things that may look like HTML to a browser and are thus
* potentially harmful. The present implementation will produce false positives in some situations.
return false;
}
- /**
+ /**
* Generic wrapper function for a virus scanner program.
* This relies on the $wgAntivirus and $wgAntivirusSetup variables.
* $wgAntivirusRequired may be used to deny upload if the scan fails.
if ( !$wgAntivirusSetup[$wgAntivirus] ) {
wfDebug( __METHOD__.": unknown virus scanner: $wgAntivirus\n" );
# @TODO: localise
- $wgOut->addHTML( "<div class='error'>Bad configuration: unknown virus scanner: <i>$wgAntivirus</i></div>\n" );
+ $wgOut->addHTML( "<div class='error'>Bad configuration: unknown virus scanner: <i>$wgAntivirus</i></div>\n" );
return "unknown antivirus: $wgAntivirus";
}
if ( strpos( $command,"%f" ) === false ) {
# simple pattern: append file to scan
- $command .= " " . wfEscapeShellArg( $file );
+ $command .= " " . wfEscapeShellArg( $file );
} else {
# complex pattern: replace "%f" with file to scan
- $command = str_replace( "%f", wfEscapeShellArg( $file ), $command );
+ $command = str_replace( "%f", wfEscapeShellArg( $file ), $command );
}
wfDebug( __METHOD__.": running virus scan: $command \n" );
# map exit code to AV_xxx constants.
$mappedCode = $exitCode;
- if ( $exitCodeMap ) {
+ if ( $exitCodeMap ) {
if ( isset( $exitCodeMap[$exitCode] ) ) {
$mappedCode = $exitCodeMap[$exitCode];
} elseif ( isset( $exitCodeMap["*"] ) ) {
}
}
- if ( $mappedCode === AV_SCAN_FAILED ) {
+ if ( $mappedCode === AV_SCAN_FAILED ) {
# scan failed (code was mapped to false by $exitCodeMap)
wfDebug( __METHOD__.": failed to scan $file (code $exitCode).\n" );
- if ( $wgAntivirusRequired ) {
- return "scan failed (code $exitCode)";
- } else {
- return NULL;
+ if ( $wgAntivirusRequired ) {
+ return "scan failed (code $exitCode)";
+ } else {
+ return NULL;
}
- } else if ( $mappedCode === AV_SCAN_ABORTED ) {
+ } else if ( $mappedCode === AV_SCAN_ABORTED ) {
# scan failed because filetype is unknown (probably imune)
wfDebug( __METHOD__.": unsupported file type $file (code $exitCode).\n" );
return NULL;
return true; // non-conditional
if( !$user->isAllowed( 'reupload-own' ) )
return false;
-
+
$dbr = wfGetDB( DB_SLAVE );
$row = $dbr->selectRow('image',
/* SELECT */ 'img_user',
*/
private function showDeletionLog( $out, $filename ) {
global $wgUser;
- $loglist = new LogEventsList( $wgUser->getSkin() );
+ $loglist = new LogEventsList( $wgUser->getSkin(), $out );
$pager = new LogPager( $loglist, 'delete', false, $filename );
if( $pager->getNumRows() > 0 ) {
$out->addHtml( '<div id="mw-upload-deleted-warn">' );