Merge "Use utf8 charset for searchindex MySQL table"

[lhc/web/wiklou.git] / includes / Wiki.php
diff --git a/includes/Wiki.php b/includes/Wiki.php

index cb0f60a..0683d7c 100644 (file)
--- a/includes/Wiki.php
+++ b/includes/Wiki.php
@@ -307,7 +307,8 @@ class MediaWiki {
                                 $output->redirect( $article );
                         } else {
                                 wfProfileOut( __METHOD__ );
-                               throw new MWException( "Shouldn't happen: MediaWiki::initializeArticle() returned neither an object nor a URL" );
+                               throw new MWException( "Shouldn't happen: MediaWiki::initializeArticle()"
+                                       . " returned neither an object nor a URL" );
                         }
                 }
  
@@ -427,7 +428,8 @@ class MediaWiki {
  
                 $act = $this->getAction();
  
-               $action = Action::factory( $act, $page );
+               $action = Action::factory( $act, $page, $this->context );
+
                 if ( $action instanceof Action ) {
                         # Let Squid cache things if we can purge them.
                         if ( $wgUseSquid &&
@@ -502,12 +504,36 @@ class MediaWiki {
  
                 $request = $this->context->getRequest();
  
-               if ( $request->getCookie( 'forceHTTPS' )
-                       && $request->detectProtocol() == 'http'
-                       && $request->getMethod() == 'GET'
+               // If the user has forceHTTPS set to true, or if the user
+               // is in a group requiring HTTPS, or if they have the HTTPS
+               // preference set, redirect them to HTTPS.
+               if (
+                       (
+                               $request->getCookie( 'forceHTTPS', '' ) ||
+                               // check for prefixed version for currently logged in users
+                               $request->getCookie( 'forceHTTPS' ) ||
+                               // Avoid checking the user and groups unless it's enabled.
+                               (
+                                       $this->context->getUser()->isLoggedIn()
+                                       && $this->context->getUser()->requiresHTTPS()
+                               )
+                       ) &&
+                       $request->detectProtocol() == 'http'
                 ) {
-                       $redirUrl = $request->getFullRequestURL();
-                       $redirUrl = str_replace( 'http://', 'https://', $redirUrl );
+                       $oldUrl = $request->getFullRequestURL();
+                       $redirUrl = str_replace( 'http://', 'https://', $oldUrl );
+
+                       if ( $request->wasPosted() ) {
+                               // This is weird and we'd hope it almost never happens. This
+                               // means that a POST came in via HTTP and policy requires us
+                               // redirecting to HTTPS. It's likely such a request is going
+                               // to fail due to post data being lost, but let's try anyway
+                               // and just log the instance.
+                               //
+                               // @todo @fixme See if we could issue a 307 or 308 here, need
+                               // to see how clients (automated & browser) behave when we do
+                               wfDebugLog( 'RedirectedPosts', "Redirected from HTTP to HTTPS: $oldUrl" );
+                       }
  
                         // Setup dummy Title, otherwise OutputPage::redirect will fail
                         $title = Title::newFromText( NS_MAIN, 'REDIR' );