// Don't interpret POST parameters starting with '@' as file uploads, because this
// makes it impossible to POST plain values starting with '@' (and causes security
// issues potentially exposing the contents of local files).
- // The PHP manual says this option was introduced in PHP 5.5 defaults to true in PHP 5.6,
- // but we support lower versions, and the option doesn't exist in HHVM 5.6.99.
- if ( defined( 'CURLOPT_SAFE_UPLOAD' ) ) {
- $this->curlOptions[CURLOPT_SAFE_UPLOAD] = true;
- } elseif ( is_array( $postData ) ) {
- // In PHP 5.2 and later, '@' is interpreted as a file upload if POSTFIELDS
- // is an array, but not if it's a string. So convert $req['body'] to a string
- // for safety.
- $postData = wfArrayToCgi( $postData );
- }
+ $this->curlOptions[CURLOPT_SAFE_UPLOAD] = true;
$this->curlOptions[CURLOPT_POSTFIELDS] = $postData;
// Suppress 'Expect: 100-continue' header, as some servers
$curlHandle = curl_init( $this->url );
if ( !curl_setopt_array( $curlHandle, $this->curlOptions ) ) {
+ $this->status->fatal( 'http-internal-error' );
throw new InvalidArgumentException( "Error setting curl options." );
}
if ( $this->followRedirects && $this->canFollowRedirects() ) {
- MediaWiki\suppressWarnings();
+ Wikimedia\suppressWarnings();
if ( !curl_setopt( $curlHandle, CURLOPT_FOLLOWLOCATION, true ) ) {
$this->logger->debug( __METHOD__ . ": Couldn't set CURLOPT_FOLLOWLOCATION. " .
"Probably open_basedir is set.\n" );
// Continue the processing. If it were in curl_setopt_array,
// processing would have halted on its entry
}
- MediaWiki\restoreWarnings();
+ Wikimedia\restoreWarnings();
}
if ( $this->profiler ) {
return false;
}
- if ( version_compare( PHP_VERSION, '5.6.0', '<' ) ) {
- if ( strval( ini_get( 'open_basedir' ) ) !== '' ) {
- $this->logger->debug( "Cannot follow redirects when open_basedir is set\n" );
- return false;
- }
- }
-
return true;
}
}