dépôts / lhc / web / wiklou.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
API: Throwing a more specific error message when the client tries to create empty...
[lhc/web/wiklou.git] / trackback.php
diff --git a/trackback.php b/trackback.php
index 274a1c8..bcb6376 100644 (file)
--- a/trackback.php
+++ b/trackback.php
@@ -1,33 +1,18 @@
 <?php
 /**
  * Provide functions to handle article trackbacks.
- * @package MediaWiki
- * @subpackage SpecialPage
+ * @file
+ * @ingroup SpecialPage
  */
-
-unset($IP);
-define('MEDIAWIKI', true);
-if ( isset( $_REQUEST['GLOBALS'] ) ) {
-       echo '<a href="http://www.hardened-php.net/index.76.html">$GLOBALS overwrite vulnerability</a>';
-       die( -1 );
-}
-
-require_once('./includes/Defines.php');
-
-if (!file_exists('LocalSettings.php'))
-       exit;
-
-require_once('./LocalSettings.php');
-require_once('includes/Setup.php');
-
-require_once('DatabaseFunctions.php');
+require_once( './includes/WebStart.php' );
+require_once( './includes/DatabaseFunctions.php' );
 
 /**
  *
  */
 function XMLsuccess() {
-       echo "
-<?xml version=\"1.0\" encoding=\"utf-8\"?>
+       header("Content-Type: application/xml; charset=utf-8");
+       echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>
 <response>
 <error>0</error>
 </response>
@@ -37,8 +22,8 @@ function XMLsuccess() {
 
 function XMLerror($err = "Invalid request.") {
        header("HTTP/1.0 400 Bad Request");
-       echo "
-<?xml version=\"1.0\" encoding=\"utf-8\"?>
+       header("Content-Type: application/xml; charset=utf-8");
+       echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>
 <response>
 <error>1</error>
 <message>Invalid request: $err</message>
@@ -51,20 +36,19 @@ if (!$wgUseTrackbacks)
        XMLerror("Trackbacks are disabled.");
 
 if (   !isset($_POST['url'])
-    || !isset($_POST['blog_name'])
     || !isset($_REQUEST['article']))
        XMLerror("Required field not specified");
 
-$dbw =& wfGetDB(DB_MASTER);
+$dbw = wfGetDB(DB_MASTER);
 
-$tbtitle = $_POST['title'];
-$tbex = $_POST['excerpt'];
-$tburl = $_POST['url'];
-$tbname = $_POST['blog_name'];
-$tbarticle = $_REQUEST['article'];
+$tbtitle = strval( @$_POST['title'] );
+$tbex = strval( @$_POST['excerpt'] );
+$tburl = strval( $_POST['url'] );
+$tbname = strval( @$_POST['blog_name'] );
+$tbarticle = strval( $_REQUEST['article'] );
 
 $title = Title::newFromText($tbarticle);
-if (!$title->exists())
+if (!isset($title) || !$title->exists())
        XMLerror("Specified article does not exist.");
 
 $dbw->insert('trackbacks', array(
@@ -74,7 +58,8 @@ $dbw->insert('trackbacks', array(
        'tb_ex'         => $tbex,
        'tb_name'       => $tbname
 ));
+$dbw->commit();
 
 XMLsuccess();
-exit;
+
 ?>
Wiklou, le Wiki du Wiklou