- Security reminder: If you have PHP's register_globals option set, you should
- turn it off. Although MediaWiki will work with it enabled, it exposes your
- server to potential security vulnerabilities.
+ Security reminder: If you have PHP's register_globals option set, you must
+ turn it off. MediaWiki will no longer work with it enabled.
== MediaWiki 1.24 ==
production.
=== Configuration changes in 1.24 ===
+ * MediaWiki will no longer run if register_globals is enabled. It has been
+ deprecated for 5 years now, and was removed in PHP 5.4. For more information
+ about why, see <https://www.mediawiki.org/wiki/register_globals>.
* The server's canonical hostname is available as $wgServerName, which is
exposed in both mw.config and ApiQuerySiteInfo.
* Introduced $wgPagePropsHaveSortkey as a backwards-compatibility switch,
SpecialPageBeforeFormDisplay.
* (bug 65781) Removed block warning on included {{Special:Contributions}}
* Removed Skin::makeGlobalVariablesScript. (deprecated since 1.19)
+* Removed MWNamespace::isMain(). (deprecated since 1.19)
+* Removed Preferences::loadOldSearchNs(). (deprecated since 1.19)
+* Removed OutputPage::getStatusMessage(). (deprecated since 1.18)
+* Removed OutputPage::isUserJsAllowed(). (deprecated since 1.18)
+* Removed Title::updateTitleProtection(). (deprecated since 1.19)
==== Renamed classes ====
* CLDRPluralRuleConverter_Expression to CLDRPluralRuleConverterExpression
$this->settings[$var] = $GLOBALS[$var];
}
- $compiledDBs = array();
+ $this->compiledDBs = array();
foreach ( self::getDBTypes() as $type ) {
$installer = $this->getDBInstaller( $type );
if ( !$installer->isCompiled() ) {
continue;
}
- $compiledDBs[] = $type;
-
- $defaults = $installer->getGlobalDefaults();
-
- foreach ( $installer->getGlobalNames() as $var ) {
- if ( isset( $defaults[$var] ) ) {
- $this->settings[$var] = $defaults[$var];
- } else {
- $this->settings[$var] = $GLOBALS[$var];
- }
- }
+ $this->compiledDBs[] = $type;
}
- $this->compiledDBs = $compiledDBs;
$this->parserTitle = Title::newFromText( 'Installer' );
$this->parserOptions = new ParserOptions; // language will be wrong :(
/**
* Environment check for register_globals.
+ * Prevent installation if enabled
*/
protected function envCheckRegisterGlobals() {
if ( wfIniGetBool( 'register_globals' ) ) {
- $this->showMessage( 'config-register-globals' );
+ $this->showMessage( 'config-register-globals-error' );
+ return false;
}
+
+ return true;
}
/**