registration: Support setting $wgPasswordPolicy in extension.json

[lhc/web/wiklou.git] / includes / WebRequest.php
diff --git a/includes/WebRequest.php b/includes/WebRequest.php

index a5ae461..3ef3bc1 100644 (file)
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -23,6 +23,7 @@
   * @file
   */
  
+use MediaWiki\MediaWikiServices;
  use MediaWiki\Session\Session;
  use MediaWiki\Session\SessionId;
  use MediaWiki\Session\SessionManager;
@@ -112,7 +113,7 @@ class WebRequest {
          */
         public static function getPathInfo( $want = 'all' ) {
                 global $wgUsePathInfo;
-               // PATH_INFO is mangled due to http://bugs.php.net/bug.php?id=31892
+               // PATH_INFO is mangled due to https://bugs.php.net/bug.php?id=31892
                 // And also by Apache 2.x, double slashes are converted to single slashes.
                 // So we will use REQUEST_URI if possible.
                 $matches = [];
@@ -174,7 +175,7 @@ class WebRequest {
                 } elseif ( $wgUsePathInfo ) {
                         if ( isset( $_SERVER['ORIG_PATH_INFO'] ) && $_SERVER['ORIG_PATH_INFO'] != '' ) {
                                 // Mangled PATH_INFO
-                               // http://bugs.php.net/bug.php?id=31892
+                               // https://bugs.php.net/bug.php?id=31892
                                 // Also reported when ini_get('cgi.fix_pathinfo')==false
                                 $matches['title'] = substr( $_SERVER['ORIG_PATH_INFO'], 1 );
  
@@ -378,7 +379,7 @@ class WebRequest {
          */
         private function getGPCVal( $arr, $name, $default ) {
                 # PHP is so nice to not touch input data, except sometimes:
-               # http://us2.php.net/variables.external#language.variables.external.dot-in-names
+               # https://secure.php.net/variables.external#language.variables.external.dot-in-names
                 # Work around PHP *feature* to avoid *bugs* elsewhere.
                 $name = strtr( $name, '.', '_' );
                 if ( isset( $arr[$name] ) ) {
@@ -1222,7 +1223,8 @@ HTML;
                 # Append XFF
                 $forwardedFor = $this->getHeader( 'X-Forwarded-For' );
                 if ( $forwardedFor !== false ) {
-                       $isConfigured = IP::isConfiguredProxy( $ip );
+                       $proxyLookup = MediaWikiServices::getInstance()->getProxyLookup();
+                       $isConfigured = $proxyLookup->isConfiguredProxy( $ip );
                         $ipchain = array_map( 'trim', explode( ',', $forwardedFor ) );
                         $ipchain = array_reverse( $ipchain );
                         array_unshift( $ipchain, $ip );
@@ -1235,14 +1237,14 @@ HTML;
                         foreach ( $ipchain as $i => $curIP ) {
                                 $curIP = IP::sanitizeIP( IP::canonicalize( $curIP ) );
                                 if ( !$curIP || !isset( $ipchain[$i + 1] ) || $ipchain[$i + 1] === 'unknown'
-                                       || !IP::isTrustedProxy( $curIP )
+                                       || !$proxyLookup->isTrustedProxy( $curIP )
                                 ) {
                                         break; // IP is not valid/trusted or does not point to anything
                                 }
                                 if (
                                         IP::isPublic( $ipchain[$i + 1] ) ||
                                         $wgUsePrivateIPs ||
-                                       IP::isConfiguredProxy( $curIP ) // bug 48919; treat IP as sane
+                                       $proxyLookup->isConfiguredProxy( $curIP ) // bug 48919; treat IP as sane
                                 ) {
                                         // Follow the next IP according to the proxy
                                         $nextIP = IP::canonicalize( $ipchain[$i + 1] );