return;
}
$nt = Title::newFromText( $basename );
+ if( !$nt ) {
+ return $this->uploadError( wfMsg( "illegalfilename", htmlspecialchars( $basename ) ) );
+ }
$nt->setNamespace( Namespace::getImage() );
$this->mUploadSaveName = $nt->getDBkey();
/* Don't allow users to override the blacklist */
if( $this->checkFileExtension( $ext, $wgFileBlacklist ) ||
($wgStrictFileExtensions && !$this->checkFileExtension( $ext, $wgFileExtensions ) ) ) {
- return $this->uploadError( wfMsg( "badfiletype", $ext ) );
+ return $this->uploadError( wfMsg( "badfiletype", htmlspecialchars( $ext ) ) );
}
$this->saveUploadedFile( $this->mUploadSaveName, $this->mUploadTempName );
if ( !$nt->userCanEdit() ) {
return $this->uploadError( wfMsg( "protectedpage" ) );
- }
+ }
if ( ! $this->mIgnoreWarning ) {
$warning = '';
if( 0 != strcmp( ucfirst( $basename ), $this->mUploadSaveName ) ) {
- $warning .= '<li>'.wfMsg( "badfilename", $this->mUploadSaveName ).'</li>';
+ $warning .= '<li>'.wfMsg( "badfilename", htmlspecialchars( $this->mUploadSaveName ) ).'</li>';
}
if ( $wgCheckFileExtensions ) {
if ( ! $this->checkFileExtension( $ext, $wgFileExtensions ) ) {
- $warning .= '<li>'.wfMsg( "badfiletype", $ext ).'</li>';
+ $warning .= '<li>'.wfMsg( "badfiletype", htmlspecialchars( $ext ) ).'</li>';
}
}
if ( $wgUploadSizeWarning && ( $this->mUploadSize > $wgUploadSizeWarning ) ) {
'noaffirmation' => 'You must affirm that your upload does not violate any copyrights.',
'ignorewarning' => 'Ignore warning and save file anyway.',
'minlength' => 'Image names must be at least three letters.',
+'illegalfilename' => 'The filename "$1" contains characters that are not allowed in page titles. Please rename the file and try uploading it again.',
'badfilename' => "Image name has been changed to \"$1\".",
'badfiletype' => "\".$1\" is not a recommended image file format.",
'largefile' => 'It is recommended that images not exceed 100k in size.',