Commit graph

87 commits

Author SHA1 Message Date
Victor Vasiliev eecea2cd0e Fix SQL error on sorting filters by status 2009-06-18 15:19:58 +00:00
Andrew Garrett 695a2aad56 Fixes from bug 19135:
* Load abuse filter data from the master for edits, prevents unintended reversion in the case of replication lag.
* Load explicit field list, preventing another issue seen on Wikimedia and described in the comments.
2009-06-17 11:50:26 +00:00
Andrew Garrett 3018de0453 Per comments on code review, use JSON instead of PHP serialization for Abuse Filter data interchange. PHP's unserialize() can expose remote code execution vulnerabilities with some input. 2009-06-02 12:59:05 +00:00
Purodha B Blissenbach b6b6c154c8 Message 'abusefilter-edit-lastmod-text' - date and time separated as of request by user "Der Umherirrende" at
http://translatewiki.net/w/i.php?title=Support&oldid=1243738#split_date_and_time
and user name added for GENDER use.
2009-06-01 23:15:23 +00:00
Andrew Garrett 48bfcc35ee Various code quality fixes for AbuseFilter suggested by Tim Starling in a private email, including bugfixes, memory safeguards, performance improvements, removal of redundant code, consolidation of similar functionaality. 2009-05-26 13:08:15 +00:00
Siebrand Mazeland e454269bfc Proper casing for getDBkey() 2009-05-24 08:33:57 +00:00
Tim Starling 268d72f43b Code formatting and comments. 2009-05-22 06:42:10 +00:00
Andrew Garrett 32aedf1644 (bug 18077) PostgreSQL compatibility issues in AbuseFilter, patch contributed by Brad Jorsch 2009-04-24 03:27:14 +00:00
Andrew Garrett d00d767207 Allow filtering by page on AbuseFilter batch testing interface 2009-04-23 04:30:17 +00:00
Andrew Garrett 1a0fc0fea9 Add import/export interface for filters so that filters can be copied across wikis 2009-04-23 04:23:56 +00:00
Andrew Garrett 7c3f048fff Usability work, making abuse filter forms readonly (rather than just lacking a submit button and rejecting submissions) for users without permission. 2009-04-01 04:34:21 +00:00
Andrew Garrett 186fc67373 Crackdown on filter evaluation by users unable to modify filters. This is a DoS vector which I thought I'd already plugged. 2009-03-31 15:13:26 +00:00
Andrew Garrett 14b850f891 Implementation of global filters, including a major i18n change for abusefilter-log-detailedentry message (rename and split). Needs further testing before deployment 2009-03-30 06:12:12 +00:00
Andrew Garrett 9d9c666fea Remove accidentally-committed code in r48856 2009-03-26 04:44:47 +00:00
Andrew Garrett 920f04d4fa Fix batch-testing (follow-up to r48855) 2009-03-26 04:41:05 +00:00
Andrew Garrett 32c83009e3 Fix examine interface, was broken for a while 2009-03-25 02:53:23 +00:00
Andrew Garrett 2eaf10edde Make changes link for first filter revision link to the history item (bug 18027) 2009-03-22 23:27:27 +00:00
Andrew Garrett 903cd76bd8 Fix output for examine interface in cases where no edits are available 2009-03-22 03:12:53 +00:00
Andrew Garrett 23ba2cb968 Fix abuse filter examine interface for new account creation log. 2009-03-22 02:59:01 +00:00
Andrew Garrett 4e6754e082 Prevent leaking of filters through diffs 2009-03-22 02:12:51 +00:00
Alexandre Emsenhuber 80fdcf77ce Fix calls to deprecated functions 2009-03-21 18:47:26 +00:00
Andrew Garrett 1d180de4ed Fix abuse filter sorting by hitcount 2009-03-19 06:56:30 +00:00
Andrew Garrett f234bcf66d Add basic filter profiling to AbuseFilter -- display on the edit filter page the average time taken to run the filter. Currently sampling at 1/50 2009-03-19 02:40:48 +00:00
Victor Vasiliev d400dc6763 Fix an XSS bug in AbuseFilter 2009-03-18 19:57:25 +00:00
Andrew Garrett 58a95312e0 Prevent cross-filter diffing 2009-03-18 04:10:04 +00:00
Andrew Garrett de1d5965ad filters are not wikitext 2009-03-18 01:03:29 +00:00
Andrew Garrett ac575f599b Fix double-escaping on diff page 2009-03-18 00:15:47 +00:00
Andrew Garrett 1aa5ea69e8 Disable logging until logging table is fixed up 2009-03-17 23:54:56 +00:00
Andrew Garrett 0ce853e093 Prevent leaking of hidden filters through history interface. 2009-03-17 13:18:33 +00:00
Andrew Garrett 99805ab584 Use POST instead of GET for the evaluate with vars AJAX widget -- results in too-long URIs and therefore 400s 2009-03-17 00:10:58 +00:00
Andrew Garrett b35585733b Add paging to examine 2009-03-12 11:38:21 +00:00
Andrew Garrett 5493b2a690 Add diffs to AbuseFilter. Includes a related pare-down of history, under the assumption that diffs will take up the slack 2009-03-12 05:04:39 +00:00
Raimond Spekking 06a1e8303d Follow up r47847: Show the timestemp in users preference timezone 2009-03-11 18:58:38 +00:00
Andrew Garrett cca12dab2e Hide rollback links in examine interface 2009-03-11 09:45:45 +00:00
Andrew Garrett fe5141c412 Add a normal log for filter changes, mostly just a pointer back to the real log. 2009-03-11 07:12:42 +00:00
Andrew Garrett 3a55ecbc85 Link together abusefilter pages with a navigation interface at the top. Add a better intro to the abusefilter home page. 2009-03-11 05:55:06 +00:00
Raimond Spekking 58fdf4f05d * Add Language::semicolonList() function
** Todo: combine all three list functions (comma, semicolon, pipe) into one function with a parameter?
* Use pipe as backlink separator to be consistent with other navigation elements
* Show the colon for case 'afh_actions' only if parameters exist
** Remove the now useless message
* Localize the usages of comma and semicolon
2009-03-06 10:56:37 +00:00
Andrew Garrett 8cb94549d1 Use parseinline instead of parsemag for abusefilter-status 2009-03-01 12:43:36 +00:00
Andrew Garrett f94f42b506 Store Abuse Filter variable dumps to external storage instead of leaving in afl_var_dump. afl_var_dump needs to be left as a BLOB for the moment for backwards-compatibility. 2009-02-27 03:06:19 +00:00
Andrew Garrett 92698e95ba Improve AbuseFilter performance by implementing lazy initialisation of computed variables.
This has been done by replacing simple associative arrays with an AbuseFilterVariableHolder, which recognises helper classes called AFComputedVariables.
Computation may occur during the abuse filter analysis, or later when testing and reviewing filters.
2009-02-26 12:15:14 +00:00
Andrew Garrett e0cd6a327c Fatal 2009-02-25 02:40:05 +00:00
Andrew Garrett 057f9f80db Normalise usernames before searching for them in Abuse Filter examine and test interfaces. 2009-02-25 02:33:09 +00:00
Andrew Garrett 2f4a66e862 Do not display tools if there are not any 2009-02-19 23:52:08 +00:00
Andrew Garrett feae69f031 Silly syntax error 2009-02-18 23:32:56 +00:00
Andrew Garrett 08d6218ee1 Always include afh_pattern in the fields to select. 2009-02-18 21:43:32 +00:00
Andrew Garrett 1c87a7ba69 Fix some silly bugs in reautoconfirmation 2009-02-18 19:34:36 +00:00
Raimond Spekking 22f57ec7d7 * Replace hardcoded '...' as indication of a truncation with the 'ellipsis' message
Per Brion's suggestion in http://lists.wikimedia.org/pipermail/wikitech-l/2008-December/040796.html
2009-02-13 19:13:48 +00:00
Tim Starling c8b0007232 * Break long lines. If I'm going to review this code, I need to be able to read it.
* Write array literals with one item per line. This makes diffs which add or remove items far easier to interpret, and makes merging such changes feasible. And it looks nicer too.
* Use line breaks to show the logical structure of your code. This enhances readability. Bring similar elements in a list into alignment, in order to reveal the differences between those elements at a glance.
* Removed a fun game of spot-the-difference in AbuseFilterHistoryPager::getQueryInfo(). If I want fun games I'll play UFO:AI.
* Moved some oddly placed assignments (in expressions) to their own statements: such assignments reduce readbility.
2009-02-07 09:34:11 +00:00
Andrew Garrett 7dd35167ee Show filter itself, rather than the private comments, in the recent filter changes display. 2009-02-04 19:56:21 +00:00
Andrew Garrett fcdfd79c67 Allow Abuse Log entries to be examined in the same way recent changes items are. 2009-02-04 19:51:03 +00:00