These are also user-provided tag names, so should be checked with
ChangeTags::canCreateTag, which is intended for that purpose.
This check also applies on edits.
Bug: T164133
Change-Id: Iaf161d538f225a86c7abf8a8a347de9169d781bf
This also changes the previous behavior - users who lost their rights
between opening and saving a filter now also get the message.
Additionally, User::matchEditToken() now doesn't use the global
$wgRequest.
Bug: T142389
Change-Id: I931068ff79a6835ad6e63a12ce9dbfcc1cb6c8b9
Admins already have the ability to edit site JS, etc., so I don't think we should be concerned about malicious content
This patch allows markup in all messages in the edit interface, except the labels for the checkboxes
Bug: T157235
Change-Id: I5f1a2cd536a2c7ec5f7a5d7afbf124104bfcd975
Stash may return false if the value hasn't been set yet. This basically
means 'zero'.
Steps to reproduce: create a new filter and open it. If it doesn't have
any hits, the second message parameter is missing instead of being '0'.
Change-Id: I8f240dd87664ec99a98b843f9e5c4c8c9eed0532
All usages of Linker::link() and Linker::linkKnown() has been replaced with LinkRenderer
Bug: T149346
Change-Id: Id087fe2aeaae81445e83e020ef66b541d9da4060
Rename $wgAbuseFilterAvailableActions / $wgAbuseFilterRestrictedActions
to $wgAbuseFilterActions / $wgAbuseFilterRestrictions and make
them an associative array instead of a plain one, as that works more
sanely with extension registration. (The renaming helps to give more
useful errors to sites using the old config.)
Change-Id: I790d39c2849922d7daf7479f298cd90cf30af129
* Defer the slow profiling updates to post-send
* Convert to the object stash, so that all DCs see
the same values
Change-Id: I08316c6a3192bd69248cf5ab5a3ed8185341c313
Follow-up to b60829a60c.
I'll fix up message translations on Translatewiki when this is merged.
Bug: T132189
Change-Id: I1ecaedd7489b264ed621309b6fbfb63b9287a437
This reverts commit afb78deb84.
I'll guard this behind a global and fix up the localisation messages
in a separate commit. This is a straight revert.
Bug: T132189
Change-Id: Iff4aa6d7d543db8f47c5f81f3c206dafcd5373dc
These boolean values go through DatabaseBase::makeList,
which passes them along to DatabaseBase::addQuotes, which
shoves the value through DatabaseMysqlBase::strencode,
which in turn passes it on to DatabaseMysqli::mysqlRealEscapeString,
which eventually calls mysqli::real_escape_string on it.
This last one will turn trues into '1' and falses into ''.
MySQL (or at least my version, 5.6.17 Homebrew) complains about
receiving incorrect integer value '' for these tinyint(1) columns.
Bug: T67807
Change-Id: Iaef98c08589370f9288c1f3c80803b1a16b2506e
* This is very slow as there can easily be hundreds of filters,
each doing 6 memcached queries. Xenon flamegraphs show a lot
of time spent in this method, slowing down editing.
Change-Id: I31e4502bbd45cc284db3cd89eb34ad365c59905b
* Also removed some code duplication
* Use getConnectionRef in checkAllFilters so that the
DB connection can be reused
Bug: T93141
Change-Id: I17c5a976b6c45029cde4ed34ad82d69e365ae8c5
* Use ChangeTags::purgeTagCacheAll().
* The prior code did not change that actual tag table and
in any case did nothing since 878523f6225 due to a key
rename. This covers the two keys using two AF hooks.
Bug: T91815
Change-Id: I227414cde2e95d4533fdf708579113cd3bf2856a
Notice: Undefined index: af_throttled in
extensions/AbuseFilter/Views/AbuseFilterViewEdit.php on line 148
This assumes af_throttled to exist in $newRow, which comes
from AbuseFilterViewEdit::loadRequest, which in turn comes
from AbuseFilterViewEdit::loadFilterData, where no
af_throttled property is added to the newly created object.
Bug: 65805
Change-Id: I45ad0ea2cea242711b6109e67b99b71242ff57f6
Changed the textarea size in AbuseFilter Notes text area
from 5 to 15 to match with the new Conditions text box.
Bug: 55365
Change-Id: I1da26166f28f31b2a18c1dca3709efc0728d45d6
...otherwise it doesn't work.
This change add 2 checks for object caching, one for the filter
configuration interface, and one for the actual throttle checking.
Bug: 50894
Change-Id: I89ebcc6ff7d91d3a9ad8e744c0c4ff3e33e3b673
Don't use global state in here, centralize
the logic for global filters and avoid static
functions.
This also makes the UI for global filters nicer
in case the user can't edit them (as all fields
are disabled then).
Change-Id: Ica4e77536d315d8ef39a45666c6b8834315bee77
This prevents an abuse filter admin from setting a custom warning
message (which are references to a non-translated, local wiki page),
for global filters (which can be on any wiki in any language).
bug: 45164
Change-Id: If61716053b75f45e4b70f78d3809ddd02ac6d83e
The concept of different AbuseFilter groups had not properly been integrated, but should be now:
- The total number of matches is now group-specific
- .. Which will also fix the emergency shutdown calculations
- And a portion of incorrect code (involving $logged_local_filters) has been fixed (action != group)
Change-Id: I091199a9d74aee47dcb3d8942394a28e0ffd3234
Add a permission 'abusefilter-modify-global' which an administrator must
have to set global rules in the central database.
By default, this right is not associated with any group.
Change-Id: Ied92f7ffd90cb2d8eeb8f3f26b941edbb22b10d6
