Commit graph

217 commits

Author SHA1 Message Date
Robin Pepermans f4750e9250 (bug 23086) AbuseFilter config diff date and time should use user preference instead of UTC 2011-07-06 23:14:04 +00:00
Happy-melon 12e1428629 * Implement an extensible Block::prevents( <action> ) function to replace the plethora of direct member variable accesses This pushes the historic *disable*-createaccount-vs-*allow* usertalk-edit wierdness down to the database layer
* Implement accessors for isHardblock() and getRangeStart()/getRangeEnd() in the same fashion.
* Make the corresponding variables private, removing external accessors.  This required updating AbuseFilter with non-B/C code, so I also implemented the rest of the changes I've made to the blocking backend in that extension.
* Move the "get an IP range which encompasses the given IP/range" logic to Block.php; will be needed later... :D
2011-03-19 23:47:08 +00:00
Sam Reed 6d548203f7 Parameter and Return Type hints 2011-02-10 17:32:57 +00:00
Sam Reed a0a6d18b88 Code cleanup, mainly unused variables 2010-11-04 01:29:10 +00:00
Sam Reed 6098610527 Another big cull on unused variables and such 2010-10-29 21:55:29 +00:00
Sam Reed 961f512452 More deprecated method call removals and updates 2010-10-29 15:32:44 +00:00
Sam Reed cf800e4c18 Start removing/fixing calls to deprecated methods in WMF used extensions 2010-10-29 15:14:44 +00:00
Jack Phoenix 5e0330c6cc AbuseFilter: coding style tweaks, changed some while loops to foreach (as per http://www.mediawiki.org/wiki/Manual:Coding_conventions#Assignment_expressions) and added __METHOD__ to one DB query 2010-08-19 21:12:09 +00:00
Sam Reed 485a5b0856 Minor revert of CentralNotice.db.php
Add some braces

Remove more unused variables
2010-07-26 21:55:18 +00:00
Sam Reed bfeb901839 Remove some more unused variables 2010-07-24 21:32:07 +00:00
Sam Reed 6981886b50 Nuke some more unused globals 2010-07-24 21:12:27 +00:00
Aryeh Gregor ed5b83e6ac Remove most named character references from output
Recommit of r66254 to trunk.  This was just

find extensions phase3 -iname '*.php' \! -iname '*.i18n.php' \! -iname 'Messages*.php' \! -iname '*_Messages.php' -exec sed -i 's/&nbsp;/\&#160;/g;s/&mdash;/―/g;s/&bull;/•/g;s/&aacute;/á/g;s/&acute;/´/g;s/&agrave;/à/g;s/&alpha;/α/g;s/&auml;/ä/g;s/&ccedil;/ç/g;s/&copy;/©/g;s/&darr;/↓/g;s/&deg;/°/g;s/&eacute;/é/g;s/&ecirc;/ê/g;s/&euml;/ë/g;s/&egrave;/è/g;s/&euro;/€/g;s/&harr;//g;s/&hellip;/…/g;s/&iacute;/í/g;s/&igrave;/ì/g;s/&larr;/←/g;s/&ldquo;/“/g;s/&middot;/·/g;s/&minus;/−/g;s/&ndash;/–/g;s/&oacute;/ó/g;s/&ocirc;/ô/g;s/&oelig;/œ/g;s/&ograve;/ò/g;s/&otilde;/õ/g;s/&ouml;/ö/g;s/&pound;/£/g;s/&prime;/′/g;s/&Prime;/″/g;s/&raquo;/»/g;s/&rarr;/→/g;s/&rdquo;/”/g;s/&Sigma;/Σ/g;s/&times;/×/g;s/&uacute;/ú/g;s/&uarr;/↑/g;s/&uuml;/ü/g;s/&yen;/¥/g' {} +

followed by reading over every single line of the resulting diff and
fixing a whole bunch of false positives.  The reason for this change is
given in <http://lists.wikimedia.org/pipermail/wikitech-l/2010-April/047617.html>.
I cleared it with Tim and Brion on IRC before committing.  It might
cause a few problems, but I tried to be careful; please report any
issues.

I skipped all messages files.  I plan to make a follow-up commit that
alters wfMsgExt() with 'escapenoentities' to sanitize all the entities.
That way, the only messages that will be problems will be ones that
output raw HTML, and we want to get rid of those anyway.

This should get rid of all named entities everywhere except messages.  I
skipped a few things like &nbsp that I noticed in manual inspection,
because they weren't well-formed XML anyway.

Also, to everyone who uses non-breaking spaces when they could use a
normal space, or nothing at all, or CSS padding: I still hate you.  Die.
2010-05-30 17:33:59 +00:00
Raimond Spekking de5b7258b9 Add accesskeys 's' for save actions 2010-03-13 17:35:12 +00:00
Raimond Spekking ac8439bd8a Use commaList() for better i18n 2010-03-13 17:23:08 +00:00
Siebrand Mazeland b274606879 Update code formatting, run stylize.php, whitespace updates 2010-02-13 14:10:36 +00:00
Siebrand Mazeland e86b1357ac Update break notation to self enclosed and properly spaced 2009-11-14 20:59:15 +00:00
Jack Phoenix e2a16fe755 AbuseFilter: big commit - coding style & spacing cleanup; also marked SpecialPages' construct() and execute() functions as public and capitalized some SQL keywords 2009-10-07 13:57:06 +00:00
Andrew Garrett 13ab814753 AbuseFilter: Show permissions errors on new filter and importing a filter when the user does not have permission.
Resolves bug 20467
2009-09-18 10:05:20 +00:00
Andrew Garrett 6133a51192 Fix bug 19799, hide public versions of private filters. 2009-08-07 16:13:06 +00:00
Andrew Garrett 5524008a54 Fix bug 20033, error in AbuseFilterView.php 2009-08-03 10:17:29 +00:00
Andrew Garrett c89fb0e608 Fix for bug 19894, now preview and view/edit buttons for warning messages are no longer disabled for unprivileged users. 2009-07-27 10:48:07 +00:00
Andrew Garrett 94a9b2b174 Require tags to be valid page titles. In the message, gives general recommendations that they be short and simple, rather than specifying the exact criteria. I want to encourage simplicity in tags, rather than fixing an immediate problem 2009-07-17 15:37:03 +00:00
Andrew Garrett d69a31acb3 Fix weird bug where unchanged conditions were being parsed as wikitext in diff displays, and usage of deprecated method 2009-07-17 14:03:11 +00:00
Andrew Garrett 5c08223f77 Fix bug 18176, hard-coded JS strings needed localisation. 2009-07-17 13:52:40 +00:00
Andrew Garrett 4e3f9ab256 Add abusefilter-view-private right for viewing private abuse filters. Patch by Haza-w with stylistic and other minor adjustments 2009-07-03 14:17:05 +00:00
Andrew Garrett fb9d1978cf Change disabled to readonly for textboxes on uneditable filters 2009-07-03 13:54:08 +00:00
Andrew Garrett 3c51c81c93 Add condition limit profiling as well as time profiling to the abuse filter (bug 19256) 2009-07-03 13:46:51 +00:00
Andrew Garrett 0d97b9e140 GENDER support for abusefilter-diff-version 2009-07-03 12:55:10 +00:00
Andrew Garrett 98fb7d2689 log_action field now expanded to 32 chars, re-activating change logging 2009-07-03 12:48:28 +00:00
Andrew Garrett 924b9f19ba Core changes for r52307 2009-06-23 21:52:39 +00:00
Victor Vasiliev eecea2cd0e Fix SQL error on sorting filters by status 2009-06-18 15:19:58 +00:00
Andrew Garrett 695a2aad56 Fixes from bug 19135:
* Load abuse filter data from the master for edits, prevents unintended reversion in the case of replication lag.
* Load explicit field list, preventing another issue seen on Wikimedia and described in the comments.
2009-06-17 11:50:26 +00:00
Andrew Garrett 3018de0453 Per comments on code review, use JSON instead of PHP serialization for Abuse Filter data interchange. PHP's unserialize() can expose remote code execution vulnerabilities with some input. 2009-06-02 12:59:05 +00:00
Purodha B Blissenbach b6b6c154c8 Message 'abusefilter-edit-lastmod-text' - date and time separated as of request by user "Der Umherirrende" at
http://translatewiki.net/w/i.php?title=Support&oldid=1243738#split_date_and_time
and user name added for GENDER use.
2009-06-01 23:15:23 +00:00
Andrew Garrett 48bfcc35ee Various code quality fixes for AbuseFilter suggested by Tim Starling in a private email, including bugfixes, memory safeguards, performance improvements, removal of redundant code, consolidation of similar functionaality. 2009-05-26 13:08:15 +00:00
Siebrand Mazeland e454269bfc Proper casing for getDBkey() 2009-05-24 08:33:57 +00:00
Tim Starling 268d72f43b Code formatting and comments. 2009-05-22 06:42:10 +00:00
Andrew Garrett 32aedf1644 (bug 18077) PostgreSQL compatibility issues in AbuseFilter, patch contributed by Brad Jorsch 2009-04-24 03:27:14 +00:00
Andrew Garrett d00d767207 Allow filtering by page on AbuseFilter batch testing interface 2009-04-23 04:30:17 +00:00
Andrew Garrett 1a0fc0fea9 Add import/export interface for filters so that filters can be copied across wikis 2009-04-23 04:23:56 +00:00
Andrew Garrett 7c3f048fff Usability work, making abuse filter forms readonly (rather than just lacking a submit button and rejecting submissions) for users without permission. 2009-04-01 04:34:21 +00:00
Andrew Garrett 186fc67373 Crackdown on filter evaluation by users unable to modify filters. This is a DoS vector which I thought I'd already plugged. 2009-03-31 15:13:26 +00:00
Andrew Garrett 14b850f891 Implementation of global filters, including a major i18n change for abusefilter-log-detailedentry message (rename and split). Needs further testing before deployment 2009-03-30 06:12:12 +00:00
Andrew Garrett 9d9c666fea Remove accidentally-committed code in r48856 2009-03-26 04:44:47 +00:00
Andrew Garrett 920f04d4fa Fix batch-testing (follow-up to r48855) 2009-03-26 04:41:05 +00:00
Andrew Garrett 32c83009e3 Fix examine interface, was broken for a while 2009-03-25 02:53:23 +00:00
Andrew Garrett 2eaf10edde Make changes link for first filter revision link to the history item (bug 18027) 2009-03-22 23:27:27 +00:00
Andrew Garrett 903cd76bd8 Fix output for examine interface in cases where no edits are available 2009-03-22 03:12:53 +00:00
Andrew Garrett 23ba2cb968 Fix abuse filter examine interface for new account creation log. 2009-03-22 02:59:01 +00:00
Andrew Garrett 4e6754e082 Prevent leaking of filters through diffs 2009-03-22 02:12:51 +00:00
Alexandre Emsenhuber 80fdcf77ce Fix calls to deprecated functions 2009-03-21 18:47:26 +00:00
Andrew Garrett 1d180de4ed Fix abuse filter sorting by hitcount 2009-03-19 06:56:30 +00:00
Andrew Garrett f234bcf66d Add basic filter profiling to AbuseFilter -- display on the edit filter page the average time taken to run the filter. Currently sampling at 1/50 2009-03-19 02:40:48 +00:00
Victor Vasiliev d400dc6763 Fix an XSS bug in AbuseFilter 2009-03-18 19:57:25 +00:00
Andrew Garrett 58a95312e0 Prevent cross-filter diffing 2009-03-18 04:10:04 +00:00
Andrew Garrett de1d5965ad filters are not wikitext 2009-03-18 01:03:29 +00:00
Andrew Garrett ac575f599b Fix double-escaping on diff page 2009-03-18 00:15:47 +00:00
Andrew Garrett 1aa5ea69e8 Disable logging until logging table is fixed up 2009-03-17 23:54:56 +00:00
Andrew Garrett 0ce853e093 Prevent leaking of hidden filters through history interface. 2009-03-17 13:18:33 +00:00
Andrew Garrett 99805ab584 Use POST instead of GET for the evaluate with vars AJAX widget -- results in too-long URIs and therefore 400s 2009-03-17 00:10:58 +00:00
Andrew Garrett b35585733b Add paging to examine 2009-03-12 11:38:21 +00:00
Andrew Garrett 5493b2a690 Add diffs to AbuseFilter. Includes a related pare-down of history, under the assumption that diffs will take up the slack 2009-03-12 05:04:39 +00:00
Raimond Spekking 06a1e8303d Follow up r47847: Show the timestemp in users preference timezone 2009-03-11 18:58:38 +00:00
Andrew Garrett cca12dab2e Hide rollback links in examine interface 2009-03-11 09:45:45 +00:00
Andrew Garrett fe5141c412 Add a normal log for filter changes, mostly just a pointer back to the real log. 2009-03-11 07:12:42 +00:00
Andrew Garrett 3a55ecbc85 Link together abusefilter pages with a navigation interface at the top. Add a better intro to the abusefilter home page. 2009-03-11 05:55:06 +00:00
Raimond Spekking 58fdf4f05d * Add Language::semicolonList() function
** Todo: combine all three list functions (comma, semicolon, pipe) into one function with a parameter?
* Use pipe as backlink separator to be consistent with other navigation elements
* Show the colon for case 'afh_actions' only if parameters exist
** Remove the now useless message
* Localize the usages of comma and semicolon
2009-03-06 10:56:37 +00:00
Andrew Garrett 8cb94549d1 Use parseinline instead of parsemag for abusefilter-status 2009-03-01 12:43:36 +00:00
Andrew Garrett f94f42b506 Store Abuse Filter variable dumps to external storage instead of leaving in afl_var_dump. afl_var_dump needs to be left as a BLOB for the moment for backwards-compatibility. 2009-02-27 03:06:19 +00:00
Andrew Garrett 92698e95ba Improve AbuseFilter performance by implementing lazy initialisation of computed variables.
This has been done by replacing simple associative arrays with an AbuseFilterVariableHolder, which recognises helper classes called AFComputedVariables.
Computation may occur during the abuse filter analysis, or later when testing and reviewing filters.
2009-02-26 12:15:14 +00:00
Andrew Garrett e0cd6a327c Fatal 2009-02-25 02:40:05 +00:00
Andrew Garrett 057f9f80db Normalise usernames before searching for them in Abuse Filter examine and test interfaces. 2009-02-25 02:33:09 +00:00
Andrew Garrett 2f4a66e862 Do not display tools if there are not any 2009-02-19 23:52:08 +00:00
Andrew Garrett feae69f031 Silly syntax error 2009-02-18 23:32:56 +00:00
Andrew Garrett 08d6218ee1 Always include afh_pattern in the fields to select. 2009-02-18 21:43:32 +00:00
Andrew Garrett 1c87a7ba69 Fix some silly bugs in reautoconfirmation 2009-02-18 19:34:36 +00:00
Raimond Spekking 22f57ec7d7 * Replace hardcoded '...' as indication of a truncation with the 'ellipsis' message
Per Brion's suggestion in http://lists.wikimedia.org/pipermail/wikitech-l/2008-December/040796.html
2009-02-13 19:13:48 +00:00
Tim Starling c8b0007232 * Break long lines. If I'm going to review this code, I need to be able to read it.
* Write array literals with one item per line. This makes diffs which add or remove items far easier to interpret, and makes merging such changes feasible. And it looks nicer too.
* Use line breaks to show the logical structure of your code. This enhances readability. Bring similar elements in a list into alignment, in order to reveal the differences between those elements at a glance.
* Removed a fun game of spot-the-difference in AbuseFilterHistoryPager::getQueryInfo(). If I want fun games I'll play UFO:AI.
* Moved some oddly placed assignments (in expressions) to their own statements: such assignments reduce readbility.
2009-02-07 09:34:11 +00:00
Andrew Garrett 7dd35167ee Show filter itself, rather than the private comments, in the recent filter changes display. 2009-02-04 19:56:21 +00:00
Andrew Garrett fcdfd79c67 Allow Abuse Log entries to be examined in the same way recent changes items are. 2009-02-04 19:51:03 +00:00
Andrew Garrett 9e5d11e46b Add an edit link too. 2009-02-03 22:54:46 +00:00
Andrew Garrett 60cfbf15c7 Add a fancy selector for the warning message in the Abuse Filter edit screen, and allow inline previews of the warning messages. 2009-02-03 22:45:42 +00:00
Andrew Garrett 3e67f66246 Add a missing field in SELECT. 2009-02-03 18:07:11 +00:00
Andrew Garrett 6f91720eac Allow af_public_comments to be wikitext.
Relatedly, add parseInline function to OutputPage, to avoid duplicating the same awful regex in wfMsgExt.
2009-01-31 01:59:13 +00:00
Andrew Garrett fc1ecd6caa Don't show tag filter boxes if no tags are defined. To support this change without bringing down servers, cache the list of valid tags in the object cache. 2009-01-30 23:24:29 +00:00
Andrew Garrett ae7089e23d Make (examine) links on batch test page propagate the filter that was used 2009-01-30 23:24:11 +00:00
Andrew Garrett bfed0d967d Oops -- you don't need the -revert permission to test a filter! :D 2009-01-30 19:30:51 +00:00
Andrew Garrett 769d0a6ea2 Add a nice convenience link to the testing interface to the filter editing interface. 2009-01-30 19:19:03 +00:00
Andrew Garrett 7cbfa0597a Prettify and enhance usability of test and examine views.
* Adopt pretty logos for "Match" and "No Match" for visual distinguishment.
* Allow negatives to be reported as well in 'test' interface.
2009-01-30 00:54:20 +00:00
Andrew Garrett 189d1fde40 Minor fixes for r46557
* Don't show revisions in the examiner which can't be examined.
* Fill out some forgotten interface messages.
2009-01-29 23:04:06 +00:00
Andrew Garrett f9c9c07ccf Abuse Filter changes designed for testing filters against real data:
* Add searching and filtering functionality to the existing 'test' interface.
* Add an 'examine' interface designed for testing filters against a previous change, selectable through the search interface in either the 'test' or the 'examine' view.
* Minor enabling change in ChangesList core, to allow subclassing.
2009-01-29 22:44:31 +00:00
Andrew Garrett cb5eca50fd Add Special:AbuseFilter/test, which allows (trusted for now, due to DoS potential) users to enter a filter, and have it checked against the last 100 RecentChanges items while-u-wait.
Some related cleanup to change tagging in ChangesList.
2009-01-28 23:54:41 +00:00
Andrew Garrett 909be785f6 Style disabled and deleted filters in light gray, for visual identification. 2009-01-28 20:09:05 +00:00
Andrew Garrett e2754e1af3 Link the filter description too, as the filter ID is often too small a target for clumsy mice 2009-01-28 19:50:38 +00:00
Andrew Garrett 8bea6e85f8 Hide action parameters if an action isn't selected. 2009-01-28 19:40:15 +00:00
Andrew Garrett f4ddeab5a4 Require 'abusefilter-revert' right to display the 'revert' button on the edit page. 2009-01-28 19:12:57 +00:00
Andrew Garrett 8a54e6ba00 Branch merge of change-tagging branch with trunk
-- Introduce tagging of individual changes (revisions, logs, and on recentchanges). The tags are customisable, and currently settable by the Abuse Filter and by the TorBlock extension. The tags can be styled on the various pages on which they appear.
-- Introduces a schema change, three new tables (valid_tag, change_tag, and tag_summary).
2009-01-28 19:08:18 +00:00
Andrew Garrett 36b78662b0 Refactor, pretty up and spread localisation of filter consequences (in logs, history, filter summary, etc) 2009-01-28 01:26:38 +00:00
Andrew Garrett 4640e09951 Add a missing file. 2009-01-28 00:36:49 +00:00
Andrew Garrett 050575a5af Allow users with the appropriate permission to mass-revert all actions (like blocking, deautoconfirming and degrouping) taken by a filter, with an appropriate summary. 2009-01-28 00:10:35 +00:00
Andrew Garrett ca47e8c408 Add right- message, and actually make the right do something! 2009-01-27 20:18:36 +00:00
Andrew Garrett c83f74b448 Mark 'block' and 'degroup' as 'restricted' actions -- actions which, if added to a filter, require the 'abusefiilter-modify-restricted' right to edit. 2009-01-27 19:51:38 +00:00
Andrew Garrett 0f1eb8db78 SCHEMA CHANGE:
For MySQL 4.0 compatibility, store a summary of actions in the abuse_filter table.
While I'm there, make the pseudo-internal names for actions localisable and therefore actually make sense to the average user.
2009-01-27 18:32:17 +00:00
Andrew Garrett a72320d1a8 Use <div>s instead of <strong>s to highlight changed columns in history. 2009-01-27 07:11:04 +00:00
Andrew Garrett 2f8fcdc86a Fix history item links. 2009-01-27 07:05:23 +00:00
Andrew Garrett 54ee8685d3 Remove stray 'return' which was breaking hit counters. 2009-01-27 05:07:11 +00:00
Andrew Garrett e21048cae7 Remove something non-mysql compat for now. We'll re-add it properly tomorrow. 2009-01-27 02:02:12 +00:00
Andrew Garrett 83d4b5a91f Bold and apply a subtle background colour to the changed fields in Abuse Filter history -- will make things much easier to track. 2009-01-26 22:31:02 +00:00
Andrew Garrett 83cb0e5322 Don't save duplicate revisions... 2009-01-26 22:30:42 +00:00
Andrew Garrett d3e279f0e2 Fix link on main AbuseFilter changes. 2009-01-26 19:31:25 +00:00
Andrew Garrett 995c28b921 Fix up Abuse Log, by adding descriptions for variables, styling the variable table.
Also, fix up a message naming conflict introduced by r46272.
2009-01-26 19:23:27 +00:00
Andrew Garrett 9ee1f5e267 Add a handy 'Abuse Filter log' where you can see all recent changes to filters, and narrow it down by user if you like. 2009-01-26 18:50:20 +00:00
Andrew Garrett 06275af974 E_NOTICE 2009-01-25 04:55:02 +00:00
Andrew Garrett 264114310a Add missing file. 2009-01-23 22:50:33 +00:00
Andrew Garrett 819986be43 Put filter-builterator on tools page. 2009-01-23 22:49:13 +00:00
Andrew Garrett 8ddd002c14 Remove dependency on change-tagging being branch-merged to trunk for now, and fix a few miscellaneous related bugs that came up in final testing. 2009-01-23 19:23:44 +00:00
Andrew Garrett 53179c675f Apply changes from change-tagging branch. I will remove all of the stuff actually related to change tagging in a moment, to avoid trunk changes on Wikimedia sites. 2009-01-23 19:23:19 +00:00