This is taken from I6a57a28f22600aafb2e529587ecce6083e9f7da4 and makes
all the needed changes to make phan pass. Seccheck will instead fail,
but since it's not clear how to fix it (and it is non-voting), for the
moment we may merge this and enable phan on IC.
Bug: T192325
Change-Id: I77648b6f8e146114fd43bb0f4dfccdb36b7ac1ac
Follow-up of Iaeae672dca66ffc745054daabd6f0eae7dfbc648. Some actions
were still marked with red, specifically the ones with block inside. The
reason is that we stored the 'blocktalk' parameter as an emtpy string if
false, which wasn't filtered when loading request. Changing the empty
string to something different is enough to fix the problem, hopefully
without regressions. Note that this isn't retroactive and needs an edit
to become effective.
Bug: T189681
Change-Id: I7d7f0606fc23bad5ba342076066ab0e935680b3f
Introduce a new function which can be used to group multiple comparisons
in a single condition. In particular, equals_to_any(S, A, B) is the
equivalent of S === A || S === B. This is especially useful in checking
for multiple namespaces, as proposed in the Community health initiative.
Change-Id: I9dcfe303eb5e51e1882fe4a65fa876aa93db7686
I left as ToDo the checks between an array and something else. With this
patch, it'll work like PHP: the result will be true iff the comparison
is loose, the array is empty and the other operand is either false or
null.
Change-Id: Idc5cadb697ed4fc7f4856967274169f77495ed9f
I added searchEnabled in I0771fa048d21031ed1e0f8a6909213bdb869a5ed, but
forgot to pass it as parameter when there's an error with the regex.
This means that, if you try to make a search with a wrong regex, when
the page is reloaded the fields for searching aren't shown and you get a
PHP warning. Here I also added warning suppressions as usually done when
checking regex validity to avoid unnecessary PHP warnings.
Change-Id: Ibc3110c30959c99d0825e1e3d7edb1e96dd9d536
Basically, with this we always start with a functioning textarea. If JS
is enabled (and CodeEditor installed), it gets then replaced by the Ace
editor.
Bug: T192241
Change-Id: Id4dc1debf0240d5b336f4d9ab5b363c240f08807
As discussed in the task, wgTitle was used (overridden) since it was null in API
calls. However, the problem has been fixed in api.php in 2009, so we
don't need to deal with it anymore. This also means that we may remove
anything else that was added to restore the original title at the end of
the function. At last, this was the only remaining exception for PHPCS.
Bug: T178007
Change-Id: Id043c74ec8d57c5fb0ab22f54acf6a31fe6b6f06
This should fix every error with excluded rules, leaving only the one
for $wgTitle. A double check would be nice in order to avoid regressions
due to stupid mistakes.
Bug: T178007
Change-Id: I22c179f3a01d652640304b59e43fcb5b5a9abac3
IP::isInRange() can return true for invalid IPs so this can
cause false positives. Instead of letting this happen, don't
allow it in the first place.
See also Ibfe55c2ebac0fccfa8329436
Bug: T124117
Change-Id: Id10552e117ce2b231504e41627b44f8cfb0d4329
Right now we don't have a specific exception for that, plus we don't
really check if they're closed. In fact, we use the result of strpos
without checking if it evaluates to false; if so, in some particular
cases like the one reported on phab, the while loop will never end.
Bug: T134124
Change-Id: I3b6000f197502a4832a53465b6617b4217080739
So that type and value will be identical to PHP's ones.
Bug: T191688
Depends-On: I1140900cdda63eed292d9f20aefd721ef9247fcd
Change-Id: I398c9a972b7e9fcb27d055d23939be2b8bb68244
Right now they're always returned as float values, even stuff like 1+1.
With these patch the results will have the same type as they would with
pure PHP calculation. Added a method to convert numbers to int/float
depending on their type.
Bug: T191688
Change-Id: I1140900cdda63eed292d9f20aefd721ef9247fcd
Otherwise old filters try to use it and return an error. I restored it
at the old version, like in PS1 of Ib23c418ded6ffdae7311809bf5fcbbfb2093e752
Bug: T191696
Change-Id: Ib23c418ded6ffdae7311809bf5fcbbfb2093e752
We already do it for variables and functions, so that any new feature
won't need the ace files to be edited. I originally didn't implement it
for keywords too, but it's actually much better this way.
Change-Id: I1ee81feace2ea90d5dbb2e443f01bc0f6cf74eb7
This feature was never implemented. I'm not sure whether we need a way to compare array and other types of variables (left as ToDo), since e.g. in PHP it's always false.
Bug: T179238
Change-Id: I5d2c33fd117e69cbc84c0b04b6cb82edbdcadf16
It solves a bug and other problems, especially related to permissions.
Tested as much as I could but with an imperfect global filters system,
so there may still be something wrong.
Bug: T191539
Change-Id: I0771fa048d21031ed1e0f8a6909213bdb869a5ed
This is the long-term solution for the problem. The ToDo may be
unnecessary, but leaving it there as a caveat.
Bug: T190602
Change-Id: I5e3764dbec8ac21f20c460181ae78ed73eca92f6
This opens the door to further customization and allows every wiki to
set its own value.
Bug: T132925
Change-Id: I63985f2809c3253b07b33caef30fcd8d4c62dfd4
Otherwise ContentTranslation will break. Also, that way the order was
wrong (mandatory parameter after optional ones).
Bug: T191468
Change-Id: I4558aba48782e83b73023061e8f213bf6a785a18
Yes, this is a sniff bug - however, ideally every variable should
be on its own line with documentation anyway.
Change-Id: Ic8a96d9ea4dd20d8f689aac0a7dece01a4208929
Currently, due to a tiny math error, the cap is variable (although
limited). This way it's really fixed and produces uniform results.
Bug: T191222
Change-Id: I8102db7894e5481a77e1a5771d9981258000731e
Hopefully this is really the last one: the tiny form at the bottom of
Special:AbuseLog/# to access private details.
Bug: T132284
Change-Id: I3f91beb482b3b85e12b65464914b0ac57ec983df
Currently, strict comparisons aren't listed. This way they don't appear
in the dropdown and users may not be aware of their existence.
Change-Id: I93185781de3b698096130c673156a67823375c6b
Currently users can save filters without title or pattern. This
shouldn't be allowed since it leads to lack of clarity. The check is
only performed server-side, since when implementing Ace editor we won't
be able to (easily) add a pure HTML requirement for the pattern field.
Bug: T173947
Change-Id: I1a0418b87cdb1ff423238fcdf1c743930500e605
Otherwise it will return wrong stats and waste resources. This seems to
fix the problem, while a more long-term solution isn't that clear. I
hope that this won't introduce regressions, which as far as I could see
shouldn't happen.
Bug: T191032
Change-Id: I243605b26fe310488dc7419edf31f652ccda0094
Standardized Special:AbuseFilter/test and /examine/# to OOUI. They need
to be updated together, since they share the same load filter button
(now centralized) which needs to be handled in a different way.
Bug: T132284
Bug: T58367
Bug: T58368
Depends-On: If3d6a994142e34686bb7fc9f09093f751b599485
Change-Id: Ib935e8c9706e987468e52ec2ad1c7219b35fb9d5
Conversion of the builder dropdown, the syntax checker button and also
the button for switching editor coming from ace.
Bug: T132284
Depends-On: If3d6a994142e34686bb7fc9f09093f751b599485
Change-Id: Ic7f17437f4f0dcc0ea0edbab24eb976e2f76bdbd
This one was left out, probably because it's not well documented.
Together with the simple conversion, I also added a cap to time
selectors (otherwise users may create huge breaking queries) and wrapped
in a class=success P the success message, like we do when saving
filters.
Bug: T132284
Change-Id: I2ba0a54e27608949cd28b9ac0447d1f2157b0ea2
Since it'll always be a subtraction of integer numbers. Otherwise, if
calculated as float, values won't triple-compare.
Bug: T190652
Change-Id: Ia58a4e3429a012a94a43ffadb190154fcdb9bcaa
Replace the conditions textarea with Ace editor for editing and testing
filter. This uses a soft dependency on CodeEditor; if the latter isn't
installed, the classic textarea is used. The user is still able to
switch between the editors on the go; the new buttons may look a bit
ugly now, but after switching to OOUI they should get much better.
Finally, added a custom syntax highlight for AbuseFilter rules.
Bug: T39192
Change-Id: If3d6a994142e34686bb7fc9f09093f751b599485
Adds an option for searching filters with a
specific pattern in the main page, together with already existing options.
Plain search and regex are available, only for users with the
view-private right. The search is performed directly on the database.
If the user actually searched for something, it is also added a column to
Special:AbuseFilter showing a snippet of the pattern from each filter, with the query match highlighted.
Depends on: I8144062b1f273d0d8932203ffcb7a71aca60bba9
Bug: T87455
Change-Id: Ibcd84ff84edca481328210ee857b0ab723028632
Public comments are parsed in some places and they are
shown as plain text in others. Always show them as
plain text instead of parse them.
Bug: T173249
Bug: T141670
Change-Id: I173ffab1a99c1536cca260b76be0d95a4966b139
With https://gerrit.wikimedia.org/r/#/c/412892/ I introduced an error
with action display in history: every action except for block would have
been displayed without parameters.
Change-Id: I273cd908b698c49056c176de9ead5a78d818c7be
I had unwillingly substed a variable with a string in the wrong case. It
needs to be fixed before .25 is deployed, otherwise in history there
might be actions != block which'll be displayed as 'block'.
Change-Id: I6d251fa011238509a8fdf264e865573140e7a20d
Core change I8d825eb0 begins the process of changing core database
tables from using xx_user and xx_user_text fields to using xx_actor.
This updates the extension to continue to function during and after the
transition.
Bug: T167246
Change-Id: I4065716022aa60c0fa1a258659db22be2b7f43de
