Commit graph

136 commits

Author SHA1 Message Date
daniel f3788c4f0c (bug 42064) AbuseFilter + EditFilterMergedContent
This makes AbuseFilter use EditFilterMergedContent if support for
the ContentHandler infrastructure is present. This means living
without some nice bits of context, because EditFilterMergedContent
doesn't provide an EditPage object.

This requires core change I99a19c93 to work correctly.

Change-Id: Ibb9d4c9a36b8a199213958b920902e8006c71fe8
2013-01-17 11:18:28 +01:00
jeblad 68ecb6f985 (Bug 42064) Add a hook to AbuseFilter
The hook 'AbuseFilter-interceptVariable' can be used
for intercepting any request to recalculate a variable,
and if a handler is returning false the later code
will be skipped. That makes it possible to avoid using
content if the content model is wrong, as it could be
for a Wikibase entity.

The hook uses the same arguments as the hook
'AbuseFilter-computeVariable', thereby making it simple
to move handlers around.

The arguments to the hook are
@param string $method
@param AbuseFilterVariableHolder $vars
@param array $parameters
@param AFPData|array|int|mixed|null|string &$result

Patchset 2: Fix for arg 1 to the hook, it got $this
	instead of $this->mMethod

Change-Id: I4944ea612369d6f96319e24c96d97cf9739358c7
2012-12-19 10:13:31 +01:00
jeblad ae2c2f7e67 (Bug 42064) Change getText to getContent in AbuseFilter
Patchset 2: Handle more content types
Patchset 3: Change cover letter
Patchset 4: Make it b/c
Patchset 5: Refactor and use previous audience
Patchset 6: Fixed/ minor changes

Change-Id: Ib1d2f9803bc95bb9efd445e3778126d5c3090a71
2012-11-25 18:09:47 +01:00
Siebrand Mazeland 176227e721 Maintenance for AbuseFilter extension.
* Replace deprecated methods.
* Remove no longer needed function fnmatch().
* Remove superfluous newlines.
* Remove unused and redundant local variables and globals.
* Deglobalization.
* Update documentation.
* Fix incorrect return values or add FIXMEs when in doubt.
* Escape output in a few places where needed.
* Remove unneeded MEDIAWIKI constant checks.
* Fix various JSHint/JSLint issues.

Patch Set 11: Merged https://gerrit.wikimedia.org/r/24701 into
this one per Siebrand's request

Change-Id: I02ba4ce31b6aca5b7324114093f8ece143abc295
2012-10-09 22:26:45 +02:00
Siebrand b7ca16003a Merge "(bug 20272) AbuseFilter does not handle autocreation of accounts." 2012-09-23 18:21:26 +00:00
csteipp 1973ea6714 Add Global Rules
* Update rules list view to show global rules toggle, global rules
* Update rule processing to get global rules from memcache, if no
rule exists, get them from the central database and store them in
memcache
* Delete global rule key whenever global rules are updated
* Add filtering for log by wiki on the central database, updated
table definitions to add index on afl_wiki
* Add global $wgAbuseFilterDisallowGlobalLocalBlocks so local wikis
can prevent global rules from locally blocking, removing or revoking
permissions.

* patchset 13: Include recommendations from Tim. Add db updates to
LoadExtensionSchemaUpdates hook.
* patchset 14: forgot to add new files

Change-Id: Id69a9d603f9679f838e8691c651a3e9d8461b422
2012-08-27 03:30:07 +00:00
Andrew Garrett 53aea9c0ce AbuseFilter: Resolve bug 18374, bug 28633.
* Store the revision ID associated with a log entry
 if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their
 corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.

Change-Id: Ie2d43dd1bacf14289fdf0492bb22267590ee649d
2012-07-11 10:16:59 -04:00
Reedy 3da992692c Add a few bits of method documentation
De-indent a line

Tidy up method returns

Change-Id: I7aa93072c80a16eb27b7f7ac3d2f030ea63ebf60
2012-06-21 14:32:05 +01:00
Reedy 1536d0dd73 Merge "Bug 36499 - AbuseFilter: Call to a member function getRawText() on a non-object" 2012-05-29 08:40:29 +00:00
Andrew Garrett dc207d0cbd Abuse Filter: Allow filters to be split into "groups" for the purposes of operating them on different types of input.
The purpose of this change is to allow AFTv5 developers to run a separate list of filters against article feedback actions without issues of cross-contamination and bumping up against the condition limit.

Change-Id: I758795f01eaf3ff56c5720d660cd989ef95764a7
2012-05-12 12:53:32 +10:00
Szymon Świerkosz 36257344f1 (bug 20272) AbuseFilter does not handle autocreation of accounts.
This change depends on I92f57fc2c3189c42157478de14a8d48045a253b5.

This change provides a handler for AbortAutoAccount hook and adds new
action to the filter: autocreateaccount. Every time the AbortAutoAccount
is invoked the filter is executed. This may create some issues with
users which are affected by a filter, because it may be triggered on
every page view. The AbuseFilter relies on CentralAuth session
blacklisting - for each session the filter will be triggered only
once and then the autocreationg of account will not be attempted.

I don't know why AbortNewAccount hook takes as $message argument
a text of message, however AbortAutoAccount takes a name of the
message. This makes impossible to produce a user friendly message
why account creation is not allowed.

Change-Id: Ie3a7ee9210fd884d214ad3132a502a00332c3138
2012-05-10 10:08:48 +02:00
Reedy 05c082af20 Bug 36499 - AbuseFilter: Call to a member function getRawText() on a non-object
PHP Fatal error:  Call to a member function getRawText() on a non-object in /usr/local/apache/common-local/php-1.20wmf1/extensions/AbuseFilter/AbuseFilter.hooks.php on line 29

Change-Id: I4ce74e641cc10371ef75dc872add23aa052022d2
2012-05-04 00:36:12 +01:00
Szymon Świerkosz 1ba92ac870 (bug 20310) Invalid value of edit_diff
This change makes EditFilterMerged handler replace all \r\n with \n.

Parser::preSaveTransform replaces \r\n with \n for all texts, so
there are no \r in the database. The hook EditFilterMerged is run
before the text is processed by Parser::preSaveTransform, so the
diff will be useless if the client sends content with \r\n as line
endings.

Change-Id: If81fe7cc5e3af51a6564f86597d3afaefc7ad4b7
2012-04-29 11:03:42 +02:00
Alexandre Emsenhuber 686fb84777 (bug 35964) Fix warning in maintenance/update.php with AbuseFilter extension
The fourth parameter to "changeField" call was not present resulting in
"Warning:  Missing argument 4 for PostgresUpdater::changeField()" and
"Notice:  Undefined variable: default"
($default is the fourth parameter of PostgresUpdater::changeField()).

Change-Id: I271be91e5ba248692dcd9d48c5a5e97f938003aa
2012-04-14 22:18:20 +02:00
Sam Reed deeb01adaa Documentation
Ping r111217, fix $fdb, rename it $dbw

Change-Id: I004615a13b3292d5b071a48494125a9d7c5aad73
2012-03-26 16:03:22 +02:00
Roan Kattouw 6c4bd57043 Revert r111217 (unreviewed rev in AbuseFilter) and its dependencies r113585, r113587, r113588, r113589.
All of these revisions are tagged with 'gerritmigration' and will be resubmitted into Gerrit after the Gerrit switchover. See also http://lists.wikimedia.org/pipermail/wikitech-l/2012-March/059124.html
2012-03-21 19:41:11 +00:00
Tim Starling f17a5178a4 During update, defer creation of the AbuseFilter user until after the core updates have run, so that you don't get "Table 'user_properties' doesn't exist" etc. 2012-03-19 09:50:48 +00:00
Sam Reed c1e83a2245 Documentation
Ping r111217, fix $fdb, rename it $dbw
2012-03-11 20:32:31 +00:00
Andrew Garrett 5e4289ce4e AbuseFilter: Resolve bugs 18374, 28633.
* Store the revision ID associated with a log entry if the action is successful.
* Expose this as a diff link in the UI.
* Implicitly hide log entries if their corresponding revisions are also hidden.
* Includes scope for expanding to log entries if desired.
2012-02-10 23:41:05 +00:00
Mark A. Hershberger 27d9fbc1bf User::newFromName() can return false — warnings seen on beta.wmflabs.org 2012-01-18 02:37:14 +00:00
Sam Reed 7f6a9eb119 Removed $updater === null code
Add create user code from install.php

Delete install.php
2011-12-27 16:35:30 +00:00
Alexandre Emsenhuber 675e4c673a * (bug 29092) Removed usage of $wgArticle from AbuseFilter extension
Instead pass the Article object from the EditFilterMerged hook to the AFComputedVariable object and see whether the object is present to do a parse operation since other code paths won't pass an Article object

Also simplified the fallback code in AFComputedVariable::compute() to simply continue instead of calling the function again.
2011-11-09 08:36:26 +00:00
Mark A. Hershberger f90dc2bcc9 Split AbuseFilter schema updates for SQLite out after briefly talking
with MaxSem about the desired course of action.  Perhaps later these
can be merged back, but this seemed to be the quickest way to get
AbuseFilter working with SQLite working for now.
2011-11-08 03:07:01 +00:00
Antoine Musso efecf8b244 (bug 31656) AbuseFilter skips non null edits
That bug is triggering when a user submit an old revision unchanged.
The previous Article->getContent() would fetch the old revision which is
then compared to the user submitted text. Since they are identical, filtering
is skipped entirely.
Any editor can then reinstate an old "bad" revision.

Fix:
* Get latest stored revision to compare user submitted text against. This is
  done by using: Article->getRevision()->getRawText().
* Move caching related calls after that.

Follow up r52740.
Redo r100687 I had reverted.
2011-10-25 12:46:05 +00:00
Antoine Musso c2d03ddd7f revert r100687 2011-10-25 12:12:02 +00:00
Antoine Musso 6cdebb7ac0 (bug 31656) AbuseFilter skips non null edits
This bug is triggering when a user submit an old revision again. AbuseFilter
considered it to be a null edit although the old revision is certainly
a different text than the current one in the database.

This patch make sure we skip filtering only if we will be comparing with the
lastest content.

Follow up r52740
2011-10-25 10:22:18 +00:00
Antoine Musso 5043700b44 Document onEditFilterMerged with hook doc 2011-10-25 09:41:25 +00:00
John Du Hart 39f30c3f22 Followup r95572 to change variable names and use an associative array per Krinkle and Roan on IRC 2011-08-26 20:26:57 +00:00
John Du Hart b30697e94c Adds ResourceLoader support to AbuseFilter
Rewrote javascript to use jQuery
Added API modules to replace sajax_* calls
Solves bug 29714
2011-08-26 20:12:34 +00:00
Sam Reed a9e738f099 More document
Few minor code improvements
2011-08-24 22:11:52 +00:00
John Du Hart 0f274e5b32 (bug 30444) Add variables user_name and user_groups for action createaccount. Patch by Beau 2011-08-24 00:29:26 +00:00
Sam Reed 6d548203f7 Parameter and Return Type hints 2011-02-10 17:32:57 +00:00
Sam Reed 6b782a96dd while to foreach
Remove unused variables

Condense css
2011-02-10 17:25:25 +00:00
Roan Kattouw 802ea446a4 Revert 75677 for AbuseFilter, caused fatals 2011-02-08 15:33:02 +00:00
Sam Reed 272013d0f2 Conditionals in loops to foreachs 2010-10-29 21:30:20 +00:00
Sam Reed 961f512452 More deprecated method call removals and updates 2010-10-29 15:32:44 +00:00
Alexandre Emsenhuber 2263b44ab3 Converted AbuseFilter extension to use the new version of the LoadExtensionSchemaUpdates hook 2010-10-03 15:51:04 +00:00
Jack Phoenix 5e0330c6cc AbuseFilter: coding style tweaks, changed some while loops to foreach (as per http://www.mediawiki.org/wiki/Manual:Coding_conventions#Assignment_expressions) and added __METHOD__ to one DB query 2010-08-19 21:12:09 +00:00
Raimond Spekking 23b2f711e6 Follow-up r68534: Add new db patch to onLoadExtensionSchemaUpdates so that it runs with update.php 2010-06-27 15:44:18 +00:00
Chad Horohoe 5fce797b18 Revert r66934 (Removing wfLoadExtensionMessages() from everything). I disagree on principle...we branch extensions for this very reason. But people want trunk extensions compatible for several versions back, meh. 2010-05-27 15:56:53 +00:00
Chad Horohoe 3283b90f01 Large commit. Removed 800+ references to no-op wfLoadExtensionMessages() 2010-05-26 22:25:32 +00:00
Siebrand Mazeland b274606879 Update code formatting, run stylize.php, whitespace updates 2010-02-13 14:10:36 +00:00
Jack Phoenix e2a16fe755 AbuseFilter: big commit - coding style & spacing cleanup; also marked SpecialPages' construct() and execute() functions as public and capitalized some SQL keywords 2009-10-07 13:57:06 +00:00
Ilmari Karonen 601a8439a2 fix really stupid mistake in r53606 :( 2009-10-03 17:16:35 +00:00
Andrew Garrett 6284306905 Fix bug where noarticletext was being used as the old_wikitext for created pages 2009-09-17 09:52:40 +00:00
Ilmari Karonen 0224996e20 fix namespace for file uploads 2009-07-21 16:29:12 +00:00
Andrew Garrett d1d27eede6 Don't trigger AbuseFilter for null edits, bug 19267 2009-07-03 14:01:43 +00:00
Andrew Garrett 569155ed7d (bug 18908) Do not add tags from disabled filters to valid_tags. 2009-06-03 16:05:21 +00:00
Andrew Garrett 3b7d6574e6 (bug 18095) Trigger AbuseFilter on file upload. Presently, the only metadata is SHA1, but we'll see what we can do for other stuff on request. 2009-06-03 15:10:44 +00:00
Andrew Garrett 91f46a5697 (bug 18423) Add link to filtered abuse log on Contributions. Patch by Simon Walker, with minor fixes for double-escaping and wikitext in messages. 2009-04-24 01:53:12 +00:00
Greg Sabino Mullane af7b82c61d Postgres schema updates, per request at ticket 18537. 2009-04-20 22:45:06 +00:00
Victor Vasiliev 258d340fb5 Abuse filter:
* Introduce := operator for setting variables
* Throw an exception when user tries to override built-in variable
* Fix UTF-8 handling in fnmatch() fallback
* Copy three main abuse filters from enwiki to test suite
* Fix update.php integration
2009-04-05 11:47:42 +00:00
Greg Sabino Mullane 1affe9e074 Modified version of patch from Brad Jorsch, updates Postgres schema to match MySQL, bug 18076 2009-03-23 14:18:35 +00:00
Victor Vasiliev 19d1cfe329 Really fix bug 17664 by switching from $editor->textbox1 (which of course contains section text, not page text) to $text in EditFilterMerged hook 2009-03-17 20:44:53 +00:00
Andrew Garrett be7dcd9b3b (bug 17674) Add minor_edit variable to AbuseFilter 2009-03-04 02:04:48 +00:00
Andrew Garrett 03e12503a3 (bug 17664) Handle section-editing correctly by switching from EditFilter to EditFilterMerged.
Also, fix a weird bug where the Abuse Filter was diffing the parsed text, not the wikitext
2009-03-04 01:56:21 +00:00
Andrew Garrett 8f84baea6b Fix fatal 2009-03-01 01:49:34 +00:00
Andrew Garrett ceb5261bb6 AbuseFilter -- precache article object for edits, fix lazy initialisation of IP user objects 2009-02-28 01:10:45 +00:00
Andrew Garrett 92698e95ba Improve AbuseFilter performance by implementing lazy initialisation of computed variables.
This has been done by replacing simple associative arrays with an AbuseFilterVariableHolder, which recognises helper classes called AFComputedVariables.
Computation may occur during the abuse filter analysis, or later when testing and reviewing filters.
2009-02-26 12:15:14 +00:00
Tim Starling c8b0007232 * Break long lines. If I'm going to review this code, I need to be able to read it.
* Write array literals with one item per line. This makes diffs which add or remove items far easier to interpret, and makes merging such changes feasible. And it looks nicer too.
* Use line breaks to show the logical structure of your code. This enhances readability. Bring similar elements in a list into alignment, in order to reveal the differences between those elements at a glance.
* Removed a fun game of spot-the-difference in AbuseFilterHistoryPager::getQueryInfo(). If I want fun games I'll play UFO:AI.
* Moved some oddly placed assignments (in expressions) to their own statements: such assignments reduce readbility.
2009-02-07 09:34:11 +00:00
Andrew Garrett 6f91720eac Allow af_public_comments to be wikitext.
Relatedly, add parseInline function to OutputPage, to avoid duplicating the same awful regex in wfMsgExt.
2009-01-31 01:59:13 +00:00
Andrew Garrett 904e6d5c0f Remove duplicate schema update. 2009-01-30 19:02:28 +00:00
Andrew Garrett 5fa5e4367c Fix automatic schema updates, a holdover from moving the code into a hook. 2009-01-30 18:51:37 +00:00
Andrew Garrett 65bc2d1dcf Fix for r46500 -- use the hook so it actually works. 2009-01-29 00:37:53 +00:00
Andrew Garrett cb5eca50fd Add Special:AbuseFilter/test, which allows (trusted for now, due to DoS potential) users to enter a filter, and have it checked against the last 100 RecentChanges items while-u-wait.
Some related cleanup to change tagging in ChangesList.
2009-01-28 23:54:41 +00:00
Andrew Garrett 8a54e6ba00 Branch merge of change-tagging branch with trunk
-- Introduce tagging of individual changes (revisions, logs, and on recentchanges). The tags are customisable, and currently settable by the Abuse Filter and by the TorBlock extension. The tags can be styled on the various pages on which they appear.
-- Introduces a schema change, three new tables (valid_tag, change_tag, and tag_summary).
2009-01-28 19:08:18 +00:00
Andrew Garrett 6a4457d8f5 Rename OLD_TEXT and NEW_TEXT to *_WIKITEXT, and add NEW_HTML and NEW_TEXT parameters, both of which come from the parsed new text -- NEW_TEXT being NEW_HTML stripped of <[^>]*>.
Relatedly, add scrollbars to long variables so they don't take over a bazillion screens.
2009-01-28 01:12:34 +00:00
Andrew Garrett 5861a0fed1 Add OLD_TEXT and NEW_TEXT variables, refactor variable storage, and clean up the AbuseLog interface just a little. 2009-01-27 01:31:42 +00:00
Andrew Garrett 8ddd002c14 Remove dependency on change-tagging being branch-merged to trunk for now, and fix a few miscellaneous related bugs that came up in final testing. 2009-01-23 19:23:44 +00:00
Andrew Garrett 53179c675f Apply changes from change-tagging branch. I will remove all of the stuff actually related to change tagging in a moment, to avoid trunk changes on Wikimedia sites. 2009-01-23 19:23:19 +00:00
Andrew Garrett d5b58edfbb Windows compatibility with PHP parser, fnmatch() function. 2008-10-27 02:24:35 +00:00
Andrew Garrett fe00c5e019 Minor bugs in abuse filter, plus new ALL_LINKS/ADDED_LINKS/REMOVED_LINKS 2008-10-24 08:58:32 +00:00
Andrew Garrett 00b46cef8b Minor fix for last commit, and add DeleteQueue support. 2008-09-18 13:33:39 +00:00
Andrew Garrett 4fd43cdea9 Add basic functionality to delete filters (not really a deletion, just moved to another list) 2008-09-05 14:27:18 +00:00
Andrew Garrett 15bc04b725 Fix minor bug 2008-08-31 06:39:04 +00:00
Andrew Garrett 16909a2c42 Fix two memory leaks in native parser. Now has no memory leaks :-) 2008-08-07 13:53:18 +00:00
Andrew Garrett 34a4bbe10a Abuse filter updates:
* Allow matching on the changes made in an edit (added/removed lines, etc)
* Improve display of variables in details view - standardise the table size, add white-space: pre, font-family: monospace.
* Improve modifiers: add htmlencode/htmldecode/urlencode/urldecode.
* Add 'abuse filter tools', currently consisting of a testing ground for the modifiers. In future, may include facilities for testing filters against user contributions, recent changes, or other sources.
2008-07-17 13:40:45 +00:00
Andrew Garrett b142b81dd7 Include size delta in vars for editing 2008-07-15 08:46:17 +00:00
Andrew Garrett c91433cbc0 Fix fatal error on account creation 2008-06-30 10:40:35 +00:00
Andrew Garrett 44da7a3dce Change primary key of abuse_filter_action from afa_filter to afa_filter,afa_consequence 2008-06-27 09:49:26 +00:00
Alexandre Emsenhuber a180d6aba2 Fix some E_NOTICE 2008-06-27 09:26:54 +00:00
Andrew Garrett a4908befe4 === instead of == for comparing with true 2008-06-27 09:18:45 +00:00
Andrew Garrett 08890163af Handle case where no filters were matched 2008-06-27 08:34:34 +00:00
Andrew Garrett 1c69a9c569 Remove some ugly debugging code 2008-06-27 08:19:49 +00:00
Andrew Garrett 0879428747 Pass a title instead of a user object. For some reason we were passing a user object into the hook :/ 2008-06-27 08:16:11 +00:00
Andrew Garrett 1f5f95131d Add AbuseFilter extension 2008-06-27 06:18:51 +00:00