Andrew Garrett
3018de0453
Per comments on code review, use JSON instead of PHP serialization for Abuse Filter data interchange. PHP's unserialize() can expose remote code execution vulnerabilities with some input.
2009-06-02 12:59:05 +00:00
Purodha B Blissenbach
b6b6c154c8
Message 'abusefilter-edit-lastmod-text' - date and time separated as of request by user "Der Umherirrende" at
...
http://translatewiki.net/w/i.php?title=Support&oldid=1243738#split_date_and_time
and user name added for GENDER use.
2009-06-01 23:15:23 +00:00
Andrew Garrett
48bfcc35ee
Various code quality fixes for AbuseFilter suggested by Tim Starling in a private email, including bugfixes, memory safeguards, performance improvements, removal of redundant code, consolidation of similar functionaality.
2009-05-26 13:08:15 +00:00
Siebrand Mazeland
e454269bfc
Proper casing for getDBkey()
2009-05-24 08:33:57 +00:00
Tim Starling
268d72f43b
Code formatting and comments.
2009-05-22 06:42:10 +00:00
Andrew Garrett
32aedf1644
(bug 18077) PostgreSQL compatibility issues in AbuseFilter, patch contributed by Brad Jorsch
2009-04-24 03:27:14 +00:00
Andrew Garrett
d00d767207
Allow filtering by page on AbuseFilter batch testing interface
2009-04-23 04:30:17 +00:00
Andrew Garrett
1a0fc0fea9
Add import/export interface for filters so that filters can be copied across wikis
2009-04-23 04:23:56 +00:00
Andrew Garrett
7c3f048fff
Usability work, making abuse filter forms readonly (rather than just lacking a submit button and rejecting submissions) for users without permission.
2009-04-01 04:34:21 +00:00
Andrew Garrett
186fc67373
Crackdown on filter evaluation by users unable to modify filters. This is a DoS vector which I thought I'd already plugged.
2009-03-31 15:13:26 +00:00
Andrew Garrett
14b850f891
Implementation of global filters, including a major i18n change for abusefilter-log-detailedentry message (rename and split). Needs further testing before deployment
2009-03-30 06:12:12 +00:00
Andrew Garrett
9d9c666fea
Remove accidentally-committed code in r48856
2009-03-26 04:44:47 +00:00
Andrew Garrett
920f04d4fa
Fix batch-testing (follow-up to r48855)
2009-03-26 04:41:05 +00:00
Andrew Garrett
32c83009e3
Fix examine interface, was broken for a while
2009-03-25 02:53:23 +00:00
Andrew Garrett
2eaf10edde
Make changes link for first filter revision link to the history item (bug 18027)
2009-03-22 23:27:27 +00:00
Andrew Garrett
903cd76bd8
Fix output for examine interface in cases where no edits are available
2009-03-22 03:12:53 +00:00
Andrew Garrett
23ba2cb968
Fix abuse filter examine interface for new account creation log.
2009-03-22 02:59:01 +00:00
Andrew Garrett
4e6754e082
Prevent leaking of filters through diffs
2009-03-22 02:12:51 +00:00
Alexandre Emsenhuber
80fdcf77ce
Fix calls to deprecated functions
2009-03-21 18:47:26 +00:00
Andrew Garrett
1d180de4ed
Fix abuse filter sorting by hitcount
2009-03-19 06:56:30 +00:00
Andrew Garrett
f234bcf66d
Add basic filter profiling to AbuseFilter -- display on the edit filter page the average time taken to run the filter. Currently sampling at 1/50
2009-03-19 02:40:48 +00:00
Victor Vasiliev
d400dc6763
Fix an XSS bug in AbuseFilter
2009-03-18 19:57:25 +00:00
Andrew Garrett
58a95312e0
Prevent cross-filter diffing
2009-03-18 04:10:04 +00:00
Andrew Garrett
de1d5965ad
filters are not wikitext
2009-03-18 01:03:29 +00:00
Andrew Garrett
ac575f599b
Fix double-escaping on diff page
2009-03-18 00:15:47 +00:00
Andrew Garrett
1aa5ea69e8
Disable logging until logging table is fixed up
2009-03-17 23:54:56 +00:00
Andrew Garrett
0ce853e093
Prevent leaking of hidden filters through history interface.
2009-03-17 13:18:33 +00:00
Andrew Garrett
99805ab584
Use POST instead of GET for the evaluate with vars AJAX widget -- results in too-long URIs and therefore 400s
2009-03-17 00:10:58 +00:00
Andrew Garrett
b35585733b
Add paging to examine
2009-03-12 11:38:21 +00:00
Andrew Garrett
5493b2a690
Add diffs to AbuseFilter. Includes a related pare-down of history, under the assumption that diffs will take up the slack
2009-03-12 05:04:39 +00:00
Raimond Spekking
06a1e8303d
Follow up r47847: Show the timestemp in users preference timezone
2009-03-11 18:58:38 +00:00
Andrew Garrett
cca12dab2e
Hide rollback links in examine interface
2009-03-11 09:45:45 +00:00
Andrew Garrett
fe5141c412
Add a normal log for filter changes, mostly just a pointer back to the real log.
2009-03-11 07:12:42 +00:00
Andrew Garrett
3a55ecbc85
Link together abusefilter pages with a navigation interface at the top. Add a better intro to the abusefilter home page.
2009-03-11 05:55:06 +00:00
Raimond Spekking
58fdf4f05d
* Add Language::semicolonList() function
...
** Todo: combine all three list functions (comma, semicolon, pipe) into one function with a parameter?
* Use pipe as backlink separator to be consistent with other navigation elements
* Show the colon for case 'afh_actions' only if parameters exist
** Remove the now useless message
* Localize the usages of comma and semicolon
2009-03-06 10:56:37 +00:00
Andrew Garrett
8cb94549d1
Use parseinline instead of parsemag for abusefilter-status
2009-03-01 12:43:36 +00:00
Andrew Garrett
f94f42b506
Store Abuse Filter variable dumps to external storage instead of leaving in afl_var_dump. afl_var_dump needs to be left as a BLOB for the moment for backwards-compatibility.
2009-02-27 03:06:19 +00:00
Andrew Garrett
92698e95ba
Improve AbuseFilter performance by implementing lazy initialisation of computed variables.
...
This has been done by replacing simple associative arrays with an AbuseFilterVariableHolder, which recognises helper classes called AFComputedVariables.
Computation may occur during the abuse filter analysis, or later when testing and reviewing filters.
2009-02-26 12:15:14 +00:00
Andrew Garrett
e0cd6a327c
Fatal
2009-02-25 02:40:05 +00:00
Andrew Garrett
057f9f80db
Normalise usernames before searching for them in Abuse Filter examine and test interfaces.
2009-02-25 02:33:09 +00:00
Andrew Garrett
2f4a66e862
Do not display tools if there are not any
2009-02-19 23:52:08 +00:00
Andrew Garrett
feae69f031
Silly syntax error
2009-02-18 23:32:56 +00:00
Andrew Garrett
08d6218ee1
Always include afh_pattern in the fields to select.
2009-02-18 21:43:32 +00:00
Andrew Garrett
1c87a7ba69
Fix some silly bugs in reautoconfirmation
2009-02-18 19:34:36 +00:00
Raimond Spekking
22f57ec7d7
* Replace hardcoded '...' as indication of a truncation with the 'ellipsis' message
...
Per Brion's suggestion in http://lists.wikimedia.org/pipermail/wikitech-l/2008-December/040796.html
2009-02-13 19:13:48 +00:00
Tim Starling
c8b0007232
* Break long lines. If I'm going to review this code, I need to be able to read it.
...
* Write array literals with one item per line. This makes diffs which add or remove items far easier to interpret, and makes merging such changes feasible. And it looks nicer too.
* Use line breaks to show the logical structure of your code. This enhances readability. Bring similar elements in a list into alignment, in order to reveal the differences between those elements at a glance.
* Removed a fun game of spot-the-difference in AbuseFilterHistoryPager::getQueryInfo(). If I want fun games I'll play UFO:AI.
* Moved some oddly placed assignments (in expressions) to their own statements: such assignments reduce readbility.
2009-02-07 09:34:11 +00:00
Andrew Garrett
7dd35167ee
Show filter itself, rather than the private comments, in the recent filter changes display.
2009-02-04 19:56:21 +00:00
Andrew Garrett
fcdfd79c67
Allow Abuse Log entries to be examined in the same way recent changes items are.
2009-02-04 19:51:03 +00:00
Andrew Garrett
9e5d11e46b
Add an edit link too.
2009-02-03 22:54:46 +00:00
Andrew Garrett
60cfbf15c7
Add a fancy selector for the warning message in the Abuse Filter edit screen, and allow inline previews of the warning messages.
2009-02-03 22:45:42 +00:00