[MediaWiki-commits] [Gerrit] PreviewFrom - change (mediawiki...GWToolset)

Tue, 03 Dec 2013 07:07:47 -0800 

Dan-nl has uploaded a new change for review.

  https://gerrit.wikimedia.org/r/98825


Change subject: PreviewFrom
......................................................................

PreviewFrom

chris steipp requested that:

* Can getPostAsHiddenFields in includes/Forms/PreviewForm.php only return a 
whitelist of fields?

chris steipp mentioned that:

* Checking for PHP_SAPI = 'cli' in 
includes/Handlers/Forms/MetadataMappingHandler.php seems like
  the wrong way to check if this is running from a job

Change-Id: Id03a741abeea64f0ceae9f8244fe9d92b0fa8bf6
---
M includes/Forms/PreviewForm.php
M includes/Handlers/Forms/MetadataMappingHandler.php
2 files changed, 24 insertions(+), 11 deletions(-)


  git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/GWToolset 
refs/changes/25/98825/1

diff --git a/includes/Forms/PreviewForm.php b/includes/Forms/PreviewForm.php
index 6a3dcca..f6e1480 100644
--- a/includes/Forms/PreviewForm.php
+++ b/includes/Forms/PreviewForm.php
@@ -25,15 +25,19 @@
         * @param {array} $user_options
         * an array of user options that was submitted in the html form
         *
-        * @param {string} $results
-        * an html string that contains links to the results of the preview 
batch upload
-        * the string should have already been filtered
+        * @param {array} $expected_post_fields
+        *
+        * @param {array} $mediafile_titles
+        * a collection of MediaWiki Title objects
         *
         * @return {string}
         * an html form that is filtered
         */
        public static function getForm(
-               IContextSource $Context, array &$user_options, array 
&$mediafile_titles
+               IContextSource $Context,
+               array $user_options,
+               array $expected_post_fields,
+               array $mediafile_titles
        ) {
                $process_button =
                        (int)$user_options['gwtoolset-record-count'] > 
(int)Config::$preview_throttle
@@ -116,7 +120,7 @@
                                )
                        ) .
 
-                       self::getPostAsHiddenFields() .
+                       self::getPostAsHiddenFields( $expected_post_fields ) .
 
                        Html::rawElement(
                                'p',
@@ -141,21 +145,29 @@
        /**
         * a decorator method that creates <input type="hidden"> fields based 
on the previous $_POST.
         * this is done to insure that all fields posted in step 2 : Metadata 
Mapping are maintained
-        * within this form, so that when this form posts to create the initial 
batch job,
+        * within this form so that when this form posts to create the initial 
batch job,
         * it has the mapping information from step 2
+        *
+        * @param {array} $expected_post_fields
         *
         * @return {string}
         * the string is filtered
         */
-       public static function getPostAsHiddenFields() {
+       public static function getPostAsHiddenFields( array 
$expected_post_fields ) {
                $result = null;
 
-               foreach ( $_POST as $key => $value ) {
+               foreach ( $expected_post_fields as $key => $value ) {
                        if ( $key === 'submit'
                                || $key === 'wpEditToken'
                                || $key === 'gwtoolset-form'
                                || $key === 'gwtoolset-preview'
                        ) {
+                               continue;
+                       }
+
+                       if ( isset( $_POST[$key] ) ) {
+                               $value = $_POST[$key];
+                       } else {
                                continue;
                        }
 
@@ -196,7 +208,7 @@
         * @return {string}
         * the string contains a Title link assumed to be filtered by Title
         */
-       public static function getTitlesAsList( array &$mediafile_titles ) {
+       public static function getTitlesAsList( array $mediafile_titles ) {
                $result = Html::openElement( 'ul' );
 
                foreach ( $mediafile_titles as $Title ) {
diff --git a/includes/Handlers/Forms/MetadataMappingHandler.php 
b/includes/Handlers/Forms/MetadataMappingHandler.php
index 12d7139..c348243 100644
--- a/includes/Handlers/Forms/MetadataMappingHandler.php
+++ b/includes/Handlers/Forms/MetadataMappingHandler.php
@@ -385,8 +385,8 @@
                        $FSFile->getPath()
                );
 
-               // when PHP_SAPI === 'cli' this method is being run by a wiki 
job.
-               if ( PHP_SAPI === 'cli' ) {
+               // this method is being run by a wiki job.
+               if ( PHP_SAPI === 'cli' || empty( $this->SpecialPage ) ) {
                        // add jobs created earlier by 
$this->_UploadHandler::saveMediafileViaJob to the JobQueue
                        if ( count( $this->_UploadHandler->mediafile_jobs ) > 0 
) {
                                $added_jobs = JobQueueGroup::singleton()->push( 
$this->_UploadHandler->mediafile_jobs );
@@ -492,6 +492,7 @@
                        $result = PreviewForm::getForm(
                                $this->SpecialPage->getContext(),
                                $user_options,
+                               $this->_expected_post_fields,
                                $mediafile_titles
                        );
                } else {

-- 
To view, visit https://gerrit.wikimedia.org/r/98825
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Id03a741abeea64f0ceae9f8244fe9d92b0fa8bf6
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/GWToolset
Gerrit-Branch: master
Gerrit-Owner: Dan-nl <[email protected]>

_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

Reply via email to