http://www.mediawiki.org/wiki/Special:Code/MediaWiki/56326
Revision: 56326
Author: aaron
Date: 2009-09-14 19:34:52 +0000 (Mon, 14 Sep 2009)
Log Message:
-----------
* Rate-limit review
* Improve failure messages
* Use status codes/other minor cleanups
Modified Paths:
--------------
trunk/extensions/ReaderFeedback/ReaderFeedback.php
trunk/extensions/ReaderFeedback/language/ReaderFeedback.i18n.php
trunk/extensions/ReaderFeedback/specialpages/ReaderFeedback_body.php
Modified: trunk/extensions/ReaderFeedback/ReaderFeedback.php
===================================================================
--- trunk/extensions/ReaderFeedback/ReaderFeedback.php 2009-09-14 19:34:18 UTC
(rev 56325)
+++ trunk/extensions/ReaderFeedback/ReaderFeedback.php 2009-09-14 19:34:52 UTC
(rev 56326)
@@ -58,6 +58,14 @@
$wgFeedbackAge = 7 * 24 * 3600;
# How long before stats page is updated?
$wgFeedbackStatsAge = 2 * 3600; // 2 hours
+# Limit people from spamming the system
+# (uses count => seconds tuples)
+$wgRateLimits['feedback'] = array(
+ 'newbie' => array( 5, 60 ), // for each recent (autoconfirmed) account;
overrides 'user'
+ 'user' => null, // for each logged-in user
+ 'ip' => array( 5, 60 ), // for each anon and recent account
+ 'subnet' => null, // ... with final octet removed
+);
# URL location for readerfeedback.css and readerfeedback.js
# Use a literal $wgScriptPath as a placeholder for the runtime value of
$wgScriptPath
Modified: trunk/extensions/ReaderFeedback/language/ReaderFeedback.i18n.php
===================================================================
--- trunk/extensions/ReaderFeedback/language/ReaderFeedback.i18n.php
2009-09-14 19:34:18 UTC (rev 56325)
+++ trunk/extensions/ReaderFeedback/language/ReaderFeedback.i18n.php
2009-09-14 19:34:52 UTC (rev 56326)
@@ -34,6 +34,7 @@
'readerfeedback-main' => 'Only content pages can be rated.',
'readerfeedback-success' => '\'\'\'Thank you for reviewing this
page!\'\'\' ([$3 Comments or questions?]).',
'readerfeedback-voted' => '\'\'\'It appears that you already
rated this page\'\'\' ([$3 Comments or questions?]).',
+ 'readerfeedback-error' => '\'\'\'An error has occurred while
rating this page\'\'\' ([$3 Comments or questions?]).',
'readerfeedback-submitting' => 'Submitting …',
'readerfeedback-finished' => 'Thank you!',
'readerfeedback-tagfilter' => 'Tag:',
Modified: trunk/extensions/ReaderFeedback/specialpages/ReaderFeedback_body.php
===================================================================
--- trunk/extensions/ReaderFeedback/specialpages/ReaderFeedback_body.php
2009-09-14 19:34:18 UTC (rev 56325)
+++ trunk/extensions/ReaderFeedback/specialpages/ReaderFeedback_body.php
2009-09-14 19:34:52 UTC (rev 56326)
@@ -6,6 +6,10 @@
class ReaderFeedbackPage extends UnlistedSpecialPage
{
+ const REVIEW_ERROR = 0;
+ const REVIEW_OK = 1;
+ const REVIEW_DUP = 2;
+
// Initialize to handle incomplete AJAX input
var $page = null;
var $oldid = 0;
@@ -14,7 +18,7 @@
var $commentary = '';
public function __construct() {
- UnlistedSpecialPage::UnlistedSpecialPage( 'ReaderFeedback', 'feedback'
);
+ parent::__construct( 'ReaderFeedback', 'feedback' );
wfLoadExtensionMessages( 'ReaderFeedback' );
}
@@ -23,16 +27,13 @@
$confirm = $wgRequest->wasPosted() && $wgUser->matchEditToken(
$wgRequest->getVal( 'wpEditToken' ) );
if( $wgUser->isAllowed( 'feedback' ) ) {
if( $wgUser->isBlocked( !$confirm ) ) {
- $wgOut->blockedPage();
- return;
+ return $wgOut->blockedPage();
}
} else {
- $wgOut->permissionRequired( 'feedback' );
- return;
+ return $wgOut->permissionRequired( 'feedback' );
}
if( wfReadOnly() ) {
- $wgOut->readOnlyPage();
- return;
+ return $wgOut->readOnlyPage();
}
$this->setHeaders();
# Our target page
@@ -73,11 +74,11 @@
if( $confirm && !$wgRequest->getVal( 'commentary' ) ) {
$ok = $this->submit();
} else {
- $ok = false;
+ $ok = self::REVIEW_ERROR;
}
# Go to graphs!
global $wgMiserMode;
- if( $ok && !$wgMiserMode ) {
+ if( $ok == self::REVIEW_OK && !$wgMiserMode ) {
$ratingTitle = SpecialPage::getTitleFor(
'RatingHistory' );
$wgOut->redirect(
$ratingTitle->getLocalUrl('target='.$this->page->getPrefixedUrl() ) );
# Already voted or graph is set to be skipped...
@@ -169,16 +170,24 @@
$dbw = wfGetDB( DB_MASTER );
$dbw->begin();
- $ok = ( $bot || $form->submit() ); // don't submit for mindless
drones
- $dbw->commit();
- if( $ok ) {
- return '<suc#>'.wfMsgExt( 'readerfeedback-success',
array('parseinline'),
- $form->page->getPrefixedText(), $graphLink,
$talk->getFullUrl( 'action=edit§ion=new' ) ) .
-
'<h4>'.wfMsgHtml('ratinghistory-table')."</h4>\n$tallyTable";
+ if( $bot ) {
+ $ok = self::REVIEW_ERROR; // don't submit for mindless
drones
} else {
- return '<err#>'.wfMsgExt( 'readerfeedback-voted',
array('parseinline'),
- $form->page->getPrefixedText(), $graphLink,
$talk->getFullUrl( 'action=edit§ion=new' ) );
+ $ok = $form->submit();
}
+ $dbw->commit();
+ switch( $ok ) {
+ case self::REVIEW_OK:
+ return '<suc#>'.wfMsgExt(
'readerfeedback-success', array('parseinline'),
+ $form->page->getPrefixedText(),
$graphLink, $talk->getFullUrl( 'action=edit§ion=new' ) ) .
+
'<h4>'.wfMsgHtml('ratinghistory-table')."</h4>\n$tallyTable";
+ case self::REVIEW_DUP:
+ return '<err#>'.wfMsgExt(
'readerfeedback-voted', array('parseinline'),
+ $form->page->getPrefixedText(),
$graphLink, $talk->getFullUrl( 'action=edit§ion=new' ) );
+ default:
+ return '<err#>'.wfMsgExt(
'readerfeedback-error', array('parseinline'),
+ $form->page->getPrefixedText(),
$graphLink, $talk->getFullUrl( 'action=edit§ion=new' ) );
+ }
}
protected static function isValid( $int ) {
@@ -256,21 +265,25 @@
$now = wfTimestampNow();
$date = str_pad( substr( $now, 0, 8 ), 14, '0' );
if( count($this->dims) == 0 )
- return false;
+ return self::REVIEW_ERROR;
$ratings = $this->flattenRatings( $this->dims );
# Make sure revision is valid!
$rev = Revision::newFromId( $this->oldid );
if( !$rev || !$rev->getTitle()->equals( $this->page ) ) {
- return false; // opps!
+ return self::REVIEW_ERROR; // opps!
}
$ip = wfGetIP();
if( !$wgUser->getId() && !$ip ) {
- return false; // we need to keep track somehow
+ return self::REVIEW_ERROR; // we need to keep track
somehow
}
$article = new Article( $this->page );
+ # Check if the user is spamming reviews...
+ if( $wgUser->pingLimiter( 'feedback' ) ||
$wgUser->pingLimiter() ) {
+ return self::REVIEW_ERROR;
+ }
# Check if user already voted before...
if( self::userAlreadyVoted( $this->page, $this->oldid ) ) {
- return false;
+ return self::REVIEW_DUP;
}
# Update review records to limit double voting!
$insertRow = array(
@@ -328,6 +341,6 @@
if( $wgUser->getId() ) {
$this->page->invalidateCache();
}
- return true;
+ return self::REVIEW_OK;
}
}
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
