http://www.mediawiki.org/wiki/Special:Code/MediaWiki/65403
Revision: 65403
Author: maxsem
Date: 2010-04-21 16:18:35 +0000 (Wed, 21 Apr 2010)
Log Message:
-----------
Per Brion, reverted part of r65085, now we just warn people instead of
disabling uploads unconditionally
Modified Paths:
--------------
branches/new-installer/phase3/includes/installer/Installer.i18n.php
branches/new-installer/phase3/includes/installer/Installer.php
branches/new-installer/phase3/includes/installer/WebInstaller.php
Modified: branches/new-installer/phase3/includes/installer/Installer.i18n.php
===================================================================
--- branches/new-installer/phase3/includes/installer/Installer.i18n.php
2010-04-21 15:37:31 UTC (rev 65402)
+++ branches/new-installer/phase3/includes/installer/Installer.i18n.php
2010-04-21 16:18:35 UTC (rev 65403)
@@ -136,7 +136,7 @@
'config-shell-locale' => 'Detected shell locale "$1"',
'config-uploads-safe' => 'Default uploads directory is safe
from arbitrary scripts execution.',
'config-uploads-not-safe' => "'''Warning:''' Your default
uploads directory <code>$1</code> is vulnerable to arbitrary scripts execution.
-Uploads will be disabled.",
+Although MediaWiki checks all uploaded files for security threats, it is
highly recommended to
[http://www.mediawiki.org/wiki/Manual:Security#Upload_security close this hole]
before enabling uploads.",
'config-db-type' => 'Database type:',
'config-db-host' => 'Database host:',
'config-db-host-help' => 'If your database server is on
different server, enter the host name or IP address here.
@@ -340,7 +340,6 @@
To enable file uploads, change the mode on the <code>images</code>
subdirectory under MediaWiki's root directory so that the web server can write
to it.
Then enable this option.",
- 'config-upload-disabled' => 'Because your web server is
configured to execute scripts from the default uploads directory, uploads will
be disabled.',
'config-upload-deleted' => 'Directory for deleted files:',
'config-upload-deleted-help' => 'Choose a directory in which to
archive deleted files.
Ideally, this should not be accessible from the web.',
@@ -510,7 +509,7 @@
'config-shell-locale' => 'Als shelllocale is "$1" herkend',
'config-uploads-safe' => 'De uploadmap is beveiligd tegen het arbitrair
uitvoeren van scripts.',
'config-uploads-not-safe' => "'''Waarschuwing:''' uw uploadmap
<code>$1</code> kan gebruikt worden voor het arbitrair uitvoeren van scripts.
-Uploadmogelijkheden worden uitgeschakeld.",
+Uploadmogelijkheden worden uitgeschakeld.", // FIXME: outdated
'config-db-type' => 'Databasetype:',
'config-db-host' => 'Databasehost:',
'config-db-host-help' => 'Als uw databaseserver een andere server is,
voer dan de hostnaam of het IP-adres hier in.
@@ -677,7 +676,6 @@
Veel mailservers vereisen dat tenminste het domein bestaat.',
'config-upload-settings' => 'Afbeeldingen en bestanden uploaden',
'config-upload-enable' => 'Uploaden van bestanden inschakelen',
- 'config-upload-disabled' => 'Omdat uw webserver is ingesteld om scripts
uit te voeren die in de uploadmap staan, wordt uploaden uitgeschakeld.',
'config-upload-deleted' => 'Map voor verwijderde bestanden:',
'config-upload-deleted-help' => 'Kies een map waarin verwijderde
bestanden gearchiveerd kunnen worden.
Idealiter is deze map niet via het web te benaderen.',
Modified: branches/new-installer/phase3/includes/installer/Installer.php
===================================================================
--- branches/new-installer/phase3/includes/installer/Installer.php
2010-04-21 15:37:31 UTC (rev 65402)
+++ branches/new-installer/phase3/includes/installer/Installer.php
2010-04-21 16:18:35 UTC (rev 65403)
@@ -70,7 +70,6 @@
'_CCDone' => false,
'_Extensions' => array(),
'_MemCachedServers' => '',
- '_UploadsAreSafe' => false,
);
/**
@@ -711,7 +710,6 @@
} else {
$this->showMessage( 'config-uploads-not-safe', $dir );
}
- $this->setVar( '_UploadsAreSafe', $safe );
}
/**
Modified: branches/new-installer/phase3/includes/installer/WebInstaller.php
===================================================================
--- branches/new-installer/phase3/includes/installer/WebInstaller.php
2010-04-21 15:37:31 UTC (rev 65402)
+++ branches/new-installer/phase3/includes/installer/WebInstaller.php
2010-04-21 16:18:35 UTC (rev 65403)
@@ -1372,33 +1372,27 @@
$this->addHTML( $extHtml );
}
- # Uploading
- $this->addHTML( $this->parent->getFieldsetStart(
'config-upload-settings' ) );
- if ( $this->getVar( '_UploadsAreSafe' ) ) {
- $this->addHTML(
- $this->parent->getCheckBox( array(
- 'var' => 'wgEnableUploads',
- 'label' => 'config-upload-enable',
- 'attribs' => array( 'class' =>
'showHideRadio', 'rel' => 'uploadwrapper' ),
- ) ) .
- $this->parent->getHelpBox( 'config-upload-help'
) .
- '<div id="uploadwrapper" style="display:
none;">' .
- $this->parent->getTextBox( array(
- 'var' => 'wgDeletedDirectory',
- 'label' => 'config-upload-deleted',
- ) ) .
- $this->parent->getHelpBox(
'config-upload-deleted-help' ) .
- '</div>'
- );
- } else {
- $this->parent->showError( 'config-upload-disabled' );
- }
$this->addHTML(
+ # Uploading
+ $this->parent->getFieldsetStart(
'config-upload-settings' ) .
+ $this->parent->getCheckBox( array(
+ 'var' => 'wgEnableUploads',
+ 'label' => 'config-upload-enable',
+ 'attribs' => array( 'class' => 'showHideRadio',
'rel' => 'uploadwrapper' ),
+ ) ) .
+ $this->parent->getHelpBox( 'config-upload-help' ) .
+ '<div id="uploadwrapper" style="display: none;">' .
+ $this->parent->getTextBox( array(
+ 'var' => 'wgDeletedDirectory',
+ 'label' => 'config-upload-deleted',
+ ) ) .
+ $this->parent->getHelpBox( 'config-upload-deleted-help'
) .
$this->parent->getTextBox( array(
'var' => 'wgLogo',
'label' => 'config-logo'
) ) .
$this->parent->getHelpBox( 'config-logo-help' ) .
+ '</div>' .
$this->parent->getFieldsetEnd()
);
@@ -1516,7 +1510,7 @@
function submit() {
$this->parent->setVarsFromRequest( array( '_RightsProfile',
'_LicenseCode',
- 'wgEnableEmail', 'wgPasswordSender', 'wgLogo',
+ 'wgEnableEmail', 'wgPasswordSender', 'wgEnableUpload',
'wgLogo',
'wgEnableUserEmail', 'wgEnotifUserTalk',
'wgEnotifWatchlist',
'wgEmailAuthentication', 'wgMainCacheType',
'_MemCachedServers' ) );
@@ -1548,10 +1542,6 @@
$this->setVar( 'wgRightsIcon', '' );
}
- $this->setVar( 'wgEnableUploads',
- $this->getVar( 'wgEnableUploads' ) && $this->getVar(
'_UploadsAreSafe' )
- );
-
$exts = $this->parent->getVar( '_Extensions' );
foreach( $exts as $key => $ext ) {
if( !$this->parent->request->getCheck( 'config_ext-' .
$ext ) ) {
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
