[MediaWiki-CVS] SVN: [89576] trunk/phase3/includes/api/ApiQueryFilearchive.php

Mon, 06 Jun 2011 09:07:48 -0700 

http://www.mediawiki.org/wiki/Special:Code/MediaWiki/89576

Revision: 89576
Author:   reedy
Date:     2011-06-06 16:06:59 +0000 (Mon, 06 Jun 2011)
Log Message:
-----------
Followup r89542, validate hashes

Modified Paths:
--------------
    trunk/phase3/includes/api/ApiQueryFilearchive.php

Modified: trunk/phase3/includes/api/ApiQueryFilearchive.php
===================================================================
--- trunk/phase3/includes/api/ApiQueryFilearchive.php   2011-06-06 16:00:18 UTC 
(rev 89575)
+++ trunk/phase3/includes/api/ApiQueryFilearchive.php   2011-06-06 16:06:59 UTC 
(rev 89576)
@@ -95,8 +95,14 @@
 
                        $sha1 = false;
                        if ( $sha1Set ) {
+                               if ( !ApiQueryAllimages::validateSha1Hash( 
$params['sha1'] ) ) {
+                                       $this->dieUsage( 'The SHA1 hash 
provided is not valid', 'invalidsha1hash' );
+                               }
                                $sha1 = wfBaseConvert( $params['sha1'], 16, 36, 
31 );
                        } elseif ( $sha1base36Set ) {
+                               if ( 
!ApiQueryAllimages::validateSha1Base36Hash( $sha1 ) ) {
+                                       $this->dieUsage( 'The SHA1Base36 hash 
provided is not valid', 'invalidsha1base36hash' );
+                               }
                                $sha1 = $params['sha1base36'];
                        }
                        if ( $sha1 ) {
@@ -274,6 +280,8 @@
                return array_merge( parent::getPossibleErrors(), array(
                        array( 'code' => 'permissiondenied', 'info' => 'You 
don\'t have permission to view deleted file information' ),
                        array( 'code' => 'hashsearchdisabled', 'info' => 
'Search by hash disabled in Miser Mode' ),
+                       array( 'code' => 'invalidsha1hash', 'info' => 'The SHA1 
hash provided is not valid' ),
+                       array( 'code' => 'invalidsha1base36hash', 'info' => 
'The SHA1Base36 hash provided is not valid' ),
                ) );
        }
 


_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs

Reply via email to