| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: T125990
Change-Id: I3ce3a736d51bc06fe40fd773f079e694039b4f3e
|
| |
|
|
|
|
| |
This reverts commit 823db5d63dd5200d04c63da50ba6bf16f928e70b.
Change-Id: Ibb3e023e4eb6715295586dea87d0725c344a8271
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The plan here is to take it out of 1.27.0-wmf.12 and put it back in
1.27.0-wmf.13.
Since BotPasswords depends on SessionManager, that's getting temporarily
removed too.
This reverts the following commits:
* 6acd424e0dbc322e8b9a141bd2625453c1b9b6f1 SessionManager: Notify AuthPlugin before calling hooks
* 4d1ad32d8acbd443346253d2f6a95024c833295c Close a loophole in CookieSessionProvider
* fcdd643a46d87b677f6cdcc3ba9440e1472d8df7 SessionManager: Don't save non-persisted sessions to backend storage
* 058aec4c76129b7ee8541692a8a48f8046e15bb6 MessageCache: Don't get a ParserOptions for $wgUser before the end of Setup.php
* b5c0c03bb708f8dad6e404969df8addc123984db SessionManager: Save user name to metadata even if the user doesn't exist locally
* 13f2f09a193215aa7a061d10a1955e172d06fa0a SECURITY: Fix User::setToken() call on User::newSystemUser
* 305bc75b27903237a9683ec1f329bcbec0ecd266 SessionManager: Don't generate user tokens when checking the tokens
* 7c4bd85d2152fd9fa975ea0fb5ffb1a0b804f99b RequestContext::exportSession() should only export persisted session IDs
* 296ccfd4a9a6ad3ae412db7e2408c923aaa61f64 SessionManager: Save 'persisted' flag in session metadata
* 94ba53f67731b0553a6178841d9506e384f74496 Move CSRF token handling into MediaWiki\Session\Session
* 46a565d6b00174e631d2022b47677e1a78e73897 Avoid false "added in both Session and $_SESSION" when value is null
* c00d0b5d94c946b8883dd7062bf7160a199aa5c2 Log backtrace for "User::loadFromSession called before the end of Setup.php"
* 4eeff5b559e2ae7b8fa1f45572968ba28573a421 Use $wgSecureCookie to decide whether to actually mark secure cookies as 'secure'
* 7491b52f700e220814a8190781fd794b4dd88a20 Call session_cache_limiter() before starting a session
* 2c34aeea72471f9a598e67bdbf34bc5f9fb3f0c5 SessionManager: Abstract forceHTTPS cookie setting
* 9aa53627a53aabec0273cecf45a86e77927ef406 Ignore auth cookies with value 'deleted'
* 43f904b51a746d7f71ea2ab9951c5c98d269765b SessionManager: Kill getPersistedSessionId()
* 50c52563528ba3d765c3762211f98d6f3c0e39fd SessionManager: Add SessionBackend::setProviderMetadata()
* f640d403154bc0a2b4f6d399582797a9e3bc6fcb SessionManager: Notify AuthPlugin when auto-creating accounts
* 70b05d1ac1e859bac2185b246e9b93ec9051e4d8 Add checks of $wgEnableBotPasswords in more places
* bfed32eb78b6c720b16bc7ed60153fd2fe257a9e Do not raise a PHP warning when session write fails
* 722a7331ad8d98228511f8da38adc7a3c64dd617 Only check LoggedOut timestamp on the user loaded from session
* 4f5057b84b36eccd16627a6b29831dfdb4483b02 SessionManager: Change behavior of getSessionById()
* 66e82e614e157e39b03d813e71ddf23f53cf640b Fix typo in [[MediaWiki:Botpasswords-editexisting/en]]
* f9fd9516d922d36291037baca7205a2b0ac9f15f Add "bot passwords"
* d7716f1df0b692902571bf415a0984071e3e9a60 Add missing argument for wfDebugLog
* a73c5b7395a07d490f7052fd3b2491ebd656b190 Add SessionManager
Change-Id: I2389a8133e25ab929e9f27f41fa9a05df8147a50
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Bot passwords are something like OAuth-lite, or Google's application
passwords: the bot can use API action=login to log in with the special
username and password, and will then be allowed to use the API with a
restricted set of rights.
This is intended to provide an easy migration path for legacy bots and
for bots on wikis without OAuth, since AuthManager is going to greatly
complicate non-interactive authentication. If OAuth is available, an
owner-only consumer would be a better choice.
Bug: T121113
Change-Id: Iaa4015e00edbfbfaedcc8b2d27a2d3fd25009159
Depends-On: I7e15331efb162275c4116bcae61f19d6b884cbe3
|
| |
|
|
|
|
| |
No longer used as of 5d5b269e0e63641f3.
Change-Id: Ieb8448185cf39aa396e902e025e673f0886ac3c3
|
| |
|
|
|
|
| |
No longer used as of Ia9131f570.
Change-Id: If009e2620e59002e127d21b90a96bdd29e5d2a9d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When a page is updated under PostgreSQL, there is code to
de-index all but the most recent version of the page. But
when a page is moved, it was accidentally de-indexing the
most recent version as well, because rev_text_id is not
incremented in that case. A simple tweak to the SQL
fixes that.
I added code to the update script to find pages
previously corrupted by this problem and reindex them.
Bug: 66650
Change-Id: I52e1bbbd8592be5e7c7383c225e6b4c19bbe5b9e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change I1c7f3a84f10df05d6b37dccbad4c8232edf51580 causes
an existing foreign key assumption (under PostgreSQL) to be
violated upon deleting a page. This foreign key assumption does not
explicitly exist in MySQL, and is not implied via documentation. So
it was probably never needed in the first place.
Don't create the foreign key constraint in PostgreSQL, and drop it
if it already exists when running update.php.
The constraint was previously created with an implicit name, so
drop the constraint involving the specified column name (rc_cur_id),
rather than hard-coding the name of the constraint itself.
This bug probably exists under Oracle and MSSQL as well, but no attempt
was made to address it there.
Bug: T76254
Change-Id: I2abd650c8ce83c5b725aec0545fff14a927a305a
|
| |
|
|
|
|
|
| |
Follows up removal of code using hitcounters in 90d90dad6
RFC: https://www.mediawiki.org/wiki/Requests_for_comment/Removing_hit_counters_from_MediaWiki_core
Change-Id: Ieeb558f9523c11965cbc1941cad4f316c00c85c5
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the same bug in PostgreSQL that was reported
against Oracle as bug 71040, using the same method of copying
the update-keys.sql script into maintenance/postgres.
Since all three copies of this file do the same thing, perhaps
we should find lowest-common-denominator syntax that works in
all databases to avoid redundant copies that can get out of
sync with each other. (The Oracle and PostgreSQL versions are
already identical to each other).
The comments in the file are confusing and ungrammatical, but
they are a copy of the same language from the other copies.
Since I don't know what it is trying to say, I can't
fix it.
I have verified that this patch fixes the problem where
mediawiki could not be installed with PostgreSQL using
either the CLI or the web installer, due to SQL syntax errors.
I haven't tested the the update-keys actually accomplishes
whatever it was introduced to accomplish, though.
Bug: 72834
Change-Id: I2a0cfa3dd0751b9fb65450b1537b6e77be60009a
|
| |
|
|
|
| |
Bug: 71972
Change-Id: I16d6ffde113838fc431bffaf00be1574d5a0303a
|
| |
|
|
|
|
|
|
|
|
|
| |
* Also tweaked the query so MySQL avoids doing a page_name
index scan when it should start with the link table index
* Added population script (triggered by update.php)
* Also removed uniqueness from some indexes where it is redundant
* Renamed two confusing variables
Bug: 60618
Change-Id: Icca99b6ae0ef76cb77695faf82c615516191da36
|
| |
|
|
|
|
|
|
| |
Special page PageLanguage to set the page language of a page.
To enable the feature, set $wgPageLanguageUseDB to true
and assign the 'pagelang' user right to a user group.
Bug: 35489
Change-Id: I0f82b146fbe948f917c1c5d29f7469644d797e80
|
| |
|
|
|
| |
Bug: 65246
Change-Id: If3e9e855c8a21874ca69c4976af207833dcc53f2
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id I427c6de5a0a29b43cff755db0eb8a750db620173 increases the
probability that a null byte will attempt to be stored in the
lc_value column. PostgreSQL does not allow that byte in a text
column, so convert the column to bytea.
If the column already contains corrupted data, the upgrade routine
might fail. To prevent this, delete the contents of the table before
changing the type.
Bug: 62098
Change-Id: Ie8368bde398b2ae4d3cfc9ee7bf35874bd2ded68
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Follows up I217c42656fb877ff35a36eb446a22bdaf119faac
That change introduced a syntax error during update. I have verified
that this fixes the syntax problem so that update.php runs, but have
not verified that the new functionality behaves as intended.
Also, the PostgreSQL schema changes introduced during the update
process were not present at all in a fresh install to PostgreSQL. Add
analogous changes to tables.sql.
Bug: 64807
Change-Id: I736344839ec478216402fdfe260968afbd663498
|
| |
|
|
|
|
|
|
|
|
| |
The column recentchanges.rc_cur_time is no longer populated by SQL,
so PostgreSQL must be changed to allow the NULL value for it.
In MySQL, the empty string is used as a surrogate for NULL, but that
is not allowed in PostgreSQL.
Bug: 61318
Change-Id: I6733ef11152d545382bec087d992515dcf9aec0b
|
| |
|
|
|
|
|
| |
To drop all possible existing sequences.
Also add a DROP TYPE for the existing type.
Change-Id: I3aad6b1c6c2b273ca4ed5fd3b448f4379984cd76
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Add functionality to expire users' passwords:
* Adds column to the user table to keep a password expiration
* Adds $wgPasswordExpirationDays, which will force users to reset
their passwords after a set number of days. By default, this set
to false, so passwords never expire.
* Adds a default grace period of 7 days, where if the user's password
is expired, they can still login, but are encouraged to reset their
password.
* Adds hook 'LoginPasswordResetMessage' to update reset message, in
case an extension wants to vary the message on a particular reset
event.
* Adds hook 'ResetPasswordExpiration' to allow extensions to change
the expiration date when the user resets their password. E.g., if
an extension wants to vary the expiration based on the user's group.
If the user is in the grace period, they get a password reset form
added to the login successful page. If an extension prevents showing
the login successful page (like CentralAuth), it should be updated to
show a password change form during the grace period. After the grace
period, the user will not be able to login without changing their
password.
Also prevents a successful reset if the user is "changing" their
password to their existing password.
No passwords will expire by default. Sites will have to call
User->expirePassword() from their own maintenance script to trigger a
password reset for a user.
Bug: 54997
Change-Id: I92a9fc63b409b182b1d7b48781d73fc7216f8061
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
This field was introduced in e5d41cca909a8ec1b19c6c080388c885854be3f7
but only for MySQL.
Change-Id: I057b1dd845a5ab7ae05f5597454981a6e2c12698
|
| | |
| |
| |
| |
| |
| |
| | |
Spotted by gebhkla on bug 60083
Bug: 60083
Change-Id: I34283c2539f4ce9d1b85756b3e1c16d255000ed5
|
| | |
| |
| |
| | |
Change-Id: I74b6f507ef7371db92e0c3f058d38c0ca5dea9ef
|
| |/
|
|
|
|
|
|
|
| |
Fixing bug #54404 requires querying against logging.log_user_text, which
is currently unindexed. Add an index, to prevent performance from being
adversely affected by the fix.
Bug: 54432
Change-Id: I6b2af65c75bbee57377cb1ec2e75ea41a5091f80
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
docs/README: Updated links, got rid of 2008 date at top of file
docs/maintenance.txt: Updated link
extensions/README: Some cleanup, added link to new git.wikimedia.org
includes/DefaultSettings.php: SVN -> Git for udpprofile
includes/profiler/ProfilerSimpleUDP.php: ditto
languages/MessagesRo.php: removed link to mime.types on SVN from the
mimesearch-summary message. This file seems to have been deleted from the
modern-day Git repository
maintenance/postgres/mediawiki_mysql2postgres.pl: removed SVN magic words
That takes care of most of the remaining references to SVN etc.
Bug: 38714
Change-Id: I261921df4b4c0545658d6d38c5f3c1f9dfa63ad1
|
| |
|
|
|
|
|
| |
This reverts commit 113f49bb21487f813548fa4e75ecb568c433ecbf after the
schema change has been completed.
Change-Id: I5412466444526986e1209d0982dd62cd5b387ad1
|
| |
|
|
|
|
|
|
|
| |
* New fields: ar_id, el_id. el_id is presently not used for
anything, but will help with online schema changes.
Bug: 15441
Bug: 39675
Change-Id: Ib6b0fc3736d173fa4ba7b786ecfc710b2f4711bb
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
No feature flag, and also not deployed on WMF wikis. Asking for schema changes by the time we branch tomorrow is just unfair
This reverts commit e478c230f6d3f1b7638d4443682eff0df7650def.
Change-Id: I125c30e76fa04679cc04ae7b8728ae3a61f35194
|
| |\| |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The existing field to differentiate between kinds of recentchanges rows is
the rc_type field. We want to allow extensions to insert their own custom
data into recentchanges, but we have learned via the NS_* series of constants
that requiring extensions to "register" a specific number is very error prone.
The solution, which this commit implements the first phase of, is to utilize
a new 16 byte string field rc_source. Within that field change types will be
prefixed strings such as 'mw.edit' and 'mw.new'.
This commit adds the new field and begins populating it with data. At some
point in the future the rc_type field will be dropped. While WMF wiki's will
simply wait out the 30 day recentchanges history, other wiki's have the option
of letting update.php populate rc_source, or manually applying the db change and
utilizing the PopulateRecentChangeSource maintenance script.
Change-Id: Iaddd6c446373a68d31586ed54346db7d04e13b2c
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
this:
CREATE TABLE profiling (
pf_count INTEGER NOT NULL DEFAULT 0,
pf_time FLOAT NOT NULL DEFAULT 0,
pf_memory FLOAT NOT NULL DEFAULT 0,
pf_name TEXT NOT NULL,
pf_server TEXT NULL
);
The current use of NUMERIC(18,10) very rapidly overflows the pf_memory column,
generating errors. Also, the NUMERIC is very much slower than float, and in
this case it has no advantages.
Bug: 55722
Change-Id: I48b00d55aaed821a4ceb9365033817a3b477d71a
|
| |
|
|
|
|
|
|
|
|
| |
Follow-up I68e8c0bb23f185c0f996a8905f6d437db3080aa1
Deleting those fields also from tables.sql definition
for mssql, oracle and postgres
Bug: 34960
Change-Id: I1867536c9161abed0b23428d3c840d16a05cba56
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This was an experimental authentication system intoduced a couple
of years ago with a pretty narrow use-case. It's been pretty much
ignored since introduction, and makes login more complicated than
it needs to be.
I didn't drop the external_user table on the off-chance someone
out there actually has data in it, but they should use AuthPlugin
for their external authentication needs.
Change-Id: I794338dbb75961ee033d41fa44bb7aa22e54f447
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The iwlinks and langlinks modules continue parameters imply ordering by
page then prefix then title. But in certain modes, the actual queries
use a different ordering, which may result in skipped or repeated
results.
This changeset fixes that. To do so, it needs to re-add an index
iwl_prefix_from_title which was mistakenly removed in 2010 (r69721). And
while it's doing that, it cleans up errors in the sqlite and postgresql
handling of the iwlinks indexes too.
Also, per Asher, make the iwl_prefix_from_title and
iwl_prefix_title_from indexes non-UNIQUE.
Change-Id: I607e8bf9183a2d8152a6127a81c83a0b5bba0c61
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| | |
This adds an index to page_props to support looking up pages using a
particular property.
Change-Id: Iea778eb783e1d4a46fb0549dfd84915477cac5df
|
| |\ \ |
|
| | |/
| |
| |
| | |
Change-Id: I1b2fe2b80700678935bf6d28c3a48538d044d3f4
|
| |/
|
|
|
|
| |
* (bug 43416) This ports cd000590ee694af73edb05b5e37b60b5e2b77fd5.
Change-Id: I3d4c7d906f6465b3a054df2fc0cd8f564173ed2b
|
| |
|
|
|
|
|
|
|
|
| |
Minor issues.
Tested the removal of
maintenance/postgres/archives/patch-ipb_address_unique.sql in a new
installation but haven't tested it on an upgrade.
Change-Id: I58aa11c5acab5de427cbc000e6786a208fc6b26f
|
| |
|
|
| |
Change-Id: I4fa180d45984a4ec2b2c7b1149015c6dad14c5f0
|
| |
|
|
|
|
|
| |
This ports I49824c7fa855fea4ddcac5c9901ece8c2c0101d0 and fixes
bug #41196.
Change-Id: I18e0ac3aee2c2627f89d28d4a34afd90c822af91
|
| |\ |
|
| | |
| |
| |
| |
| |
| | |
This fixes bug #41114.
Change-Id: I021070f90d35d99ad55944543e94004f62d5f08c
|
| |/
|
|
| |
Change-Id: I52ae3c55044bc8c53698e356bad74969406670bf
|
| |
|
|
|
|
|
|
|
| |
Create ContentHandler field for PostgreSQL
(for installer and the update).
TEXT was chosen as replacement for MySQL VARBINARY(32)
Change-Id: Ia86ae79d37517630e1767dfb976604bbb174104b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, whenever we blocked a user, its IP address would be
autoblocked whenever he tries to edit a page. Thus when later unblocking
the username, he would be automatically blocked again if we forgot to
clean up is IP.
This patch introduces a the ipb_parent_block_id column in ipblocks table
to track which block triggered the autoblock command. Thus, when deleting
the original block we can easily remove all subsequentautoblocks.
Schema updaters for MySQL, SQLite and postgres have been added to the
patch but not for the other database types such as ibm_db2, mssql and
Oracle.
Change-Id: I4aa820ae9bbd962a12d0b48b6c638a1b6ff4efc9
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changeset 1 of https://gerrit.wikimedia.org/r/#change,3365:
763b57f9f2af131a2d8e65f520a23c00109be0e1
got mis-merged in changeset 2:
f752cf80423615b380cf5612a3f1f68a6b9d0173
And introduced into master wth
0a792a1dcba26dd70d64e307b301c6773279cfc9
Also, marking all new functions as @since 1.19
since we want to have them there later.
Patchset 2: whitespace fixes
Patchset 3: Fix <?php
Patchset 4: rebase to current master
Change-Id: Ic7d940dfec8890de20197128505962375fac4f06
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* PostgresField now reports column default value
* DatabasePostgres::indexAttributes reports index
details
* Perform schema update in one transaction
With this change we can sucessfully update
MediaWiki 1.7.3 schema to trunk^Wmaster
Patch set 2: Rebased against master. PLEASE check carefully
to make sure I got those conflicted files right.
Conflicts:
includes/db/DatabasePostgres.php
includes/installer/PostgresUpdater.php
Change-Id: Iebb6855e8f6f44470bbb1dc5ab9ac1abb513adfe
|
