On Thu, 3 Feb 2005 23:58:41 -0800, Brion Vibber <brion.vibber(a)gmail.com>
wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> MediaWiki 1.4beta6 is a security and bug fix release for the 1.4 beta
> series.
Hi. Is there no CVS branch for this release? I can't find it in the tag
list here: <URL:http://cvs.sourceforge.net/viewcvs.py/wikipedia/phase3/>
[...]
--
Vetle Roeim
Information Systems Developer -- Opera Software ASA
<URL: http://www.opera.com/ >
Hello,
I wrote a tiny calendar extension for mediawiki to use it on my techno
wiki website. It works allright, but I would like to improve it.
I used the example from
http://meta.wikimedia.org/wiki/Write_your_own_MediaWiki_extension ,
which states "This function can then return a HTML string that gets
inserted into the output in place of the tags and text. Note that the
return string should be HTML, not wiki markup."
Is there any to implement extensions which can use wiki markup?
Currently I have to implement Links with class Title and Article,
basically reimplementing the [[link]] syntax and that doesn't even
work nice with all skins.
I also might want to use templates and images in the calendar output.
Or is there an easy way to parse a string and get an html in return.
Christof
--
Christof Damian
christof(a)damian.net
I didn't understand if this mailing list is Italian or English. So i wrote
this letter in both languages.
Non ho capito se questa mailing list è in italiano o inglese, quindi ho
scritto in entrambe le lingue.
English:
I installed MediaWiki (in Italian language) on a website. I have some
questions:
1. I had to edit the text "Wikipedia" in the titlebar of the browser. I did
it editing the "includes/OutputPage.php" file on line 153 [ setHTMLTitle()
]. Is there a better way to do it?
2. I have to edit the menu. I read on the documentation to do it adding
something like this:
$wgNavigationLinks = array (
array( 'text'=>'Home page', 'href'=>'WikiComics' ),
array( 'text'=>'Ultime modifiche', 'href'=>'Speciale:Recentchanges' ),
array( 'text'=>'Pagina a caso', 'href'=>'Speciale:Randompage' ),
array( 'text'=>'Links', 'href'=>'Links' ),
array( 'text'=>'Aiuto', 'href'=>'Aiuto' ),
);
to "LocalSettings.php", but it don't works. How can I do it?
3. I'm using the Italian language file, but in the user menu (in the top)
the program writes
"<http://wikicomics.immaginario.net/index.php//index.php?title=Speciale:Contr…>My
contributions" in English and I didn't find it in the language file. Where
is it?
I'm using MediaWiki 1.3.9
Thanks!
Italiano:
Ho installato MediaWiki su un mio sito e ho alcune domande:
1. Dovevo modificare il testo "Wikipedia" sulla barra del titolo. Per farlo
ho modificato il file "includes/OutputPage.php" sulla linea 153 [
setHTMLTitle() ]. C'è un modo migliore per farlo?
2. Mi serve di modificare il menu. Sulla documentazione ho letto che si fa
aggiungendo qualcosa del genere nel file "LocalSettings.php":
$wgNavigationLinks = array (
array( 'text'=>'Home page', 'href'=>'WikiComics' ),
array( 'text'=>'Ultime modifiche', 'href'=>'Speciale:Recentchanges' ),
array( 'text'=>'Pagina a caso', 'href'=>'Speciale:Randompage' ),
array( 'text'=>'Links', 'href'=>'Links' ),
array( 'text'=>'Aiuto', 'href'=>'Aiuto' ),
);
ma non mi funziona. Come si fa?
3. Utilizzo il file di linguaggio italiano, ma nel menu dell'utente (quello
in alto) il programma mi scrive
"<http://wikicomics.immaginario.net/index.php//index.php?title=Speciale:Contr…>My
contributions" in inglese e non trovo la variabile nel file di linguaggio.
Dov'è?
Uso WikiMedia 1.3.9
Grazie!
Lorenzo Breda
Hi, I suppose I did one thing I should not have done ....
Today I decided to try out the first 1.4 installation - since I already
have a wakkawiki-installation in /wiki and another one of mediawiki
1.3.7 in another directory I installed 1.4 in a directory called just /w/
http://www.wesolveitnet.com/w/
Now I started to edit things and what happens is really strange - and I
am just not sure if it depends on my browser or on the installation.
I modified the main page first and everything seemed ok.
Then I modified again and the browser just did not show me the changes -
no way ... even after several re-loads.
Now I noted the following:
when I go to
http://www.wesolveitnet.com/w/index.php?title=Main_Page
I have the correct contents
whe I go to
http://wesolveitnet.com/w/index.php?title=Main_Page
I have the old contents
and this is really strange ....
So do you think it depends on my browser or did I choose a wrong
directory name (I noted that when editing pages on the wikimedia servers
it works in a directory called /w).
And if my installation is wrong: what do I need to do now? Do I have to
re-install everything in another directory and then re-edit from scratch?
Thank's for any help.
Ciao, Sabine
I'm having trouble installing mediawiki 1.3.9 on a red hat box running Apache.
I first off installed it into a subdirectory on my host, and that worked fine.
http://s94368865.onlinehome.us/WikiMetamed/index.php?title=Main_Page
I then got a domain (www.wikimetamed.org) for the site at 1and1.com,
and then since their domain tools wouldn't let me point to the
existing installation, I decided to create a new install into my
webroot directory.
The problem that first appeared is that I can't access the config
directory. If I try, Apache says it can't find the /config/index.php
file .. as though there is an existing config directory which is being
searched first.
I filed a bugzilla report for this.
So, I tried renaming the config directory to wikiconfig, and then ran
the wikiconfig/index.php which I now was able to access, but it did
not save the LocalSettings.php file even though it claimed to do so.
So, I tried modifying the LocalSettings.php file by hand from another
one I had available, and it doesn't seem to work.
Here it is here:
# This file was automatically generated by the MediaWiki installer.
# If you make manual changes, please keep track in case you need to
# recreate them later.
$IP = "/homepages/38/d94368847/htdocs";
ini_set( "include_path", ".:$IP:$IP/includes:$IP/languages" );
require_once( "DefaultSettings.php" );
# If PHP's memory limit is very low, some operations may fail.
# ini_set( 'memory_limit', '20M' );
if ( $wgCommandLineMode ) {
if ( isset( $_SERVER ) && array_key_exists( 'REQUEST_METHOD', $_SERVER ) ) {
die( "This script must be run from the command line\n" );
}
} else {
## Compress output if the browser supports it
if( !ini_get( 'zlib.output_compression' ) ) @ob_start( 'ob_gzhandler' );
}
$wgSitename = "WikiMetamed";
$wgScriptPath = "";
$wgScript = "$wgScriptPath/index.php";
$wgRedirectScript = "$wgScriptPath/redirect.php";
## If using PHP as a CGI module, use the ugly URLs
# $wgArticlePath = "$wgScript/$1";
$wgArticlePath = "$wgScript?title=$1";
$wgStylePath = "$wgScriptPath/stylesheets";
$wgStyleDirectory = "$IP/stylesheets";
$wgLogo = "$wgStylePath/images/wiki.png";
$wgUploadPath = "$wgScriptPath/images";
$wgUploadDirectory = "$IP/images";
... other stuff removed ...
But when I access the site
http://www.wikimetamed.org
it appears to be pulling all the old path information out from the
original install.
I don't know how this software works .. but I find it difficult to
believe that path data is stored in the mysql tables... so what's
wrong with my LocalSettings.php file .. please ???
All
I have just started using Wiki, having moved from PhpNuke. Is there a
way to disable the Talk and the IP Address from all pages. I noticed
that unregistered users IP is getting displayed.
Thanks
sarath
Hi,
as my very private Wiki grew larger, a few people liked to use it as well. So
I needed to protect the sites, that are really private. Since some kind of
user rights is scheduled for version 1.5, here comes a quickhack:
Wiki Version: 1.3.5 (maybe it works on later versions as well)
Insert the following into Title.php, function userCanRead(), right after the
globals have been defined (for me it's line 550):
# inserted by m:o
global $wgRequireUser;
$siteName = $this->getPrefixedText(); # pagename
$requiredUser = $wgRequireUser[$name];
$allowed = true;
foreach( $wgRequireUser as $siteRegExp => $requiredUser )
{
$check= preg_match("/$siteRegExp/", "$siteName");
if( $check==1 && $wgUser->getName()!=$requiredUser )
{
$allowed = false;
}
}
if( ! $allowed ) return false;
# /inserted by m:o
Then insert the following in your LocalSettings.php at the end, just before
the '?>':
#
# inserted by m:o
#
# set access rights
#
# usage:
# "regular expression that matches the site you want to protect" => "required
user"
#
# examples:
# "^Linux" matches all sites beginning with "Linux"
# "Linux" matches all sites containing "Linux"
# "Linux$" % ending with "Linux"
#
$wgRequireUser = array (
"^Hauptseite:private$" => "Mo",
"^Tbd$" => "Mo",
"^Desy" => "Mo",
"^Grid" => "Mo",
"^Logbook$" => "Mo"
);
Maybe someone can comment on possible disadvantages or security holes?
Cheers,
- Moritz
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.3.10 is a security release.
In earlier 1.3.x releases an attacker could craft a URL which, when
visited by a particular logged-in user, would execute arbitrary
JavaScript code on the user's browser in the wiki's site context. This
attack has been blocked, and as an extra precaution the user CSS and
JavaScript subpage support is now disabled by default. Sites which want
this ability may set $wgAllowUserCss and $wgAllowUserJs in
LocalSettings.php.
Additional protections have been added against off-site form submissions
hijacking user credentials. Authors of bot tools may need to update
their code to include additional fields.
All wikis running 1.3.x are strongly urged to upgrade to 1.3.10.
=== Changes from 1.3.9 ===
* Logged-in edits and preview of user CSS/JS are now locked to a
session token.
* Per-user CSS and JavaScript subpage customizations now disabled by
default. They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss.
* Removed .ogg from the default uploads whitelist as an extra
precaution. If your web server is configured to serve Ogg files with the
correct Content-Type header, you can re-add it in LocalSettings.php:
~ $wgFileExtensions[] = 'ogg';
Release notes:
http://sourceforge.net/project/shownotes.php?release_id=302313
Download:
http://prdownloads.sf.net/wikipedia/mediawiki-1.3.10.tar.gz?download
Low-traffic release announcements mailing list:
http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikipedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCAyTSwRnhpk1wk44RAtX7AJkBo1tLdta5ooHjg02ZVdnGpyoQKQCgsG1K
8j2DYMGGs3LbysjOrLCvudA=
=eAx7
-----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
MediaWiki 1.4beta6 is a security and bug fix release for the 1.4 beta
series.
In previous 1.4beta and 1.3.x releases an attacker could craft a URL
which, when visited by a particular logged-in user, would execute
arbitrary JavaScript code on the user's browser in the wiki's site
context. This attack has been blocked, and as an extra precaution the
user CSS and JavaScript subpage support is now disabled by default.
Sites which want this ability may set $wgAllowUserCss and $wgAllowUserJs
in LocalSettings.php.
Additional protections have been added against off-site form submissions
hijacking user credentials. Authors of bot tools may need to update
their code to include additional fields.
1.3.x users not using the 1.4 beta should upgrade to 1.3.10.
Note that 1.4 beta releases prior to beta 5 include an input validation
error which could lead to execution of arbitrary PHP code on the server.
Users of older betas should upgrade immediately to the current version.
Beta 6 also introduces the use of rel="nofollow" attributes on external
links in wiki pages to reduce the effectiveness of wiki spam. This will
cause participating search engines to ignore external URL links from
wiki pages for purposes of page relevancy ranking.
The current implementation adds this attribute to _all_ external URL
links in wiki text (but not internal [[wiki links]] or interwiki links).
To disable the attribute for _all_ external links, add this line to your
LocalSettings.php:
~ $wgNoFollowLinks = false
For background information on nofollow see:
~ http://www.google.com/googleblog/2005/01/preventing-comment-spam.html
=== Changes since beta 5 ===
* (bug 1335) implement 'tooltip-watch' in Language.php
* Fix linktrail for nn: language
* (bug 1214) Fix prev/next links in Special:Log
* (bug 1354) Fix linktrail for fo: language
* (bug 512) Reload generated CSS on preference change
* (bug 63) Fix displaying as if logged in after logout
* Set default MediaWiki:Sitenotice to '-', avoiding extra database hits
* Skip message cache initialization on raw page view (quick hack)
* Fix notice errors in wfDebugDieBacktrace() in XML callbacks
* Suppress notice error on bogus timestamp input (returns epoch as before)
* Remove unnecessary initialization and double-caching of parser variables
* Call-tree output mode for profiling
* (bug 730) configurable $wgRCMaxAge; don't try to update purged RC entries
* Add $wgNoFollowLinks option to add rel="nofollow" on external links
~ (on by default)
* (bug 1130) Show actual title when moving page instead of encoded one.
* (bug 925) Fix headings containing <math>
* (bug 1131) Fix headings containing interwiki links
* (bug 1380) Update Nynorsk language file
* (bug 1232) Fix sorting of cached Special:Wantedpages in miser mode
* (bug 1217) Image within an image caption broke rendering
* (bug 1384) Make patrol signs have the same width for page moves as for
edits
* (bug 1364) fix "clean up whitespace" in Title:SecureAndSplit
* (bug 1389) i18n for proxyblocker message
* Add fur/Furlan/Friulian to language names list
* Add TitleMoveComplete hook on page renames
* Allow simple comments for each translation rules in MW:Zhconversiontable
* (bug 1402) Make link color of tab subject page link on talk page
indicate whether article exists
* (bug 1368) Fix SQL error on stopword/short word search w/ MySQL 3.x
* Translated Hebrew namespace names
* (bug 1429) Stop double-escaping of block comments; fix formatting
* (bug 829) Fix URL-escaping on block success
* (bug 1228) Fix double-escaping on & sequences in [enclosed] URLs
* (bug 1435) Fixed many CSS errors
* (bug 1457) Fix XHTML validation on category column list
* (bug 1458) Don't save if edit form submission is incomplete
* Logged-in edits and preview of user CSS/JS are now locked to a session
token.
* Per-user CSS and JavaScript subpage customizations now disabled by
default.
~ They can be re-enabled via $wgAllowUserJs and $wgAllowUserCss.
* Removed .ogg from the default uploads whitelist as an extra precaution.
~ If your web server is configured to serve Ogg files with the correct
~ Content-Type header, you can re-add it in LocalSettings.php:
~ $wgFileExtensions[] = 'ogg';
Release notes:
http://sourceforge.net/project/shownotes.php?release_id=302312
Download:
http://prdownloads.sf.net/wikipedia/mediawiki-1.4beta6.tar.gz?download
Low-traffic release announcements mailing list:
http://mail.wikipedia.org/mailman/listinfo/mediawiki-announce
Wiki admin help mailing list:
http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
Bug report system:
http://bugzilla.wikipedia.org/
Play "stump the developers" live on IRC:
#mediawiki on irc.freenode.net
- -- brion vibber (brion @ pobox.com)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (Darwin)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCAyhRwRnhpk1wk44RAnIUAKDdqRHUZeEM8g9+qazg+9yxtLpMogCgxNGb
0cawqMHSyQSVbc7CFav4hMg=
=qmq7
-----END PGP SIGNATURE-----