MediaWiki-l January 2012

mediawiki-l@lists.wikimedia.org

80 participants
83 discussions

Import Images with --comment-ext fails to use existing .meta file
by Gregor Hagedorn 27 Jan '12

27 Jan '12

Under 1.18.1 I fail to get an image import running where for each image there is also a corresponding meta-data text file. The shell command looks like: sudo -u www-data php ./maintenance/importImages.php --conf ./LocalSettings.php --comment-ext=".meta" --user="X Y" --sleep=2 /var/www/v-species/o/atmp2 >> /var/www/v-species/o/XXX.log The import works ok, log is: ----------------- Import Images Importing 01 01.ppt...done. Importing 01 01.png...done. Found: 2 Added: 2 ----------- However, the file 01 01.meta - which does exists - is simply ignored. Has anyone recently used the comment-ext option successfully? I wonder whether this is a bug in mediawiki or in my script or application of the comment-ext. thanks a lot in advance, Gregor

2 1

[MediaWiki-I] upgrade from 1.17.0 to 1.18.x: Skins
by Valerio Pelliccioni 27 Jan '12

27 Jan '12

Hi, I'm not a newbie but certainly not a geek so I need help!. Once in the MonoBook.php there was a place between <head> and </head> in which I had put my <meta.. and <script... Now there is only a $this->html( 'headelement' ) instead. The question is: Where do I have to put my javascript and meta elements? I tried to mess around some solution but the result was that Header Tabs no longer worked plus some other disaster... Ok! Rolled back for now waiting for a word of comfort! My skins is (obviously) based on MonoBook and my site (http://tunearch.org) strongly rely on javascript. Thank you very much indeed. Valerio Pelliccioni _____________ e-mail: vmp(a)silkwood.it Web: http://tunearch.org

2 1

RES: upgrade from 1.15.1 to 1.18.1 - WsDomain
by Diego Maciel Gomes 25 Jan '12

25 Jan '12

hey all. Thanks! The update appears OK, just a thing.. I have the LdapAuthentication extensions. I upgrade it to 1.2e So, when I access the page, It tell me to Require Authentication. So, I click on the authenticate page and Its show me the page to login, but, I have some problems, look below: Notice: Undefined index: wsDomain in /var/www/mediawiki/extensions/LdapAuthentication.php on line 457 Not just in line 457, but in anothers line like 456, 451, 673 and 669. I read here http://www.mediawiki.org/wiki/Extension_talk:LDAP_Authentication to define the $_SESSION['wsDomain'] . I tried this but didn't work... If I refresh the page, the error above disappear.. but I want the wiki works fine :) Anyone can help me with this issue? Thanks again ________________________________________ De: mediawiki-l-bounces(a)lists.wikimedia.org [mediawiki-l-bounces(a)lists.wikimedia.org] em nome de Huib Laurens [sterkebak(a)gmail.com] Enviado: terça-feira, 24 de janeiro de 2012 21:13 Para: MediaWiki announcements and site admin list Assunto: Re: [Mediawiki-l] upgrade from 1.15.1 to 1.18.1 Hi, You should upgrade cause securitie updates. Best. Huib 2012/1/18, Diego Maciel Gomes <diego.gomes(a)cecred.coop.br>: > Hello all.. > > Im using mediawiki 1.15.1 and I want to upgrade to 1.18.1. > > Could I upgrade directily to 1.18.1 or I should to upgrade to another > version and after upgrade to 1.18.1? > > And about this new version 1.18.1, is a good version? > > What new features I take in this lastest version that I don't have in > version 1.15.1? > > Thanks anyway! > > Diego > -- > Esta mensagem foi verificada pelo sistema de antivirus e > acredita-se estar livre de perigo. > > > _______________________________________________ > MediaWiki-l mailing list > MediaWiki-l(a)lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > -- Verzonden vanaf mijn mobiele apparaat Kind regards, Huib Laurens WickedWay.nl Webhosting the wicked way. _______________________________________________ MediaWiki-l mailing list MediaWiki-l(a)lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-l -- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo. -- Esta mensagem foi verificada pelo sistema de antivirus e acredita-se estar livre de perigo.

1 0

Want student help with your MediaWiki project?
by Sumana Harihareswara 25 Jan '12

25 Jan '12

I've arranged for MediaWiki to get some interns this spring. Four bright college students -- they already know web development and have had internships at Facebook, Google, and Microsoft -- need a mentor. https://www.mediawiki.org/wiki/UCOSP_Spring_2012 It's a bit like Google Summer of Code, but a part-time team rather than one full-timer. They'll each be working on MediaWiki 8-10 hours per week between now and the end of April. I figure I need one experienced MediaWiki developer as a mentor -- I'll be your admin, and community dev Amgine will be your backup. Amgine will lead the students in person next weekend during a code sprint in Vancouver. These interns don't yet know what they want to work on so you can choose a project with them. I'd help you run two half-hour IRC meetings per week and we'd run them through two-week iterations between now and the end of April. I figure it'd be about 5 hours a week, possibly more at the start as we ramp the students up. Please let me know as soon as possible, preferably today or Monday. I'd prefer that the students work on something that will be deployed on Wikimedia sites. -- Sumana Harihareswara Volunteer Development Coordinator Wikimedia Foundation

1 1

What class logs recent changes
by Adam Meyer 23 Jan '12

23 Jan '12

What class is used to log the recent changes on edits etc? -Adam

2 2

Follow-up on tooltips in the sidebar
by kaare mikkelsen 23 Jan '12

23 Jan '12

So, changing the starting letter to capital did solve some of my problems. Thank you =) However, I still seem unable to make tooltips for pages with a space in the title. For instance, in the mediawiki:sidebar we have: Survival Guide|Main Page however, creating mediawiki:tooltip-n-Survival_Guide, or mediawiki:tooltip-n-Survival_guide has not effect. Neither does mediawiki:tooltip-n-Main_Page nor mediawiki:tooltip-n-Main_page. Can someone please tell me what I'm doing wrong? Thanks Kaare On Mon, Jan 23, 2012 at 1:00 PM, <mediawiki-l-request(a)lists.wikimedia.org>wrote: > Send MediaWiki-l mailing list submissions to > mediawiki-l(a)lists.wikimedia.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > or, via email, send a message with subject or body 'help' to > mediawiki-l-request(a)lists.wikimedia.org > > You can reach the person managing the list at > mediawiki-l-owner(a)lists.wikimedia.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of MediaWiki-l digest..." > > > Today's Topics: > > 1. Re: What class logs recent changes (Siebrand Mazeland) > 2. Bypassing the external image whitelist (Daniel Friesen) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Mon, 23 Jan 2012 08:35:27 +0100 > From: Siebrand Mazeland <s.mazeland(a)xs4all.nl> > To: MediaWiki announcements and site admin list > <mediawiki-l(a)lists.wikimedia.org> > Subject: Re: [Mediawiki-l] What class logs recent changes > Message-ID: <CA56B19D-6D4B-4E4A-B89B-1EC276A3A211(a)xs4all.nl> > Content-Type: text/plain; charset=us-ascii > > Op 23 jan. 2012 om 01:57 heeft Adam Meyer <meyer7(a)mindspring.com> het > volgende geschreven: > > > What class is used to log the recent changes on edits etc > > Have a look at http://www.mediawiki.org/wiki/Logging_to_Special:Log > > -- > Siebrand Mazeland > > M: +31 6 50 69 1239 > Skype: siebrand > > > ------------------------------ > > Message: 2 > Date: Mon, 23 Jan 2012 03:25:58 -0800 > From: "Daniel Friesen" <lists(a)nadir-seen-fire.com> > To: "mediawiki-l(a)lists.wikimedia.org" > <mediawiki-l(a)lists.wikimedia.org> > Subject: [Mediawiki-l] Bypassing the external image whitelist > Message-ID: <op.v8jbdkfkjuwloh(a)daniels-macbook-air.local> > Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes > > I've found a bit of an issue with our external image embedding > whitelisting functionality. > This isn't exactly a hole in the code itself, but in the fact that in > practice it seams just about everyone uses the whitelist incorrectly and > ends up opening up holes in their wiki allowing the whitelist to be > bypassed. > > I'll start with MW.org for an example: > https://www.mediawiki.org/wiki/MediaWiki:External_image_whitelist > > This image whitelist is fine, it's properly anchored with an explicit > protocol and an initial ^, and it's not using excessive wildcards, there's > nothing wrong with it. > > However when I do a Google search and try to find some of the top wikis > using the image whitelist functionality I see this: > http://rbose.org/wiki/MediaWiki:External_image_whitelist > http://mbmodwiki.ollclan.eu/MediaWiki:External_image_whitelist > http://wiki.vnations.net/index.php/MediaWiki:External_image_whitelist > http://stelio.net/geeki/MediaWiki:External_image_whitelist > http://community.wikia.com/wiki/MediaWiki:External_image_whitelist > > Basically EVERYONE except the smart people running Wikimedia sites use the > image whitelist incorrectly. There are rules using .* in some but more > importantly NO ONE anchors their whitelist rules (they don't even bother > including the protocol in some cases so we can't even use an implicit > anchor to the regexps). > > This means that the whitelists can be trivially bypassed: > http://community.wikia.com/wiki/User:Dantman/Whitelist_hole > > In this example Wikia has a `wikia\.com` regexp line in their image > whitelist. > By using something like this the image whitelist is bypassed: > http://imgs.xkcd.com/comics/security_holes.png?wikia.com&image.png > > The "?wikia.com" inside of the query triggers the whitelisting allowing > the image to be embedded, and the trailing &image.png makes sure that the > url still matches the internal image url embed regexp. > > By adding a query like this (it doesn't even necessarily need to be a > query, I haven't tested but the fragment might be usable, and even if not > it's liable that you could use the path portion of the url if you had a > server setup to serve images for certain weird urls) you can embed > basically any url you want into the wiki since the query portion of the > url is ignored by webservers serving images. > > And to be clear I don't believe that patterns like > `http://upload\.wikimedia\.org/` and `^http://(.*?\.)?wordpress\.com/` > aren't safe. I believe that the special characters in the later parts of > the url won't affect it and you can still get it to work. And ^ anchoring > won't work when using .* style wildcards because you can craft a url such > as > > http://my.malicious-website.com/path/to/my/evil/image.png?.wordpress.com&im… > which would match that latter regexp. > > -- > ~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name] > > > > ------------------------------ > > _______________________________________________ > MediaWiki-l mailing list > MediaWiki-l(a)lists.wikimedia.org > https://lists.wikimedia.org/mailman/listinfo/mediawiki-l > > > End of MediaWiki-l Digest, Vol 100, Issue 18 > ******************************************** >

2 1

Re: [Mediawiki-l] Anti-Bot question?
by Ron Laufer 23 Jan '12

23 Jan '12

> Hi Ron > Yes, see Questy Captcha: > http://www.mediawiki.org/wiki/Extension:ConfirmEdit#QuestyCaptcha > You can create your own Q/A. > > Also see: > > http://www.mediawiki.org/wiki/Extension:SimpleAntiSpam > This works sometimes also to prevent bots. It can also be altered to block the bot IP address for a small amount of time (optional). > > If they still keep coming, you can change the ConfirmEdit type to "ReCaptcha, although I see bots break that one too sometimes but these will help. Thanks Erik and Mikolka, I already have ConfirmEdit with ReCaptcha, but lately a lot have been busting through it. I think QuestyCaptcha is what I want. Thanks! Ron

2 2

How to get page ID and title
by Vance - 22 Jan '12

22 Jan '12

I'm working on a MediaWiki extension, how can I get the page ID and title?

2 1

undefined function wfGetDB()
by Arocho, Vance A 22 Jan '12

22 Jan '12

I'm working on a PHP class to execute some database queries in support of another class that will be used by an extension. But I'm getting the following error message: Fatal error: Call to undefined function wfGetDB() when I try to call a method in my class from a test script. Any ideas as to how to resolve this? Vance Arocho SIE BCPO Battelle 703-875-2117

3 2

I need to Hide a single page from Un-login users
by Sreelaxmi.Alladi＠cognizant.com 22 Jan '12

22 Jan '12

Hi I need to Hide a single page from Un-login users.. Can u help me regarding dis.? Regards --- This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful.

5 5

← Newer
1
2
3
4
5
6
7
8
9
Older →

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

MediaWiki-l January 2012