hey all. Thanks! The update appears OK, just a thing..
I have the LdapAuthentication extensions. I upgrade it to 1.2e
So, when I access the page, It tell me to Require Authentication. So, I click on the authenticate page and Its show me the page to login, but, I have some problems, look below:
Notice: Undefined index: wsDomain in /var/www/mediawiki/extensions/LdapAuthentication.php on line 457
Not just in line 457, but in anothers line like 456, 451, 673 and 669.
I read here http://www.mediawiki.org/wiki/Extension_talk:LDAP_Authentication to define the $_SESSION['wsDomain'] . I tried this but didn't work...
If I refresh the page, the error above disappear.. but I want the wiki works fine :)
Anyone can help me with this issue?
Thanks again
________________________________________
De: mediawiki-l-bounces(a)lists.wikimedia.org [mediawiki-l-bounces(a)lists.wikimedia.org] em nome de Huib Laurens [sterkebak(a)gmail.com]
Enviado: terça-feira, 24 de janeiro de 2012 21:13
Para: MediaWiki announcements and site admin list
Assunto: Re: [Mediawiki-l] upgrade from 1.15.1 to 1.18.1
Hi,
You should upgrade cause securitie updates.
Best.
Huib
2012/1/18, Diego Maciel Gomes <diego.gomes(a)cecred.coop.br>:
> Hello all..
>
> Im using mediawiki 1.15.1 and I want to upgrade to 1.18.1.
>
> Could I upgrade directily to 1.18.1 or I should to upgrade to another
> version and after upgrade to 1.18.1?
>
> And about this new version 1.18.1, is a good version?
>
> What new features I take in this lastest version that I don't have in
> version 1.15.1?
>
> Thanks anyway!
>
> Diego
> --
> Esta mensagem foi verificada pelo sistema de antivirus e
> acredita-se estar livre de perigo.
>
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l(a)lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
--
Verzonden vanaf mijn mobiele apparaat
Kind regards,
Huib Laurens
WickedWay.nl
Webhosting the wicked way.
_______________________________________________
MediaWiki-l mailing list
MediaWiki-l(a)lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
--
Esta mensagem foi verificada pelo sistema de antivirus e
acredita-se estar livre de perigo.
--
Esta mensagem foi verificada pelo sistema de antivirus e
acredita-se estar livre de perigo.
I've arranged for MediaWiki to get some interns this spring. Four
bright college students -- they already know web development and have
had internships at Facebook, Google, and Microsoft -- need a mentor.
https://www.mediawiki.org/wiki/UCOSP_Spring_2012
It's a bit like Google Summer of Code, but a part-time team rather than
one full-timer. They'll each be working on MediaWiki 8-10 hours per
week between now and the end of April. I figure I need one experienced
MediaWiki developer as a mentor -- I'll be your admin, and community dev
Amgine will be your backup. Amgine will lead the students in person
next weekend during a code sprint in Vancouver.
These interns don't yet know what they want to work on so you can choose
a project with them. I'd help you run two half-hour IRC meetings per
week and we'd run them through two-week iterations between now and the
end of April. I figure it'd be about 5 hours a week, possibly more at
the start as we ramp the students up.
Please let me know as soon as possible, preferably today or Monday. I'd
prefer that the students work on something that will be deployed on
Wikimedia sites.
--
Sumana Harihareswara
Volunteer Development Coordinator
Wikimedia Foundation
So, changing the starting letter to capital did solve some of my problems.
Thank you =)
However, I still seem unable to make tooltips for pages with a space in the
title.
For instance, in the mediawiki:sidebar we have:
Survival Guide|Main Page
however, creating mediawiki:tooltip-n-Survival_Guide,
or mediawiki:tooltip-n-Survival_guide has not effect. Neither
does mediawiki:tooltip-n-Main_Page nor mediawiki:tooltip-n-Main_page.
Can someone please tell me what I'm doing wrong?
Thanks
Kaare
On Mon, Jan 23, 2012 at 1:00 PM, <mediawiki-l-request(a)lists.wikimedia.org>wrote:
> Send MediaWiki-l mailing list submissions to
> mediawiki-l(a)lists.wikimedia.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
> or, via email, send a message with subject or body 'help' to
> mediawiki-l-request(a)lists.wikimedia.org
>
> You can reach the person managing the list at
> mediawiki-l-owner(a)lists.wikimedia.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of MediaWiki-l digest..."
>
>
> Today's Topics:
>
> 1. Re: What class logs recent changes (Siebrand Mazeland)
> 2. Bypassing the external image whitelist (Daniel Friesen)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Mon, 23 Jan 2012 08:35:27 +0100
> From: Siebrand Mazeland <s.mazeland(a)xs4all.nl>
> To: MediaWiki announcements and site admin list
> <mediawiki-l(a)lists.wikimedia.org>
> Subject: Re: [Mediawiki-l] What class logs recent changes
> Message-ID: <CA56B19D-6D4B-4E4A-B89B-1EC276A3A211(a)xs4all.nl>
> Content-Type: text/plain; charset=us-ascii
>
> Op 23 jan. 2012 om 01:57 heeft Adam Meyer <meyer7(a)mindspring.com> het
> volgende geschreven:
>
> > What class is used to log the recent changes on edits etc
>
> Have a look at http://www.mediawiki.org/wiki/Logging_to_Special:Log
>
> --
> Siebrand Mazeland
>
> M: +31 6 50 69 1239
> Skype: siebrand
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 23 Jan 2012 03:25:58 -0800
> From: "Daniel Friesen" <lists(a)nadir-seen-fire.com>
> To: "mediawiki-l(a)lists.wikimedia.org"
> <mediawiki-l(a)lists.wikimedia.org>
> Subject: [Mediawiki-l] Bypassing the external image whitelist
> Message-ID: <op.v8jbdkfkjuwloh(a)daniels-macbook-air.local>
> Content-Type: text/plain; charset=utf-8; format=flowed; delsp=yes
>
> I've found a bit of an issue with our external image embedding
> whitelisting functionality.
> This isn't exactly a hole in the code itself, but in the fact that in
> practice it seams just about everyone uses the whitelist incorrectly and
> ends up opening up holes in their wiki allowing the whitelist to be
> bypassed.
>
> I'll start with MW.org for an example:
> https://www.mediawiki.org/wiki/MediaWiki:External_image_whitelist
>
> This image whitelist is fine, it's properly anchored with an explicit
> protocol and an initial ^, and it's not using excessive wildcards, there's
> nothing wrong with it.
>
> However when I do a Google search and try to find some of the top wikis
> using the image whitelist functionality I see this:
> http://rbose.org/wiki/MediaWiki:External_image_whitelist
> http://mbmodwiki.ollclan.eu/MediaWiki:External_image_whitelist
> http://wiki.vnations.net/index.php/MediaWiki:External_image_whitelist
> http://stelio.net/geeki/MediaWiki:External_image_whitelist
> http://community.wikia.com/wiki/MediaWiki:External_image_whitelist
>
> Basically EVERYONE except the smart people running Wikimedia sites use the
> image whitelist incorrectly. There are rules using .* in some but more
> importantly NO ONE anchors their whitelist rules (they don't even bother
> including the protocol in some cases so we can't even use an implicit
> anchor to the regexps).
>
> This means that the whitelists can be trivially bypassed:
> http://community.wikia.com/wiki/User:Dantman/Whitelist_hole
>
> In this example Wikia has a `wikia\.com` regexp line in their image
> whitelist.
> By using something like this the image whitelist is bypassed:
> http://imgs.xkcd.com/comics/security_holes.png?wikia.com&image.png
>
> The "?wikia.com" inside of the query triggers the whitelisting allowing
> the image to be embedded, and the trailing &image.png makes sure that the
> url still matches the internal image url embed regexp.
>
> By adding a query like this (it doesn't even necessarily need to be a
> query, I haven't tested but the fragment might be usable, and even if not
> it's liable that you could use the path portion of the url if you had a
> server setup to serve images for certain weird urls) you can embed
> basically any url you want into the wiki since the query portion of the
> url is ignored by webservers serving images.
>
> And to be clear I don't believe that patterns like
> `http://upload\.wikimedia\.org/` and `^http://(.*?\.)?wordpress\.com/`
> aren't safe. I believe that the special characters in the later parts of
> the url won't affect it and you can still get it to work. And ^ anchoring
> won't work when using .* style wildcards because you can craft a url such
> as
>
> http://my.malicious-website.com/path/to/my/evil/image.png?.wordpress.com&im…
> which would match that latter regexp.
>
> --
> ~Daniel Friesen (Dantman, Nadir-Seen-Fire) [http://daniel.friesen.name]
>
>
>
> ------------------------------
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l(a)lists.wikimedia.org
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>
>
> End of MediaWiki-l Digest, Vol 100, Issue 18
> ********************************************
>
> Hi Ron
> Yes, see Questy Captcha:
> http://www.mediawiki.org/wiki/Extension:ConfirmEdit#QuestyCaptcha
> You can create your own Q/A.
>
> Also see:
>
> http://www.mediawiki.org/wiki/Extension:SimpleAntiSpam
>
This works sometimes also to prevent bots. It can also be altered to
block the bot IP address for a small amount of time (optional).
>
>
If they still keep coming, you can change the ConfirmEdit type to
"ReCaptcha, although I see bots break that one too sometimes but these
will help.
Thanks Erik and Mikolka,
I already have ConfirmEdit with ReCaptcha, but lately a lot have been busting through it. I think QuestyCaptcha is what I want.
Thanks!
Ron
I'm working on a PHP class to execute some database queries in support of another class that will be used by an extension. But I'm getting the following error message:
Fatal error: Call to undefined function wfGetDB()
when I try to call a method in my class from a test script. Any ideas as to how to resolve this?
Vance Arocho
SIE
BCPO Battelle
703-875-2117
Hi
I need to Hide a single page from Un-login users.. Can u help me
regarding dis.?
Regards
---
This e-mail and any files transmitted with it are for the sole use of the intended recipient(s) and may contain confidential and privileged information. If you are not the intended recipient(s), please reply to the sender and destroy all copies of the original message. Any unauthorized review, use, disclosure, dissemination, forwarding, printing or copying of this email, and/or any action taken in reliance on the contents of this e-mail is strictly prohibited and may be unlawful.
I'm trying to execute the following function on every page that exists
for an uploaded file: {{filepath:{{PAGENAME}}.pdf}}
So, if I uploaded a file called "File.pdf", on the wiki page for
File.pdf, I'd expect {{PAGENAME}} to return "File". I'd expect the
entire function to return something like:
http://mywiki.com/mediawiki/images/4/4d/File.pdf
Instead, nothing at all is returned when PAGENAME is embedded within
filepath. If I type the expression without {{PAGENAME}}, i.e.
{{filepath:File.pdf}}, it works fine and returns:
http://mywiki.com/mediawiki/images/4/4d/File.pdf
Is it just not possible to embed magic words in string functions, or
am I missing some escape character or something?
Thanks in advance,
-Dana
