MW folk,
A few days ago I posted a patch to Title::userCan() to prevent users from editing any user page but their own.
I found a small(?) bug in the code and fixed it as documented on meta:
code: http://meta.wikimedia.org/w/index.php?title=User:Yeidel#User_Pages_Editable _Only_By_User talk: http://meta.wikimedia.org/wiki/User_talk:Yeidel#User_Page_Editing_--_Anon_U ser_Test_Removed
I removed from the User Page Editing patch the line
+ && $wgUser->getID() != 0 #not anonymous user
The intention was to protect the following "$wgUser->getName()" from being undefined if the test were run for anonymous users. However, that's not really a problem, since $wgUser->getName() returns the IP number for anonymous users.
In our environment, this line has no impact, since anonymous users are not permitted to edit anything.
In an environment where anon users can edit, this line would cause the disqualifying test not to be applied to anon users; thus an anon user could edit any user page.
It was just a mistake that proved to be harmless in our environment, but could be a problem if the code were imported into another environment.
Just a question that came to my mind when I read this: Is it also possible to allow users to make their user-page editable when they write e.g. {{EDITABLE}} in their user-page?
----- Original Message ----- From: "Joshua Yeidel" yeidel@wsu.edu To: "mediawiki list" mediawiki-l@Wikimedia.org Sent: Friday, September 02, 2005 12:38 AM Subject: [Mediawiki-l] User Page Editing patch - anon user test deleted
MW folk,
A few days ago I posted a patch to Title::userCan() to prevent users from editing any user page but their own.
I found a small(?) bug in the code and fixed it as documented on meta:
code: http://meta.wikimedia.org/w/index.php?title=User:Yeidel#User_Pages_Editable _Only_By_User talk: http://meta.wikimedia.org/wiki/User_talk:Yeidel#User_Page_Editing_--_Anon_U ser_Test_Removed
I removed from the User Page Editing patch the line
&& $wgUser->getID() != 0 #not anonymous userThe intention was to protect the following "$wgUser->getName()" from being undefined if the test were run for anonymous users. However, that's not really a problem, since $wgUser->getName() returns the IP number for anonymous users.
In our environment, this line has no impact, since anonymous users are not permitted to edit anything.
In an environment where anon users can edit, this line would cause the disqualifying test not to be applied to anon users; thus an anon user could edit any user page.
It was just a mistake that proved to be harmless in our environment, but could be a problem if the code were imported into another environment.
MediaWiki-l mailing list MediaWiki-l@Wikimedia.org http://mail.wikipedia.org/mailman/listinfo/mediawiki-l
mediawiki-l@lists.wikimedia.org