Hello
Still searching a way to get authimage working in mediawiki 1.5 and
above, I found this reference to captcha in EditPage.php (version 1.6
phase3)
/**
* Send the edit form and related headers to $wgOut
* @param $formCallback Optional callable that takes an OutputPage
* parameter; will be called during form output
* near the top, for captchas and the like.
*/
function showEditForm( $formCallback=null ) {
Could someone tell me how to use this ?
Is it endly, the way to catch the validation?
Thanks a lot,
François
For references:
http://wiki.matfyz.cz/wiki/MediaWiki:Tuning (version 1.4)
http://www.fxparlant.net/Captcha_Mediawiki_1.3http://www.fxparlant.net/Captcha_Mediawiki_1.5
Please tell me if this is already the case, but would it make sense for
accounts which have just been blocked to have their current IP address
temporarily autoblocked (for say, 30 minutes) from creating other user
accounts. This would be in addition to the current
account-creations-per-day limit.
This would help prevent many mid-level vandals from playing the game of
repeatedly creating multiple accounts immediately after getting blocked,
and would reduce the amount of time admins currently have to spend
playing whack-a-mole with these sockpuppet accounts.
-- Neil
There's an impersonator on dewiki who added NBSP (U+00A0) to another user's
username. The impersonator's account seems to be unblockable by normal means
as the trailing NBSP at some stage of blocking gets stripped and the
legitimate user is blocked.
Is this problem known?
Is there a known workaround?
Regards,
Peter Jacobi
--
10 GB Mailbox, 100 FreeSMS/Monat http://www.gmx.net/de/go/topmail
+++ GMX - die erste Adresse f�r Mail, Message, More +++
I would like to place a (hyper)link on an image so that when the reader
clicks on the image, he is redirected to a "normal" wiki-page instead of to
the imagepage of the image. But I do NOT want to put a textual link on or
near the image (the link has to be placed on the image itself). Is it
possible to make such kind of hotspot on an image in a wiki and if
yes...how?
thanks in advance!
Jan
I've been tinkering with an extension to provide for a captcha to reduce
automated linkspamming while still staying out of the way for common use.
My preliminary code is running now on test.leuksman.com; the actual
"captcha" part is a really primitive plain text hack which would take
all of a few minutes for a dedicated attacker to crack, but don't worry
about that -- I'm not testing the protection yet, just the framework it
plugs into.
By default the captcha prompt will only kick in if an edit adds new URLs
to the text. Most regular editing shouldn't trip this -- wiki links,
plain text, or just preserving existing links. But if you add new HTTP
links that weren't there before, it'll then make you pass the captcha
before it saves.
The captcha step can also be bypassed based on user group (eg registered
bots, sysop accounts, optionally all registered users), and can also be
set to skip for any user who has gone through confirmation of their
account e-mail address.
I haven't coded it yet, but it should also be possible to add a URL
whitelist, for instance for the site's own local URLs.
As for a 'real' captcha generator to put into this system; I'm not too
sure what code is already out there that's not awful. There's a Drupal
plugin which would be easy to rip GPL'd PHP code from, but it doesn't
seem very robust.
There's a set of samples of various captcha output and their weaknesses
here: http://sam.zoy.org/pwntcha/
Obviously it would be good to either find something on the 'hard
captchas' list rather than 'defeated captchas', or roll our own that
doesn't suck too bad.
There's also the question of whether we can feasibly provide an audio
alternative or whathaveyou.
-- brion vibber (brion @ pobox.com)
What is the current state of any technical solution to the problem with
conditional templates?
I know that at east one solution has been proposed
(http://meta.wikimedia.org/wiki/User:AzaToth/Logic which I personally think
is over-egging the pudding, but is a good first step) but I have heard
absolutely nothing as to whether anybody is ever going to actually do
anything about it.
In the meantime, various users (Netoholic and SnowSpinner chief amongst
them) are making vaguely threatening rumblings which imply simply destroying
any and all templates which use anything like conditional code: the dreaded
"meta-template" term is bandied about with wild abandon. Other users, in a
mad attempt to escape from the [[WP:AUM]] bludgeon, are driven to perpetrate
atrocities like this:
http://en.wikipedia.org/w/index.php?title=Template:Infobox_TV_channel&oldid…
(warning: obscene code alert).
The only response I have heard from anybody on the development side is "we
don't want it Turing compliant", which I assume means that they don't want
sufficient bells and whistles to make it possible to write nasty little
virus thingies.
Well, neither do the users: we simply want something in Mediawiki which will
perform the same function as {{qif}}
(http://en.wikipedia.org/wiki/Template:Qif ) and {{switch}}
(http://en.wikipedia.org/wiki/Template:Switch ) without the strain these
templates are said to impose on the servers. Anything else (as I implied
earlier) would IMNSHO be overdoing it and unnecessary.
HTH HAND
--
Phil
[[en:User:Phil Boswell]]
(Sorry; reposting with correct subject.)
> Everything else is
> too complex for authors anyway.
Clearly people want features in the software that the developers are
too busy or unmotivated to implement. The barrier to becoming a
Mediawiki developer is high, but the barrier to creating a conditional
template is not. Authors/editors/endusers *don't need* to edit the
complex templates; they need to edit the articles, which are becoming
more and more daunting the more features are added to the syntax. If
the intermediately-skilled programmers can make editing simpler and
easier for the end users, isn't that a good thing?
Of course, the best solution would be to implement infoboxes and the
like directly in the Mediawiki software, in a way that doesn't require
end users to code anything. But until that happens, people are going
to use as many shortcuts as they can to make it easy on newcomers.
> What the **** is that? We don't need geek-features but a simple solution.
>
> > (warning: obscene code alert).
Stop being so hostile to people trying to improve the Wikipedia.
Do they unnecessarily load down the servers? Fine. Then they should
be killed, for now. (But don't call it "killing" and don't be an ass
about it.) Is the code obscene? Fine, but don't call it "obscene".
These people are just trying to help, in ways that you are unable or
unwilling to do. Be nice.
Dear developers,
when reporting features are developed, please consider that software
may be used on a site with millions of rows in tables. Please always
check if indexes can be used for whole report, if not, please
consider avoiding such feature, or consult people with access to
database on #wikimedia-tech. If you actually have access to database,
do not hesitate to EXPLAIN a query on our live datasets and evaluate
costs of operation. Otherwise site goes down or crawls and both users
and operators are frustrated ;-) Remember, less data query needs to
read - faster it is!!!!!! :) And better for performance is when no
data is read, of course ;-)
Thanks,
Domas
Someone asked [1] if the log could be formatted in reverse order. I've
implemented this in the CheckUser extension, but I've no idea what the
done thing is when coaxing people to synchronise from the extensions
module.
Anyway, done that.
Rob Church
[1] => http://mail.wikimedia.org/pipermail/wikitech-l/2005-December/033308.html
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
It seems like the subject as been brought up everywhere (such as English
Wikipedia's Village Pump and a Wikinews talk page), but it hasn't been
breached on wikitech-l yet. So that's what I'm going to do. It appears,
from [[wikinews:Talk:Microsoft Windows metafiles are a vector for
computer viruses]] that Commons accepts wmf files masquerading as ogg
files. The security of MediaWiki installations on Windows platforms is
also dubious.
For information purposes, what are the developers doing about it?
- --
Edward Z. Yang Personal: edwardzyang(a)thewritingpot.com
SN:Ambush Commander Website: http://www.thewritingpot.com/
GPGKey:0x869C48DA http://www.thewritingpot.com/gpgpubkey.asc
3FA8 E9A9 7385 B691 A6FC B3CB A933 BE7D 869C 48DA
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
iD8DBQFDuahdqTO+fYacSNoRAlElAJ9/1vR8R65atXpBn3c1t7wCYQj3KwCfd3Q7
jar/kDpR87SF0jGXufv7Z8E=
=ObbN
-----END PGP SIGNATURE-----