As some of you know I'm working on a new uploader for MediaWiki, called UploadWizard.
I wrote some preliminary docs about the PHP side of the design here:
http://www.mediawiki.org/wiki/Extension:UploadWizard/docs
(more docs, especially about the frontend, will be forthcoming as I write them).
In particular I'd like to draw people's attention to how it adds new ways of accessing files in the temporary "stash". Previously we've used the stash only as a holding area for files that need some sort of last-minute touch-up, like a new name. This design makes the "stash" an important part of the entire upload process.
There are security implications to some of these new features. Roan Kattouw has been reviewing this already, but I wanted it to have a wider distribution as well.
1) The uploading user can view thumbnails of their own "stashed" files via a new Special: page. It should not be possible for any other users to ever obtain anyone else's temporary files, or for them to subvert this system to do other mischief. However, it does rely on reading the file out to the user using PHP, thus *potentially* opening the door to reading other files. I think I've been thorough in eliminating this possibility, but I'd like extra eyes.
2) In a similar manner, the uploading user can request metadata about uploaded files before they are published.
The code is in a branch over here:
http://svn.wikimedia.org/svnroot/mediawiki/branches/uploadwizard
You particularly want to check out:
http://svn.wikimedia.org/svnroot/mediawiki/branches/uploadwizard/includes/up...
http://svn.wikimedia.org/svnroot/mediawiki/branches/uploadwizard/includes/sp...
http://svn.wikimedia.org/svnroot/mediawiki/branches/uploadwizard/extensions/...
http://svn.wikimedia.org/svnroot/mediawiki/branches/uploadwizard/extensions/...