Hello Roger,
What you did is you escaped from running the PHP command to having it be HTML. This will happen any time you have ?> not escaped in PHP. It is not a flaw for most PHP use, but it can be if you escape out of it before showing a password or something similar. To get around this, move the ?> away from each other.
I hope that this helps, Kasimir
On 3/7/07, Roger Chrisman roger@rogerchrisman.com wrote:
I just had a scare...
My LocalSettings.php file *displayed in the browser* at top of any wiki page view! (Actually I only saw it at top of Main_page and top of Search results page before I panicked and reverted the edit in LocalSettings.php that had caused this.)
What happened
In LocalSettings.php I had edited my $wgSpamRegex from this:
$wgSpamRegex = "/<.*style.*?(display|position|overflow|visibility| height)\s*:.*?>/i";
to this which caused this line and all below it in LocalSettings.php to show in browser!:
$wgSpamRegex = "/(Tramadol|<.*style.*?(display|position|overflow| visibility|height)\s*:.*?>)/i";
Both entries were single lines of course; line breaks here for email.
Did I screwed up the Regex while adding "(Tramadol|" and ")" to it?
Why did the new $wgSpamRegex line and everything below it in LocalSettings.php show up at top of *wiki page views in browser (Konqueror) window*?
Luckily my MySQL pw and username are *above* that in LocalSettings.php so they did not get out.
I'm running the wiki, http://Wikigogy.org, with default MediaWiki and no extensions on a commercial web host and viewed it from home in Konqueror browser.
- MediaWiki: 1.9.2
- PHP: 5.2.1 (cgi)
- MySQL: 4.1.21-standard-log
I keep LocalSettings.php mode 600 and owned my myself.
How did half of it get out?
-- Roger Chrisman :-) http://Wikigogy.org - free resources for teachers of English as a second or foreign language
MediaWiki-l mailing list MediaWiki-l@lists.wikimedia.org http://lists.wikimedia.org/mailman/listinfo/mediawiki-l