Author: james
Description:
having upgraded from php-5.2.6 to php-5.2.7 editing pages in mediawiki fails with the error:
Your edit has been rejected because your client mangled the punctuation characters in the edit token. The edit has been rejected to prevent corruption of the page text. This sometimes happens when you are using a buggy web-based anonymous proxy service.
further investigation reveals the the trailing \ in the wpEditToken is being lost.
Version: 1.13.x
Severity: enhancement
It appears that the magic_quotes_gpc setting is broken in the PHP 5.2.7 release.
While set by default, it doesn't *work*, so MediaWiki sees the setting on and tries to strip the extra backslashes from input. The result is broken input. :(
If you are in a position to disable magic_quotes_gpc in your php.ini, go ahead and do so.
A quick workaround for 5.2.7 users is to add the following in the php.ini:
filter.default_flags=0
This bug has been fixed in CVS of PHP.
PHP 5.2.7 has been withdrawn from distribution due to the magic_quotes bug; 5.2.8 will be released shortly with the fix.
If you're using 5.2.7, please downgrade to 5.2.6 immediately or deploy the above workaround if available.