Page MenuHomePhabricator
Create Task
Maniphest T27670

wfFindFile should check namespace of given title
Closed, ResolvedPublic
Actions

Description

When give a Title object to wfFindFile the namespace is not check. It is possible to put in a Tilte with "Project:Wiki.png" and the function give the file "Wiki.png" back.

In my opinion it is better to check the namespace of the given title against NS_FILE. Thanks.

Version: unspecified
Severity: minor

Details

Reference
bz25670

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 11:15 PM
bzimport added a project: MediaWiki-File-management.
bzimport set Reference to bz25670.
bzimport added a subscriber: Unknown Object (MLST).
Umherirrender created this task.Oct 27 2010, 1:18 PM
TheDJ added a comment.Oct 27 2010, 6:55 PM

wfFindFile() triggers findFile() in FileRepo.php and RepoGroup.php...

It is indeed true that atm, the File namespace is not enforced... I'm not sure what the best place is to enforce this atm.

Perhaps in newFile() of FileRepo.php ? We have to account for NS_MEDIA as well btw.

IAlex added a comment.Nov 10 2010, 9:17 AM

Done in r76437.

Gilles added a project: Multimedia.Dec 4 2014, 10:44 AM
Gilles moved this task from Untriaged to Done on the Multimedia board.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL