This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <?php |
||
0 ignored issues
–
show
|
|||
2 | /** |
||
3 | * Clean up broken, unparseable titles. |
||
4 | * |
||
5 | * Copyright © 2005 Brion Vibber <[email protected]> |
||
6 | * https://www.mediawiki.org/ |
||
7 | * |
||
8 | * This program is free software; you can redistribute it and/or modify |
||
9 | * it under the terms of the GNU General Public License as published by |
||
10 | * the Free Software Foundation; either version 2 of the License, or |
||
11 | * (at your option) any later version. |
||
12 | * |
||
13 | * This program is distributed in the hope that it will be useful, |
||
14 | * but WITHOUT ANY WARRANTY; without even the implied warranty of |
||
15 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
||
16 | * GNU General Public License for more details. |
||
17 | * |
||
18 | * You should have received a copy of the GNU General Public License along |
||
19 | * with this program; if not, write to the Free Software Foundation, Inc., |
||
20 | * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. |
||
21 | * http://www.gnu.org/copyleft/gpl.html |
||
22 | * |
||
23 | * @file |
||
24 | * @author Brion Vibber <brion at pobox.com> |
||
25 | * @ingroup Maintenance |
||
26 | */ |
||
27 | |||
28 | require_once __DIR__ . '/cleanupTable.inc'; |
||
29 | |||
30 | /** |
||
31 | * Maintenance script to clean up broken, unparseable titles. |
||
32 | * |
||
33 | * @ingroup Maintenance |
||
34 | */ |
||
35 | class TitleCleanup extends TableCleanup { |
||
36 | public function __construct() { |
||
37 | parent::__construct(); |
||
38 | $this->addDescription( 'Script to clean up broken, unparseable titles' ); |
||
39 | } |
||
40 | |||
41 | /** |
||
42 | * @param object $row |
||
43 | */ |
||
44 | protected function processRow( $row ) { |
||
45 | global $wgContLang; |
||
46 | $display = Title::makeName( $row->page_namespace, $row->page_title ); |
||
47 | $verified = $wgContLang->normalize( $display ); |
||
48 | $title = Title::newFromText( $verified ); |
||
49 | |||
50 | if ( !is_null( $title ) |
||
51 | && $title->canExist() |
||
52 | && $title->getNamespace() == $row->page_namespace |
||
53 | && $title->getDBkey() === $row->page_title |
||
54 | ) { |
||
55 | $this->progress( 0 ); // all is fine |
||
56 | |||
57 | return; |
||
58 | } |
||
59 | |||
60 | if ( $row->page_namespace == NS_FILE && $this->fileExists( $row->page_title ) ) { |
||
61 | $this->output( "file $row->page_title needs cleanup, please run cleanupImages.php.\n" ); |
||
62 | $this->progress( 0 ); |
||
63 | } elseif ( is_null( $title ) ) { |
||
64 | $this->output( "page $row->page_id ($display) is illegal.\n" ); |
||
65 | $this->moveIllegalPage( $row ); |
||
66 | $this->progress( 1 ); |
||
67 | } else { |
||
68 | $this->output( "page $row->page_id ($display) doesn't match self.\n" ); |
||
69 | $this->moveInconsistentPage( $row, $title ); |
||
70 | $this->progress( 1 ); |
||
71 | } |
||
72 | } |
||
73 | |||
74 | /** |
||
75 | * @param string $name |
||
76 | * @return bool |
||
77 | */ |
||
78 | protected function fileExists( $name ) { |
||
79 | // XXX: Doesn't actually check for file existence, just presence of image record. |
||
80 | // This is reasonable, since cleanupImages.php only iterates over the image table. |
||
81 | $dbr = $this->getDB( DB_REPLICA ); |
||
82 | $row = $dbr->selectRow( 'image', [ 'img_name' ], [ 'img_name' => $name ], __METHOD__ ); |
||
83 | |||
84 | return $row !== false; |
||
85 | } |
||
86 | |||
87 | /** |
||
88 | * @param object $row |
||
89 | */ |
||
90 | protected function moveIllegalPage( $row ) { |
||
91 | $legal = 'A-Za-z0-9_/\\\\-'; |
||
92 | $legalized = preg_replace_callback( "!([^$legal])!", |
||
93 | [ $this, 'hexChar' ], |
||
94 | $row->page_title ); |
||
95 | if ( $legalized == '.' ) { |
||
96 | $legalized = '(dot)'; |
||
97 | } |
||
98 | if ( $legalized == '_' ) { |
||
99 | $legalized = '(space)'; |
||
100 | } |
||
101 | $legalized = 'Broken/' . $legalized; |
||
102 | |||
103 | $title = Title::newFromText( $legalized ); |
||
104 | if ( is_null( $title ) ) { |
||
105 | $clean = 'Broken/id:' . $row->page_id; |
||
106 | $this->output( "Couldn't legalize; form '$legalized' still invalid; using '$clean'\n" ); |
||
107 | $title = Title::newFromText( $clean ); |
||
108 | } elseif ( $title->exists() ) { |
||
109 | $clean = 'Broken/id:' . $row->page_id; |
||
110 | $this->output( "Legalized for '$legalized' exists; using '$clean'\n" ); |
||
111 | $title = Title::newFromText( $clean ); |
||
112 | } |
||
113 | |||
114 | $dest = $title->getDBkey(); |
||
115 | if ( $this->dryrun ) { |
||
116 | $this->output( "DRY RUN: would rename $row->page_id ($row->page_namespace," . |
||
117 | "'$row->page_title') to ($row->page_namespace,'$dest')\n" ); |
||
118 | View Code Duplication | } else { |
|
119 | $this->output( "renaming $row->page_id ($row->page_namespace," . |
||
120 | "'$row->page_title') to ($row->page_namespace,'$dest')\n" ); |
||
121 | $dbw = $this->getDB( DB_MASTER ); |
||
122 | $dbw->update( 'page', |
||
123 | [ 'page_title' => $dest ], |
||
124 | [ 'page_id' => $row->page_id ], |
||
125 | __METHOD__ ); |
||
126 | } |
||
127 | } |
||
128 | |||
129 | /** |
||
130 | * @param object $row |
||
131 | * @param Title $title |
||
132 | */ |
||
133 | protected function moveInconsistentPage( $row, $title ) { |
||
134 | if ( $title->exists() || $title->getInterwiki() || !$title->canExist() ) { |
||
135 | if ( $title->getInterwiki() || !$title->canExist() ) { |
||
136 | $prior = $title->getPrefixedDBkey(); |
||
137 | } else { |
||
138 | $prior = $title->getDBkey(); |
||
139 | } |
||
140 | |||
141 | # Old cleanupTitles could move articles there. See bug 23147. |
||
142 | $ns = $row->page_namespace; |
||
143 | if ( $ns < 0 ) { |
||
144 | $ns = 0; |
||
145 | } |
||
146 | |||
147 | # Namespace which no longer exists. Put the page in the main namespace |
||
148 | # since we don't have any idea of the old namespace name. See bug 68501. |
||
149 | if ( !MWNamespace::exists( $ns ) ) { |
||
150 | $ns = 0; |
||
151 | } |
||
152 | |||
153 | $clean = 'Broken/' . $prior; |
||
154 | $verified = Title::makeTitleSafe( $ns, $clean ); |
||
155 | if ( !$verified || $verified->exists() ) { |
||
156 | $blah = "Broken/id:" . $row->page_id; |
||
157 | $this->output( "Couldn't legalize; form '$clean' exists; using '$blah'\n" ); |
||
158 | $verified = Title::makeTitleSafe( $ns, $blah ); |
||
159 | } |
||
160 | $title = $verified; |
||
161 | } |
||
162 | if ( is_null( $title ) ) { |
||
163 | $this->error( "Something awry; empty title.", true ); |
||
164 | } |
||
165 | $ns = $title->getNamespace(); |
||
0 ignored issues
–
show
It seems like
$title is not always an object, but can also be of type null . Maybe add an additional type check?
If a variable is not always an object, we recommend to add an additional type check to ensure your method call is safe: function someFunction(A $objectMaybe = null)
{
if ($objectMaybe instanceof A) {
$objectMaybe->doSomething();
}
}
![]() |
|||
166 | $dest = $title->getDBkey(); |
||
167 | |||
168 | if ( $this->dryrun ) { |
||
169 | $this->output( "DRY RUN: would rename $row->page_id ($row->page_namespace," . |
||
170 | "'$row->page_title') to ($ns,'$dest')\n" ); |
||
171 | View Code Duplication | } else { |
|
172 | $this->output( "renaming $row->page_id ($row->page_namespace," . |
||
173 | "'$row->page_title') to ($ns,'$dest')\n" ); |
||
174 | $dbw = $this->getDB( DB_MASTER ); |
||
175 | $dbw->update( 'page', |
||
176 | [ |
||
177 | 'page_namespace' => $ns, |
||
178 | 'page_title' => $dest |
||
179 | ], |
||
180 | [ 'page_id' => $row->page_id ], |
||
181 | __METHOD__ ); |
||
182 | LinkCache::singleton()->clear(); |
||
183 | } |
||
184 | } |
||
185 | } |
||
186 | |||
187 | $maintClass = "TitleCleanup"; |
||
188 | require_once RUN_MAINTENANCE_IF_MAIN; |
||
189 |
The PSR-1: Basic Coding Standard recommends that a file should either introduce new symbols, that is classes, functions, constants or similar, or have side effects. Side effects are anything that executes logic, like for example printing output, changing ini settings or writing to a file.
The idea behind this recommendation is that merely auto-loading a class should not change the state of an application. It also promotes a cleaner style of programming and makes your code less prone to errors, because the logic is not spread out all over the place.
To learn more about the PSR-1, please see the PHP-FIG site on the PSR-1.