If you are going to do this anyway, despite the warnings given, use some
regex to strictly find all function & method invocations and only allow a
very small whitelisted set. Err on the side of caution with the regex
finding too many matches including false positives.
On Sun, 2 Jul 2017 07:57
On 29/06/17 09:15, Geert Van Pamel wrote:
> Tim,
>
> Your proposal to use buffered query worked. Thanks for that.
>
> Now I am running into the following problem:
>
>
> 2017-06-28 22:49:58: Migrating image table to image_temp...
> PHP Fatal error: Call to undefined function wfGetMimeMagic()
The Citoid service can perform this task: <
https://www.mediawiki.org/wiki/Citoid>.
You can try it out here: <
https://en.wikipedia.org/api/rest_v1/#!/Citation/getCitation>.
On July 1, 2017 at 8:12:42 PM, Jean Valjean (jeanvaljean2...@gmail.com)
wrote:
What are the best tools for parsing
What are the best tools for parsing barelinks to generate full citations?
E.g., converting
https://www.youtube.com/watch?v=lRcthTPP0s4
to
{{cite web|author=SecularSkin|date=11 November
2013|title=Christy0Mistys Series On Feminism|publisher=YouTube|url=
___
MediaWiki-l mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
Well it does have a certain coolness factor to do everything through the
wiki. It's kind of like how Mark Zuckerberg wanted Facebookers to be able
to do everything they needed to do on the web without leaving Facebook.
Facebook would have email, messaging, games, video, search, and even
Wikipedia
Most people just use a git repo for version controlling their
LocalSettings.php
If you really really want to do this onwiki approach, try verifying the
file with `php -l` before saving.
--
brian
On Saturday, July 1, 2017, Jean Valjean wrote:
> Yeah, that's already
Yeah, that's already happened a few times (typo taking the site down). What
I did on another wiki farm was have one wiki in charge of the other wiki's
config files, so that if you messed up LocalSettings.php, it wouldn't take
down the wiki that was modifying it.
My goal was to have some sort of
Even ignoring the security issues, if one of your users makes a typo, they
take down the site and they cannot revert because the site is then down.
From a security prespective, this is equivalent to giving your users shell
access to your server. They can run any arbitrary program, do anything,
On 07/01/2017 03:16 PM, Jean Valjean wrote:
> I want to let some of my administrators (in the wizards group) edit
> LocalSettings.php, so I used this snippet, which allows them to make
> changes by editing the Project:Shared_config.php page. Then I protected the
> page so that only wizards can
Well I did take my passwords out of webroot.
https://www.mediawiki.org/wiki/Manual:Securing_database_passwords#Keep_MySQL_Passwords_Out_Of_Webroot
On Sat, Jul 1, 2017 at 6:18 PM, John wrote:
> Yes, making localsettings.php world readable/editable is a huge security
>
Yes, making localsettings.php world readable/editable is a huge security
issue.
On Sat, Jul 1, 2017 at 6:16 PM, Jean Valjean
wrote:
> I want to let some of my administrators (in the wizards group) edit
> LocalSettings.php, so I used this snippet, which allows them to
I want to let some of my administrators (in the wizards group) edit
LocalSettings.php, so I used this snippet, which allows them to make
changes by editing the Project:Shared_config.php page. Then I protected the
page so that only wizards can edit it. Do you think this presents any
security
Yeah, the reason I didn't submit it as a patch is that all I did was hack
the extension to operate based on namespace rather than page IDs. Some
people might look at that as a regression, if they wanted to continue using
page IDs. I'm not really sure what would be the best way to make it capable
Github is only a mirror of the code base-we dont use it for pull requests.
If you want to submit a change, put a unified diff in
https://tools.wmflabs.org/gerrit-patch-uploader/ or submit the change
directly to gerrit.wikimedia.org (using the user account from
wikitech.wikimedia.org). There is
On Sat, Jul 1, 2017 at 2:41 AM, Jean Valjean
wrote:
> I came up with something a little safer and easier for those who just want
> to delete old revisions from one namespace: https://www.mediawiki.org/
> wiki/User:KryptoKronic/deleteOldRevisions.php
I don't know how
On Sat, Jul 1, 2017 at 12:07 AM, Jean Valjean
wrote:
> Today, a friend of mine had a few really long wiki pages whose revision
> histories he wanted to delete (specifically, chapters 1-117 of The Count of
> Monte Cristo), to save some space in his database. So, he went
On Sat, Jul 1, 2017 at 12:52 PM, Brian Wolff wrote:
> Thats awesome that you are making this.
>
> One small correction - wmf no longer uses cdb files for interwiki cache. We
> now use just a php array thats included so that the hhvm opcode cacher can
> cache it.
>
>
Thanks for
Thats awesome that you are making this.
One small correction - wmf no longer uses cdb files for interwiki cache. We
now use just a php array thats included so that the hhvm opcode cacher can
cache it.
--
bawolff
On Saturday, July 1, 2017, Greg Rundlett (freephile)
wrote:
>
On my wiki, I'm working on an architecture document [1] to explain how you
would best serve MediaWiki in a scalable, performant way. One goal of this
paper is to update the information at mw:Manual:MediaWiki architecture [2]
so that people everywhere can learn best how to implement MediaWiki.
I came up with something a little safer and easier for those who just want
to delete old revisions from one namespace: https://www.mediawiki.org/
wiki/User:KryptoKronic/deleteOldRevisions.php
The output looks like this:
$ php deleteOldRevisions.php --delete 4
Delete old revisions
Limiting to
21 matches
Mail list logo