https://bugzilla.wikimedia.org/show_bug.cgi?id=34778
Platonides <platoni...@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |platoni...@gmail.com
--- Comment #10 from Platonides <platoni...@gmail.com> 2012-04-23 16:01:25 UTC
---
Vulnerable to register_globals
$mmScriptPath defined but not used.
Useless statement $historyuri;
No need of mmSetupExtension() for setting a hook.
Usage of $wgTitle will fail on recent MediaWiki
stripos() is not the way to check if a variable was set in the query string
explode() is not how you retrieve a variable from the query string
You're changing the default timezone, overriding whatever the user might have
configured.
HTML injection building links
Hardcoded names of Special pages
You're fetching the whole list of revisions for each page, that can be a very
expensive operation, retrieving several thousands of rows. Try requesting just
what you need.
This is not suitable for deployment at this point. I recommend you to reach
some developers on how to properly code this.
--
Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
You are on the CC list for the bug.
_______________________________________________
Wikibugs-l mailing list
Wikibugs-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
