Commit 8ee2e5dc authored by Robert Nix's avatar Robert Nix

Cherry-pick security patches for CheckUser

parent 027f4cb9
......@@ -366,12 +366,7 @@ class CheckUserHooks {
$ipchain = array_map( 'trim', explode( ',', $xff ) );
$ipchain = array_reverse( $ipchain );
if ( class_exists( ProxyLookup::class ) ) { // MW 1.28+
$proxyLookup = MediaWikiServices::getInstance()->getProxyLookup();
} else {
// This is kind of sketch, but is good enough for back-compat
$proxyLookup = new IP();
}
$proxyLookup = MediaWikiServices::getInstance()->getProxyLookup();
$client = null; // best guess of the client IP
$isSquidOnly = false; // all proxy servers where site Squid/Varnish servers?
......
......@@ -1508,7 +1508,46 @@ class SpecialCheckUser extends SpecialPage {
$line .= ' ' . Linker::formatComment( $row->cuc_actiontext ) . ' ';
}
// Comment
$line .= Linker::commentBlock( $row->cuc_comment );
if ( $row->cuc_type == RC_EDIT || $row->cuc_type == RC_NEW ) {
$rev = Revision::newFromId( $row->cuc_this_oldid );
if ( !$rev ) {
// Assume revision is deleted
$dbr = wfGetDB( DB_REPLICA );
$queryInfo = Revision::getArchiveQueryInfo();
$tmp = $dbr->selectRow(
$queryInfo['tables'],
$queryInfo['fields'],
[ 'ar_rev_id' => $row->cuc_this_oldid ],
__METHOD__,
[],
$queryInfo['joins']
);
if ( $tmp ) {
$rev = Revision::newFromArchiveRow( $tmp );
}
if ( !$rev ) {
// This shouldn't happen, CheckUser points to a revision
// that isn't in revision nor archive table?
throw new Exception(
"Couldn't fetch revision cu_changes table links to (cuc_this_oldid {$row->cuc_this_oldid})"
);
}
}
if ( $rev->userCan( Revision::DELETED_COMMENT ) ) {
$line .= Linker::commentBlock( $row->cuc_comment );
} else {
$line .= Linker::commentBlock(
$this->msg( 'rev-deleted-comment' )->text(),
null,
false,
null,
false
);
}
} else {
$line .= Linker::commentBlock( $row->cuc_comment );
}
$line .= '<br />&#160; &#160; &#160; &#160; <small>';
// IP
$line .= ' <strong>IP</strong>: ';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment