Skip to content
This repository was archived by the owner on May 25, 2021. It is now read-only.

Commit f828dc6

Browse files
Kenny2githubKenny2github
committed
Add CSRF check for Special:Report
Also clean up a little of the logic
1 parent 2f43a84 commit f828dc6

File tree

1 file changed

+26
-16
lines changed

1 file changed

+26
-16
lines changed

SpecialReport.php

Lines changed: 26 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -55,7 +55,7 @@ public function execute( $par ) {
5555
}
5656
$request = $this->getRequest();
5757
if ($request->wasPosted()) {
58-
return self::onPost( $par, $out, $request );
58+
return self::onPost( $par, $out, $request, $user );
5959
}
6060
$out->setIndexPolicy( 'noindex' );
6161
$out->addHTML(
@@ -87,6 +87,14 @@ public function execute( $par ) {
8787
'id' => 'mw-report-form-reason'
8888
]
8989
));
90+
$out->addHTML(Html::rawElement(
91+
'input',
92+
[
93+
'type' => 'hidden',
94+
'name' => 'token',
95+
'value' => $user->getEditToken()
96+
]
97+
));
9098
$out->addHTML(Html::rawElement(
9199
'input',
92100
[
@@ -98,29 +106,31 @@ public function execute( $par ) {
98106
$out->addHTML(Html::closeElement( 'form' ));
99107
}
100108

101-
static public function onPost( $par, $out, $request ) {
102-
global $wgUser;
109+
static public function onPost( $par, $out, $request, $user ) {
110+
if (!$user->matchEditToken($request->getText( 'token' ))) {
111+
$out->addWikiMsg( 'sessionfailure' );
112+
return;
113+
}
103114
if (!$request->getText('reason')) {
104115
$out->addHTML(Html::rawElement(
105116
'p',
106117
[ 'class' => 'error '],
107118
wfMessage( 'report-error-missing-reason' )->escaped()
108119
));
109-
} else {
110-
$dbw = wfGetDB( DB_MASTER );
111-
$dbw->startAtomic(__METHOD__);
112-
$dbw->insert( 'report_reports', [
113-
'report_revid' => (int)$par,
114-
'report_reason' => $request->getText('reason'),
115-
'report_user' => $wgUser->getId(),
116-
'report_user_text' => $wgUser->getName(),
117-
'report_timestamp' => wfTimestampNow()
118-
], __METHOD__ );
119-
$dbw->endAtomic(__METHOD__);
120-
$out->addWikiMsg( 'report-success' );
121-
$out->addWikiMsg( 'returnto', '[[' . SpecialPage::getTitleFor('Diff', $par)->getPrefixedText() . ']]' );
122120
return;
123121
}
122+
$dbw = wfGetDB( DB_MASTER );
123+
$dbw->startAtomic(__METHOD__);
124+
$dbw->insert( 'report_reports', [
125+
'report_revid' => (int)$par,
126+
'report_reason' => $request->getText('reason'),
127+
'report_user' => $user->getId(),
128+
'report_user_text' => $user->getName(),
129+
'report_timestamp' => wfTimestampNow()
130+
], __METHOD__ );
131+
$dbw->endAtomic(__METHOD__);
132+
$out->addWikiMsg( 'report-success' );
133+
$out->addWikiMsg( 'returnto', '[[' . SpecialPage::getTitleFor('Diff', $par)->getPrefixedText() . ']]' );
124134
}
125135

126136
public function getGroupName() {

0 commit comments

Comments
 (0)