Last modified: 2008-02-26 22:33:46 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 13139 - Merging $_GET and $_POST with array_merge is a bad idea
Merging $_GET and $_POST with array_merge is a bad idea
Status: RESOLVED FIXED
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
1.12.x
PC Linux
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks: 13074
  Show dependency treegraph
 
Reported: 2008-02-24 23:39 UTC by BABE Louis Remi
Modified: 2008-02-26 22:33 UTC (History)
3 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Attachments

Description BABE Louis Remi 2008-02-24 23:39:56 UTC
Recently, the way we deal with REQUEST datas has changed (see r1=29192&r2=30882">http://svn.wikimedia.org/viewvc/mediawiki/trunk/phase3/includes/WebRequest.php?r1=29192&r2=30882).
We doesn't use any more $_REQUEST, instead we merge $_GET and $_POST with array_merge($_GET, $_POST) and $_POST overrides $_GET datas wich share same keys (see http://svn.wikimedia.org/viewvc/mediawiki/trunk/phase3/includes/WebRequest.php?annotate=30882#l53).
But the array_merge function has a side effect : pure numeric (not beginning with 0) keys of $_GET and $_POST are changed (see http://fr2.php.net/manual/en/function.array-merge.php)!
Despite the fact that numeric names are forbidden in HTML (see http://www.w3.org/TR/html4/types.html#type-cdata), people using them in extension (for example) will get confused. Moreover, it breaks some backward compatibility, for example with the quiz extension (see https://bugzilla.wikimedia.org/show_bug.cgi?id=13074 and test that : http://en.wikiversity.org/wiki/User:McCormack/quiz_test).

Solutions are :
- changing $this->data = array_merge($_GET, $_POST); simply with $this->data = $_GET + $_POST; wich should works as expected and does'nt seems to have any contraindication (once again, see http://fr2.php.net/manual/en/function.array-merge.php).
- checking both $_POST and $_GET for pure numeric keys and throwing an exception.


PS : I apologize for my poor english level.
Comment 1 Aryeh Gregor (not reading bugmail, please e-mail directly) 2008-02-24 23:52:06 UTC
CC'ing Brion, who committed r30882.
Comment 2 Brion Vibber 2008-02-26 22:33:46 UTC
Fixed in r31327. Replaced array_merge() with wfArrayMerge() which behaves in a sane fashion.

Gee, I wish we didn't have to reimplement half of PHP's standard library.

Note You need to log in before you can comment on or make changes to this bug.


Navigation
Links