Author: imslproject
Description:
The relevant sections of code are as follows:
$content_actions['edit'] is set after this check in buildContentActionUrls():
if ( $this->mTitle->quickUserCan( 'edit' ) && ( $this->mTitle->exists() || $this->mTitle->quickUserCan( 'create' ) ) ) {
However, it is used in this fashion in outputPage():
// XXX: attach this from javascript, same with section editing
if($this->iseditable && $wgUser->getOption("editondblclick") )
{
$tpl->set('body_ondblclick', 'document.location = "' .$content_actions['edit']['href'] .'";');
}
When a user has "editondblclick" enabled, but views a protected page, $content_actions['edit'] will be used before initialization.
Version: 1.8.x
Severity: normal