Page MenuHomePhabricator

Use of uninitialized variable $content_actions['edit'] in SkinTemplate.php
Closed, ResolvedPublic


Author: imslproject

The relevant sections of code are as follows:

$content_actions['edit'] is set after this check in buildContentActionUrls():

if ( $this->mTitle->quickUserCan( 'edit' ) && ( $this->mTitle->exists() || $this->mTitle->quickUserCan( 'create' ) ) ) {

However, it is used in this fashion in outputPage():

// XXX: attach this from javascript, same with section editing
if($this->iseditable && $wgUser->getOption("editondblclick") )

$tpl->set('body_ondblclick', 'document.location = "' .$content_actions['edit']['href'] .'";');


When a user has "editondblclick" enabled, but views a protected page, $content_actions['edit'] will be used before initialization.

Version: 1.8.x
Severity: normal



Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 9:48 PM
bzimport set Reference to bz10113.
bzimport added a subscriber: Unknown Object (MLST).

Fixed in r22713; using the direct URL generator func instead of trying to rip it out of the array. On protected page, the 'edit' link goes into a 'viewsource' tab instead, so wasn't getting picked up as expected.

robchur wrote:

*** Bug 6832 has been marked as a duplicate of this bug. ***