On 11/22/07, catrope(a)svn.wikimedia.org <catrope(a)svn.wikimedia.org> wrote:
global $wgEditOwnExcludedNamespaces;
+ if(!is_array($wgEditOwnExcludedNamespaces))
+ // Prevent PHP from whining
+ $wgEditOwnExcludedNamespaces = array();
if($action != 'edit' || $user->isAllowed('editall') ||
in_array($title->getNamespace(), $wgEditOwnExcludedNamespaces))
Note that using any variable without explicitly initializing it is
dangerous in PHP. If an installation has register_globals enabled,
and has not initialized the variable elsewhere, an attacker can insert
any desired value into the variable by just editing the URL. The
better approach is to initialize the variable in EditOwn.php, and
require users to override it in LocalSettings.php after the
require_once line.