Project:Support desk
 Archives |
- Check before posting
- Realtime help
- Mailing list
Welcome to MediaWiki.org's Support desk, the central on-wiki place to ask MediaWiki questions!
The greater purpose of this page is to make our Manual and other available help so good that you do not have to come here to ask questions, or making them easier to find.
There are other ways for of communication as well (IRC, Mailing lists etc.), read more here.
Before you post
- Please read through our technical manual and end-user help.
- Project:Current issues is where you should discuss issues about the mediawiki.org website itself.
- If your question is about an extension, consider posting your question at that extension's talk page instead.
- Project:Sandbox: Test wiki editing.
Post a new question
1. To help us answer your questions, please always indicate which versions you are using:
-
- MediaWiki (reported by your wiki's Special:Version page)
- PHP (likewise)
- Database (likewise, e.g. MySQL 4.1)
2. Please include the URL of your wiki unless you absolutely can't. It's often a lot easier for us to identify the source of the problem if we can look for ourselves.
3. To start a new thread, click "Start a new discussion".
Archiving topics
Topics are automatically archived when they have been inactive for three weeks. If a question you have asked is approaching this limit and still has not been answered, please 'bump' it to prevent it being archived. However do not 'bump' for other reasons.
Contents
 First page |
 Previous page |
 Next page |
 Last page |
Hello, could you please help me with the following question. Is it in security issues dangerous to run a MediaWiki in a company in version 1.13.3?
Probably.
Our host updated MySQL last night and today our wiki will not load at all. Firefox (10) says the connection to the server was reset. Safari (5.1.2) produces a blank page. If I run 'php index.php' from the command line I get:
php: symbol lookup error: /usr/local/lib/php/extensions/no-debug-non-zts-20060613/suhosin.so: undefined symbol: zend_atol
- MediaWiki 1.18.1
- PHP 5.2.9
- MySQL 5.1.56
- URL: http://www.serenitymush.com/wiki
Unfortunately I do not have root access to the server. I have tried installing a fresh copy of MediaWiki in a new folder but am unable to run the install script. Same error. Any input would be extremely helpful.
I started a request for an extension here:
http://www.mediawiki.org/wiki/Extension_requests#Private_message_extension
Could someone with the knowledge to create it or who knows who does work on getting it under construction?
Just as an aside, unless your extension request is solving a very interesting problem (or if its something that would have a large impact on a public wiki like wikipedia), it is kind of unlikely you will get programmers to work on it for free.
With that said, its possible, its just kind of unlikely.
Cheers.
About a month ago, I upgraded one of our MW 1.13.3 installations to MW 1.17.0. I've gotten through most of the issues except one huge one. This wiki is indexed ... err, was indexed ... by our Google appliance before the upgrade. Since the upgrade, the Google appliance cannot authenticate pages to index them. I applied the fix for Bugzilla 30275, but there was no change.
Both the wiki and the Google appliance are on an intranet, behind a firewall, not accessible from the internet.
Pages on the wiki are protected against reading unless the user is logged in.
We are still having this issue. I've tried changing every variable introduced since 1.13.0 that looked like it could possibly have an effect. I have been actively trying to disable some of the cross-site hacking code, as if someone gets through the firewall, we've got bigger issues than wiki-spam to contend with.
The log in process changed between 1.13 and 1.17 (specificly in 1.15.3). Your google appliance thing probably needs to be updated. See bugzilla:23076 for the technical details of the change.
Yes, this is the change I have been trying to undo. I will try harder. In the meanwhile, I'll see if the GSA administrator can get an upgrade. He previous said he couldn't, that it would be a customization that would cost big money AND get zapped by the next regular GSA upgrade.
Note, the change in the login process was for security reasons - it wasn't changed just for the heck of it.
The new login process is quite similar to the old process, the only difference is one has to pass the wpToken value in as well.
We have a special case ... this is an intranet wiki behind a firewall. If hackers get inside the firewall, we've got bigger problems than just keeping our own sales guys from giving confidential R&D information to customers. ;) The security risk is acceptable.
I successfully hacked it, yay! Of course, the hack isn't getting our other bots that tie our miscellaneous data sources together working, but at least GSA is happy again.
Big huge caveat on this: I've mentioned that this is on an intranet wiki, inaccessible from the regular internet. Implementing this will leave your wiki vulnerable to attack. This works for me, this may or may not work for you.
In ../includes/templates, comment out the line that adds the hidden form field wpCreateaccounttoken".
In ../includes/api/ApiLogin.php, have the case for LoginForm::NEED_TOKEN take the same path as LoginForm::SUCCESS, comment out the original NEED_TOKEN code.
In ../includes/specials/SpecialUserlogin.php, do the same switch statement case swap that was done in ApiLogin.php.
I am setting up MediaWiki software in a certain musical genre. I like the way WikiPedia opens editing for everyone because this subject has so many groups and history this would make it do-able. But the question I have is one of just starting.
WikiPedia has many people to look at the submissions & revisions, whether legitimate or vandals, and can choose whether to submit changes or not. Right now, I am only one person, so would this approach also be good for me at this point?
Thanks,
what's the name of text editor extension like the one in this forum (with [[Category:]] [[:Image:]] button under the white box) thx
i need a text editor extension like the one in this forum (with [[Category:]] [[:Image:]] button under the white box)
thx
That's done by installing extension:CharInsert, then adding some stuff to the page MediaWiki:Edittools that uses that extension (+ some custom css in mediawiki:Common.css to make them look like buttons instead of links)
Just wondering: Since I've never seen this extension used with IPv6 nor have I seen documentation mentioning it at Extension:GlobalBlocking, I'm wondering if IPv6 is supported.
Fatal error: Call to a member function addWikiMsg() on a non-object in /home/username/public_html/wiki/includes/specials/SpecialLinkSearch.php on line 82
Hi
Today I installed media wiki for private use and every thing seems to be OK but when I click on the External links search in special page I get this error
- Have you edited it before?
- Check any code errors on LocalSettings.php.
Hi , I did not change any thing in localsettings.php. This is a new installation. please see my localsettings.php here
http://paste.ubuntu.com/805960/
Can't it be because of my server tight security?
Hmm... well it isn't LocalSettings? Are you sure you did not change anything? Sometimes notepad will add BOMs.
Note, BOM's cause a different type of error. (headers already sent error)
This type of error would be caused if the relavent OutputPage wasn't being returned properly from the SpecialPage's context. I have no idea how that can happen (and furthermore, no idea how that could happen without many other massive errors popping up everywhere on your wiki) [This is probably a bug in MediaWiki]
Could you test temporarily disabling all extensions (just comment out the require_once lines near the bottom of LocalSettings.php) just to check if its being caused by one of those extensions (seems unlikely, but good to check).
p.s. You may want to change the value of $wgSecretKey and $wgUpgradeKey afterwards since they were left in your LocalSettings.php
You said " You may want to change the value of $wgSecretKey and $wgUpgradeKey afterwards since they were left in your LocalSettings.php
How to do it? for test I just addes abc at the end of $wgSecretKey and $wgUpgradeKey but got the same error. What can I do now? Amy body can help?
OK Jeff not sure, Is there any original file I can replace it with what I have? but when I try to add the data base info in there what should I do? what is the right way or editor to make the changes?
Use a text editor other then notepad. See BOM. However, if that was the issue you would be getting a different error message. See Manual:Errors_and_symptoms#Warning:_Cannot_modify_header_information_-_headers_already_sent_by_.28....29
Thanks Jeff but I have already filled it with more than 100 entries . Any better suggestion? or an Idea on how to re install without loosing my data?
I have this same error on my wiki when I click on the Special page for the link search (the search page doesnt load and it gives an error). Its 1.18.0 (correctly updated from previous MW, deleted old files, everything else works). "Fatal error: Call to a member function addWikiMsg() on a non-object in /home/[user] ... /includes/specials/SpecialLinkSearch.php on line 82". I can turn on debugging and stuff to get some more detail messages and post them here. Whats the best way to do that?
You don't need to turn on any further debugging to fix that error. If you have SSH (shell) access, connect to the server and use a text editor (such as nano or vim) to edit the file includes/specials/SpecialLinkSearch.php. Find line 82, which looks like this: $out->addWikiMsg( ... and change the $out to $wgOut and that fixes the error.
If you don't have SSH access, use FTP or something to access the server, copy the file into your local computer and make the modification with your favorite non-Microsoft Notepad text editor.
It's a nasty bug that slipped into the 1.18.0 release, and I believe this bug has been fixed in 1.18.1 (although I haven't tested 1.18.1 myself). Sadly this means that every unpatched MediaWiki 1.18.0 will have a broken Special:LinkSearch. :-(
I have the same issue, this even happens on a clean install of 1.18.1 (which hows up as version 1.18.0 under Special:version.
Is there a patch for this? I changed the $out to $wgOut and got further issues such as $self->getPrefixedDbKey() does not exist (would need to go through and repeat my changes to find out the exact errors.
If it shows up as 1.18.0 in Special:version, then you didn't install 1.18.1. Make sure that all files from your 1.18.0 install are over-written by the 1.18.1 files (Except LocalSettings.php)
This issue should be fixed in 1.18.1 (1.18.1 uses $out, but its supposed to use $out. The issue in 1.18.0 is only half of the $wgOut -> $out change went through, breaking things badly for that special page)
Hi,
How can I use an anchor link on sidebar?
When I try use a # in a link the # disapear.
Thanks,
Paulo
Seems to work fine for me. Please include the exact code you are using in MediaWiki:Sidebar.
I'm using **somepage#anchor|Somepage
And when I pass the mouse on SideBar the # disapear and the anchor didn´t work.
I'm using mediawiki 1.17 and Vector extension.
Thanks, Paulo
Interesting.
This seems to be an issue in 1.18 and earlier releases that was accidentally fixed in (the not yet released) MediaWiki 1.19. (MediaWiki 1.19 will probably be released in about one and a half months)
I'm using **somepage#anchor|Somepage
And when I pass the mouse on SideBar the # disapear and the anchor didn´t work.
I'm using mediawiki 1.17 and Vector extension.
Thanks, Paulo
Http://kitsunetsuki.net/wiki
For some reason after a server move I cannot get mediawiki to connect to my database.
Everything was moved as it should have been (1:1 file copy and db import)
I've checked my localsettings.php file and it has all of the correct settings for my new server in it. I have also confirmed that those settings work (I can connect to it via terminal just fine)
Thoughts?
Contents |
[edit] platform
- MW:1.18.1
- PHP: 5.2.17
- MySQL:5.1.52
[edit] user environment
- OS X 10.6.8
- Safari 5.1.1 (6534.51.22)
[edit] problem
editing pages at http://www.sebokwiki075.org/dev/index.php with the above user environment. if you edit a page, save it, then edit it again, weird things start to happen.
- possible edit conflicts
- the edit page shows data from the FIRST edit
- saving never completes (white page)
[edit] troubleshooting
- upgraded to 1.18.1 from 1.18 --same problem
- made sure there was no ISP/proxy/accelerator software
- works fine in 1.17
- have not yet disabled extensions, and we have a ton of them.
[edit] workaround
work around is to use a different browser. this is not acceptable to the user, who feels the wiki software should work on safari.
[edit] solution
Anyone?
This is my wiki
I have MediaWiki 1.16.0, PHP 5.3.6 (cgi-fcgi), MySQL 5.5.17
I have spambots logging in and creating accounts but I have set up the wiki so that they do not make any edits. Is there any harm in having many spambot users if they cannot actually add any spam? Also is there any way of stopping new account creations from appearing in recent changes?
I have read the spam page and implemented some of the suggestions but I cannot find the answer to my questions. To repeat:
1) Does the registering of accounts alone (no spam added) cause any problems?
2) Is there a way to prevent account creations from showing up on recent changes?
1) Yes, as they may be able to can edit altho you may restrict editing to registered users with advanced registration protection.
2) on RecentChanges select: Namespace: User / "Invert selection", save as favorite.
But again, you actually don't want to hide such accounts, you want to prevent their creation (e.g. with Extension:ConfirmEdit). Please stop double posting threads.
I had the same problem and took a few measures (on advisement) to control the on-slot of spambots. The one step I see working is Extension:AbuseFilter and a filter a developer friend wrote for my project. Not sure if this is the answer to all but, it works for me and I know how frustrating this problem can be.
Thanks for the help. Your method for removing account creations from RC works fine but my first question remains. I can stop the spambots from editing but is there any harm in letting them create accounts?
Subfader, what do you mean by 'double posting threads'?
Users can potentially do other things then edit ( See Special:usergrouprights on your wiki for the full list ) like sending email to other users. Assuming you have those things also similarly restricted there is no harm.
An alternative way to disable new users appearing in RC is to turn off new user logging altogether - see manual:$wgNewUserLog
Dear Community,
I wish to uninstall "http://en.wikipedia.org/wiki/User:MarkS/Extra_edit_buttons" from my wiki.
Already asked Goggle, but doesnt`t help.
Please write me a short Guide or a link. Thanks!!!
Just do the reverse of User:MarkS/Extra_edit_buttons#Installing. Edit your monobook.js and remove what you added.
I want to display on the main page 2 categories of my wiki, for categories i mean pages like [[Category:category_I]], that because i don t want to put on my main page (it is a private wiki) only 2 link, one for each category. I know that is not natural put on wiki 2 pages as one, expecially two categories, but i really need that, maybe is possible with an extension, i ask here for have the best way to do that :) ty.
Mediawiki 1.15.1 PHP 5.3.3-7+squeeze3 mysql Ver 14.14 Distrib 5.1.49
I'm confused as to what you're asking, but perhaps extension:DynamicPageList (Wikimedia) is what you're looking for.
Using multiple wikis on the same site for some months without problems. Suddenly search pages for all wikis on the site have started to do the following
- search for a term
- results are displayed in a raw HTML only format, i.e. it appears that the style sheets or skins are not being applied
- when I click one of the links I am redirected to http://hidrocaribe.gob.ve/innova which our firewall blocks as a threat
Where would I look to find what is going on?
Also, our hosting company suggests that the corruption likely happened via a hacked admin wiki account. Could that be? Tenbergen 22:51, 6 February 2012 (UTC)
It would be helpful if you provided a link to your wiki (Mostly looking through Special:Recentchanges [in particular, any edits to the mediawiki namespace] could rule out if its a compromised admin account or something else).
In theory, an admin account can add site-wide js, which could potentially be used to do something like that. However, if someone did that, there are more evil things they could do for quite a bit less effort, so that seems unlikely.
I think its more likely that someone got into your server (possibly via some other insecure web application that you had installed) and modified some of MediaWiki's php files.
Thanks for your reply, I had thought something along that line. The URL is http://ccmdb.kuality.ca/index.php?title=Special:UserLogout&returnto=Main_Page. Even without login, running a blank search does the trick. We had already looked in the recent changes and there was nothing enlighenting there. For one of the wikis, common.js and common.css seemed to be corrupted, the pages were not accessible at all via wiki. Not for the other wikis, though. Any ideas how to proceed troubleshooting?
yeah, that definitely looks like someone modified one of the php files (server sends 301 redirects to bad places).
(Furthermore, The admin editable js isn't even being loaded for people not logged in, since it's not on the page whitelist and the wiki is read restricted)
What I would probably do would be:
- Save your LocalSettings.php, and any uploaded images.
- Look through your LocalSettings.php to make sure nothing unusual or strange is in there
- Delete everything (except not your database)
- Re-install MediaWiki (putting the LocalSettings.php and images directory you saved back).
If you have your apache access_log going back a while, looking for unusual requests might be able to tell you how the attacker gained access (obviously getting rid of the tainted php files means nothing if the attacker can still regain access). There are no known security vulnerabilities that give filesystem access in MediaWiki 1.16.5 (although that version is outdated), so I'd say its more likely that they gained access through something else.
Thanks Bawolff; we ended up able to convince the host admin that this really is an issue with their site (the whole site redirects, too) and they are looking into it now. Some other sites mentioned that this might have slipped in through joomla or wordpress, but apparently it doesn't actually affect those products, just their google rankings. Guess mediawiki was the only one actually showing symptoms...
For the convenience of editors of my site, I’ve added a number of extra links (e.g. semantic forms) to the sidebar. However, because this is rather confusing to regular visitors who have not logged in, I was looking for a way to hide those links from them. Contrary to what is claimed on this page, CustomSidebar does not offer such functionality. As a workaround I was hoping I could embed these links in content pages using Extension:ConditionalShow, but this extension is broken as of 2008/2009.
Any ideas?
In the default search (MySQL search without Lucene) foo doesn't find "File:Foo.jpg" (only foo* or foo.jpg does). But bar finds "File:Foo Bar Baz.jpg".
Is there a solution for this? Don't say users should truncate, the search should find it ;)
PrefSwitch: Impossible to make running PrefSwitch on brand new mediawiki installation, both local or hosted
greetings,
MediaWiki 1.18.1
PHP 5.3.8 (apache2handler)
MySQL 5.5.16
i'm trying to get os x to start up the wiki at boot up.
i've created a .plist which works when its in ~/Library/LaunchAgents
but when i put this .plist under /Library/LaunchDaemons and reboot, i get lots of error messages in the system.log ...
Jan 31 12:06:41 sect org.me.startwiki[408]: 120131 12:06:41 mysqld_safe Logging to '/Applications/mediawiki-1.18.1-0/mysql/data/mysqld.log'.
Jan 31 12:06:41 sect com.apple.launchd[1] (0x7f97d5001830.anonymous.nohup[628]): Bug: launchd_core_logic.c:9375 (25247):0
Jan 31 12:06:41 sect com.apple.launchd[1] (0x7f97d5001830.anonymous.nohup[628]): Switching sessions is not allowed in the system Mach bootstrap.
which look like they're being caused when mysql starts.
if i time it right i can actually see the wiki main page briefly but then it shuts down.
any ideas?
MediaWiki is not a desktop application. You can't "start" it.
I assume you mean you want to start Apache and MySQL at boot up ?
This is very possible, but depends on which Apache/MySQL you use. If you use the default Apache that comes with OS X, then all you have to do is enable it from the System Preferences > Sharing > Web Sharing and then it will be started right away and also starts when the system boots up (I do this myself as well).
hi Krinkle, thanks for the reply.
>MediaWiki is not a desktop application. You can't "start" it.
sure you can, if this were a more typical unix flavour i'd expect to be able to put the command i'm currently using to "start" it...
/Applications/mediawiki-1.18.1-0/ctlscript.sh start
in one of the rc scripts and that (hopefully) would be it. but the equivalent under os x seems to be (i'm new to os x but not unix) to create a .plist file and use launchctl load etc however when i do that i get the errors i mentioned. i was hoping someone had already come across this and knew of a fix otherwise i'll have to go into the mysql start scripts and try to figure out whats offending mach.
cheers,
>MediaWiki is not a desktop application. You can't "start" it. sure you can, if this were a more typical unix flavour i'd expect to be able to put the command i'm currently using to "start" it... /Applications/mediawiki-1.18.1-0/ctlscript.sh start
There is no such file called ctlscript.sh in MediaWiki's code base.
Point stands: There no such thing as "starting mediawiki". You can:
- Start Apache/MySQL
- and/or: Open a browser and point it to your wiki's URL
Is that what you mean?
First page |
Previous page |
Next page |
Last page |
