| Add {{User WPExtensions}} to your MediaWiki and Wikipedia userpages! This will automatically add you to Category:WikiProject Extensions participants on MediaWiki. |
|
|
| Developers can add {{User ExtensionsDev|member}} to your MediaWiki and Wikipedia userpages! This will also automatically add you to Category:WikiProject Extensions participants on MediaWiki. |
|
|
| Use {{Extension}} to all extension pages on this wiki (but only the main page). It will add a useful infobox and will automatically add the extension to Category:All extensions, along with the appropriate status and implementation type categories. |
|
| Add {{Archived Extension|oldRevid}} to archive an extension. |
 |
This extension has been archived.
This extension has not been maintained in some time, and no longer supports recent releases of MediaWiki.
To see the page before archival, click here. |
|
| Add {{DownloadBroken}} when the extension's download link appears to be broken. |
 |
This extension's download link appears to be broken. If you have another link, please update the page and remove this notice. |
|
Add {{Execution alert}} when the extension's code or configuration poses a major security risk.  |
 |
WARNING: The code or configuration described here poses a major security risk.
Site administrators: You are advised against using it until this security issue is resolved.
Problem: Vulnerable to code injection attacks, because it passes user input directly to executable statements, such as exec(), passthru() or include(). This may lead to arbitrary code being run on your server, among other things
Solution: strictly validate user input and/or apply escaping to all characters that have a special meaning in executable statements |
|
| Add {{Extension by patch warning}} when an extension requires patches to core MediaWiki code. |
|
This extension requires patches to core MediaWiki code. Extensions implemented using patches may be disabled by or interfere with upgrades and security patches. If a suitable alternative without a patch is available, we recommend you use that extension instead. |
|
| Add {{Extension code in wiki}} when an extension stores its code within this wiki's wikicode rather than a code repository. |
 |
This extension stores its source code on a wiki page. Please be aware that this code may be unreviewed or maliciously altered. They may contain security holes, outdated interfaces that are no longer compatible etc.
Note: No localisation updates are provided for this extension by translatewiki.net.
The developer is encouraged and invited to request access to MediaWiki's code repository to address this. |
|
| Add {{Extension exception}} when notifying other developers over exceptions to standard MediaWiki extension expectations. |
 |
The developer of this extension has requested that any future modifications, when possible, be made only after checking with them first. |
|
| Add {{Incompatible}} when an extension is incompatible with the stable version of MediaWiki (1.20). |
|
This extension is incompatible with the current stable MediaWiki 1.20 release!
You are advised against using this extension on a live site.
Volunteer developers are invited to pledge their efforts to updating this extension to make it compatible with MediaWiki 1.20 by replacing the {{Incompatible}} template with {{Incompatible|pledge=~~~~}}.
|
|
| Add {{ObsoleteExtension}} when an extension is obsolete - either by being replaced in MediaWiki's core or offering features no longer necessary. |
|
This extension is obsolete!
You are advised against using this extension on a live site. |
|
| Add {{Page security extension disclaimer}} extensions adding per-page or partial page access restrictions functionality. |
|
If you need per-page or partial page access restrictions, you are advised to install an appropriate content management package. MediaWiki was not written to provide per-page access restrictions, and almost all hacks or patches promising to add them will likely have flaws somewhere, which could lead to exposure of confidential data. We are not responsible for anything being leaked, leading to loss of funds or one's job.
For further details, see Security issues with authorization extensions |
|
| Use {{Security alert}} to an extension vulnerable to attacks. |
|
WARNING: The code or configuration described here poses a major security risk. Site administrators: You are advised against using it until this security issue is resolved. |
|
| Add {{Code injection alert}} to an extension vulnerable to code injection attacks, because it uses things like eval(), create_function, the preg_replace /e parameter, or dynamically generated scripts in insecure ways. |
|
WARNING: The code or configuration described here poses a major security risk.
Site administrators: You are advised against using it until this security issue is resolved.
Problem: Vulnerable to code injection attacks. This may lead to compromisation of your entire wiki, severe data loss, malware being injected, and other parts of your server being compromised, among other things.
Solution: |
|
| Add {{SQL injection alert}} to an extension vulnerable to sql injection attacks, because it passes user input directly to sql commands. |
|
WARNING: The code or configuration described here poses a major security risk.
Site administrators: You are advised against using it until this security issue is resolved.
Problem: Vulnerable to SQL injection attacks, because it passes user input directly into SQL commands. This may lead to user accounts being hijacked, wiki content being compromised, private data being leaked, malware being injected, and the entire wiki content being erased, among other things.
Solution: make proper use of MediaWiki's database class instead of concatenating raw sql |
|
Add {{Unmaintained extension}} when the developer(s) of an extension is no longer maintaining it.  |
|
The author of this extension is no longer maintaining it! Meaning any reports for additional features and/or bugfixes will more than likely be ignored. Volunteers are encouraged to take on the task of developing and maintaining it. As a courtesy, you may want to contact the author. You should also remove this template and list yourself as maintaining the extension in the page's {{extension}} infobox.
|
|
| Add {{XSS alert}} to an extension vulnerable to cross-site scripting attacks, because it passes user input directly to the browser. |
|
WARNING: The code or configuration described here poses a major security risk.
Site administrators: You are advised against using it until this security issue is resolved.
Problem: Vulnerable to Cross-site scripting attacks, because it passes user input directly to the browser. This may lead to user accounts being hijacked, among other things.
Solution: strictly validate user input and/or apply escaping to all characters that have a special meaning in HTML |
|
