Extension:EditWarning

WARNING! This Extension lacks escaping of $user_id in EditWarning.class.php which might allow SQL injection. Since the author User:Nemesis has not given any contact information I decided to write this message right here. Details: An attacker may register hisself with a username like:  '; DELETE * FROM ... -- The username will be passed into the query unescaped as soon as he starts editing a page. Contact me if you have any questions or need help: dergringo;AT:gmail(.)c0m

Help with testing the new 0.4-alpha release!

What can this extension do?
On pages which are being edited by many users simultaneously edit conflicts can easily happen. This extension tries to avoid this problem by showing a warning message if the user edits a page that is being edited by other users at the same time. It's very similar to the MoinMoin Wiki warning with the difference that it doesn't lock the page (but this feature is planned).

Notice: It's not recommended to use this extension if anonymous users are allowed to edit pages, because it ignores anonymous page edits.

Notice: It's highly recommended to upgrade to 0.3.4, if you're using MediaWiki 1.11.1 or higher. EditWarning 0.1 beta doesn't work correctly on these newer versions.

Screenshots: see Extension:EditWarning/Screenshots

Use case
Alice opens the page "FooBar" for editing. Now Bob wants edit the page too. He gets a warning message that says Alice is currently editing the page. At this point Bob may decide to make his changes later or he contacts Alice to discuss his changes with her.

Licence
GNU GPL Version 2.0 or later. (http://www.gnu.org/licenses/gpl-2.0.html)

Installation
CREATE TABLE `current_edits` ( `id` int(10) unsigned NOT NULL auto_increment,  `page_id` int(10) unsigned NOT NULL,  `user_id` int(10) unsigned NOT NULL,  `user_name` varchar(255) character set latin1 collate latin1_bin NOT NULL,  `timestamp` int(10) unsigned NOT NULL,  PRIMARY KEY  (`id`) ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
 * Move the folder "EditWarning" to the "extensions" folder of your MediaWiki installation.
 * Execute the following SQL statement in your MediaWiki database:
 * Add the following to LocalSettings.php:


 * Open the file includes/EditPage.php of your MediaWiki installation and search for the line:


 * Replace that line with:


 * Optional: The default timeout is set to 10 minutes. If you want to change this setting, add this line to your LocalSettings.php (Note: The value is the number of minutes):


 * Optional: The extension hides everything except the editor area (see screenshots). If you don't like this behavior, add this line to your LocalSettings.php:

Upgrade from 0.3.x

 * Move the folder "EditWarning" to the "extensions" folder of your MediaWiki installation and overwrite the old files.

For older versions see the UPGRADE file.

Known Issues

 * The extension can only recognize the cancel of page editing if the user uses the "Cancel" button. Otherwise the warning will be showed until the timeout (default 10 minutes).
 * Section editing is currently unsupported. The 0.4 release will have this feature.