The ability of this template to take in mathematical functions seems to have been broken. -- Eliyak T· C 06:19, 11 July 2007 (UTC)
{{
editprotected}}
<includeonly>{{#ifexpr:{{#expr:{{{2}}}}}>0|{{#expr:{{#expr:{{{1}}}}}{{loop|{{#expr:{{#expr:{{{2}}}}}-1}}|*{{#expr:{{{1}}}}}}}}}}}{{#ifexpr:{{#expr:{{{2}}}}}=0|1}}{{#ifexpr:{{#expr:{{{2}}}}}<0|{{#expr:1/({{#expr:{{{1}}}}}{{loop|{{#expr:{{abs|{{#expr:{{{2}}}}}}}-1}}|*{{#expr:{{{1}}}}}}})}}}}</includeonly>
{{ editprotected}} This template can be successfully exploited to DOS the servers, see discussion here. I suggest it be disabled, or at least changed in a way that requires it to be subst'ed and give an error message if it wasn't. If this cause pages using the template to break for a while, well, I think it's worth it nevertheless. A bot can later mass edit those back into shape. -- alexgieg ( talk) 18:13, 9 May 2008 (UTC)
{{
editprotected}}
Well, I can see how disabling the template would be problematic. In any case, after the fact I became curious about this template and played with it a little. The result is that I've found some bugs that need to be corrected, see here. The exploit was full of those red errors, so solving them might help some. -- alexgieg ( talk) 19:29, 9 May 2008 (UTC)
The examples at User:Alexander Gieg/Playground aren't really bugs, just using the template in ways it's not designed to work. However, I was surprised to see that {{ rating}} (which makes a row of stars) uses {{ roundup}} which uses {{ pow}}. Could exponentiation be supported directly in the #expr parserfunction? Gimmetrow 23:49, 9 May 2008 (UTC)
{{
editprotected}}
Okay, now that the template was replaced by Remember the dot to use the preprocessor exponentiation directly, some behaviors changed, some being bugs or almost bugs. Here's the list of what I identified, in no special order. Please edit the template contemplating whatever in it is appropriate:
{{
Pow|10|-4}}
and {{
Pow|5+5|6-10}}
should both behave the same, resulting in "0.0001". The second one, however, is currently resulting in 15620. In short: both parameter should be encapsulated and evaluated to ensure the end result is correct.{{
Pow|10|6}}
, is currently resulting in "1000000", but I remember that it previously resulted in engineering units, such as "1.000E+6" or something like that (I don't remember exactly how many decimal digits, sorry). I don't know whether this is a problem or not.I think this sums it up. -- alexgieg ( talk) 05:05, 10 May 2008 (UTC)
The ability of this template to take in mathematical functions seems to have been broken. -- Eliyak T· C 06:19, 11 July 2007 (UTC)
{{
editprotected}}
<includeonly>{{#ifexpr:{{#expr:{{{2}}}}}>0|{{#expr:{{#expr:{{{1}}}}}{{loop|{{#expr:{{#expr:{{{2}}}}}-1}}|*{{#expr:{{{1}}}}}}}}}}}{{#ifexpr:{{#expr:{{{2}}}}}=0|1}}{{#ifexpr:{{#expr:{{{2}}}}}<0|{{#expr:1/({{#expr:{{{1}}}}}{{loop|{{#expr:{{abs|{{#expr:{{{2}}}}}}}-1}}|*{{#expr:{{{1}}}}}}})}}}}</includeonly>
{{ editprotected}} This template can be successfully exploited to DOS the servers, see discussion here. I suggest it be disabled, or at least changed in a way that requires it to be subst'ed and give an error message if it wasn't. If this cause pages using the template to break for a while, well, I think it's worth it nevertheless. A bot can later mass edit those back into shape. -- alexgieg ( talk) 18:13, 9 May 2008 (UTC)
{{
editprotected}}
Well, I can see how disabling the template would be problematic. In any case, after the fact I became curious about this template and played with it a little. The result is that I've found some bugs that need to be corrected, see here. The exploit was full of those red errors, so solving them might help some. -- alexgieg ( talk) 19:29, 9 May 2008 (UTC)
The examples at User:Alexander Gieg/Playground aren't really bugs, just using the template in ways it's not designed to work. However, I was surprised to see that {{ rating}} (which makes a row of stars) uses {{ roundup}} which uses {{ pow}}. Could exponentiation be supported directly in the #expr parserfunction? Gimmetrow 23:49, 9 May 2008 (UTC)
{{
editprotected}}
Okay, now that the template was replaced by Remember the dot to use the preprocessor exponentiation directly, some behaviors changed, some being bugs or almost bugs. Here's the list of what I identified, in no special order. Please edit the template contemplating whatever in it is appropriate:
{{
Pow|10|-4}}
and {{
Pow|5+5|6-10}}
should both behave the same, resulting in "0.0001". The second one, however, is currently resulting in 15620. In short: both parameter should be encapsulated and evaluated to ensure the end result is correct.{{
Pow|10|6}}
, is currently resulting in "1000000", but I remember that it previously resulted in engineering units, such as "1.000E+6" or something like that (I don't remember exactly how many decimal digits, sorry). I don't know whether this is a problem or not.I think this sums it up. -- alexgieg ( talk) 05:05, 10 May 2008 (UTC)