r108296 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r108295‎ | r108296 | r108297 >
Date:00:48, 7 January 2012
Author:ashley
Status:ok
Tags:
Comment:
Comments: version 2.5:
*ResourceLoader compatibility; lots of JS refactoring + associated PHP changes
*dropped backwards compatibility, MediaWiki 1.18 is now required
*removed $wgTitle usage
*removed key cruft; unused legacy security thing?
*removed DIY escaping functions; useless, bad design, etc.
*added some comments
*added some paranoia checks to AJAX functions file
Modified paths:
  • /trunk/extensions/Comments/Comment.js (modified) (history)
  • /trunk/extensions/Comments/Comment.php (modified) (history)
  • /trunk/extensions/Comments/CommentClass.php (modified) (history)
  • /trunk/extensions/Comments/Comments_AjaxFunctions.php (modified) (history)

Diff [purge]

Index: trunk/extensions/Comments/Comments_AjaxFunctions.php
@@ -4,7 +4,14 @@
55 */
66
77 $wgAjaxExportList[] = 'wfCommentSubmit';
8 -function wfCommentSubmit( $page_id, $parent_id, $comment_text, $sid, $mk ) {
 8+function wfCommentSubmit( $page_id, $parent_id, $comment_text ) {
 9+ global $wgUser;
 10+
 11+ // Blocked users cannot submit new comments
 12+ if( $wgUser->isBlocked() ) {
 13+ return '';
 14+ }
 15+
916 if( $comment_text != '' ) {
1017 $comment = new Comment( $page_id );
1118 $comment->setCommentText( $comment_text );
@@ -12,7 +19,6 @@
1320 $comment->add();
1421
1522 if( class_exists( 'UserStatsTrack' ) ) {
16 - global $wgUser;
1723 $stats = new UserStatsTrack( $wgUser->getID(), $wgUser->getName() );
1824 $stats->incStatField( 'comment' );
1925 }
@@ -21,7 +27,14 @@
2228 }
2329
2430 $wgAjaxExportList[] = 'wfCommentVote';
25 -function wfCommentVote( $comment_id, $vote_value, $mk, $vg, $page_id ) {
 31+function wfCommentVote( $comment_id, $vote_value, $vg, $page_id ) {
 32+ global $wgUser;
 33+
 34+ // Blocked users cannot vote, obviously
 35+ if( $wgUser->isBlocked() ) {
 36+ return '';
 37+ }
 38+
2639 if( is_numeric( $comment_id ) && is_numeric( $vote_value ) ) {
2740 $dbr = wfGetDB( DB_SLAVE );
2841 $res = $dbr->select(
@@ -41,7 +54,6 @@
4255 $out = $comment->getCommentScore();
4356
4457 if( class_exists( 'UserStatsTrack' ) ) {
45 - global $wgUser;
4658 $stats = new UserStatsTrack( $wgUser->getID(), $wgUser->getName() );
4759
4860 // Must update stats for user doing the voting
@@ -96,7 +108,7 @@
97109 }
98110
99111 $wgAjaxExportList[] = 'wfCommentBlock';
100 -function wfCommentBlock( $comment_id, $user_id, $mk ) {
 112+function wfCommentBlock( $comment_id, $user_id ) {
101113 // Load user_name and user_id for person we want to block from the comment it originated from
102114 $dbr = wfGetDB( DB_SLAVE );
103115 $s = $dbr->selectRow(
Index: trunk/extensions/Comments/Comment.php
@@ -4,12 +4,12 @@
55 *
66 * @file
77 * @ingroup Extensions
8 - * @version 2.4.1
 8+ * @version 2.5
99 * @author David Pean <david.pean@gmail.com>
1010 * @author Misza <misza@shoutwiki.com>
1111 * @author Jack Phoenix <jack@countervandalism.net>
12 - * @copyright Copyright © 2008-2011 David Pean, Misza and Jack Phoenix
13 - * @link http://www.mediawiki.org/wiki/Extension:Comments Documentation
 12+ * @copyright Copyright © 2008-2012 David Pean, Misza and Jack Phoenix
 13+ * @link https://www.mediawiki.org/wiki/Extension:Comments Documentation
1414 * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later
1515 */
1616
@@ -24,7 +24,7 @@
2525 // Extension credits that will show up on Special:Version
2626 $wgExtensionCredits['parserhook'][] = array(
2727 'name' => 'Comments',
28 - 'version' => '2.4.1',
 28+ 'version' => '2.5',
2929 'author' => array( 'David Pean', 'Misza', 'Jack Phoenix' ),
3030 'description' => 'Adds <tt>&lt;comments&gt;</tt> parser hook that allows commenting on articles',
3131 'url' => 'https://www.mediawiki.org/wiki/Extension:Comments'
@@ -34,6 +34,12 @@
3535 $wgResourceModules['ext.comments'] = array(
3636 'scripts' => 'Comment.js',
3737 'styles' => 'Comments.css',
 38+ 'messages' => array(
 39+ 'comment-voted-label', 'comment-loading',
 40+ 'comment-auto-refresher-pause', 'comment-auto-refresher-enable',
 41+ 'comment-cancel-reply', 'comment-reply-to', 'comment-block-warning',
 42+ 'comment-block-anon', 'comment-block-user'
 43+ ),
3844 'localBasePath' => dirname( __FILE__ ),
3945 'remoteExtPath' => 'Comments',
4046 'position' => 'top' // available since r85616
@@ -91,24 +97,24 @@
9298 }
9399
94100 function displayComments( $input, $args, $parser ) {
95 - global $wgTitle, $wgOut, $wgScriptPath, $wgHooks;
 101+ global $wgOut;
96102
97103 wfProfileIn( __METHOD__ );
98104
99105 $parser->disableCache();
100106
101 - // Add required CSS & JS
102 - if ( defined( 'MW_SUPPORTS_RESOURCE_MODULES' ) ) {
103 - $wgOut->addModules( 'ext.comments' );
104 - } else {
105 - $wgOut->addScriptFile( $wgScriptPath . '/extensions/Comments/Comment.js' );
106 - $wgOut->addExtensionStyle( $wgScriptPath . '/extensions/Comments/Comments.css' );
107 - }
 107+ // Add required CSS & JS via ResourceLoader
 108+ $wgOut->addModules( 'ext.comments' );
108109
109 - // Add i18n for JS
110 - $wgHooks['MakeGlobalVariablesScript'][] = 'wfAddCommentJSVars';
111 -
112110 // Parse arguments
 111+ // The preg_match() lines here are to support the old-style way of
 112+ // adding arguments:
 113+ // <comments>
 114+ // Allow=Foo,Bar
 115+ // Voting=Plus
 116+ // </comments>
 117+ // whereas the normal, standard MediaWiki style, which this extension
 118+ // also supports is: <comments allow="Foo,Bar" voting="Plus" />
113119 $allow = '';
114120 if( preg_match( '/^\s*Allow\s*=\s*(.*)/mi', $input, $matches ) ) {
115121 $allow = htmlspecialchars( $matches[1] );
@@ -127,7 +133,7 @@
128134 $voting = $args['voting'];
129135 }
130136
131 - $comment = new Comment( $wgTitle->getArticleID() );
 137+ $comment = new Comment( $wgOut->getTitle()->getArticleID() );
132138 $comment->setAllow( $allow );
133139 $comment->setVoting( $voting );
134140
@@ -141,6 +147,8 @@
142148
143149 $output .= '<div id="allcomments">' . $comment->display() . '</div>';
144150
 151+ // If the database is in read-only mode, display a message informing the
 152+ // user about that, otherwise allow them to comment
145153 if( !wfReadOnly() ) {
146154 $output .= $comment->displayForm();
147155 } else {
@@ -152,26 +160,6 @@
153161 return $output;
154162 }
155163
156 -/**
157 - * Add some i18n messages to the array of JS globals. This is called from
158 - * displayComments() (the callback function for wfComments).
159 - *
160 - * @param $vars Array: array of pre-existing JavaScript global variables
161 - * @return Boolean: true
162 - */
163 -function wfAddCommentJSVars( $vars ) {
164 - $vars['_COMMENT_VOTED'] = wfMsg( 'comment-voted-label' );
165 - $vars['_COMMENT_LOADING'] = wfMsg( 'comment-loading' );
166 - $vars['_COMMENT_PAUSE_REFRESHER'] = wfMsg( 'comment-auto-refresher-pause' );
167 - $vars['_COMMENT_ENABLE_REFRESHER'] = wfMsg( 'comment-auto-refresher-enable' );
168 - $vars['_COMMENT_CANCEL_REPLY'] = wfMsg( 'comment-cancel-reply' );
169 - $vars['_COMMENT_REPLY_TO'] = wfMsg( 'comment-reply-to' );
170 - $vars['_COMMENT_BLOCK_WARNING'] = wfMsg( 'comment-block-warning' );
171 - $vars['_COMMENT_BLOCK_ANON'] = wfMsg( 'comment-block-anon' );
172 - $vars['_COMMENT_BLOCK_USER'] = wfMsg( 'comment-block-user' );
173 - return true;
174 -}
175 -
176164 // Translations for {{NUMBEROFCOMMENTS}}
177165 //$wgExtensionMessagesFiles['NumberOfComments'] = $dir . 'Comments.i18n.magic.php';
178166
Index: trunk/extensions/Comments/Comment.js
@@ -4,7 +4,7 @@
55 * object-oriented.
66 *
77 * @file
8 - * @date 19 June 2011
 8+ * @date 7 January 2012
99 */
1010 var Comment = {
1111 submitted: 0,
@@ -16,58 +16,14 @@
1717 pause: 0,
1818
1919 /**
20 - * Change the opacity of an element in a cross-browser compatible manner.
21 - *
22 - * @param opacity Integer: opacity
23 - * @param id String: element ID
24 - */
25 - changeOpacity: function( opacity, id ) {
26 - var object = document.getElementById( id ).style;
27 - object.opacity = ( opacity / 100 );
28 - object.MozOpacity = ( opacity / 100 );
29 - object.KhtmlOpacity = ( opacity / 100 );
30 - object.filter = 'alpha(opacity=' + opacity + ')';
31 - },
32 -
33 - /**
34 - * Code from http://brainerror.net/scripts/javascript/blendtrans/
35 - *
36 - * @param id String: element ID
37 - * @param opacStart Integer
38 - * @param opacEnd Integer
39 - * @param millisec Integer
40 - */
41 - opacity: function( id, opacStart, opacEnd, millisec ) {
42 - // speed for each frame
43 - var speed = Math.round( millisec / 100 );
44 - var timer = 0;
45 - var i;
46 -
47 - // determine the direction for the blending, if start and end are the same nothing happens
48 - if( opacStart > opacEnd ) {
49 - for( i = opacStart; i >= opacEnd; i-- ) {
50 - setTimeout( "Comment.changeOpacity(" + i + ",'" + id + "')", ( timer * speed ) );
51 - timer++;
52 - document.getElementById( id ).style.display = 'none'; // added by Jack
53 - }
54 - } else if( opacStart < opacEnd ) {
55 - for( i = opacStart; i <= opacEnd; i++ ) {
56 - setTimeout( "Comment.changeOpacity(" + i + ",'" + id + "')", ( timer * speed ) );
57 - timer++;
58 - document.getElementById( id ).style.display = 'block'; // added by Jack
59 - }
60 - }
61 - },
62 -
63 - /**
6420 * When a comment's author is ignored, "Show Comment" link will be
6521 * presented to the user.
6622 * If the user clicks on it, this function is called to show the hidden
6723 * comment.
6824 */
6925 show: function( id ) {
70 - Comment.opacity( 'ignore-' + id, 100, 0, 6500 );
71 - Comment.opacity( 'comment-' + id, 0, 100, 500 );
 26+ jQuery( '#ignore-' + id ).hide( 100 );
 27+ jQuery( '#comment-' + id ).show( 500 );
7228 },
7329
7430 /**
@@ -78,18 +34,16 @@
7935 * @param user_id Integer: user ID number of the user whose comments we
8036 * want to block
8137 * @param c_id Integer: comment ID number
82 - * @param mk String: vote key (MD5-hashed combination of comment ID, the
83 - * string 'pants' and user's name); unused
8438 */
85 - blockUser: function( user_name, user_id, c_id, mk ) {
 39+ blockUser: function( user_name, user_id, c_id ) {
8640 if( !user_name ) {
87 - user_name = _COMMENT_BLOCK_ANON;
 41+ user_name = mw.msg( 'comment-block-anon' );
8842 } else {
89 - user_name = _COMMENT_BLOCK_USER + ' ' + user_name;
 43+ user_name = mw.msg( 'comment-block-user' ) + ' ' + user_name;
9044 }
91 - if( confirm( _COMMENT_BLOCK_WARNING + ' ' + user_name + ' ?' ) ) {
 45+ if( confirm( mw.msg( 'comment-block-warning' ) + ' ' + user_name + ' ?' ) ) {
9246 sajax_request_type = 'POST';
93 - sajax_do_call( 'wfCommentBlock', [ c_id, user_id, mk ], function( response ) {
 47+ sajax_do_call( 'wfCommentBlock', [ c_id, user_id ], function( response ) {
9448 alert( response.responseText );
9549 window.location.href = window.location;
9650 });
@@ -102,20 +56,19 @@
10357 *
10458 * @param cid Integer: comment ID number
10559 * @param vt Integer: vote value
106 - * @param mk String: vote key (MD5-hashed combination of comment ID, the
107 - * string 'pants' and user's name); unused
10860 * @param vg
10961 */
110 - vote: function( cid, vt, mk, vg ) {
 62+ vote: function( cid, vt, vg ) {
11163 sajax_request_type = 'POST';
11264 sajax_do_call(
11365 'wfCommentVote',
114 - [ cid, vt, mk, ( ( vg ) ? vg : 0 ), document.commentform.pid.value ],
 66+ [ cid, vt, ( ( vg ) ? vg : 0 ), document.commentform.pid.value ],
11567 function( response ) {
11668 document.getElementById( 'Comment' + cid ).innerHTML = response.responseText;
11769 var img = '<img src="' + wgScriptPath + '/extensions/Comments/images/voted.gif" alt="" />';
11870 document.getElementById( 'CommentBtn' + cid ).innerHTML =
119 - img + '<span class="CommentVoted">' + _COMMENT_VOTED + '</span>';
 71+ img + '<span class="CommentVoted">' +
 72+ mw.msg( 'comment-voted-label' ) + '</span>';
12073 }
12174 );
12275 },
@@ -129,7 +82,7 @@
13083 * @param end
13184 */
13285 viewComments: function( pid, ord, end ) {
133 - document.getElementById( 'allcomments' ).innerHTML = _COMMENT_LOADING + '<br /><br />';
 86+ document.getElementById( 'allcomments' ).innerHTML = mw.msg( 'comment-loading' ) + '<br /><br />';
13487 var x = sajax_init_object();
13588 var url = wgServer + wgScriptPath +
13689 '/index.php?title=Special:CommentListGet&pid=' + pid + '&ord=' +
@@ -153,25 +106,12 @@
154107 },
155108
156109 /**
157 - * HTML-encodes ampersands and plus signs in the given input string.
158 - *
159 - * @param str String: input
160 - * @return String: input with ampersands and plus signs encoded
161 - */
162 - fixString: function( str ) {
163 - str = str.replace( /&/gi, '%26' );
164 - str = str.replace( /\+/gi, '%2B' );
165 - return str;
166 - },
167 -
168 - /**
169110 * Submit a new comment.
170111 */
171112 submit: function() {
172113 if( Comment.submitted === 0 ) {
173114 Comment.submitted = 1;
174115
175 - // Moved variables here...
176116 var pidVal = document.commentform.pid.value;
177117 var parentId;
178118 if ( !document.commentform.comment_parent_id.value ) {
@@ -179,16 +119,12 @@
180120 } else {
181121 parentId = document.commentform.comment_parent_id.value;
182122 }
183 - var fixedStr = Comment.fixString( document.commentform.comment_text.value );
184 - var sid = document.commentform.sid.value;
185 - var mk = document.commentform.mk.value;
 123+ var commentText = document.commentform.comment_text.value;
186124
187 - // @todo CHECKME: possible double-encoding
188 - // (fixString func + encodeURIComponent, which sajax object does)
189125 sajax_request_type = 'POST';
190126 sajax_do_call(
191127 'wfCommentSubmit',
192 - [ pidVal, parentId, fixedStr, sid, mk ],
 128+ [ pidVal, parentId, commentText ],
193129 function( response ) {
194130 document.commentform.comment_text.value = '';
195131 Comment.viewComments( document.commentform.pid.value, 0, 1 );
@@ -199,40 +135,31 @@
200136 },
201137
202138 /**
203 - * I'm not sure what is the purpose of this function. This is used in
204 - * toggleLiveComments() below.
205 - * AFAIK we can do document.getElementById( 'spy' ).innerHTML and get the
206 - * desired results in all browsers, including Internet Explorer.
 139+ * Toggle comment auto-refreshing on or off
 140+ *
 141+ * @param status
207142 */
208 - Ob: function( e, f ) {
209 - if( document.all ) {
210 - return ( ( f ) ? document.all[e].style : document.all[e] );
211 - } else {
212 - return ( ( f ) ? document.getElementById( e ).style : document.getElementById( e ) );
213 - }
214 - },
215 -
216143 toggleLiveComments: function( status ) {
217 - var Pause;
218 - // @todo FIXME/CHECKME: maybe this should be Comment.pause instead?
219144 if( status ) {
220 - Pause = 0;
 145+ Comment.pause = 0;
221146 } else {
222 - Pause = 1;
 147+ Comment.pause = 1;
223148 }
224149 var msg;
225150 if ( status ) {
226 - msg = _COMMENT_PAUSE_REFRESHER;
 151+ msg = mw.msg( 'comment-auto-refresher-pause' );
227152 } else {
228 - msg = _COMMENT_ENABLE_REFRESHER;
 153+ msg = mw.msg( 'comment-auto-refresher-enable' );
229154 }
230 - Comment.Ob( 'spy' ).innerHTML =
231 - '<a href="javascript:Comment.toggleLiveComments(' + ( ( status ) ? 0 : 1 ) +
232 - ')" style="font-size: 10px">' + msg + '</a>';
 155+
 156+ jQuery( 'div#spy a' ).click( function() {
 157+ Comment.toggleLiveComments( ( status ) ? 0 : 1 );
 158+ } ).css( 'font-size', '10px' ).text( msg );
 159+
233160 if( !Comment.pause ) {
234161 Comment.LatestCommentID = document.commentform.lastcommentid.value;
235162 Comment.timer = setTimeout(
236 - 'Comment.checkUpdate()',
 163+ function() { Comment.checkUpdate(); },
237164 Comment.updateDelay
238165 );
239166 }
@@ -267,7 +194,10 @@
268195 Comment.isBusy = false;
269196 if( !Comment.pause ) {
270197 clearTimeout( Comment.timer );
271 - Comment.timer = setTimeout( 'Comment.checkUpdate()', Comment.updateDelay );
 198+ Comment.timer = setTimeout(
 199+ function() { Comment.checkUpdate(); },
 200+ Comment.updateDelay
 201+ );
272202 }
273203 },
274204
@@ -278,9 +208,23 @@
279209 * @param poster String: name of the person whom we're replying to
280210 */
281211 reply: function( parentId, poster ) {
282 - document.getElementById( 'replyto' ).innerHTML = _COMMENT_REPLY_TO +
283 - ' ' + poster + ' (<a href="javascript:Comment.cancelReply()">' +
284 - _COMMENT_CANCEL_REPLY + '</a>) <br />';
 212+ jQuery( '#replyto' ).text(
 213+ mw.msg( 'comment-reply-to' ) + ' ' + poster + ' ('
 214+ );
 215+ jQuery( '<a>', {
 216+ href: 'javascript:void(0);',
 217+ 'class': 'comments-cancel-reply-link',
 218+ click: function() {
 219+ // Calling Comments.cancelReply(); here, like in the original
 220+ // code, does not work for some reason so we have to duplicate
 221+ // its functionality here. Ah well, it's only two lines.
 222+ document.getElementById( 'replyto' ).innerHTML = '';
 223+ document.commentform.comment_parent_id.value = '';
 224+ },
 225+ text: mw.msg( 'comment-cancel-reply' )
 226+ } ).appendTo( '#replyto' );
 227+ jQuery( '#replyto' ).append( ') <br />' );
 228+
285229 document.commentform.comment_parent_id.value = parentId;
286230 },
287231
@@ -288,4 +232,66 @@
289233 document.getElementById( 'replyto' ).innerHTML = '';
290234 document.commentform.comment_parent_id.value = '';
291235 }
292 -};
\ No newline at end of file
 236+};
 237+
 238+jQuery( document ).ready( function() {
 239+ // "Sort by X" feature
 240+ jQuery( 'select[name="TheOrder"]' ).change( function() {
 241+ Comment.viewComments(
 242+ mw.config.get( 'wgArticleId' ), // or we could use jQuery( 'input[name="pid"]' ).val(), too
 243+ jQuery( this ).val()
 244+ );
 245+ } );
 246+
 247+ // Comment auto-refresher
 248+ jQuery( 'div#spy a' ).click( function() {
 249+ Comment.toggleLiveComments( 1 );
 250+ } );
 251+
 252+ // Voting links
 253+ jQuery( 'a#comment-vote-link' ).click( function() {
 254+ var that = jQuery( this );
 255+ Comment.vote(
 256+ that.data( 'comment-id' ),
 257+ that.data( 'vote-type' ),
 258+ that.data( 'voting' )
 259+ );
 260+ } );
 261+
 262+ // "Block this user" links
 263+ jQuery( 'a.comments-block-user' ).each( function( index ) {
 264+ var that = jQuery( this );
 265+ that.click( function() {
 266+ Comment.blockUser(
 267+ that.data( 'comments-safe-username' ),
 268+ that.data( 'comments-user-id' ),
 269+ that.data( 'comments-comment-id' )
 270+ );
 271+ } );
 272+ } );
 273+
 274+ // "Show this hidden comment" -- comments made by people on the user's
 275+ // personal block list
 276+ jQuery( 'div.c-ignored-links a' ).each( function( index ) {
 277+ var that = jQuery( this );
 278+ that.click( function() {
 279+ Comment.show( that.data( 'comment-id' ) );
 280+ } );
 281+ } );
 282+
 283+ // Reply links
 284+ jQuery( 'a.comments-reply-to' ).each( function( index ) {
 285+ var that = jQuery( this );
 286+ that.bind( 'click', function() {
 287+ Comment.reply(
 288+ that.data( 'comment-id' ),
 289+ that.data( 'comments-safe-username' )
 290+ );
 291+ } );
 292+ } );
 293+
 294+ // Handle clicks on the submit button (previously this was an onclick attr)
 295+ jQuery( 'div.c-form-button input[type="button"]' ).click( function() {
 296+ Comment.submit();
 297+ } );
 298+} );
\ No newline at end of file
Index: trunk/extensions/Comments/CommentClass.php
@@ -112,22 +112,19 @@
113113 }
114114
115115 function getCommentText( $comment_text ) {
116 - global $wgTitle, $wgOut, $wgParser;
 116+ global $wgOut, $wgParser;
117117
118 - $comment_text = trim( str_replace( "&quot;", "'", $comment_text ) );
 118+ $comment_text = trim( str_replace( '&quot;', "'", $comment_text ) );
119119 $comment_text_parts = explode( "\n", $comment_text );
120120 $comment_text_fix = '';
121121 foreach( $comment_text_parts as $part ) {
122122 $comment_text_fix .= ( ( $comment_text_fix ) ? "\n" : '' ) . trim( $part );
123123 }
124124
125 - if( $wgTitle->getArticleID() > 0 ) {
 125+ if( $wgOut->getTitle()->getArticleID() > 0 ) {
126126 $comment_text = $wgParser->recursiveTagParse( $comment_text_fix );
127127 } else {
128 - $comment_text = $wgParser->parse(
129 - $comment_text_fix, $wgTitle, $wgOut->parserOptions(), true
130 - );
131 - $comment_text = $comment_text->getText();
 128+ $comment_text = $wgOut->parse( $comment_text_fix );
132129 }
133130
134131 // really bad hack because we want to parse=firstline, but don't want wrapping <p> tags
@@ -264,9 +261,7 @@
265262 global $wgUser;
266263 $dbw = wfGetDB( DB_MASTER );
267264
268 - // @todo FIXME/CHECKME: hurr durr legacy DIY security...still needed?
269 - // I sure hope not...
270 - $text = /*$this->fixStr( str_replace( "'", '&quot;',*/ $this->CommentText /*) )*/;
 265+ $text = $this->CommentText;
271266 wfSuppressWarnings();
272267 $commentDate = date( 'Y-m-d H:i:s' );
273268 wfRestoreWarnings();
@@ -651,7 +646,7 @@
652647 $output = '<div class="c-order">
653648 <div class="c-order-select">
654649 <form name="ChangeOrder" action="">
655 - <select name="TheOrder" onchange="Comment.viewComments(' . $this->PageID . ',this.value)">
 650+ <select name="TheOrder">
656651 <option value="0">' .
657652 wfMsg( 'comment-sort-by-date' ) .
658653 '</option>
@@ -662,7 +657,7 @@
663658 </form>
664659 </div>
665660 <div id="spy" class="c-spy">
666 - <a href="javascript:Comment.toggleLiveComments(1)">' .
 661+ <a href="javascript:void(0)">' .
667662 wfMsg( 'comment-auto-refresher-enable' ) .
668663 '</a>
669664 </div>
@@ -682,11 +677,10 @@
683678 }
684679
685680 $voteLink = '';
686 - $voteKey = md5( $commentID . 'pants' . $wgUser->getName() );
687681 if ( $wgUser->isLoggedIn() ) {
688 - $voteLink .= '<a href=\'javascript:Comment.vote(' . $commentID .
689 - ',' . $voteType . ',"' . $voteKey . '","' . $this->Voting .
690 - '")\'>';
 682+ $voteLink .= '<a id="comment-vote-link" data-comment-id="' .
 683+ $commentID . '" data-vote-type="' . $voteType .
 684+ '" data-voting="' . $this->Voting . '" href="javascript:void(0);">';
691685 } else {
692686 // Anonymous users need to log in before they can vote
693687 $login = SpecialPage::getTitleFor( 'Userlogin' );
@@ -757,7 +751,8 @@
758752 if( $comment['Comment_user_id'] != 0 ) {
759753 $title = Title::makeTitle( NS_USER, $comment['Comment_Username'] );
760754
761 - $CommentPoster = '<a href="' . $title->escapeFullURL() . '" rel="nofollow">' . $comment['Comment_Username'] . '</a>';
 755+ $CommentPoster = '<a href="' . $title->escapeFullURL() .
 756+ '" rel="nofollow">' . $comment['Comment_Username'] . '</a>';
762757
763758 $CommentReplyTo = $comment['Comment_Username'];
764759
@@ -788,8 +783,8 @@
789784 if( $replyRow ) {
790785 $replyRow .= ' | ';
791786 }
792 - $replyRow .= " | <a href=\"#end\" rel=\"nofollow\" onclick=\"javascript:Comment.reply({$comment['CommentID']},'" .
793 - htmlspecialchars( $CommentReplyTo, ENT_QUOTES ) . "')\">" .
 787+ $replyRow .= " | <a href=\"#end\" rel=\"nofollow\" class=\"comments-reply-to\" data-comment-id=\"{$comment['CommentID']}\" data-comments-safe-username=\"" .
 788+ htmlspecialchars( $CommentReplyTo, ENT_QUOTES ) . '">' .
794789 wfMsg( 'comment-reply' ) . '</a>';
795790 }
796791
@@ -801,17 +796,18 @@
802797 $comment_class = 'r-message';
803798 }
804799
805 - // Display Block icon for logged in users for comments of users that are already not in your block list
 800+ // Display Block icon for logged in users for comments of users
 801+ // that are already not in your block list
806802 $block_link = '';
807803
808804 if(
809805 $wgUser->getID() != 0 && $wgUser->getID() != $comment['Comment_user_id'] &&
810806 !( in_array( $comment['Comment_Username'], $block_list ) )
811807 ) {
812 - $block_link = "<a href=\"javascript:void(0)\" rel=\"nofollow\" onclick=\"javascript:Comment.blockUser('" .
 808+ $block_link = '<a href="javascript:void(0);" rel="nofollow" class="comments-block-user" data-comments-safe-username="' .
813809 htmlspecialchars( $comment['Comment_Username'], ENT_QUOTES ) .
814 - "',{$comment['Comment_user_id']},{$comment['CommentID']},'" .
815 - md5( $comment['Comment_Username'] . '-' . $comment['Comment_user_id'] ) . "')\">
 810+ '" data-comments-comment-id="' . $comment['CommentID'] . '" data-comments-user-id="' .
 811+ $comment['Comment_user_id'] . "\">
816812 <img src=\"{$wgScriptPath}/extensions/Comments/images/block.png\" border=\"0\" alt=\"\"/>
817813 </a>";
818814 }
@@ -828,7 +824,7 @@
829825 $output .= "<div id=\"ignore-{$comment['CommentID']}\" class=\"c-ignored {$container_class}\">\n";
830826 $output .= wfMsgExt( 'comment-ignore-message', 'parsemag' );
831827 $output .= '<div class="c-ignored-links">' . "\n";
832 - $output .= "<a href=\"javascript:Comment.show({$comment['CommentID']});\">" .
 828+ $output .= "<a href=\"javascript:void(0);\" data-comment-id=\"{$comment['CommentID']}\">" .
833829 wfMsg( 'comment-show-comment-link' ) . '</a> | ';
834830 $output .= "<a href=\"{$blockListTitle->escapeFullURL()}\">" .
835831 wfMsg( 'comment-manage-blocklist-link' ) . '</a>';
@@ -910,7 +906,8 @@
911907 $output .= $this->getCommentText( $comment['Comment_Text'] );
912908 $output .= '</div>' . "\n";
913909 $output .= '<div class="c-actions">' . "\n";
914 - $output .= '<a href="' . $title->escapeFullURL() . "#comment-{$comment['CommentID']}\" rel=\"nofollow\">" . wfMsg( 'comment-permalink' ) . '</a> ';
 910+ $output .= '<a href="' . $title->escapeFullURL() . "#comment-{$comment['CommentID']}\" rel=\"nofollow\">" .
 911+ wfMsg( 'comment-permalink' ) . '</a> ';
915912 if( $replyRow || $dlt ) {
916913 $output .= "{$replyRow} {$dlt}" . "\n";
917914 }
@@ -925,25 +922,13 @@
926923 }
927924
928925 /**
929 - * "Fixes" a string - replaces urlencoded entries with proper characters
930 - *
931 - * @param $str String: string to fix
932 - * @return $str String: fixed string
933 - */
934 - function fixStr( $str ) {
935 - $str = str_replace( '%26', '&', $str );
936 - $str = str_replace( '%2B', '+', $str );
937 - $str = str_replace( '%5C', "\\", $str );
938 - return $str;
939 - }
940 -
941 - /**
942926 * Displays the form for adding new comments
943927 *
944928 * @return $output Mixed: HTML output
945929 */
946930 function displayForm() {
947931 global $wgUser;
 932+
948933 $output = '<form action="" method="post" name="commentform">' . "\n";
949934
950935 if( $this->Allow ) {
@@ -952,7 +937,6 @@
953938 strtoupper( addslashes( $wgUser->getName() ) )
954939 );
955940 }
956 - $commentKey = md5( $this->PageID . 'pants' . $wgUser->getName() );
957941
958942 // 'comment' user right is required to add new comments
959943 if( !$wgUser->isAllowed( 'comment' ) ) {
@@ -962,8 +946,10 @@
963947 // and maybe there's a list of users who should be allowed to post
964948 // comments
965949 if( $wgUser->isBlocked() == false && ( $this->Allow == '' || $pos !== false ) ) {
966 - $output .= '<div class="c-form-title">' . wfMsg( 'comment-submit' ) . '</div>' . "\n";
 950+ $output .= '<div class="c-form-title">' .
 951+ wfMsg( 'comment-submit' ) . '</div>' . "\n";
967952 $output .= '<div id="replyto" class="c-form-reply-to"></div>' . "\n";
 953+ // Show a message to anons, prompting them to register or log in
968954 if ( !$wgUser->isLoggedIn() ) {
969955 $login_title = SpecialPage::getTitleFor( 'Userlogin' );
970956 $register_title = SpecialPage::getTitleFor( 'Userlogin', 'signup' );
@@ -976,15 +962,14 @@
977963 }
978964
979965 $output .= '<textarea name="comment_text" id="comment" rows="5" cols="64"></textarea>' . "\n";
980 - $output .= '<div class="c-form-button"><input type="button" value="' . wfMsg( 'comment-post' ) . '" onclick="javascript:Comment.submit()" class="site-button" /></div>' . "\n";
 966+ $output .= '<div class="c-form-button"><input type="button" value="' .
 967+ wfMsg( 'comment-post' ) . '" class="site-button" /></div>' . "\n";
981968 }
982969 $output .= '<input type="hidden" name="action" value="purge" />' . "\n";
983970 $output .= '<input type="hidden" name="pid" value="' . $this->PageID . '" />' . "\n";
984971 $output .= '<input type="hidden" name="commentid" />' . "\n";
985972 $output .= '<input type="hidden" name="lastcommentid" value="' . $this->getLatestCommentID() . '" />' . "\n";
986973 $output .= '<input type="hidden" name="comment_parent_id" />' . "\n";
987 - $output .= '<input type="hidden" name="sid" value="' . session_id() . '" />' . "\n";
988 - $output .= '<input type="hidden" name="mk" value="' . $commentKey . '" />' . "\n";
989974 }
990975 $output .= '</form>' . "\n";
991976 return $output;

Status & tagging log