r111327 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r111326‎ \| r111327 \| r111328 >
Date:	21:22, 12 February 2012
Author:	wikinaut
Status:	deferred (Comments)
Tags:
Comment:	follow-up r111313 . iframes have class= instead of id= . proper use of isset() . Sanitizing the attributes immediately before composing the iframe . rawhtmlencoding the username, so that also spaces arrive as epl usernames. negation of boolean instead of inappropriate negation of string
Modified paths:	/trunk/extensions/EtherpadLite/EtherpadLite.php (modified) (history)

Diff [purge]

Index: trunk/extensions/EtherpadLite/EtherpadLite.php
—	—	@@ -61,7 +61,7 @@
62	62	'path' => __FILE__,
63	63	'name' => 'EtherpadLite',
64	64	'author' => array( 'Thomas Gries' ),
65		~~- 'version' => '1.03 20120212',~~
	65	+ 'version' => '1.04 20120212',
66	66	'url' => 'https://www.mediawiki.org/wiki/Extension:EtherpadLite',
67	67	'descriptionmsg' => 'etherpadlite-desc',
68	68	);
—	—	@@ -89,10 +89,8 @@
90	90	$wgEtherpadLiteShowAuthorColors = true;
91	91
92	92
93		~~-function wfEtherpadLiteStringFromTestedBoolean( $var, $default ) {~~
94		~~- # http://www.php.net/manual/en/function.is-bool.php#104643~~
95		~~- $booleanVar = ( isset( $var ) ) ? filter_var( $var, FILTER_VALIDATE_BOOLEAN ) : $default;~~
96		~~- return ( $booleanVar ) ? "true" : "false";~~
	93	+function wfEtherpadLiteStringFromBoolean( $bool ) {
	94	+ return ( $bool ) ? "true" : "false";
97	95	}
98	96
99	97	function wfEtherpadLiteRender( $input, $args, $parser, $frame ) {
—	—	@@ -109,12 +107,26 @@
110	108	$args['height'] = ( isset( $args['height'] ) ) ? $args['height'] : $wgEtherpadLiteDefaultHeight;
111	109	$args['width'] = ( isset( $args['width'] ) ) ? $args['width'] : $wgEtherpadLiteDefaultWidth;
112	110
113		~~- $useMonospaceFont = wfEtherpadLiteStringFromTestedBoolean( $args['monospaced-font'], $wgEtherpadLiteMonospacedFont );~~
114		~~- $showControls = wfEtherpadLiteStringFromTestedBoolean( $args['show-controls'], $wgEtherpadLiteShowControls ) ;~~
115		~~- $showLineNumbers = wfEtherpadLiteStringFromTestedBoolean( $args['show-linenumbers'], $wgEtherpadLiteShowLineNumbers );~~
116		~~- $showChat = wfEtherpadLiteStringFromTestedBoolean( $args['show-chat'], $wgEtherpadLiteShowChat );~~
117		~~- $noColors = ! ( wfEtherpadLiteStringFromTestedBoolean( $args['show-colors'], $wgEtherpadLiteShowAuthorColors ) );~~
	111	+ $useMonospaceFont = wfEtherpadLiteStringFromBoolean(
	112	+ ( ( isset( $args['monospaced-font'] ) ) ? filter_var( $args['monospaced-font'], FILTER_VALIDATE_BOOLEAN ) : $wgEtherpadLiteMonospacedFont )
	113	+ );
118	114
	115	+ $showControls = wfEtherpadLiteStringFromBoolean(
	116	+ ( ( isset( $args['show-controls'] ) ) ? filter_var( $args['show-controls'], FILTER_VALIDATE_BOOLEAN ) : $wgEtherpadLiteShowControls )
	117	+ );
	118	+
	119	+ $showLineNumbers = wfEtherpadLiteStringFromBoolean(
	120	+ ( ( isset( $args['show-linenumbers'] ) ) ? filter_var( $args['show-linenumbers'], FILTER_VALIDATE_BOOLEAN ) : $wgEtherpadLiteShowLineNumbers )
	121	+ );
	122	+
	123	+ $showChat = wfEtherpadLiteStringFromBoolean(
	124	+ ( ( isset( $args['show-chat'] ) ) ? filter_var( $args['show-chat'], FILTER_VALIDATE_BOOLEAN ) : $wgEtherpadLiteShowChat )
	125	+ );
	126	+
	127	+ $noColors = wfEtherpadLiteStringFromBoolean(
	128	+ ! ( ( isset( $args['show-colors'] ) ) ? filter_var( $args['show-colors'], FILTER_VALIDATE_BOOLEAN ) : $wgEtherpadLiteShowAuthorColors )
	129	+ );
	130	+
119	131	$args['src'] = Sanitizer::cleanUrl (
120	132	( isset( $args['src'] ) ) ? $args['src'] : $wgEtherpadLiteDefaultPadUrl
121	133	);
—	—	@@ -126,24 +138,29 @@
127	139	# 2. the pad username can currently be overwritten when editing the pad
128	140
129	141	$parser->disableCache();
130		~~- $userName = $wgUser->getName();~~
	142	+ $userName = rawurlencode( $wgUser->getName() );
131	143
132	144	$sanitizedAttributes = Sanitizer::validateAttributes( $args, array ( "width", "height", "id", "src" ) );
133	145
134	146	$iframeAttributes = array(
135		~~- "style" => "width:" . $sanitizedAttributes['width'] . ";" .~~
	147	+ "style" => "width:" . $sanitizedAttributes['width'] . ";" .
136	148	"height:" . $sanitizedAttributes['height'],
137		~~- "id" => "eplite-iframe-" . $sanitizedAttributes['id'] ,~~
138		~~- "src" => $sanitizedAttributes['src'] . "/" . $sanitizedAttributes['id'] .~~
139		~~- "?showControls=$showControls" .~~
140		~~- "&showChat=$showChat" .~~
141		~~- "&showLineNumbers=$showLineNumbers" .~~
142		~~- "&useMonospaceFont=$useMonospaceFont" .~~
143		~~- "&userName=$userName" .~~
144		~~- "&noColors=$noColors"~~
145		~~- );~~
	149	+ "class" => "eplite-iframe-" . $sanitizedAttributes['id'] ,
	150	+ "src" => Sanitizer::cleanUrl(
	151	+ $sanitizedAttributes['src'] . "/" . $sanitizedAttributes['id'] .
	152	+ "?showControls=$showControls" .
	153	+ "&showChat=$showChat" .
	154	+ "&showLineNumbers=$showLineNumbers" .
	155	+ "&useMonospaceFont=$useMonospaceFont" .
	156	+ "&noColors=$noColors" .
	157	+ "&userName=$userName"
	158	+ ),
	159	+ );
146	160
147		~~- $output = Html::rawElement( 'iframe', $iframeAttributes );~~
	161	+ $output = Html::rawElement(
	162	+ 'iframe',
	163	+ Sanitizer::validateAttributes( $iframeAttributes, array ( "style", "class", "src" ) )
	164	+ );
148	165
149	166	wfDebug( "EtherpadLite:wfEtherpadLiteRender $output\n" );
150	167	return array( $output );

Follow-up revisions

Revision	Commit summary	Author	Date
r111412	follow-up 111327 . here we got: using wfBoolToStr(), wfAppendUrl, Http::isVal...	wikinaut	20:22, 13 February 2012

Past revisions this follows-up on

Revision	Commit summary	Author	Date
r111313	follow-up r111286 . changed attribute names pad-id to id, pad-url to src. Usi...	wikinaut	18:53, 12 February 2012

Comments

#Comment by Wikinaut (talk | contribs) 21:24, 12 February 2012

I think, it looks better. Last open issue: the url.

#Comment by 😂 (talk | contribs) 15:24, 13 February 2012

Just use wfBoolToStr() rather than doing it yourself.

Status & tagging log

10:57, 15 February 2012 Hashar (talk | contribs) changed the status of r111327 [removed: new added: deferred]