r21608 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r21607‎ \| r21608 \| r21609 >
Date:	09:43, 26 April 2007
Author:	raymond
Status:	old
Tags:
Comment:	Escaping, thanks to Nikerabbit
Modified paths:	/trunk/extensions/Makesysop/SpecialMakesysop_body.php (modified) (history)

Diff [purge]

Index: trunk/extensions/Makesysop/SpecialMakesysop_body.php
—	—	@@ -61,7 +61,7 @@
62	62	$this->mAction = $request->getText( 'action' );
63	63	$this->mRights = $request->getVal( 'wpRights' );
64	64	$this->mUser = $request->getText( 'wpMakesysopUser' );
65		~~- $this->mReason = htmlspecialchars( $request->getText( 'wpMakesysopReason' ) );~~
	65	+ $this->mReason = $request->getText( 'wpMakesysopReason' );
66	66	$this->mSubmit = $request->getBool( 'wpMakesysopSubmit' ) &&
67	67	$request->wasPosted() &&
68	68	$wgUser->matchEditToken( $request->getVal( 'wpEditToken' ) );
—	—	@@ -88,7 +88,7 @@
89	89	$encUser = "";
90	90	}
91	91
92		~~- $reason = wfMsg( "makesysopreason" );~~
	92	+ $reason = htmlspecialchars( wfMsg( "makesysopreason" ) );
93	93	$makebureaucrat = wfMsg( "setbureaucratflag" );
94	94	$mss = wfMsg( "set_user_rights" );
95	95	$token = htmlspecialchars( $wgUser->editToken() );
—	—	@@ -187,7 +187,7 @@
188	188	$newGroups = array_merge($newGroups, $addedGroups);
189	189
190	190	$log = new LogPage( 'rights' );
191		~~- $log->addEntry( 'rights', Title::makeTitle( NS_USER, $username ), $this->mReason,~~
	191	+ $log->addEntry( 'rights', Title::makeTitle( NS_USER, $username ), htmlspecialchars( $this->mReason ),
192	192	array( $this->makeGroupNameList( $oldGroups ), $this->makeGroupNameList( $newGroups ) ) );
193	193
194	194	$this->showSuccess();
—	—	@@ -254,7 +254,6 @@
255	255
256	256	$oldGroups = $this->getUserGroups( $database, $userid );
257	257	$newGroups = $oldGroups;
258		~~- $logcomment = $this->mReason;~~
259	258	// remove then add groups
260	259	if(isset($removegroup)) {
261	260	$newGroups = array_diff($newGroups, $removegroup);
—	—	@@ -277,7 +276,7 @@
278	277	wfDebug( 'newGroups: ' . print_r( $newGroups, true ) );
279	278
280	279	$log = new LogPage( 'rights' );
281		~~- $log->addEntry( 'rights', Title::makeTitle( NS_USER, $username ), $logcomment, array( $this->makeGroupNameList( $oldGroups ),~~
	280	+ $log->addEntry( 'rights', Title::makeTitle( NS_USER, $username ), $this->mReason, array( $this->makeGroupNameList( $oldGroups ),
282	281	$this->makeGroupNameList( $newGroups ) ) );
283	282	}
284	283