r69988 MediaWiki - Code Review archive

Repository:MediaWiki
Revision:r69987‎ | r69988 | r69989 >
Date:07:40, 27 July 2010
Author:tstarling
Status:ok
Tags:
Comment:
MFT r69984: rewrote profileinfo.php fix.
Modified paths:
  • /branches/REL1_16/phase3/profileinfo.php (modified) (history)

Diff [purge]

Index: branches/REL1_16/phase3/profileinfo.php
@@ -103,7 +103,7 @@
104104 else $ex = false;
105105 if ( !$ex ) {
106106 if ( count( $this->children ) ) {
107 - $url = makeurl( false, false, $expand + array( $this->name() => true ) );
 107+ $url = getEscapedProfileUrl( false, false, $expand + array( $this->name() => true ) );
108108 $extet = " <a href=\"$url\">[+]</a>";
109109 } else $extet = '';
110110 } else {
@@ -112,7 +112,7 @@
113113 if ( $name != $this->name() )
114114 $e += array( $name => $ep );
115115
116 - $extet = " <a href=\"" . makeurl( false, false, $e ) . "\">[&ndash;]</a>";
 116+ $extet = " <a href=\"" . getEscapedProfileUrl( false, false, $e ) . "\">[&ndash;]</a>";
117117 }
118118 ?>
119119 <tr>
@@ -231,31 +231,35 @@
232232
233233 <table cellspacing="0" border="1">
234234 <tr id="top">
235 -<th><a href="<?php echo makeurl( false, 'name' ) ?>">Name</a></th>
236 -<th><a href="<?php echo makeurl( false, 'time' ) ?>">Time (%)</a></th>
237 -<th><a href="<?php echo makeurl( false, 'memory' ) ?>">Memory (%)</a></th>
238 -<th><a href="<?php echo makeurl( false, 'count' ) ?>">Count</a></th>
239 -<th><a href="<?php echo makeurl( false, 'calls_per_req' ) ?>">Calls/req</a></th>
240 -<th><a href="<?php echo makeurl( false, 'time_per_call' ) ?>">ms/call</a></th>
241 -<th><a href="<?php echo makeurl( false, 'memory_per_call' ) ?>">kb/call</a></th>
242 -<th><a href="<?php echo makeurl( false, 'time_per_req' ) ?>">ms/req</a></th>
243 -<th><a href="<?php echo makeurl( false, 'memory_per_req' ) ?>">kb/req</a></th>
 235+<th><a href="<?php echo getEscapedProfileUrl( false, 'name' ) ?>">Name</a></th>
 236+<th><a href="<?php echo getEscapedProfileUrl( false, 'time' ) ?>">Time (%)</a></th>
 237+<th><a href="<?php echo getEscapedProfileUrl( false, 'memory' ) ?>">Memory (%)</a></th>
 238+<th><a href="<?php echo getEscapedProfileUrl( false, 'count' ) ?>">Count</a></th>
 239+<th><a href="<?php echo getEscapedProfileUrl( false, 'calls_per_req' ) ?>">Calls/req</a></th>
 240+<th><a href="<?php echo getEscapedProfileUrl( false, 'time_per_call' ) ?>">ms/call</a></th>
 241+<th><a href="<?php echo getEscapedProfileUrl( false, 'memory_per_call' ) ?>">kb/call</a></th>
 242+<th><a href="<?php echo getEscapedProfileUrl( false, 'time_per_req' ) ?>">ms/req</a></th>
 243+<th><a href="<?php echo getEscapedProfileUrl( false, 'memory_per_req' ) ?>">kb/req</a></th>
244244 </tr>
245245 <?php
246246 $totaltime = 0.0;
247247 $totalcount = 0;
248248 $totalmemory = 0.0;
249249
250 -function makeurl( $_filter = false, $_sort = false, $_expand = false ) {
 250+function getEscapedProfileUrl( $_filter = false, $_sort = false, $_expand = false ) {
251251 global $filter, $sort, $expand;
252252
253253 if ( $_expand === false )
254254 $_expand = $expand;
255255
256 - $nfilter = $_filter ? htmlspecialchars( $_filter ) : htmlspecialchars( $filter );
257 - $nsort = $_sort ? htmlspecialchars( $_sort ) : htmlspecialchars( $sort );
258 - $exp = urlencode( implode( ',', array_keys( $_expand ) ) );
259 - return "?filter=$nfilter&amp;sort=$nsort&amp;expand=$exp";
 256+ return htmlspecialchars(
 257+ '?' .
 258+ wfArrayToCGI( array(
 259+ 'filter' => $_filter ? $_filter : $filter,
 260+ 'sort' => $_sort ? $_sort : $sort,
 261+ 'expand' => implode( ',', array_keys( $_expand ) )
 262+ ) )
 263+ );
260264 }
261265
262266 $points = array();
Property changes on: branches/REL1_16/phase3/profileinfo.php
___________________________________________________________________
Added: svn:mergeinfo
263267 Merged /trunk/phase3/profileinfo.php:r63545-63546,63549,63643,63764,63897-63901,64876,69984

Past revisions this follows-up on

RevisionCommit summaryAuthorDate
r69984* Rewrote r69952, profileinfo.php XSS fix. It was probably safe, but it seeme...tstarling02:39, 27 July 2010

Status & tagging log