| Index: trunk/extensions/Translate/TranslatePage.php |
| — | — | @@ -477,18 +477,19 @@ |
| 478 | 478 | $desc = $this->getGroupDescription( $block ); |
| 479 | 479 | $hasSubblocks = is_array( $blocks ) && count( $blocks ); |
| 480 | 480 | |
| 481 | | - $subid = "mw-subgroup-$id"; |
| | 481 | + $subid = Sanitizer::escapeId( "mw-subgroup-$id" ); |
| 482 | 482 | |
| 483 | 483 | if ( $hasSubblocks ) { |
| 484 | 484 | $msg = wfMsgExt( 'translate-showsub', 'parsemag', $wgLang->formatNum( count( $blocks ) ) ); |
| 485 | | - $desc .= Html::element( 'a', array( 'onclick' => "jQuery('#$subid').toggle()", 'class' => 'mw-sp-showmore' ), $msg ); |
| | 485 | + $target = TranslationHelpers::jQueryPathId( $subid ); |
| | 486 | + $desc .= Html::element( 'a', array( 'onclick' => "jQuery($target).toggle()", 'class' => 'mw-sp-showmore' ), $msg ); |
| 486 | 487 | } |
| 487 | 488 | |
| 488 | 489 | $out = "\n<tr><td>$label</td>\n<td>$desc</td></tr>\n"; |
| 489 | 490 | if ( $hasSubblocks ) { |
| 490 | 491 | $out .= "<tr><td></td><td>\n"; |
| 491 | 492 | $tableParams = array( |
| 492 | | - 'id' => "mw-subgroup-$id", |
| | 493 | + 'id' => $subid, |
| 493 | 494 | 'style' => 'display:none;', |
| 494 | 495 | 'class' => "mw-sp-translate-subgroup depth-$level", |
| 495 | 496 | ); |
| Index: trunk/extensions/Translate/_autoload.php |
| — | — | @@ -110,6 +110,8 @@ |
| 111 | 111 | $wgAutoloadClasses['TranslationMemoryUpdater'] = $dir . 'utils/TranslationMemoryUpdater.php'; |
| 112 | 112 | |
| 113 | 113 | $wgAutoloadClasses['TranslateYaml'] = $dir . 'utils/TranslateYaml.php'; |
| | 114 | + |
| | 115 | +$wgAutoloadClasses['TranslateBC'] = $dir . 'utils/CompatibilityCode.php'; |
| 114 | 116 | /**@}*/ |
| 115 | 117 | |
| 116 | 118 | /** |
| Index: trunk/extensions/Translate/utils/TranslationEditPage.php |
| — | — | @@ -169,21 +169,14 @@ |
| 170 | 170 | public static function jsEdit( Title $title, $group = "" ) { |
| 171 | 171 | global $wgUser; |
| 172 | 172 | |
| 173 | | - if ( !$wgUser->isAllowed( 'translate' ) ) { |
| | 173 | + if ( !$wgUser->isAllowed( 'translate' ) || !$wgUser->getOption( 'translate-jsedit' ) ) { |
| 174 | 174 | return array(); |
| 175 | 175 | } |
| 176 | 176 | |
| 177 | | - if ( !$wgUser->getOption( 'translate-jsedit' ) ) { |
| 178 | | - return array(); |
| 179 | | - } |
| 180 | | - |
| 181 | | - $dbKey = $title->getPrefixedDbKey(); |
| 182 | | - $jsTitle = Xml::escapeJsString( $dbKey ); |
| 183 | | - $jsGroup = Xml::escapeJsString( $group ); |
| 184 | | - |
| 185 | 177 | return array( |
| 186 | | - 'onclick' => "return trlOpenJsEdit( \"$jsTitle\", \"$jsGroup\" );", |
| 187 | | - 'title' => wfMsg( 'translate-edit-title', $dbKey ) |
| | 178 | + 'onclick' => TranslateBC::encodeJsCall( |
| | 179 | + 'return trlOpenJsEdit', array( $title->getPrefixedDbKey(), $group ) ), |
| | 180 | + 'title' => wfMsg( 'translate-edit-title', $title->getPrefixedText() ) |
| 188 | 181 | ); |
| 189 | 182 | } |
| 190 | 183 | } |
| Index: trunk/extensions/Translate/utils/CompatibilityCode.php |
| — | — | @@ -0,0 +1,44 @@ |
| | 2 | +<?php |
| | 3 | +/** |
| | 4 | + * Code for facilitiating backwards compatibility for older %MediaWikis. |
| | 5 | + * |
| | 6 | + * @file |
| | 7 | + * @author Niklas Laxström |
| | 8 | + * @copyright Copyright © 2010, Niklas Laxström |
| | 9 | + * @license http://www.gnu.org/copyleft/gpl.html GNU General Public License 2.0 or later |
| | 10 | + */ |
| | 11 | + |
| | 12 | +/** |
| | 13 | + * General BC code. |
| | 14 | + */ |
| | 15 | +class TranslateBC { |
| | 16 | + |
| | 17 | + /** |
| | 18 | + * Create a call to a JavaScript function. The supplied arguments will be |
| | 19 | + * encoded using Xml::encodeJsVar(). |
| | 20 | + * |
| | 21 | + * @param $name The name of the function to call, or a JavaScript expression |
| | 22 | + * which evaluates to a function object which is called. |
| | 23 | + * @param $args Array of arguments to pass to the function. |
| | 24 | + * @since 1.17 |
| | 25 | + */ |
| | 26 | + public static function encodeJsCall( $name, $args ) { |
| | 27 | + if ( method_exists( 'Xml', 'encodeJsCall' ) ) { |
| | 28 | + return Xml::encodeJsCall( $name, $args ); |
| | 29 | + } |
| | 30 | + |
| | 31 | + $s = "$name("; |
| | 32 | + $first = true; |
| | 33 | + foreach ( $args as $arg ) { |
| | 34 | + if ( $first ) { |
| | 35 | + $first = false; |
| | 36 | + } else { |
| | 37 | + $s .= ', '; |
| | 38 | + } |
| | 39 | + $s .= Xml::encodeJsVar( $arg ); |
| | 40 | + } |
| | 41 | + $s .= ");\n"; |
| | 42 | + return $s; |
| | 43 | + } |
| | 44 | + |
| | 45 | +} |
| Property changes on: trunk/extensions/Translate/utils/CompatibilityCode.php |
| ___________________________________________________________________ |
| Added: svn:eol-style |
| 1 | 46 | + native |
| Index: trunk/extensions/Translate/utils/TranslationHelpers.php |
| — | — | @@ -964,25 +964,26 @@ |
| 965 | 965 | 'page' => $this->title->getPrefixedDbKey(), |
| 966 | 966 | 'loadgroup' => $this->group->getId(), |
| 967 | 967 | ) ); |
| 968 | | - $url = Xml::escapeJsString( $url ); |
| | 968 | + $url = Xml::encodeJsVar( $url ); |
| 969 | 969 | |
| 970 | | - $dialogID = $this->dialogID(); |
| 971 | | - $id = Sanitizer::escapeId( "tm-lazysug-$dialogID" ); |
| | 970 | + $id = Sanitizer::escapeId( 'tm-lazysug-' . $this->dialogID() ); |
| | 971 | + $target = self::jQueryPathId( $id ); |
| 972 | 972 | |
| 973 | | - $script = Html::inlineScript( "jQuery('#$id').load( \"$url\" )" ); |
| | 973 | + $script = Html::inlineScript( "jQuery($target).load($url)" ); |
| 974 | 974 | $spinner = Html::element( 'div', array( 'class' => 'mw-ajax-loader' ) ); |
| 975 | 975 | return Html::rawElement( 'div', array( 'id' => $id ), $script . $spinner ); |
| 976 | 976 | } |
| 977 | 977 | |
| 978 | 978 | public function dialogID() { |
| 979 | | - return sha1( $this->title->getPrefixedDbKey() ); |
| | 979 | + $hash = sha1( $this->title->getPrefixedDbKey() ); |
| | 980 | + return substr( $hash, 0, 4 ); |
| 980 | 981 | } |
| 981 | 982 | |
| 982 | 983 | public function adder( $source ) { |
| 983 | | - $target = Xml::escapeJsString( $this->getTextareaId() ); |
| 984 | | - $source = Xml::escapeJsString( $source ); |
| | 984 | + $target = self::jQueryPathId( $this->getTextareaId() ); |
| | 985 | + $source = self::jQueryPathId( $source ); |
| 985 | 986 | $params = array( |
| 986 | | - 'onclick' => "jQuery('#$target').val(jQuery('#$source').text()).focus(); return false;", |
| | 987 | + 'onclick' => "jQuery($target).val($source).text()).focus(); return false;", |
| 987 | 988 | 'href' => '#', |
| 988 | 989 | 'title' => wfMsg( 'translate-use-suggestion' ) |
| 989 | 990 | ); |
| — | — | @@ -1027,6 +1028,10 @@ |
| 1028 | 1029 | return $wgUser->getSkin()->link( $target, $text, $jsEdit, $params ); |
| 1029 | 1030 | } |
| 1030 | 1031 | |
| | 1032 | + public static function jQueryPathId( $id ) { |
| | 1033 | + return Xml::encodeJsVar( "#$id" ); |
| | 1034 | + } |
| | 1035 | + |
| 1031 | 1036 | /** |
| 1032 | 1037 | * How many failures during failure period need to happen to consider |
| 1033 | 1038 | * the service being temporarily off-line. */ |