r8757 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r8756‎ \| r8757 \| r8758 >
Date:	08:04, 30 April 2005
Author:	vibber
Status:	old
Tags:
Comment:	* (bug 1877) JavaScript error in page editing in some localizations Add wfEscapeJsString() function to do proper escaping of JavaScript string literals.
Modified paths:	/trunk/phase3/includes/EditPage.php (modified) (history) /trunk/phase3/includes/GlobalFunctions.php (modified) (history) /trunk/phase3/includes/Linker.php (modified) (history)

Diff [purge]

Index: trunk/phase3/includes/GlobalFunctions.php
—	—	@@ -674,6 +674,30 @@
675	675	}
676	676
677	677	/**
	678	+ * Returns an escaped string suitable for inclusion in a string literal
	679	+ * for JavaScript source code.
	680	+ * Illegal control characters are assumed not to be present.
	681	+ *
	682	+ * @param string $string
	683	+ * @return string
	684	+ */
	685	+function wfEscapeJsString( $string ) {
	686	+ // See ECMA 262 section 7.8.4 for string literal format
	687	+ $pairs = array(
	688	+ "\\" => "\\\\",
	689	+ "\"" => "\\\"",
	690	+ "\'" => "\\\'",
	691	+ "\n" => "\\n",
	692	+ "\r" => "\\r",
	693	+
	694	+ # To avoid closing the element or CDATA section
	695	+ "<" => "\\x3c",
	696	+ ">" => "\\x3e",
	697	+ );
	698	+ return strtr( $string, $pairs );
	699	+}
	700	+
	701	+/**
678	702	* @todo document
679	703	* @return float
680	704	*/
Index: trunk/phase3/includes/Linker.php
—	—	@@ -719,13 +719,13 @@
720	720	/** @todo document */
721	721	function tocList($toc) {
722	722	return "<table id='toc' class='toc'><tr><td>"
723		~~- . "<div id='toctitle'><h2>" . wfMsg('toc') . "</h2></div>\n"~~
	723	+ . "<div id='toctitle'><h2>" . wfMsgForContent('toc') . "</h2></div>\n"
724	724	. $toc
725	725	. "</ul>\n</td></tr></table>\n"
726	726	. '<script type="text/javascript">'
727	727	. ' if (window.showTocToggle) {'
728		~~- . ' var tocShowText = "' . addslashes( wfMsg('showtoc') ) . '";'~~
729		~~- . ' var tocHideText = "' . addslashes( wfMsg('hidetoc') ) . '"; '~~
	728	+ . ' var tocShowText = "' . wfEscapeJsString( wfMsgForContent('showtoc') ) . '";'
	729	+ . ' var tocHideText = "' . wfEscapeJsString( wfMsgForContent('hidetoc') ) . '";'
730	730	. ' showTocToggle();'
731	731	. ' } '
732	732	. "</script>\n";
Index: trunk/phase3/includes/EditPage.php
—	—	@@ -1028,7 +1028,7 @@
1029	1029	$image=$wgStylePath.'/common/images/'.$tool['image'];
1030	1030	$open=$tool['open'];
1031	1031	$close=$tool['close'];
1032		~~- $sample = addslashes( $tool['sample'] );~~
	1032	+ $sample = wfEscapeJsString( $tool['sample'] );
1033	1033
1034	1034	// Note that we use the tip both for the ALT tag and the TITLE tag of the image.
1035	1035	// Older browsers show a "speedtip" type message only for ALT.
—	—	@@ -1041,7 +1041,8 @@
1042	1042	$toolbar.="addButton('$image','$tip','$open','$close','$sample');\n";
1043	1043	}
1044	1044
1045		~~- $toolbar.="addInfobox('" . addslashes( wfMsg( "infobox" ) ) . "','" . addslashes(wfMsg("infobox_alert")) . "');\n";~~
	1045	+ $toolbar.="addInfobox('" . wfEscapeJsString( wfMsg( "infobox" ) ) .
	1046	+ "','" . wfEscapeJsString( wfMsg( "infobox_alert" ) ) . "');\n";
1046	1047	$toolbar.="document.writeln(\"</div>\");\n";
1047	1048
1048	1049	$toolbar.="/]]>/\n</script>";

Status & tagging log

01:56, 13 October 2010 😂 (talk | contribs) changed the status of r8757 [removed: new added: old]