r90510 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r90509‎ \| r90510 \| r90511 >
Date:	05:00, 21 June 2011
Author:	nagelp
Status:	ok (Comments)
Tags:
Comment:	More escaping to reduce reviewer anxiety (love that word ;). Also escaping wfMsg() now, and thus had to remove <em> tags from i18n file.
Modified paths:	/trunk/extensions/Notificator/Notificator.body.php (modified) (history) /trunk/extensions/Notificator/Notificator.i18n.php (modified) (history) /trunk/extensions/Notificator/SpecialNotificator.php (modified) (history)

Diff [purge]

Index: trunk/extensions/Notificator/Notificator.body.php
—	—	@@ -18,7 +18,7 @@
19	19	// Check that the database table is in place
20	20	if ( ! Notificator::checkDatabaseTableExists() ) {
21	21	$output = '<span class="error">' .
22		~~- wfMsg( 'notificator-db-table-does-not-exist' ) . '</span>';~~
	22	+ htmlspecialchars( wfMsg( 'notificator-db-table-does-not-exist' ) ) . '</span>';
23	23	return array( $output, 'noparse' => true, 'isHTML' => true );
24	24	}
25	25
—	—	@@ -145,7 +145,7 @@
146	146
147	147	if ( $oldRevisionObj->getTitle() != $newRevisionObj->getTitle() ) {
148	148	return '<span class="error">' .
149		~~- wfMsg( 'notificator-revs-not-from-same-title' ) . '</span>';~~
	149	+ htmlspecialchars( wfMsg( 'notificator-revs-not-from-same-title' ) ) . '</span>';
150	150	}
151	151
152	152	$titleObj = $oldRevisionObj->getTitle();
—	—	@@ -207,8 +207,19 @@
208	208	}
209	209
210	210	public static function getReturnToText( $linkToPage, $pageTitle ) {
211		~~- return '<p style="margin-top: 2em;">' .~~
212		~~- wfMsg( 'notificator-return-to' ) . ' <a href="' . $linkToPage . '">' . $pageTitle . '</a>.';~~
	211	+ $aElement = Html::element(
	212	+ 'a',
	213	+ array( 'href' => $linkToPage ),
	214	+ $pageTitle
	215	+ );
	216	+
	217	+ $returnToText = Html::rawElement(
	218	+ 'p',
	219	+ array( 'style' => 'margin-top: 2em;' ),
	220	+ htmlspecialchars( wfMsg( 'notificator-return-to' ) ) . ' ' . $aElement
	221	+ );
	222	+
	223	+ return $returnToText;
213	224	}
214	225
215	226	}
Index: trunk/extensions/Notificator/Notificator.i18n.php
—	—	@@ -13,14 +13,14 @@
14	14	'notificator-return-to' => 'Return to',
15	15	'notificator-special-page-accessed-directly' => 'This special page cannot be accessed directly. It is intended to be used through a Notificator button.',
16	16	'notificator-e-mail-address-invalid' => 'The provided e-mail address is invalid.',
17		~~- 'notificator-notification-not-sent' => 'Notification <em>not</em> sent.',~~
	17	+ 'notificator-notification-not-sent' => 'Notification not sent.',
18	18	'notificator-change-tag' => 'change',
19	19	'notificator-new-tag' => 'new',
20	20	'notificator-notification-text-changes' => '$1 wants to notify you about the following changes to $2:',
21	21	'notificator-notification-text-new' => '$1 wants to notify you about $2.',
22		~~- 'notificator-following-e-mail-sent-to' => 'The following e-mail has been sent to <em>$1</em>:',~~
	22	+ 'notificator-following-e-mail-sent-to' => 'The following e-mail has been sent to $1:',
23	23	'notificator-subject' => 'Subject:',
24		~~- 'notificator-error-sending-e-mail' => 'There was an error when sending the notification e-mail to <em>$1</em>.',~~
	24	+ 'notificator-error-sending-e-mail' => 'There was an error when sending the notification e-mail to $1.',
25	25	'notificator-error-parameter-missing' => 'Error: Missing parameter.',
26	26	'notificator-notified-already' => '$1 has been notified about this page or page change before.',
27	27	);
—	—	@@ -69,14 +69,14 @@
70	70	'notificator-return-to' => 'Keer terug na',
71	71	'notificator-special-page-accessed-directly' => "Die spesiale bladsy kan nie direk aangevra word. Dit is bedoel om gebruik te word deur 'n kennisgewing-knoppie.",
72	72	'notificator-e-mail-address-invalid' => 'Die verskafde e-posadres is ongeldig.',
73		~~- 'notificator-notification-not-sent' => 'Kennisgewing is <em>nie</em> gestuur <em>nie</em>.',~~
	73	+ 'notificator-notification-not-sent' => 'Kennisgewing is nie gestuur nie.',
74	74	'notificator-change-tag' => 'verandering',
75	75	'notificator-new-tag' => 'nuut',
76	76	'notificator-notification-text-changes' => '$1 wil u in kennis stel van die volgende wysigings aan $2:',
77	77	'notificator-notification-text-new' => '$1 wil u in kennis van $2.',
78		~~- 'notificator-following-e-mail-sent-to' => 'Die volgende e-pos is aan <em>$1</em> gestuur:',~~
	78	+ 'notificator-following-e-mail-sent-to' => 'Die volgende e-pos is aan $1 gestuur:',
79	79	'notificator-subject' => 'Onderwerp:',
80		~~- 'notificator-error-sending-e-mail' => "Daar was 'n fout met die stuur van die kennisgewing per e-pos aan <em>$1</em>.",~~
	80	+ 'notificator-error-sending-e-mail' => "Daar was 'n fout met die stuur van die kennisgewing per e-pos aan $1.",
81	81	'notificator-error-parameter-missing' => 'Fout: Vermiste parameter.',
82	82	'notificator-notified-already' => '$1 is reeds in kennis gestel oor hierdie bladsy of veranderinge.',
83	83	);
—	—	@@ -96,14 +96,14 @@
97	97	'notificator-return-to' => 'Вярнуцца да',
98	98	'notificator-special-page-accessed-directly' => 'Гэтая спэцыяльная старонка не выкарыстоўваецца напрамую. Пераход да яе ажыцьцяўляецца пасьля націсканьня кнопкі.',
99	99	'notificator-e-mail-address-invalid' => 'Пададзены няслушны адрас электроннай пошты.',
100		~~- 'notificator-notification-not-sent' => 'Паведамленьне <em>не</em> дасланае.',~~
	100	+ 'notificator-notification-not-sent' => 'Паведамленьне не дасланае.',
101	101	'notificator-change-tag' => 'зьмена',
102	102	'notificator-new-tag' => 'новае',
103	103	'notificator-notification-text-changes' => '$1 паведамляе Вам пра наступныя зьмены на $2:',
104	104	'notificator-notification-text-new' => '$1 паведамляе Вам пра $2.',
105		~~- 'notificator-following-e-mail-sent-to' => 'Наступны ліст быў дасланы на <em>$1</em>:',~~
	105	+ 'notificator-following-e-mail-sent-to' => 'Наступны ліст быў дасланы на $1:',
106	106	'notificator-subject' => 'Тэма:',
107		~~- 'notificator-error-sending-e-mail' => 'Адбылася памылка падчас адпраўкі ліста да <em>$1</em>.',~~
	107	+ 'notificator-error-sending-e-mail' => 'Адбылася памылка падчас адпраўкі ліста да $1.',
108	108	'notificator-error-parameter-missing' => 'Памылка: бракуе парамэтру.',
109	109	'notificator-notified-already' => '$1 ужо паведамілі пра зьмены на старонцы ці саму старонку.',
110	110	);
—	—	@@ -122,14 +122,14 @@
123	123	'notificator-return-to' => 'Zurück zu',
124	124	'notificator-special-page-accessed-directly' => 'Auf diese Spezialseite kann nicht direkt zugegriffen werden. Sie kann nur über eine von der Softwareerweiterung „Notificator“ bereitgestellt Schaltfläche genutzt werden.',
125	125	'notificator-e-mail-address-invalid' => 'Die angegebene E-Mail-Adresse ist ungültig.',
126		~~- 'notificator-notification-not-sent' => 'Die Benachrichtigung wurde <em>nicht</em> versendet.',~~
	126	+ 'notificator-notification-not-sent' => 'Die Benachrichtigung wurde nicht versendet.',
127	127	'notificator-change-tag' => 'Änderung',
128	128	'notificator-new-tag' => 'Neu',
129	129	'notificator-notification-text-changes' => '$1 möchte auf die folgenden Änderungen an $2 hinweisen:',
130	130	'notificator-notification-text-new' => '$1 möchte auf $2 hinweisen.',
131		~~- 'notificator-following-e-mail-sent-to' => 'Die folgende E-Mail wurde an <em>$1</em> gesendet:',~~
	131	+ 'notificator-following-e-mail-sent-to' => 'Die folgende E-Mail wurde an $1 gesendet:',
132	132	'notificator-subject' => 'Betreff:',
133		~~- 'notificator-error-sending-e-mail' => 'Beim Versenden der Benachrichtigungs-E-Mail an <em>$1</em> ist ein Fehler aufgetreten.',~~
	133	+ 'notificator-error-sending-e-mail' => 'Beim Versenden der Benachrichtigungs-E-Mail an $1 ist ein Fehler aufgetreten.',
134	134	'notificator-error-parameter-missing' => 'Fehler: Fehlender Parameter.',
135	135	'notificator-notified-already' => '$1 wurde bereits zu dieser Seite oder Seitenänderung benachrichtigt.',
136	136	);
—	—	@@ -148,14 +148,14 @@
149	149	'notificator-return-to' => 'Volver a',
150	150	'notificator-special-page-accessed-directly' => 'No se puede acceder a esta página especial directamente. Está destinada a ser utilizada a través de un botón de Notificador.',
151	151	'notificator-e-mail-address-invalid' => 'La dirección de correo electrónico proporcionada no es válida.',
152		~~- 'notificator-notification-not-sent' => 'Notificación <em>no</em> enviada.',~~
	152	+ 'notificator-notification-not-sent' => 'Notificación no enviada.',
153	153	'notificator-change-tag' => 'cambio',
154	154	'notificator-new-tag' => 'nuevo',
155	155	'notificator-notification-text-changes' => '$1 quiere informarle acerca de los siguientes cambios en $2:',
156	156	'notificator-notification-text-new' => '$1 quiere informarle sobre $2.',
157		~~- 'notificator-following-e-mail-sent-to' => 'Se ha enviado el correo electrónico siguiente a <em>$1</em>:',~~
	157	+ 'notificator-following-e-mail-sent-to' => 'Se ha enviado el correo electrónico siguiente a $1:',
158	158	'notificator-subject' => 'Asunto:',
159		~~- 'notificator-error-sending-e-mail' => 'Hubo un error al enviar el correo electrónico de notificación a <em>$1</em>.',~~
	159	+ 'notificator-error-sending-e-mail' => 'Hubo un error al enviar el correo electrónico de notificación a $1.',
160	160	'notificator-error-parameter-missing' => 'Error: Falta un parámetro.',
161	161	'notificator-notified-already' => '$1 ha sido notificado sobre esta página o cambio de página antes.',
162	162	);
—	—	@@ -174,14 +174,14 @@
175	175	'notificator-return-to' => 'Volver a',
176	176	'notificator-special-page-accessed-directly' => 'Non se pode acceder directamente a esta páxina especial. Cómpre empregala a través dun botón de notificación.',
177	177	'notificator-e-mail-address-invalid' => 'O enderezo de correo electrónico proporcionado non é válido.',
178		~~- 'notificator-notification-not-sent' => '<em>Non</em> se enviou a notificación.',~~
	178	+ 'notificator-notification-not-sent' => 'Non se enviou a notificación.',
179	179	'notificator-change-tag' => 'cambio',
180	180	'notificator-new-tag' => 'novo',
181	181	'notificator-notification-text-changes' => '$1 quere notificarlle sobre os seguintes cambios feitos en $2:',
182	182	'notificator-notification-text-new' => '$1 quere notificarlle sobre $2:',
183		~~- 'notificator-following-e-mail-sent-to' => 'O seguinte correo electrónico enviouse a <em>$1</em>:',~~
	183	+ 'notificator-following-e-mail-sent-to' => 'O seguinte correo electrónico enviouse a $1:',
184	184	'notificator-subject' => 'Asunto:',
185		~~- 'notificator-error-sending-e-mail' => 'Houbo un erro ao enviar a notificación por correo electrónico a <em>$1</em>.',~~
	185	+ 'notificator-error-sending-e-mail' => 'Houbo un erro ao enviar a notificación por correo electrónico a $1.',
186	186	'notificator-error-parameter-missing' => 'Erro: Falta o parámetro.',
187	187	'notificator-notified-already' => '$1 xa fora notificado antes sobre esta páxina ou cambio na páxina.',
188	188	);
—	—	@@ -200,7 +200,7 @@
201	201	'notificator-return-to' => 'Retornar a',
202	202	'notificator-special-page-accessed-directly' => 'Non es possibile acceder directemente a iste pagina special. Iste pagina pote solmente esser usate via un button de Notificator.',
203	203	'notificator-e-mail-address-invalid' => 'Le adresse de e-mail fornite es invalide.',
204		~~- 'notificator-notification-not-sent' => 'Notification <em>non</em> inviate.',~~
	204	+ 'notificator-notification-not-sent' => 'Notification non inviate.',
205	205	'notificator-change-tag' => 'cambiar',
206	206	'notificator-new-tag' => 'nove',
207	207	'notificator-notification-text-changes' => '$1 vole notificar te del sequente modificationes in $2:',
—	—	@@ -232,14 +232,14 @@
233	233	'notificator-return-to' => 'Назад на',
234	234	'notificator-special-page-accessed-directly' => 'До оваа специјална страница не може да се дојде директно. Наменета е да се користи преку копчето за Известувач.',
235	235	'notificator-e-mail-address-invalid' => 'Наведената е-пошта е неважечка.',
236		~~- 'notificator-notification-not-sent' => 'Известувањето <em>не е</em> испратено.',~~
	236	+ 'notificator-notification-not-sent' => 'Известувањето не е испратено.',
237	237	'notificator-change-tag' => 'измена',
238	238	'notificator-new-tag' => 'ново',
239	239	'notificator-notification-text-changes' => '$1 сака да ве извести за следниве измени $2:',
240	240	'notificator-notification-text-new' => '$1 сака да ве извести за $2.',
241		~~- 'notificator-following-e-mail-sent-to' => 'На <em>$1</em> ја пративте следнава порака:',~~
	241	+ 'notificator-following-e-mail-sent-to' => 'На $1 ја пративте следнава порака:',
242	242	'notificator-subject' => 'Наслов:',
243		~~- 'notificator-error-sending-e-mail' => 'Се појави грешка испраќајќи го известувањетоа на <em>$1</em>.',~~
	243	+ 'notificator-error-sending-e-mail' => 'Се појави грешка испраќајќи го известувањетоа на $1.',
244	244	'notificator-error-parameter-missing' => 'Грешка: Недостасува параметар.',
245	245	'notificator-notified-already' => 'Корисникот $1 е известен за оваа страница или претходните измени на страницата.',
246	246	);
—	—	@@ -254,7 +254,7 @@
255	255	'notificator-e-mail-address-invalid' => 'Het opgegeven e-mailadres is ongeldig.',
256	256	'notificator-change-tag' => 'wijzigen',
257	257	'notificator-new-tag' => 'nieuw',
258		~~- 'notificator-following-e-mail-sent-to' => 'De volgende e-mail is verzonden naar <em>$1</em>:',~~
	258	+ 'notificator-following-e-mail-sent-to' => 'De volgende e-mail is verzonden naar $1:',
259	259	'notificator-subject' => 'Onderwerp:',
260	260	'notificator-error-parameter-missing' => 'Fout: Ontbrekende parameter.',
261	261	);
—	—	@@ -273,14 +273,14 @@
274	274	'notificator-return-to' => 'Voltar a',
275	275	'notificator-special-page-accessed-directly' => 'Não pode aceder directamente a esta página especial. Ela é utilizada através de um botão Notificador.',
276	276	'notificator-e-mail-address-invalid' => 'O endereço de correio electrónico fornecido é inválido.',
277		~~- 'notificator-notification-not-sent' => 'A notificação <em>não foi</em> enviada.',~~
	277	+ 'notificator-notification-not-sent' => 'A notificação não foi enviada.',
278	278	'notificator-change-tag' => 'alterada',
279	279	'notificator-new-tag' => 'nova',
280	280	'notificator-notification-text-changes' => 'A $1 pretende notificar as seguintes alterações a $2:',
281	281	'notificator-notification-text-new' => 'A $1 pretende fazer uma notificação acerca de $2.',
282		~~- 'notificator-following-e-mail-sent-to' => 'A seguinte mensagem foi enviada por correio electrónico para <em>$1</em>:',~~
	282	+ 'notificator-following-e-mail-sent-to' => 'A seguinte mensagem foi enviada por correio electrónico para $1:',
283	283	'notificator-subject' => 'Assunto:',
284		~~- 'notificator-error-sending-e-mail' => 'Ocorreu um erro ao enviar a notificação por correio electrónico a <em>$1</em>.',~~
	284	+ 'notificator-error-sending-e-mail' => 'Ocorreu um erro ao enviar a notificação por correio electrónico a $1.',
285	285	'notificator-error-parameter-missing' => 'Erro: Parâmetro em falta.',
286	286	'notificator-notified-already' => '$1 já foi notificado acerca desta página ou da alteração desta página.',
287	287	);
Index: trunk/extensions/Notificator/SpecialNotificator.php
—	—	@@ -22,15 +22,17 @@
23	23	$receiver = $wgRequest->getText( 'receiver' );
24	24
25	25	if ( ! $pageId \|\| ! $revId \|\| ! $receiver ) {
26		~~- $output = '<span class="error">' . wfMsg( 'notificator-special-page-accessed-directly' ) . '</span>';~~
	26	+ $output = '<span class="error">' . htmlspecialchars(
	27	+ wfMsg( 'notificator-special-page-accessed-directly' ) ) . '</span>';
27	28	} else {
28	29	$titleObj = Title::newFromID( $pageId );
29	30	$pageTitle = $titleObj->getFullText();
30	31	$linkToPage = $titleObj->getFullURL();
31	32
32	33	if ( ! Notificator::receiverIsValid( $receiver ) ) {
33		~~- $output = '<span class="error">' . wfMsg( 'notificator-e-mail-address-invalid' ) . ' ' .~~
34		~~- wfMsg( 'notificator-notification-not-sent' ) . '</span>';~~
	34	+ $output = '<span class="error">' . htmlspecialchars(
	35	+ wfMsg( 'notificator-e-mail-address-invalid' ) . ' ' .
	36	+ wfMsg( 'notificator-notification-not-sent' ) ) . '</span>';
35	37	$output .= Notificator::getReturnToText( $linkToPage, $pageTitle );
36	38	$wgOut->addHTML( $output );
37	39	return;
—	—	@@ -41,37 +43,53 @@
42	44	if ( $oldRevId >= 0 ) {
43	45	if ( $oldRevId > 0 ) {
44	46	// Receiver has been notified before - send the diff to the last notified revision
45		~~- $mailSubjectPrefix = '[' . wfMsg( 'notificator-change-tag' ) . '] ';~~
	47	+ $mailSubjectPrefix = '[' . htmlspecialchars( wfMsg( 'notificator-change-tag' ) ) . '] ';
46	48
47	49	$wgOut->addModules( 'mediawiki.legacy.diff' );
48	50	$diff = Notificator::getNotificationDiffHtml( $oldRevId, $revId );
49	51	$notificationText = wfMsg( 'notificator-notification-text-changes',
50		~~- htmlspecialchars( $wgUser->getName() ), '<a href="' . $linkToPage . '">' .~~
51		~~- $pageTitle . '</a>' ) . '<div style="margin-top: 1em;">' . $diff . '</div>';~~
	52	+ htmlspecialchars( $wgUser->getName() ),
	53	+ Html::element(
	54	+ 'a',
	55	+ array( 'href' => $linkToPage ),
	56	+ $pageTitle
	57	+ )
	58	+ ) .
	59	+ Html::rawElement(
	60	+ 'div',
	61	+ array( 'style' => 'margin-top: 1em' ),
	62	+ $diff
	63	+ );
52	64	} else {
53	65	// Receiver has never been notified about this page - so don't send a diff, just the link
54		~~- $mailSubjectPrefix = '[' . wfMsg( 'notificator-new-tag' ) . '] ';~~
	66	+ $mailSubjectPrefix = '[' . htmlspecialchars( wfMsg( 'notificator-new-tag' ) ) . '] ';
55	67	$notificationText = wfMsg( 'notificator-notification-text-new',
56		~~- htmlspecialchars( $wgUser->getName() ), '<a href="' . $linkToPage . '">' .~~
57		~~- $pageTitle . '</a>' );~~
	68	+ htmlspecialchars( $wgUser->getName() ),
	69	+ Html::element(
	70	+ 'a',
	71	+ array( 'href' => $linkToPage ),
	72	+ $pageTitle
	73	+ )
	74	+ );
58	75	}
59	76	$mailSubject = htmlspecialchars( $mailSubjectPrefix . $pageTitle );
60	77
61	78	if ( Notificator::sendNotificationMail( $receiver, $mailSubject, $notificationText ) ) {
62		~~- $output = '<strong>' . wfMsg( 'notificator-following-e-mail-sent-to',~~
	79	+ $output = '<strong>' . htmlspecialchars( wfMsg( 'notificator-following-e-mail-sent-to' ),
63	80	htmlspecialchars( $receiver ) ) . '</strong><div style="margin-top: 1em;"><h3>' .
64	81	wfMsg( 'notificator-subject' ) . ' ' . $mailSubject . '</h3><p>' . $notificationText .
65	82	'</p></div>';
66	83	Notificator::recordNotificationInDatabase( $pageId, $revId, $receiver );
67	84	} else {
68		~~- $output = '<span class="error">' . wfMsg( 'notificator-error-sending-e-mail',~~
69		~~- htmlspecialchars( $receiver ) ) . '</span>';~~
	85	+ $output = '<span class="error">' . htmlspecialchars(
	86	+ wfMsg( 'notificator-error-sending-e-mail', $receiver ) ) . '</span>';
70	87	}
71	88	} elseif ( $oldRevId == -1 ) {
72		~~- $output = '<span class="error">' . wfMsg( 'notificator-error-parameter-missing' ) . '</span>';~~
	89	+ $output = '<span class="error">' . htmlspecialchars(
	90	+ wfMsg( 'notificator-error-parameter-missing' ) ) . '</span>';
73	91	} elseif ( $oldRevId == -2 ) {
74		~~- $output = '<strong>' . wfMsg( 'notificator-notified-already', htmlspecialchars( $receiver ) ) .~~
75		~~- ' ' . wfMsg( 'notificator-notification-not-sent' ) . '</strong>';~~
	92	+ $output = '<strong>' . htmlspecialchars ( wfMsg( 'notificator-notified-already',
	93	+ $receiver ) . ' ' . wfMsg( 'notificator-notification-not-sent' ) ) . '</strong>';
76	94	}
77	95
78	96	$output .= Notificator::getReturnToText( $linkToPage, $pageTitle );

Comments

#Comment by Raymond (talk | contribs) 11:13, 21 June 2011

Just a note: It it not necessary to update translated messages. These will be handled by Transatewiki staff.

#Comment by Nikerabbit (talk | contribs) 10:38, 17 August 2011

Better. In some places OutputPage->addWikiMsg and wrapWikiMsg would make the code more concise and readable.

Status & tagging log

10:38, 17 August 2011 Nikerabbit (talk | contribs) changed the status of r90510 [removed: deferred added: ok]
13:00, 21 June 2011 Reedy (talk | contribs) changed the status of r90510 [removed: new added: deferred]