r94128 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r94127‎ \| r94128 \| r94129 >
Date:	18:00, 9 August 2011
Author:	zhenya
Status:	reverted (Comments)
Tags:
Comment:	some bugs with html special characters were fixed up.
Modified paths:	/trunk/extensions/SocialProfile/UserStatus/UserStatus.js (modified) (history) /trunk/extensions/SocialProfile/UserStatus/UserStatusClass.php (modified) (history) /trunk/extensions/SocialProfile/UserStatus/UserStatus_AjaxFunctions.php (modified) (history)

Diff [purge]

Index: trunk/extensions/SocialProfile/UserStatus/UserStatus_AjaxFunctions.php
—	—	@@ -8,9 +8,8 @@
9	9	$us_class = new UserStatusClass();
10	10	$us_class->setStatus( $u_id, $status );
11	11	$user_status_array = $us_class->getStatus( $u_id );
12		~~- $buf = $user_status_array['us_status'];~~
13		~~- $us = str_replace("@q;","'",$buf);~~
14		~~- $us .= "<br> <a id=\"us-link\" href=\"javascript:UserStatus.toEditMode('$buf','$u_id');\">".wfMsg('userstatus-edit')."</a>";~~
	12	+ $us = htmlspecialchars($us_class->usHTMLcharacters($user_status_array['us_status']));
	13	+ $us .= "<br> <a id=\"us-link\" href=\"javascript:UserStatus.toEditMode('".($user_status_array['us_status'])."','$u_id');\">".wfMsg('userstatus-edit')."</a>";
15	14	return $us;
16	15	}
17	16
—	—	@@ -22,11 +21,11 @@
23	22	$output='<table id="user-status-history">';
24	23	foreach ($historyArray as $row ) {
25	24	$time = DateTime::createFromFormat('Y-m-d H:i:s',$row['ush_timestamp']);
26		-
	25	+ $us = htmlspecialchars($us_class->usHTMLcharacters($row['ush_status']));
	26	+
27	27	$output .= '<tr><td width="60" id="status-history-time">'.date_format($time, 'j M G:i').' </td>';
28		~~- $output .= '<td width="360"><a href="javascript:UserStatus.fromHistoryToStatus(\''.$row['ush_status'].'\');">'~~
29		~~- .str_replace("@q;","'",$row['ush_status']).'</a></td>';~~
30		~~- //$output .='<td width="20" id="like-status"> <a href="javascript:UserStatus.likeIt('.$row['ush_id'].')" title="I like it!" >♥</a> '.$row['ush_likes'].'</td></tr>';~~
	28	+ $output .= '<td width="360"><a href="javascript:UserStatus.fromHistoryToStatus(\''.$us.'\');">'
	29	+ .$us.'</a></td>';
31	30	}
32	31	$output.='</table>';
33	32	return $output;
Index: trunk/extensions/SocialProfile/UserStatus/UserStatus.js
—	—	@@ -2,10 +2,11 @@
3	3	maxStatusLength : 70,
4	4
5	5	toShowMode: function( status, id ) {
6		~~- var str = this.returnJS(status);~~
7		~~- document.getElementById( 'user-status-block' ).innerHTML = str;~~
8		~~- document.getElementById( 'user-status-block' ).innerHTML += '<br> \n\~~
9		~~- <a id="us-link" href="javascript:UserStatus.toEditMode(\'' +~~
	6	+ var textNode = document.createTextNode (this.returnJS(status));
	7	+ var textContainer = document.getElementById( 'user-status-block' );
	8	+ textContainer.innerHTML = "";
	9	+ textContainer.appendChild (textNode);
	10	+ textContainer.innerHTML += '<br> <a id="us-link" href="javascript:UserStatus.toEditMode(\'' +
10	11	status + '\',' + id + ');">'+_US_EDIT+'</a>';
11	12	},
12	13
—	—	@@ -35,16 +36,27 @@
36	37	},
37	38
38	39	parseJS:function ( str ) {
39		~~- var patt=/'/g;~~
40		~~- var s = str.replace(patt, "@q;");~~
41		~~- return s;~~
	40	+ var chars = Array( "<", ">", "\"", "'");
	41	+ var replacements = Array( "@l;", "@r;", "@dq;", "@q;");
	42	+ for (var i=0; i<chars.length; i++) {
	43	+ var reg = new RegExp(chars[i], "gi");
	44	+ if(reg.test(str)) {
	45	+ str = str.replace(reg, replacements[i]);
	46	+ }
	47	+ }
	48	+ return str;
42	49	},
43	50
44	51	returnJS:function ( str ) {
45		-
46		~~- var pt= /@q;/gi;~~
47		~~- var s = str.replace(pt, "'");~~
48		~~- return s;~~
	52	+ var chars = Array( "<", ">", "\"", "'");
	53	+ var replacements = Array( "@l;", "@r;", "@dq;", "@q;");
	54	+ for (var i=0; i<chars.length; i++) {
	55	+ var reg = new RegExp(replacements[i], "gi");
	56	+ if(reg.test(str)) {
	57	+ str = str.replace(reg, chars[i]);
	58	+ }
	59	+ }
	60	+ return str;
49	61	},
50	62
51	63	saveStatus: function( id ) {
Index: trunk/extensions/SocialProfile/UserStatus/UserStatusClass.php
—	—	@@ -10,7 +10,6 @@
11	11	global $wgOut, $wgScriptPath;
12	12	$wgOut->addExtensionStyle( $wgScriptPath . '/extensions/SocialProfile/UserStatus/UserStatus.css' );
13	13	$wgOut->addScriptFile( $wgScriptPath . '/extensions/SocialProfile/UserStatus/UserStatus.js' );
14		~~- $wgOut->addHTML("<span id=\"temp_var\" style=\"display: none\"></span>");~~
15	14	}
16	15
17	16	public function getStatus( $u_id ) {
—	—	@@ -165,4 +164,16 @@
166	165	$dbr->delete('user_status_history', array( 'ush_id' => $status_id ), __METHOD__);
167	166	return;
168	167	}
	168	+
	169	+ public function usHTMLcharacters( $str ) {
	170	+ $regexp = array( "@q;", "@dq;", "@l;", "@r;" );
	171	+ $replacement = array ("'", "\"", "<", ">" );
	172	+
	173	+ $newstr=$str;
	174	+ for ($i=0; $i<count($regexp);$i++) {
	175	+ $newstr = str_replace($regexp[$i],$replacement[$i],$newstr);
	176	+ }
	177	+
	178	+ return $newstr;
	179	+ }
169	180	}
\ No newline at end of file

Follow-up revisions

Revision	Commit summary	Author	Date
r94139	SocialProfile: lots of miscellaneous cleanup to UserStatus, but the main big ...	ashley	23:37, 9 August 2011

Comments

#Comment by 😂 (talk | contribs) 12:21, 10 August 2011

This was pretty much reverted as result of the followup, marking as such.

Status & tagging log

12:21, 10 August 2011 😂 (talk | contribs) changed the status of r94128 [removed: new added: reverted]