r9842 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r9841‎ \| r9842 \| r9843 >
Date:	23:36, 2 July 2005
Author:	vibber
Status:	old
Tags:
Comment:	Tweaking HTML escaping/output: * Move escaping to the output steps (it's part of output protocol) * Escape plaintext UI messages
Modified paths:	/trunk/extensions/inputbox/inputbox.php (modified) (history)

Diff [purge]

Index: trunk/extensions/inputbox/inputbox.php
—	—	@@ -38,10 +38,7 @@
39	39	getBoxOption($width,$input,"width");
40	40	getBoxOption($preload,$input,"preload");
41	41	getBoxOption($editintro,$input,"editintro");
42		~~- # Escapin' time~~
43		~~- $preload=wfEscapeWikiText($preload);~~
44		~~- $editintro=wfEscapeWikiText($editintro);~~
45		~~- $width=intval($width);~~
	42	+
46	43	if($type=="search") {
47	44	$inputbox=getSearchForm($width);
48	45	} elseif($type=="create") {
—	—	@@ -56,13 +53,17 @@
57	54	}
58	55
59	56	function getSearchForm($width) {
	57	+ global $wgUser;
	58	+
	59	+ $width=intval($width);
	60	+ if(!$width) $width=45;
60	61
61		~~- global $wgArticlePath,$wgUser;~~
62		~~- if(!$width) $width=45;~~
63	62	$sk=$wgUser->getSkin();
64		~~- $searchpath=$sk->escapeSearchLink();~~
65		~~- $tryexact=wfMsg('tryexact');~~
66		~~- $searchfulltext=wfMsg('searchfulltext');~~
	63	+ $searchpath = $sk->escapeSearchLink();
	64	+
	65	+ $tryexact = wfMsgHtml( 'tryexact' );
	66	+ $searchfulltext = wfMsgHtml( 'searchfulltext' );
	67	+
67	68	$searchform=<<<ENDFORM
68	69	<table border="0" width="100%">
69	70	<tr>
—	—	@@ -84,18 +85,25 @@
85	86	}
86	87
87	88	function getCreateForm($width,$preload='',$editintro='') {
	89	+ global $wgScript;
88	90
89		~~- global $wgScript;~~
90		~~- if(!$width) $width=45;~~
91		~~- $createarticle=wfMsg("createarticle");~~
	91	+ $width=intval($width);
	92	+ if(!$width) $width = 45;
	93	+
	94	+ $action = htmlspecialchars( $wgScript );
	95	+ $preloadEnc = htmlspecialchars( $preload );
	96	+ $editintroEnc = htmlspecialchars( $editintro );
	97	+
	98	+ $createarticle = wfMsgHtml( "createarticle" );
	99	+
92	100	$createform=<<<ENDFORM
93	101	<table border="0" width="100%">
94	102	<tr>
95	103	<td align="center">
96		~~-<form name="createbox" action="{$wgScript}" method="get" id="createbox">~~
	104	+<form name="createbox" action="$action" method="get" id="createbox">
97	105	<input type='hidden' name="action" value="edit">
98		~~- <input type="hidden" name="preload" value="$preload" />~~
99		~~- <input type="hidden" name="editintro" value="$editintro" />~~
	106	+ <input type="hidden" name="preload" value="$preloadEnc" />
	107	+ <input type="hidden" name="editintro" value="$editintroEnc" />
100	108	<input id="createboxInput" name="title" type="text"
101	109	value="" size="$width"/><br />
102	110	<input type='submit' name="create" id="createboxButton"

Status & tagging log

15:03, 12 September 2011 Meno25 (talk | contribs) changed the status of r9842 [removed: ok added: old]
14:05, 18 June 2009 😂 (talk | contribs) changed the status of r9842 [removed: new added: ok]