M4tx has uploaded a new change for review.
https://gerrit.wikimedia.org/r/184281
Change subject: Escape unescaped messages in Special:CreateClass
......................................................................
Escape unescaped messages in Special:CreateClass
Bug: T85864
Change-Id: I6e6cdaf7a6fd926f66d57145932234fa6405bb30
---
M specials/SF_CreateClass.php
M specials/SF_CreateTemplate.php
2 files changed, 14 insertions(+), 11 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/SemanticForms
refs/changes/81/184281/1
diff --git a/specials/SF_CreateClass.php b/specials/SF_CreateClass.php
index b4a1074..16af1aa 100644
--- a/specials/SF_CreateClass.php
+++ b/specials/SF_CreateClass.php
@@ -214,15 +214,18 @@
$creation_links[] = SFUtils::linkForSpecialPage(
'CreateCategory' );
$form_name_label = wfMessage( 'sf_createclass_nameinput'
)->text();
$category_name_label = wfMessage( 'sf_createcategory_name'
)->text();
- $field_name_label = wfMessage( 'sf_createtemplate_fieldname'
)->text();
- $list_of_values_label = wfMessage(
'sf_createclass_listofvalues' )->text();
- $property_name_label = wfMessage( 'sf_createproperty_propname'
)->text();
- $type_label = wfMessage( 'sf_createproperty_proptype' )->text();
- $allowed_values_label = wfMessage(
'sf_createclass_allowedvalues' )->text();
+ $field_name_label = wfMessage( 'sf_createtemplate_fieldname'
)->escaped();
+ $list_of_values_label = wfMessage(
'sf_createclass_listofvalues' )->escaped();
+ $property_name_label = wfMessage( 'sf_createproperty_propname'
)->escaped();
+ $type_label = wfMessage( 'sf_createproperty_proptype'
)->escaped();
+ $allowed_values_label = wfMessage(
'sf_createclass_allowedvalues' )->escaped();
$text = '<form action="" method="post">' . "\n";
- $text .= "\t" . Html::rawElement( 'p', null, wfMessage(
'sf_createclass_docu', $wgLang->listToText( $creation_links ) )->text() ) .
"\n";
- $templateNameLabel = wfMessage( 'sf_createtemplate_namelabel'
)->text();
+ $text .= "\t" . Html::rawElement( 'p', null,
+ wfMessage( 'sf_createclass_docu' )
+ ->rawParams( $wgLang->listToText(
$creation_links ) )
+ ->escaped() ) . "\n";
+ $templateNameLabel = wfMessage( 'sf_createtemplate_namelabel'
)->escaped();
$templateNameInput = Html::input( 'template_name', null,
'text', array( 'size' => 30 ) );
$text .= "\t" . Html::rawElement( 'p', null, $templateNameLabel
. ' ' . $templateNameInput ) . "\n";
$templateInfo = SFCreateTemplate::printTemplateStyleInput(
'template_format' );
@@ -232,13 +235,13 @@
'name' => 'template_multiple',
'id' => 'template_multiple',
'onclick' => "disableFormAndCategoryInputs()",
- ) ) . ' ' . wfMessage(
'sf_createtemplate_multipleinstance' )->text() ) . "\n";
+ ) ) . ' ' . wfMessage(
'sf_createtemplate_multipleinstance' )->escaped() ) . "\n";
// Either #set_internal or #subobject will be added to the
// template, depending on whether Semantic Internal Objects is
// installed.
global $smwgDefaultStore;
if ( defined( 'SIO_VERSION' ) || $smwgDefaultStore ==
"SMWSQLStore3" ) {
- $templateInfo .= Html::rawElement( 'div',
+ $templateInfo .= Html::element( 'div',
array (
'id' => 'connecting_property_div',
'style' => 'display: none;',
@@ -254,7 +257,7 @@
$text .= "\t" . Html::rawElement( 'p', null, Html::element(
'label', array( 'for' => 'form_name' ), $form_name_label ) . ' ' .
Html::element( 'input', array( 'size' => '30', 'name' => 'form_name', 'id' =>
'form_name' ), null ) ) . "\n";
$text .= "\t" . Html::rawElement( 'p', null, Html::element(
'label', array( 'for' => 'category_name' ), $category_name_label ) . ' ' .
Html::element( 'input', array( 'size' => '30', 'name' => 'category_name', 'id'
=> 'category_name' ), null ) ) . "\n";
$text .= "\t" . Html::element( 'br', null, null ) . "\n";
- $property_label = wfMessage( 'smw_pp_type' )->text();
+ $property_label = wfMessage( 'smw_pp_type' )->escaped();
$text .= <<<END
<div>
<table id="mainTable" style="border-collapse: collapse;">
diff --git a/specials/SF_CreateTemplate.php b/specials/SF_CreateTemplate.php
index cfae77d..b8cf60b 100644
--- a/specials/SF_CreateTemplate.php
+++ b/specials/SF_CreateTemplate.php
@@ -170,7 +170,7 @@
static function printTemplateStyleInput( $htmlFieldName, $curSelection
= null ) {
if ( !$curSelection ) $curSelection = 'standard';
- $text = "\t<p>" . wfMessage( 'sf_createtemplate_outputformat'
)->text() . "\n";
+ $text = "\t<p>" . wfMessage( 'sf_createtemplate_outputformat'
)->escaped() . "\n";
$text .= self::printTemplateStyleButton( 'standard',
'sf_createtemplate_standardformat', $htmlFieldName, $curSelection );
$text .= self::printTemplateStyleButton( 'infobox',
'sf_createtemplate_infoboxformat', $htmlFieldName, $curSelection );
$text .= self::printTemplateStyleButton( 'plain',
'sf_createtemplate_plainformat', $htmlFieldName, $curSelection );
--
To view, visit https://gerrit.wikimedia.org/r/184281
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I6e6cdaf7a6fd926f66d57145932234fa6405bb30
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/SemanticForms
Gerrit-Branch: master
Gerrit-Owner: M4tx <[email protected]>
_______________________________________________
MediaWiki-commits mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
