http://www.mediawiki.org/wiki/Special:Code/MediaWiki/70044
Revision: 70044
Author: platonides
Date: 2010-07-27 21:01:50 +0000 (Tue, 27 Jul 2010)
Log Message:
-----------
Fix escaping issues.
Modified Paths:
--------------
trunk/extensions/Woopra/Woopra.php
Modified: trunk/extensions/Woopra/Woopra.php
===================================================================
--- trunk/extensions/Woopra/Woopra.php 2010-07-27 20:54:34 UTC (rev 70043)
+++ trunk/extensions/Woopra/Woopra.php 2010-07-27 21:01:50 UTC (rev 70044)
@@ -21,26 +21,31 @@
$wgExtensionCredits['other'][] = array(
'path' => __FILE__,
'name' => 'Woopra Live Stats Tracking',
- 'author' => array( 'Shane'),
- 'version' => '1.0.0',
+ 'author' => array( 'Shane' ),
+ 'version' => '1.1.0',
'url' => 'http://www.mediawiki.org/wiki/Extension:Woopra',
'descriptionmsg' => 'woopra-desc',
);
$wgHooks['BeforePageDisplay'][] = 'fnWoopraJavascript';
-
+
+$wgWoopraSitekey = false;
+
function fnWoopraJavascript($out)
{
global $wgUser, $wgWoopraSitekey;
+ if ( $wgWoopraSitekey === false )
+ return true;
+
$html = "<script type=\"text/javascript\">\r\n";
- $html .= "woopra_id = '" . $wgWoopraSitekey . "';\r\n";
+ $html .= "woopra_id = '" . Xml::escapeJsString( $wgWoopraSitekey ) .
"';\r\n";
if (!$wgUser->isAnon())
{
$html .= "var woopra_array = new Array();\r\n";
- $html .= "woopra_array['name'] = '" . $wgUser->getRealName() .
"';\r\n";
- $html .= "woopra_array['Email'] = '" . $wgUser->getEmail() .
"';\r\n";
+ $html .= "woopra_array['name'] = '" . Xml::escapeJsString(
$wgUser->getRealName() ) . "';\r\n";
+ $html .= "woopra_array['Email'] = '" . Xml::escapeJsString(
$wgUser->getEmail() ) . "';\r\n";
// Add custom tracking code here!
}
$html .= "</script>\r\n";
_______________________________________________
MediaWiki-CVS mailing list
[email protected]
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
