https://www.mediawiki.org/wiki/Special:Code/MediaWiki/114390
Revision: 114390 Author: catrope Date: 2012-03-21 18:40:06 +0000 (Wed, 21 Mar 2012) Log Message: ----------- Revert r111347, r111348, r111350, r111351, r111515, r111816, r112243, r112251, r112308, r112314, r112315, r112465, r112467, r112709, r113297, r113508, r113510, r113524, r113546, r114168. Unreviewed revisions in the RSS extension and their dependencies. All of these revisions are tagged with 'gerritmigration' and will be resubmitted into Gerrit after the Gerrit switchover. See also http://lists.wikimedia.org/pipermail/wikitech-l/2012-March/059124.html Modified Paths: -------------- trunk/extensions/RSS/RELEASE-NOTES trunk/extensions/RSS/RSS.i18n.php trunk/extensions/RSS/RSS.php trunk/extensions/RSS/RSSData.php trunk/extensions/RSS/RSSHooks.php trunk/extensions/RSS/RSSParser.php Modified: trunk/extensions/RSS/RELEASE-NOTES =================================================================== --- trunk/extensions/RSS/RELEASE-NOTES 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RELEASE-NOTES 2012-03-21 18:40:06 UTC (rev 114390) @@ -2,6 +2,8 @@ http://www.mediawiki.org/wiki/Extension:RSS === TO DO === +* bug 30377 add a new parameter to limit the number of characters when rendering + the channel item <description> * set an upper default limit for HttpRequest request size when fetching feeds doing a HEAD request first to ask for the size but that value may not be available. Check how much data is returned as its coming back @@ -10,57 +12,9 @@ coming in. Then you could abort cleanly once it's gotten too much (otherwise using the defaults - PHP will abort the entire program when your memory usage gets too high) +* bug 30028 "Error parsing XML for RSS" - improve and harden Extension:RSS when + parsing differently flavoured RSS feeds -=== Version 2.12 2012-03-07 === -* bug fix 34763 "RSS feed items (HTML) are not rendered as HTML but htmlescaped" -* regression bug 30377 "Add a new parameter to limit the number of characters - when rendering the channel item <description>". Feed item string length - limitation is difficult when we allow HTML <a> or <img> tags, because a mere - content-unaware limitation breaks (can break) tags which results in disastrous - rendering results. - -=== Version 2.11 2012-02-29 === -* function name typo correction - -=== Version 2.10 2012-02-27 === -* final solution of bug 30028 "Error parsing XML for RSS" - improve and harden - Extension:RSS when parsing differently flavoured RSS feeds and ATOM feeds -* new parameter $wgRSSUrlNumberOfAllowedRedirects (default = 0) - Some feed urls redirect. The new RSS version can deal with redirects, - but it must be expressly enabled. For example, you can set - $wgRSSUrlNumberOfAllowedRedirects = 1; - -=== Version 2.01 2012-02-24 === -* "summary" element of ATOM feed items are shown - which is handled like "description" element of RSS -* handling of basic HTML layout tags <p> <br> <b> <i> <u> <s> in item description - -=== Version 2.00 2012-02-24 === -* first version which can parse RSS and at least some ATOM feeds - partial solution of bug 30028 "Error parsing XML for RSS" - improve and harden - Extension:RSS when parsing differently flavoured RSS feeds and ATOM feeds - -=== Version 1.94 2012-02-23 === -* changed white list definition and behaviour: - - 1. changed the name from $wgRSSAllowedFeeds to $wgRSSUrlWhitelist - 2. behaviour has been changed - - the new behaviour is: - $wgRSSUrlWhitelist is empty by default. Since version 1.94 it must be - expressly set to an array( list-of-comma-separated-allowed-RSS-urls-strings ) - or set to array( "*" ) if you want to allow any url - - the old behaviour was: - $wgRSSAllowedFeeds was empty by default and empty meant that every Url - was allowed by default. This has been changed, see new behaviour. - -=== Version 1.92 2012-02-13 === -* added optional date= attribute and $wgRSSDateDefaultFormat parameter -* added optional item-max-length= attribute and $wgRSSItemMaxLength parameter - fixes bug 30377 add a new parameter to limit the number of characters when - rendering the channel item <description> - === Version 1.90 2011-08-15 === * removed parsing of each single channel subelement (item) * only the finally constructed feed is sent to the recursive parser: Modified: trunk/extensions/RSS/RSS.i18n.php =================================================================== --- trunk/extensions/RSS/RSS.i18n.php 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RSS.i18n.php 2012-03-21 18:40:06 UTC (rev 114390) @@ -14,16 +14,13 @@ $messages['en'] = array( 'rss-desc' => 'Displays RSS feeds on MediaWiki pages in a standard or in user-definable formats using template pages', - 'rss-tracking-category' => 'Pages with RSS feeds', 'rss-error' => 'Failed to load RSS feed from $1: $2', 'rss-empty' => 'Failed to load RSS feed from $1!', 'rss-fetch-nourl' => 'Fetch called without a URL!', 'rss-invalid-url' => 'Not a valid URL: $1', 'rss-parse-error' => 'Error parsing XML for RSS', 'rss-ns-permission' => 'RSS is not allowed in this namespace', - 'rss-url-is-not-whitelisted' => '"$1" is not in the whitelist of allowed feeds. {{PLURAL:$3|$2 is the only allowed feed|The allowed feeds are as follows: $2}}.', - 'rss-empty-whitelist' => '"$1" is not in the whitelist of allowed feeds. There are no allowed feed URLs in the whitelist.', - 'rss-deprecated-wgrssallowedfeeds-found' => 'The deprecated variable $wgRSSAllowedFeeds has been detected. Since RSS version 2.0 this variable has to be replaced by $wgRSSUrlWhitelist as described in the manual page Extension:RSS.', + 'rss-url-permission' => 'This URL is not allowed to be included', 'rss-item' => '{{$1 | title = {{{title}}} | link = {{{link}}} | date = {{{date}}} | author = {{{author}}} | description = {{{description}}} }}', 'rss-feed' => "<!-- the following are two alternative templates. The first is the basic default template for feeds -->; '''<span class='plainlinks'>[{{{link}}} {{{title}}}]</span>''' : {{{description}}} @@ -35,7 +32,6 @@ * @author Yekrats */ $messages['qqq'] = array( - 'rss-tracking-category' => 'The name of a category for all pages which use the <rss> parser extension tag. The category is automatically added unless the feature is disabled.', 'rss-invalid-url' => '$1 is the invalid URL for the RSS feed', 'rss-feed' => "; $1 : ''not to be localised'' Modified: trunk/extensions/RSS/RSS.php =================================================================== --- trunk/extensions/RSS/RSS.php 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RSS.php 2012-03-21 18:40:06 UTC (rev 114390) @@ -4,7 +4,7 @@ * * @file * @ingroup Extensions - * @version 2.15 + * @version 1.90 * @author mutante, Daniel Kinzler, Rdb, Mafs, Thomas Gries, Alxndr, Chris Reigrut, K001 * @author Kellan Elliott-McCrea <[email protected]> -- author of MagpieRSS * @author Jeroen De Dauw @@ -14,8 +14,6 @@ * @link http://www.mediawiki.org/wiki/Extension:RSS Documentation */ -define( "EXTENSION_RSS_VERSION", "2.15 20120319" ); - if ( !defined( 'MEDIAWIKI' ) ) { die( "This is not a valid entry point.\n" ); } @@ -28,7 +26,7 @@ 'Rdb', 'Mafs', 'Alxndr', 'Thomas Gries', 'Chris Reigrut', 'K001', 'Jack Phoenix', 'Jeroen De Dauw', 'Mark A. Hershberger' ), - 'version' => EXTENSION_RSS_VERSION, + 'version' => '1.90 20110815', 'url' => 'https://www.mediawiki.org/wiki/Extension:RSS', 'descriptionmsg' => 'rss-desc', ); @@ -38,63 +36,32 @@ $wgExtensionMessagesFiles['RSS'] = $dir . 'RSS.i18n.php'; $wgAutoloadClasses['RSSHooks'] = $dir . 'RSSHooks.php'; $wgAutoloadClasses['RSSParser'] = $dir . 'RSSParser.php'; -$wgAutoloadClasses['RSSUtils'] = $dir . 'RSSParser.php'; $wgAutoloadClasses['RSSData'] = $dir . 'RSSData.php'; $wgHooks['ParserFirstCallInit'][] = 'RSSHooks::parserInit'; -// one hour -$wgRSSCacheAge = 3600; + // one hour + $wgRSSCacheAge = 3600; // Check cached content, if available, against remote. // $wgRSSCacheCompare should be set to false or a timeout // (less than $wgRSSCacheAge) after which a comparison will be made. -// for debugging set $wgRSSCacheCompare = 1; $wgRSSCacheCompare = false; -// 15 second timeout -$wgRSSFetchTimeout = 15; +// 5 second timeout +$wgRSSFetchTimeout = 5; // Ignore the RSS tag in all but the namespaces listed here. // null (the default) means the <rss> tag can be used anywhere. $wgRSSNamespaces = null; -// Whitelist of allowed RSS Urls -// -// If there are items in the array, and the user supplied URL is not in the array, -// the url will not be allowed -// -// Urls are case-sensitively tested against values in the array. -// They must exactly match including any trailing "/" character. -// -// Warning: Allowing all urls (not setting a whitelist) -// may be a security concern. -// -// an empty or non-existent array means: no whitelist defined -// this is the default: an empty whitelist. No servers are allowed by default. -$wgRSSUrlWhitelist = array(); +// URL whitelist of RSS Feeds: +// if there are items in the array, and the used URL isn't in the array, +// it will not be allowed (originally proposed in bug 27768) +$wgRSSAllowedFeeds = array(); -// include "*" if you expressly want to allow all urls (you should not do this) -// $wgRSSUrlWhitelist = array( "*" ); - -// Maximum number of redirects to follow (defaults to 0) -// Note: this should only be used when the target URLs are trusted, -// to avoid attacks on intranet services accessible by HTTP. -$wgRSSUrlNumberOfAllowedRedirects = 0; - // Agent to use for fetching feeds -$wgRSSUserAgent = "MediaWikiRSS/" . strtok( EXTENSION_RSS_VERSION, " " ) . " (+http://www.mediawiki.org/wiki/Extension:RSS) / MediaWiki RSS extension"; +$wgRSSUserAgent = 'MediaWikiRSS/0.02 (+http://www.mediawiki.org/wiki/Extension:RSS) / MediaWiki RSS extension'; // Proxy server to use for fetching feeds $wgRSSProxy = false; - -// default date format of item publication dates see http://www.php.net/date -$wgRSSDateDefaultFormat = "(Y-m-d H:i:s)"; - -// limit the number of characters in the item description -// or set to false for unlimited length. -// THIS IS CURRENTLY NOT WORKING (bug 30377) -$wgRSSItemMaxLength = false; - -// You can choose to allow active links in feed items; default: false -$wgRSSAllowLinkTag = false; Modified: trunk/extensions/RSS/RSSData.php =================================================================== --- trunk/extensions/RSS/RSSData.php 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RSSData.php 2012-03-21 18:40:06 UTC (rev 114390) @@ -15,14 +15,8 @@ return; } $xpath = new DOMXPath( $xml ); - - // namespace-safe method to find all elements - $items = $xpath->query( "//*[local-name() = 'item']" ); + $items = $xpath->query( '/rss/channel/item' ); - if ( $items->length == 0 ) { - $items = $xpath->query( "//*[local-name() = 'entry']" ); - } - if( $items->length !== 0 ) { foreach ( $items as $item ) { $bit = array(); @@ -43,7 +37,7 @@ $this->items[] = $bit; } } else { - $this->error = 'No RSS//ATOM items found.'; + $this->error = 'No RSS items found.'; return; } } @@ -58,16 +52,18 @@ * @param $n String: name of the element we have * @return String Name to map it to */ - protected function rssTokenToName( $name ) { - switch( $name ) { + protected function rssTokenToName( $n ) { + switch( $n ) { case 'dc:date': + return 'date'; + # parse "2010-10-18T18:07:00Z" case 'pubDate': - case 'updated': return 'date'; + # parse RFC date case 'dc:creator': return 'author'; - case 'summary': - return 'description'; + case 'title': + return 'title'; case 'content:encoded': return 'encodedContent'; @@ -80,8 +76,9 @@ case 'comments': case 'category': return null; + default: - return $name; + return $n; } } } \ No newline at end of file Modified: trunk/extensions/RSS/RSSHooks.php =================================================================== --- trunk/extensions/RSS/RSSHooks.php 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RSSHooks.php 2012-03-21 18:40:06 UTC (rev 114390) @@ -1,7 +1,6 @@ <?php class RSSHooks { - /** * Tell the parser how to handle <rss> elements * @param $parser Parser Object @@ -20,51 +19,24 @@ * @param $parser Parser * @param $frame PPFrame parser context */ - static function renderRss( $input, array $args, Parser $parser, PPFrame $frame ) { - global $wgRSSCacheAge, $wgRSSCacheCompare, $wgRSSNamespaces, - $wgRSSUrlWhitelist,$wgRSSAllowedFeeds; + static function renderRss( $input, $args, $parser, $frame ) { + global $wgRSSCacheAge, $wgRSSCacheCompare, $wgRSSNamespaces, $wgRSSAllowedFeeds; if ( is_array( $wgRSSNamespaces ) && count( $wgRSSNamespaces ) ) { $ns = $parser->getTitle()->getNamespace(); $checkNS = array_flip( $wgRSSNamespaces ); if( !isset( $checkNS[$ns] ) ) { - return RSSUtils::RSSError( 'rss-ns-permission' ); + return wfMsg( 'rss-ns-permission' ); } } - switch ( true ) { - - case ( isset( $wgRSSAllowedFeeds ) ): - return RSSUtils::RSSError( 'rss-deprecated-wgrssallowedfeeds-found' ); - break; - - # disallow because there is no whitelist or empty whitelist - case ( !isset( $wgRSSUrlWhitelist ) - || !is_array( $wgRSSUrlWhitelist ) - || ( count( $wgRSSUrlWhitelist ) === 0 ) ): - return RSSUtils::RSSError( 'rss-empty-whitelist', - $input - ); - break; - - # allow - case ( in_array( "*", $wgRSSUrlWhitelist ) ): - case ( in_array( $input, $wgRSSUrlWhitelist ) ): - break; - - # otherwise disallow - case ( !in_array( $input, $wgRSSUrlWhitelist ) ): - default: - $listOfAllowed = $parser->getFunctionLang()->listToText( $wgRSSUrlWhitelist ); - $numberAllowed = $parser->getFunctionLang()->formatNum( count( $wgRSSUrlWhitelist ) ); - return RSSUtils::RSSError( 'rss-url-is-not-whitelisted', - array( $input, $listOfAllowed, $numberAllowed ) - ); + if ( count( $wgRSSAllowedFeeds ) && !in_array( $input, $wgRSSAllowedFeeds ) ) { + return wfMsg( 'rss-url-permission' ); } - + if ( !Http::isValidURI( $input ) ) { - return RSSUtils::RSSError( 'rss-invalid-url', htmlspecialchars( $input ) ); + return wfMsg( 'rss-invalid-url', htmlspecialchars( $input ) ); } if ( $wgRSSCacheCompare ) { $timeout = $wgRSSCacheCompare; @@ -84,10 +56,9 @@ } if ( !is_object( $rss->rss ) || !is_array( $rss->rss->items ) ) { - return RSSUtils::RSSError( 'rss-empty', htmlspecialchars( $input ) ); + return wfMsg( 'rss-empty', htmlspecialchars( $input ) ); } return $rss->renderFeed( $parser, $frame ); } - } Modified: trunk/extensions/RSS/RSSParser.php =================================================================== --- trunk/extensions/RSS/RSSParser.php 2012-03-21 18:35:45 UTC (rev 114389) +++ trunk/extensions/RSS/RSSParser.php 2012-03-21 18:40:06 UTC (rev 114390) @@ -2,8 +2,6 @@ class RSSParser { protected $maxheads = 32; - protected $date = "Y-m-d H:i:s"; - protected $ItemMaxLength = 200; protected $reversed = false; protected $highlight = array(); protected $filter = array(); @@ -39,8 +37,6 @@ * and return an object that can produce rendered output. */ function __construct( $url, $args ) { - global $wgRSSDateDefaultFormat,$wgRSSItemMaxLength; - $this->url = $url; # Get max number of headlines from argument-array @@ -54,13 +50,11 @@ } # Get date format from argument array - # or use a default value + # FIXME: not used yet if ( isset( $args['date'] ) ) { $this->date = $args['date']; - } elseif ( isset( $wgRSSDateDefaultFormat ) ) { - $this->date = $wgRSSDateDefaultFormat; } - + # Get highlight terms from argument array if ( isset( $args['highlight'] ) ) { # mapping to lowercase here so the regex can be case insensitive below. @@ -72,13 +66,6 @@ $this->filter = self::explodeOnSpaces( $args['filter'] ); } - # Get a maximal length for item texts - if ( isset( $args['item-max-length'] ) ) { - $this->ItemMaxLength = $args['item-max-length']; - } elseif ( is_numeric( $wgRSSItemMaxLength ) ) { - $this->ItemMaxLength = $wgRSSItemMaxLength; - } - if ( isset( $args['filterout'] ) ) { $this->filterOut = self::explodeOnSpaces( $args['filterout'] ); } @@ -218,8 +205,7 @@ * @return Status object */ protected function fetchRemote( $key, array $headers = array()) { - global $wgRSSFetchTimeout, $wgRSSUserAgent, $wgRSSProxy, - $wgRSSUrlNumberOfAllowedRedirects; + global $wgRSSFetchTimeout, $wgRSSUserAgent, $wgRSSProxy; if ( $this->etag ) { wfDebugLog( 'RSS', 'Used etag: ' . $this->etag ); @@ -231,71 +217,12 @@ $headers['If-Modified-Since'] = $lm; } - /** - * 'noProxy' can conditionally be set as shown in the commented - * example below; in HttpRequest 'noProxy' takes precedence over - * any value of 'proxy' and disables the use of a proxy. - * - * This is useful if you run the wiki in an intranet and need to - * access external feed urls through a proxy but internal feed - * urls must be accessed without a proxy. - * - * The general handling of such cases will be subject of a - * forthcoming version. - */ + $client = HttpRequest::factory( $this->url, array( + 'timeout' => $wgRSSFetchTimeout, + 'proxy' => $wgRSSProxy - $url = $this->url; - $noProxy = !isset( $wgRSSProxy ); - - // Example for disabling proxy use for certain urls - // $noProxy = preg_match( '!\.internal\.example\.com$!i', parse_url( $url, PHP_URL_HOST ) ); - - /** - * Copied from HttpFunctions.php - * Perform an HTTP request - * - * @param $method String: HTTP method. Usually GET/POST - * @param $url String: full URL to act on. If protocol-relative, will be expanded to an http:// URL - * @param $options Array: options to pass to MWHttpRequest object. - * Possible keys for the array: - * - timeout Timeout length in seconds - * - postData An array of key-value pairs or a url-encoded form data - * - proxy The proxy to use. - * Otherwise it will use $wgHTTPProxy (if set) - * Otherwise it will use the environment variable "http_proxy" (if set) - * - noProxy Don't use any proxy at all. Takes precedence over proxy value(s). - * - sslVerifyHost (curl only) Verify hostname against certificate - * - sslVerifyCert (curl only) Verify SSL certificate - * - caInfo (curl only) Provide CA information - * - maxRedirects Maximum number of redirects to follow (defaults to 5) - * - followRedirects Whether to follow redirects (defaults to false). - * Note: this should only be used when the target URL is trusted, - * to avoid attacks on intranet services accessible by HTTP. - * - userAgent A user agent, if you want to override the default - * MediaWiki/$wgVersion - * @return Mixed: (bool)false on failure or a string on success - */ - - if ( isset( $wgRSSUrlNumberOfAllowedRedirects ) - && is_numeric( $wgRSSUrlNumberOfAllowedRedirects ) ) { - $maxRedirects = $wgRSSUrlNumberOfAllowedRedirects; - } else { - $maxRedirects = 0; - } - - // we set followRedirects intentionally to true to see error messages - // in cases where the maximum number of redirects is reached - $client = HttpRequest::factory( $url, - array( - 'timeout' => $wgRSSFetchTimeout, - 'followRedirects' => true, - 'maxRedirects' => $maxRedirects, - 'proxy' => $wgRSSProxy, - 'noProxy' => $noProxy, - 'userAgent' => $wgRSSUserAgent, - ) - ); - + ) ); + $client->setUserAgent( $wgRSSUserAgent ); foreach ( $headers as $header => $value ) { $client->setHeader( $header, $value ); } @@ -312,14 +239,6 @@ return $ret; } - function sandboxParse($wikiText) { - global $wgTitle, $wgUser; - $myParser = new Parser(); - $myParserOptions = ParserOptions::newFromUser($wgUser); - $result = $myParser->parse($wikiText, $wgTitle, $myParserOptions); - return $result->getText(); - } - /** * Render the entire feed so that each item is passed to the * template which the MediaWiki then displays. @@ -328,7 +247,7 @@ * @param $frame the frame param to pass to recursiveTagParse() */ function renderFeed( $parser, $frame ) { - + $renderedFeed = ''; if ( isset( $this->itemTemplate ) && isset( $parser ) && isset( $frame ) ) { @@ -344,16 +263,15 @@ } if ( $this->canDisplay( $item ) ) { - $renderedFeed .= $this->renderItem( $item, $parser ) . "\n"; + $renderedFeed .= $this->renderItem( $item ) . "\n"; $headcnt++; } } - $renderedFeed = $this->sandboxParse( $renderedFeed ); + $renderedFeed = $parser->recursiveTagParse( $renderedFeed, $frame ); - } - - $parser->addTrackingCategory( 'rss-tracking-category' ); + } + return $renderedFeed; } @@ -362,7 +280,7 @@ * * @param $item Array: an array produced by RSSData where keys are the names of the RSS elements */ - protected function renderItem( $item, $parser ) { + protected function renderItem( $item ) { $renderedItem = $this->itemTemplate; @@ -371,38 +289,14 @@ // and that means bad RSS with stuff like // <description><script>alert("hi")</script></description> will find its // rogue <script> tags neutered. - // use the overloaded multi byte wrapper functions in GlobalFunctions.php foreach ( array_keys( $item ) as $info ) { - switch ( $info ) { - // ATOM <id> elements and RSS <link> elements are item link urls - case 'id': - $txt = $this->sanitizeUrl( $item['id'] ); - $renderedItem = str_replace( '{{{link}}}', $txt, $renderedItem ); - break; - case 'link': - if ( !isset( $item['id'] ) ) { - $txt = $this->sanitizeUrl( $item['link'] ); - } - $renderedItem = str_replace( '{{{link}}}', $txt, $renderedItem ); - break; - case 'date': - $tempTimezone = date_default_timezone_get(); - date_default_timezone_set( 'UTC' ); - $txt = date( $this->date, strtotime( $this->escapeTemplateParameter( $item['date'] ) ) ); - date_default_timezone_set( $tempTimezone ); - $renderedItem = str_replace( '{{{date}}}', $txt, $renderedItem ); - break; - default: - $str = $this->escapeTemplateParameter( $item[$info] ); - /*** - if ( mb_strlen( $str ) > $this->ItemMaxLength ) { - $str = mb_substr( $str, 0, $this->ItemMaxLength ) . " ..."; - } - ***/ - $txt = $this->highlightTerms( $str ); - $renderedItem = str_replace( '{{{' . $info . '}}}', $parser->insertStripItem( $str ), $renderedItem ); + if ( $info != 'link' ) { + $txt = $this->highlightTerms( $this->escapeTemplateParameter( $item[ $info ] ) ); + } else { + $txt = $this->sanitizeUrl( $item[ $info ] ); } + $renderedItem = str_replace( '{{{' . $info . '}}}', $txt, $renderedItem ); } // nullify all remaining info items in the template @@ -440,65 +334,18 @@ /** * Sanitize user input for inclusion as a template parameter. - * * Unlike in wfEscapeWikiText() as of r77127, this escapes }} in addition * to the other kinds of markup, to avoid user input ending a template * invocation. - * - * If you want to allow clickable link Urls (HTML <a> tag) in RSS feeds: - * $wgRSSAllowLinkTag = true; - * - * If you want to allow images (HTML <img> tag) in RSS feeds: - * $wgAllowImageTag = true; - * */ protected function escapeTemplateParameter( $text ) { - global $wgRSSAllowLinkTag, $wgAllowImageTag; - - if ( isset( $wgRSSAllowLinkTag ) && $wgRSSAllowLinkTag ) { - $extra = array( "a" ); - } else { - $extra = array(); - } - - if ( ( isset( $wgRSSAllowLinkTag ) && $wgRSSAllowLinkTag ) - || ( isset( $wgAllowImageTag ) && $wgAllowImageTag ) ) { - - $ret = Sanitizer::removeHTMLtags( $text, null, array(), $extra, array( "iframe" ) ); - - } else { // use the old escape method for a while - - $text = str_replace( - array( '[', '|', ']', '\'', 'ISBN ', - 'RFC ', '://', "\n=", '{{', '}}', - ), - array( '[', '|', ']', ''', 'ISBN ', - 'RFC ', '://', "\n=", '{{', '}}', - ), - htmlspecialchars( str_replace( "\n", "", $text ) ) - ); - - // keep some basic layout tags - $ret = str_replace( - array( '<p>', '</p>', - '<br/>', '<br>', '</br>', - '<b>', '</b>', - '<i>', '</i>', - '<u>', '</u>', - '<s>', '</s>', - ), - array( "", "<br/>", - "<br/>", "<br/>", "<br/>", - "'''", "'''", - "''", "''", - "<u>", "</u>", - "<s>", "</s>", - ), - $text - ); - } - - return $ret; + return str_replace( + array( '[', '|', ']', '\'', 'ISBN ', + 'RFC ', '://', "\n=", '{{', '}}' ), + array( '[', '|', ']', ''', 'ISBN ', + 'RFC ', '://', "\n=", '{{', '}}' ), + htmlspecialchars( $text ) + ); } /** @@ -574,8 +421,8 @@ * * @param $text String: the text to examine * @param $filterType String: "filterOut" to check for matches in the - * filterOut member list. - * Otherwise, uses the filter member list. + * filterOut member list. + * Otherwise, uses the filter member list. * @return Boolean: decision to filter or not. */ protected function filter( $text, $filterType ) { @@ -650,25 +497,3 @@ return sprintf( $styleStart, $bgcolor[$index], $color[$index] ) . $match[0] . $styleEnd; } } - -class RSSUtils { - - /** - * Output an error message, all wraped up nicely. - * @param String $errorMessageName The system message that this error is - * @param String|Array $param Error parameter (or parameters) - * @return String Html that is the error. - */ - public static function RSSError( $errorMessageName, $param = false ) { - - // Anything from a parser tag should use Content lang for message, - // since the cache doesn't vary by user language: do not use wfMsgForContent but wfMsgForContent - // The ->parse() part makes everything safe from an escaping standpoint. - - return Html::rawElement( 'span', array( 'class' => 'error' ), - "Extension:RSS -- Error: " . wfMessage( $errorMessageName )->inContentLanguage()->params( $param )->parse() - ); - - } - -} _______________________________________________ MediaWiki-CVS mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
