User "Renklauf" posted a comment on Wikimedia.r205. Full URL: http://www.mediawiki.org/wiki/Special:Code/Wikimedia/205#c18945 Commit summary:
moving the contents of http://svn.wikimedia.org/viewvc/mediawiki/trunk/fundraiser-statistics/fundraiser-scripts/ for fundraiser analytics and reporting to the wikimedia repository Comment: follow up 216 I've added escaping to the django templates. I'm not escaping variables that originate from the database - in general all user input is escaped on POST as well as being when being displayed in the front end so the contents of the DB should always be safe. I think this is a fair assumption, what are your thoughts? _______________________________________________ MediaWiki-CodeReview mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/mediawiki-codereview
