MtDu has uploaded a new change for review. ( https://gerrit.wikimedia.org/r/326243 )
Change subject: Escape raw HTML messages in SmiteSpam SpecialPages ...................................................................... Escape raw HTML messages in SmiteSpam SpecialPages * Also replaced wfMessage() with $this->msg() where possible Bug: T152831 Change-Id: Ia941e59a59be58db39e8853ed6633d13a1ea26f6 --- M SpecialSmiteSpam.php M SpecialSmiteSpamTrustedUsers.php 2 files changed, 14 insertions(+), 14 deletions(-) git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/SmiteSpam refs/changes/43/326243/1 diff --git a/SpecialSmiteSpam.php b/SpecialSmiteSpam.php index 4640d43..004c063 100644 --- a/SpecialSmiteSpam.php +++ b/SpecialSmiteSpam.php @@ -22,12 +22,12 @@ $out->addHTML( $this->getLinkRenderer()->makeLink( SpecialPage::getTitleFor( 'SmiteSpamTrustedUsers' ), - wfMessage( 'smitespam-view-trusted-users' )->text(), + $this->msg( 'smitespam-view-trusted-users' )->text(), [ 'target' => '_blank' ] ) ); - $out->addHTML( '<h2>' . $this->msg( 'smitespam-spam-pages-list-heading' )->text() . '</h2>' ); + $out->addHTML( '<h2>' . $this->msg( 'smitespam-spam-pages-list-heading' )->escaped() . '</h2>' ); $out->addHTML( '<div id="pagination"></div>' ); @@ -42,14 +42,14 @@ $out->addHTML( '<div id="smitespam-select-options"></div>' ); $out->addHTML( '<input type="submit" value="' - . $this->msg( 'smitespam-delete-selected' ) . '" style="display:none;">' ); + . $this->msg( 'smitespam-delete-selected' )->escaped() . '" style="display:none;">' ); $out->addHTML( Html::openElement( 'div', [ 'id' => 'smitespam-page-list', ] ) ); $out->addHTML( Html::closeElement( 'div' ) ); $out->addHTML( '<input type="submit" value="' - . $this->msg( 'smitespam-delete-selected' ) . '" style="display:none;">' ); + . $this->msg( 'smitespam-delete-selected' )->escaped() . '" style="display:none;">' ); $out->addHTML( Html::closeElement( 'form' ) ); $out->addModules( 'ext.SmiteSpam.retriever' ); diff --git a/SpecialSmiteSpamTrustedUsers.php b/SpecialSmiteSpamTrustedUsers.php index dcb50f4..4a47303 100644 --- a/SpecialSmiteSpamTrustedUsers.php +++ b/SpecialSmiteSpamTrustedUsers.php @@ -34,7 +34,7 @@ if ( $result ) { $out->addHTML( '<div class="errorbox">' . - "<p>" . wfMessage( 'smitespam-already-trusted', $username )->text() . "</p>" . + "<p>" . $this->msg( 'smitespam-already-trusted', $username )->escaped() . "</p>" . '</div>' ); } else { @@ -50,14 +50,14 @@ ); $out->addHTML( '<div class="successbox">' . - "<p>" . wfMessage( 'smitespam-trusted-user-message', $username )->escaped() . "</p>" . + "<p>" . $this->msg( 'smitespam-trusted-user-message', $username )->escaped() . "</p>" . '</div>' ); } } else { $out->addHTML( '<div class="errorbox">' . - "<p>" . wfMessage( 'smitespam-userdoesnotexist', $username )->escaped() . "</p>" . + "<p>" . $this->msg( 'smitespam-userdoesnotexist', $username )->escaped() . "</p>" . '</div>' ); } @@ -94,16 +94,16 @@ $out->addHTML( "<form method=\"post\">" ); - $out->addHTML( '<label>' . wfMessage( 'smitespam-add-user-label' )->text() . + $out->addHTML( '<label>' . $this->msg( 'smitespam-add-user-label' )->escaped() . '<input type="text" name="username"></label>' . - ' <input type="submit" value="' . wfMessage( 'smitespam-trust' )->text() . + ' <input type="submit" value="' . $this->msg( 'smitespam-trust' )->escaped() . '" name="add">' ); $out->addHTML( '<table class="wikitable"><tr>' . - '<th>' . wfMessage( 'smitespam-trusted-user' )->text() . '</th>' . - '<th>' . wfMessage( 'smitespam-timestamp' )->text() . '</th>' . - '<th>' . wfMessage( 'smitespam-trusting-admin' )->text() . '</th>' . - '<th>' . wfMessage( 'smitespam-remove' )->text() . '</th>' . + '<th>' . $this->msg( 'smitespam-trusted-user' )->escaped() . '</th>' . + '<th>' . $this->msg( 'smitespam-timestamp' )->escaped() . '</th>' . + '<th>' . $this->msg( 'smitespam-trusting-admin' )->escaped() . '</th>' . + '<th>' . $this->msg( 'smitespam-remove' )->escaped() . '</th>' . '</tr>' ); $linkRenderer = $this->getLinkRenderer(); @@ -131,7 +131,7 @@ "<td>$timestamp</td>" . "<td>$adminContribsLink</td>" . "<td><button type=\"submit\" name=\"remove\" value=\"$trustedUser\">" . - wfMessage( 'smitespam-remove' )->text() . "</button></tr>" + $this->msg( 'smitespam-remove' )->escaped() . "</button></tr>" ); } $out->addHTML( '</table>' ); -- To view, visit https://gerrit.wikimedia.org/r/326243 To unsubscribe, visit https://gerrit.wikimedia.org/r/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Ia941e59a59be58db39e8853ed6633d13a1ea26f6 Gerrit-PatchSet: 1 Gerrit-Project: mediawiki/extensions/SmiteSpam Gerrit-Branch: master Gerrit-Owner: MtDu <justin.d...@gmail.com> _______________________________________________ MediaWiki-commits mailing list MediaWiki-commits@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits