MtDu has uploaded a new change for review. (
https://gerrit.wikimedia.org/r/326243 )
Change subject: Escape raw HTML messages in SmiteSpam SpecialPages
......................................................................
Escape raw HTML messages in SmiteSpam SpecialPages
* Also replaced wfMessage() with $this->msg() where possible
Bug: T152831
Change-Id: Ia941e59a59be58db39e8853ed6633d13a1ea26f6
---
M SpecialSmiteSpam.php
M SpecialSmiteSpamTrustedUsers.php
2 files changed, 14 insertions(+), 14 deletions(-)
git pull ssh://gerrit.wikimedia.org:29418/mediawiki/extensions/SmiteSpam
refs/changes/43/326243/1
diff --git a/SpecialSmiteSpam.php b/SpecialSmiteSpam.php
index 4640d43..004c063 100644
--- a/SpecialSmiteSpam.php
+++ b/SpecialSmiteSpam.php
@@ -22,12 +22,12 @@
$out->addHTML(
$this->getLinkRenderer()->makeLink(
SpecialPage::getTitleFor(
'SmiteSpamTrustedUsers' ),
- wfMessage( 'smitespam-view-trusted-users'
)->text(),
+ $this->msg( 'smitespam-view-trusted-users'
)->text(),
[ 'target' => '_blank' ]
)
);
- $out->addHTML( '<h2>' . $this->msg(
'smitespam-spam-pages-list-heading' )->text() . '</h2>' );
+ $out->addHTML( '<h2>' . $this->msg(
'smitespam-spam-pages-list-heading' )->escaped() . '</h2>' );
$out->addHTML( '<div id="pagination"></div>' );
@@ -42,14 +42,14 @@
$out->addHTML( '<div id="smitespam-select-options"></div>' );
$out->addHTML( '<input type="submit" value="'
- . $this->msg( 'smitespam-delete-selected' ) . '"
style="display:none;">' );
+ . $this->msg( 'smitespam-delete-selected' )->escaped()
. '" style="display:none;">' );
$out->addHTML( Html::openElement( 'div', [
'id' => 'smitespam-page-list',
] ) );
$out->addHTML( Html::closeElement( 'div' ) );
$out->addHTML( '<input type="submit" value="'
- . $this->msg( 'smitespam-delete-selected' ) . '"
style="display:none;">' );
+ . $this->msg( 'smitespam-delete-selected' )->escaped()
. '" style="display:none;">' );
$out->addHTML( Html::closeElement( 'form' ) );
$out->addModules( 'ext.SmiteSpam.retriever' );
diff --git a/SpecialSmiteSpamTrustedUsers.php b/SpecialSmiteSpamTrustedUsers.php
index dcb50f4..4a47303 100644
--- a/SpecialSmiteSpamTrustedUsers.php
+++ b/SpecialSmiteSpamTrustedUsers.php
@@ -34,7 +34,7 @@
if ( $result ) {
$out->addHTML(
'<div
class="errorbox">' .
- "<p>" . wfMessage(
'smitespam-already-trusted', $username )->text() . "</p>" .
+ "<p>" . $this->msg(
'smitespam-already-trusted', $username )->escaped() . "</p>" .
'</div>'
);
} else {
@@ -50,14 +50,14 @@
);
$out->addHTML(
'<div
class="successbox">' .
- "<p>" . wfMessage(
'smitespam-trusted-user-message', $username )->escaped() . "</p>" .
+ "<p>" . $this->msg(
'smitespam-trusted-user-message', $username )->escaped() . "</p>" .
'</div>'
);
}
} else {
$out->addHTML(
'<div class="errorbox">' .
- "<p>" . wfMessage(
'smitespam-userdoesnotexist', $username )->escaped() . "</p>" .
+ "<p>" . $this->msg(
'smitespam-userdoesnotexist', $username )->escaped() . "</p>" .
'</div>'
);
}
@@ -94,16 +94,16 @@
$out->addHTML( "<form method=\"post\">" );
- $out->addHTML( '<label>' . wfMessage(
'smitespam-add-user-label' )->text() .
+ $out->addHTML( '<label>' . $this->msg(
'smitespam-add-user-label' )->escaped() .
'<input type="text" name="username"></label>' .
- ' <input type="submit" value="' . wfMessage(
'smitespam-trust' )->text() .
+ ' <input type="submit" value="' . $this->msg(
'smitespam-trust' )->escaped() .
'" name="add">' );
$out->addHTML( '<table class="wikitable"><tr>' .
- '<th>' . wfMessage( 'smitespam-trusted-user' )->text()
. '</th>' .
- '<th>' . wfMessage( 'smitespam-timestamp' )->text() .
'</th>' .
- '<th>' . wfMessage( 'smitespam-trusting-admin'
)->text() . '</th>' .
- '<th>' . wfMessage( 'smitespam-remove' )->text() .
'</th>' .
+ '<th>' . $this->msg( 'smitespam-trusted-user'
)->escaped() . '</th>' .
+ '<th>' . $this->msg( 'smitespam-timestamp' )->escaped()
. '</th>' .
+ '<th>' . $this->msg( 'smitespam-trusting-admin'
)->escaped() . '</th>' .
+ '<th>' . $this->msg( 'smitespam-remove' )->escaped() .
'</th>' .
'</tr>'
);
$linkRenderer = $this->getLinkRenderer();
@@ -131,7 +131,7 @@
"<td>$timestamp</td>" .
"<td>$adminContribsLink</td>" .
"<td><button type=\"submit\" name=\"remove\"
value=\"$trustedUser\">" .
- wfMessage( 'smitespam-remove' )->text() .
"</button></tr>"
+ $this->msg( 'smitespam-remove' )->escaped() .
"</button></tr>"
);
}
$out->addHTML( '</table>' );
--
To view, visit https://gerrit.wikimedia.org/r/326243
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ia941e59a59be58db39e8853ed6633d13a1ea26f6
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/SmiteSpam
Gerrit-Branch: master
Gerrit-Owner: MtDu <justin.d...@gmail.com>
_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits
