[MediaWiki-commits] [Gerrit] Fix escaping issue on Special:Ask - change (mediawiki...SemanticMediaWiki)

Jeroen De Dauw (Code Review) Sat, 06 Apr 2013 17:44:32 -0700

Jeroen De Dauw has submitted this change and it was merged.

Change subject: Fix escaping issue on Special:Ask
......................................................................



Fix escaping issue on Special:Ask

bug 46852

patch by Chris Steipp

Change-Id: Ic6098ee8c6f5433bef08888915fcc4242e821b22
---
M specials/AskSpecial/SMW_SpecialAsk.php
1 file changed, 9 insertions(+), 2 deletions(-)

Approvals:
  Jeroen De Dauw: Verified; Looks good to me, approved
  jenkins-bot: Verified



diff --git a/specials/AskSpecial/SMW_SpecialAsk.php 
b/specials/AskSpecial/SMW_SpecialAsk.php
index 7624fbc..2093e09 100644
--- a/specials/AskSpecial/SMW_SpecialAsk.php
+++ b/specials/AskSpecial/SMW_SpecialAsk.php
@@ -452,12 +452,19 @@
 
                foreach ( $params as $param => $value ) {
                        if ( $param !== 'format' ) {
-                               $url .= '&params[' . Xml::escapeJsString( 
$param ) . ']=' . Xml::escapeJsString( $value );
+                               $url .= '&params[' . rawurlencode( $param ) . 
']=' . rawurlencode( $value );
                        }
                }
 
                $result .= '<br /><span style=vertical-align:middle;">' . 
wfMessage( 'smw_ask_format_as' )->text() . ' <input type="hidden" name="eq" 
value="yes"/>' . "\n" .
-                       '<select id="formatSelector" name="p[format]" 
data-url="' . $url . '">' . "\n" .
+                       Html::openElement(
+                               'select',
+                               array(
+                                        'id' => 'formatSelector',
+                                        'name' => 'p[format]',
+                                        'data-url' => $url,
+                               )
+                       ) . "\n" .
                        '       <option value="broadtable"' . ( 
$params['format'] == 'broadtable' ? ' selected' : '' ) . '>' .
                        $printer->getName() . ' (' . wfMessage( 
'smw_ask_defaultformat' )->text() . ')</option>' . "\n";
 

-- 
To view, visit https://gerrit.wikimedia.org/r/57433
To unsubscribe, visit https://gerrit.wikimedia.org/r/settings

Gerrit-MessageType: merged
Gerrit-Change-Id: Ic6098ee8c6f5433bef08888915fcc4242e821b22
Gerrit-PatchSet: 1
Gerrit-Project: mediawiki/extensions/SemanticMediaWiki
Gerrit-Branch: master
Gerrit-Owner: Jeroen De Dauw <jeroended...@gmail.com>
Gerrit-Reviewer: CSteipp <cste...@wikimedia.org>
Gerrit-Reviewer: Jeroen De Dauw <jeroended...@gmail.com>
Gerrit-Reviewer: Mwjames <jamesin.hongkon...@gmail.com>
Gerrit-Reviewer: Nischayn22 <nischay...@gmail.com>
Gerrit-Reviewer: Ryan Lane <rl...@wikimedia.org>
Gerrit-Reviewer: Yaron Koren <yaro...@gmail.com>
Gerrit-Reviewer: jenkins-bot

_______________________________________________
MediaWiki-commits mailing list
MediaWiki-commits@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-commits

[MediaWiki-commits] [Gerrit] Fix escaping issue on Special:Ask - change (mediawiki...SemanticMediaWiki)

Reply via email to