http://www.mediawiki.org/wiki/Special:Code/MediaWiki/76848
Revision: 76848
Author: mah
Date: 2010-11-16 23:21:36 +0000 (Tue, 16 Nov 2010)
Log Message:
-----------
* Remove references to unused charset handling.
* Remove references to unused config variables.
* Consolidate renderItem() to a single loop instead of a separate one for
highlighting displayFields.
* Make sure everything gets htmlspecialchars() treatment.
o
Modified Paths:
--------------
trunk/extensions/RSS/RSS.php
trunk/extensions/RSS/RSSParser.php
Modified: trunk/extensions/RSS/RSS.php
===================================================================
--- trunk/extensions/RSS/RSS.php 2010-11-16 23:20:41 UTC (rev 76847)
+++ trunk/extensions/RSS/RSS.php 2010-11-16 23:21:36 UTC (rev 76848)
@@ -50,14 +50,10 @@
$wgHooks['ParserFirstCallInit'][] = 'RSSHooks::parserInit';
$wgRSSCacheAge = 3600; // one hour
-$wgRSSCacheFreshOnly = false;
$wgRSSCacheCompare = false; // Check cached content, if available, against
remote.
// $wgRSSCacheCompare should
be set to false or a timeout
// (less than
$wgRSSCacheAge) after which a comparison will
// be made.
-$wgRSSOutputEncoding = 'ISO-8859-1';
-$wgRSSInputEncoding = null;
-$wgRSSDetectEncoding = true;
$wgRSSFetchTimeout = 5; // 5 second timeout
// Agent to use for fetching feeds
Modified: trunk/extensions/RSS/RSSParser.php
===================================================================
--- trunk/extensions/RSS/RSSParser.php 2010-11-16 23:20:41 UTC (rev 76847)
+++ trunk/extensions/RSS/RSSParser.php 2010-11-16 23:21:36 UTC (rev 76848)
@@ -1,7 +1,6 @@
<?php
class RSSParser {
- protected $charset;
protected $maxheads = 32;
protected $reversed = false;
protected $highlight = array();
@@ -35,15 +34,6 @@
function __construct( $url, $args ) {
$this->url = $url;
- # Get charset from argument array
- # FIXME: not used yet
- if ( isset( $args['charset'] ) ) {
- $this->charset = $args['charset'];
- } else {
- global $wgOutputEncoding;
- $this->charset = $wgOutputEncoding;
- }
-
# Get max number of headlines from argument-array
if ( isset( $args['max'] ) ) {
$this->maxheads = $args['max'];
@@ -92,16 +82,11 @@
*
* NOTES ON FAILED REQUESTS:
* If there is an HTTP error while fetching an RSS object, the cached
version
- * will be returned, if it exists (and if $wgRSSCacheFreshOnly is false)
+ * will be returned, if it exists.
*
* @return boolean Status object
*/
function fetch() {
- global $wgRSSCacheAge, $wgRSSCacheFreshOnly;
- global $wgRSSCacheDirectory, $wgRSSFetchTimeout;
- global $wgRSSOutputEncoding, $wgRSSInputEncoding;
- global $wgRSSDetectEncoding;
-
if ( !isset( $this->url ) ) {
return Status::newFatal( 'rss-fetch-nourl' );
}
@@ -256,22 +241,21 @@
protected function renderItem( $item, $parser, $frame ) {
$output = "";
if ( isset( $parser ) && isset( $frame ) ) {
- $rendered = array();
- foreach ( $this->displayFields as $field ) {
- if ( isset($item[$field] ) ) {
- $item[$field] = $this->highlightTerms(
$item[$field] );
- }
- }
-
+ $displayFields = array_flip( $this->displayFields );
$rendered = $this->itemTemplate;
+
// $info will only be an XML element name, so we're safe
// using it. $item[$info] is handled by the XML parser
--
// and that means bad RSS with stuff like
//
<description><script>alert("hi")</script></description> will find its
// rogue <script> tags neutered.
foreach ( array_keys( $item ) as $info ) {
- $rendered = str_replace( '{{{' . $info . '}}}',
wfEscapeWikiText( $item[$info] ),
- $rendered );
+ if ( isset( $displayFields[ $info ] ) ) {
+ $txt = $this->highlightTerms(
htmlspecialchars( $item[ $info ] ) );
+ } else {
+ $txt = htmlspecialchars( $item[ $info ]
);
+ }
+ $rendered = str_replace( '{{{' . $info . '}}}',
$txt, $rendered );
}
$output .= $parser->recursiveTagParse( $rendered,
$frame );
}
_______________________________________________
MediaWiki-CVS mailing list
MediaWiki-CVS@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
