From 43ac1754d7becaafb003d27bfc1d7a8b8d1ffe3b Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@users.mediawiki.org>
Date: Wed, 7 Apr 2004 06:53:42 +0000
Subject: [PATCH] Encode the URLs for the navlinks, which were being dumped
 into the code raw, invalidating the (X)HTML document.

---
 includes/SkinPHPTal.php | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/includes/SkinPHPTal.php b/includes/SkinPHPTal.php
index 0eff07685c..4fc2cf1f36 100644
--- a/includes/SkinPHPTal.php
+++ b/includes/SkinPHPTal.php
@@ -322,20 +322,20 @@
 			$diff = $wgRequest->getVal( 'diff' );
 
 			$nav_urls = array();
-			$nav_urls['mainpage'] = array('href' => $this->makeI18nUrl('mainpage'));
-			$nav_urls['randompage'] = array('href' => $this->makeSpecialUrl('Randompage'));
-			$nav_urls['recentchanges'] = array('href' => $this->makeSpecialUrl('Recentchanges'));
-			$nav_urls['whatlinkshere'] = array('href' => $this->makeSpecialUrl('Whatlinkshere', 'target='.$this->thispage));
+			$nav_urls['mainpage'] = array('href' => htmlspecialchars( $this->makeI18nUrl('mainpage')));
+			$nav_urls['randompage'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Randompage')));
+			$nav_urls['recentchanges'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Recentchanges')));
+			$nav_urls['whatlinkshere'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Whatlinkshere', 'target='.$this->thispage)));
 			if(wfMsg('currentevents') != '-') {
-				$nav_urls['currentevents'] = array('href' => $this->makeI18nUrl('currentevents'));
+				$nav_urls['currentevents'] = array('href' => htmlspecialchars( $this->makeI18nUrl('currentevents')));
 			}
-			$nav_urls['recentchangeslinked'] = array('href' => $this->makeSpecialUrl('Recentchangeslinked', 'target='.$this->thispage));
-			$nav_urls['bugreports'] = array('href' => $this->makeI18nUrl('bugreportspage'));
-			// $nav_urls['sitesupport'] = array('href' => $this->makeI18nUrl('sitesupportpage'));
-			$nav_urls['sitesupport'] = array('href' => $wgSiteSupportPage);
-			$nav_urls['help'] = array('href' => $this->makeI18nUrl('helppage'));
-			$nav_urls['upload'] = array('href' => $this->makeSpecialUrl('Upload'));
-			$nav_urls['specialpages'] = array('href' => $this->makeSpecialUrl('Specialpages'));
+			$nav_urls['recentchangeslinked'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Recentchangeslinked', 'target='.$this->thispage)));
+			$nav_urls['bugreports'] = array('href' => htmlspecialchars( $this->makeI18nUrl('bugreportspage')));
+			// $nav_urls['sitesupport'] = array('href' => htmlspecialchars( $this->makeI18nUrl('sitesupportpage')));
+			$nav_urls['sitesupport'] = array('href' => htmlspecialchars( $wgSiteSupportPage));
+			$nav_urls['help'] = array('href' => htmlspecialchars( $this->makeI18nUrl('helppage')));
+			$nav_urls['upload'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Upload')));
+			$nav_urls['specialpages'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Specialpages')));
 
 			return $nav_urls;
 		}
-- 
2.20.1