From: Brion Vibber <brion@users.mediawiki.org>
Date: Wed, 7 Apr 2004 06:53:42 +0000 (+0000)
Subject: Encode the URLs for the navlinks, which were being dumped into the
X-Git-Tag: 1.3.0beta1~579
X-Git-Url: http://git.cyclocoop.org/%24href?a=commitdiff_plain;h=43ac1754d7becaafb003d27bfc1d7a8b8d1ffe3b;p=lhc%2Fweb%2Fwiklou.git

Encode the URLs for the navlinks, which were being dumped into the
code raw, invalidating the (X)HTML document.
---

diff --git a/includes/SkinPHPTal.php b/includes/SkinPHPTal.php
index 0eff07685c..4fc2cf1f36 100644
--- a/includes/SkinPHPTal.php
+++ b/includes/SkinPHPTal.php
@@ -322,20 +322,20 @@
 			$diff = $wgRequest->getVal( 'diff' );
 
 			$nav_urls = array();
-			$nav_urls['mainpage'] = array('href' => $this->makeI18nUrl('mainpage'));
-			$nav_urls['randompage'] = array('href' => $this->makeSpecialUrl('Randompage'));
-			$nav_urls['recentchanges'] = array('href' => $this->makeSpecialUrl('Recentchanges'));
-			$nav_urls['whatlinkshere'] = array('href' => $this->makeSpecialUrl('Whatlinkshere', 'target='.$this->thispage));
+			$nav_urls['mainpage'] = array('href' => htmlspecialchars( $this->makeI18nUrl('mainpage')));
+			$nav_urls['randompage'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Randompage')));
+			$nav_urls['recentchanges'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Recentchanges')));
+			$nav_urls['whatlinkshere'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Whatlinkshere', 'target='.$this->thispage)));
 			if(wfMsg('currentevents') != '-') {
-				$nav_urls['currentevents'] = array('href' => $this->makeI18nUrl('currentevents'));
+				$nav_urls['currentevents'] = array('href' => htmlspecialchars( $this->makeI18nUrl('currentevents')));
 			}
-			$nav_urls['recentchangeslinked'] = array('href' => $this->makeSpecialUrl('Recentchangeslinked', 'target='.$this->thispage));
-			$nav_urls['bugreports'] = array('href' => $this->makeI18nUrl('bugreportspage'));
-			// $nav_urls['sitesupport'] = array('href' => $this->makeI18nUrl('sitesupportpage'));
-			$nav_urls['sitesupport'] = array('href' => $wgSiteSupportPage);
-			$nav_urls['help'] = array('href' => $this->makeI18nUrl('helppage'));
-			$nav_urls['upload'] = array('href' => $this->makeSpecialUrl('Upload'));
-			$nav_urls['specialpages'] = array('href' => $this->makeSpecialUrl('Specialpages'));
+			$nav_urls['recentchangeslinked'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Recentchangeslinked', 'target='.$this->thispage)));
+			$nav_urls['bugreports'] = array('href' => htmlspecialchars( $this->makeI18nUrl('bugreportspage')));
+			// $nav_urls['sitesupport'] = array('href' => htmlspecialchars( $this->makeI18nUrl('sitesupportpage')));
+			$nav_urls['sitesupport'] = array('href' => htmlspecialchars( $wgSiteSupportPage));
+			$nav_urls['help'] = array('href' => htmlspecialchars( $this->makeI18nUrl('helppage')));
+			$nav_urls['upload'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Upload')));
+			$nav_urls['specialpages'] = array('href' => htmlspecialchars( $this->makeSpecialUrl('Specialpages')));
 
 			return $nav_urls;
 		}