if ( $title ) {
return Linker::link( $title, htmlspecialchars( $text ) );
} else {
- return $text;
+ return htmlspecialchars( $text );
}
}
$errMessage = array(
'code' => 'internal_api_error_' . get_class( $e ),
- 'info' => $info,
- );
- ApiResult::setContent(
- $errMessage,
- $config->get( 'ShowExceptionDetails' ) ? "\n\n{$e->getTraceAsString()}\n\n" : ''
+ 'info' => '[' . MWExceptionHandler::getLogId( $e ) . '] ' . $info,
);
+ if ( $config->get( 'ShowExceptionDetails' ) ) {
+ ApiResult::setContent(
+ $errMessage,
+ MWExceptionHandler::getRedactedTraceAsString( $e )
+ );
+ }
}
// Remember all the warnings to re-add them later
$element = $this->styleRestricedElement( $element );
}
} else {
- $performer = $this->getPerformerElement() . $this->msg( 'word-separator' )->text();
- $element = $performer . $this->getRestrictedElement( 'rev-deleted-event' );
+ $sep = $this->msg( 'word-separator' );
+ $sep = $this->plaintext ? $sep->text() : $sep->escaped();
+ $performer = $this->getPerformerElement();
+ $element = $performer . $sep . $this->getRestrictedElement( 'rev-deleted-event' );
}
return $element;
$performer = $this->getPerformerElement();
if ( !$this->irctext ) {
- $action = $performer . $this->msg( 'word-separator' )->text() . $action;
+ $sep = $this->msg( 'word-separator' );
+ $sep = $this->plaintext ? $sep->text() : $sep->escaped();
+ $action = $performer . $sep . $action;
}
return $action;
* @var MagicWordArray
*/
public $mSubstWords;
- public $mConf, $mPreprocessor, $mExtLinkBracketedRegex, $mUrlProtocols; # Initialised in constructor
+ # Initialised in constructor
+ public $mConf, $mPreprocessor, $mExtLinkBracketedRegex, $mUrlProtocols;
# Cleared with clearState():
/**
* @param bool|PPFrame $frame
* @return mixed|string
*/
- public function preprocess( $text, Title $title = null, ParserOptions $options, $revid = null, $frame = false ) {
+ public function preprocess( $text, Title $title = null,
+ ParserOptions $options, $revid = null, $frame = false
+ ) {
wfProfileIn( __METHOD__ );
$magicScopeVariable = $this->lock();
$this->startParse( $title, $options, self::OT_PREPROCESS, true );
$grouppageLocalized = !$msg->isBlank() ?
$msg->text() :
MWNamespace::getCanonicalName( NS_PROJECT ) . ':' . $groupname;
+ $grouppageLocalizedTitle = Title::newFromText( $grouppageLocalized );
- if ( $group == '*' ) {
- // Do not make a link for the generic * group
+ if ( $group == '*' || !$grouppageLocalizedTitle ) {
+ // Do not make a link for the generic * group or group with invalid group page
$grouppage = htmlspecialchars( $groupnameLocalized );
} else {
$grouppage = Linker::link(
- Title::newFromText( $grouppageLocalized ),
+ $grouppageLocalizedTitle,
htmlspecialchars( $groupnameLocalized )
);
}
}
$language = $this->getLanguage();
- $displayedList = $this->msg( 'userrights-groupsmember-type',
- $language->listToText( $list ),
- $language->listToText( $membersList )
- )->plain();
- $displayedAutolist = $this->msg( 'userrights-groupsmember-type',
- $language->listToText( $autoList ),
- $language->listToText( $autoMembersList )
- )->plain();
+ $displayedList = $this->msg( 'userrights-groupsmember-type' )
+ ->rawParams(
+ $language->listToText( $list ),
+ $language->listToText( $membersList )
+ )->escaped();
+ $displayedAutolist = $this->msg( 'userrights-groupsmember-type' )
+ ->rawParams(
+ $language->listToText( $autoList ),
+ $language->listToText( $autoMembersList )
+ )->escaped();
$grouplist = '';
$count = count( $list );
if ( $count > 0 ) {
- $grouplist = $this->msg( 'userrights-groupsmember', $count, $user->getName() )->parse();
+ $grouplist = $this->msg( 'userrights-groupsmember' )
+ ->numParams( $count )
+ ->params( $user->getName() )
+ ->parse();
$grouplist = '<p>' . $grouplist . ' ' . $displayedList . "</p>\n";
}
$count = count( $autoList );
if ( $count > 0 ) {
- $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto', $count, $user->getName() )
+ $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto' )
+ ->numParams( $count )
+ ->params( $user->getName() )
->parse();
$grouplist .= '<p>' . $autogrouplistintro . ' ' . $displayedAutolist . "</p>\n";
}
$member = User::getGroupMember( $group, $user->getName() );
if ( $checkbox['irreversible'] ) {
- $text = $this->msg( 'userrights-irreversible-marker', $member )->escaped();
+ $text = $this->msg( 'userrights-irreversible-marker', $member )->text();
} else {
- $text = htmlspecialchars( $member );
+ $text = $member;
}
$checkboxHtml = Xml::checkLabel( $text, "wpGroup-" . $group,
"wpGroup-" . $group, $checkbox['set'], $attr );
* @return string
*/
function getMessageFromDB( $msg ) {
- return wfMessage( $msg )->inLanguage( $this )->text();
+ return $this->msg( $msg )->text();
+ }
+
+ /**
+ * Get message object in this language. Only for use inside this class.
+ *
+ * @param string $msg Message name
+ * @return Message
+ */
+ protected function msg( $msg ) {
+ return wfMessage( $msg )->inLanguage( $this );
}
/**
return '';
}
if ( $m > 0 ) {
- $and = $this->getMessageFromDB( 'and' );
- $space = $this->getMessageFromDB( 'word-separator' );
+ $and = $this->msg( 'and' )->escaped();
+ $space = $this->msg( 'word-separator' )->escaped();
if ( $m > 1 ) {
- $comma = $this->getMessageFromDB( 'comma-separator' );
+ $comma = $this->msg( 'comma-separator' )->escaped();
}
}
$s = $l[$m];
* Make a list item, used by various special pages
*
* @param string $page Page link
- * @param string $details Text between brackets
+ * @param string $details HTML safe text between brackets
* @param bool $oppositedm Add the direction mark opposite to your
* language, to display text properly
- * @return string
+ * @return HTML escaped string
*/
function specialList( $page, $details, $oppositedm = true ) {
- $dirmark = ( $oppositedm ? $this->getDirMark( true ) : '' ) .
- $this->getDirMark();
- $details = $details ? $dirmark . $this->getMessageFromDB( 'word-separator' ) .
- wfMessage( 'parentheses' )->rawParams( $details )->inLanguage( $this )->escaped() : '';
- return $page . $details;
+ if ( !$details ) {
+ return $page;
+ }
+
+ $dirmark = ( $oppositedm ? $this->getDirMark( true ) : '' ) . $this->getDirMark();
+ return
+ $page .
+ $dirmark .
+ $this->msg( 'word-separator' )->escaped() .
+ $this->msg( 'parentheses' )->rawParams( $details )->escaped();
}
/**