From f963ec0cea8d5581c7f951fbc38fc42dad662063 Mon Sep 17 00:00:00 2001 From: umherirrender Date: Sat, 21 Apr 2012 15:12:08 +0200 Subject: [PATCH] (bug 32604) Some messages needs escaping of wikitext inside username Change-Id: I223a5fb8d110ceace122acb7045bc6a925bfda66 --- RELEASE-NOTES-1.20 | 1 + includes/specials/SpecialBlock.php | 6 +++--- includes/specials/SpecialUnblock.php | 6 +++--- includes/specials/SpecialUndelete.php | 2 +- 4 files changed, 8 insertions(+), 7 deletions(-) diff --git a/RELEASE-NOTES-1.20 b/RELEASE-NOTES-1.20 index ceae45e931..c796df3b9a 100644 --- a/RELEASE-NOTES-1.20 +++ b/RELEASE-NOTES-1.20 @@ -97,6 +97,7 @@ upgrade PHP if you have not done so prior to upgrading MediaWiki. * (bug 35572) Blocks appear to succeed even if query fails due to wrong DB structure * (bug 31757) Add a word-separator between help-messages in HTMLForm * (bug 30410) Removed deprecated $wgFilterCallback and the 'filtered' API error. +* (bug 32604) Some messages needs escaping of wikitext inside username === API changes in 1.20 === * (bug 34316) Add ability to retrieve maximum upload size from MediaWiki API. diff --git a/includes/specials/SpecialBlock.php b/includes/specials/SpecialBlock.php index a58e62ea27..4d74fe18df 100644 --- a/includes/specials/SpecialBlock.php +++ b/includes/specials/SpecialBlock.php @@ -277,7 +277,7 @@ class SpecialBlock extends FormSpecialPage { } $this->alreadyBlocked = true; - $this->preErrors[] = array( 'ipb-needreblock', (string)$block->getTarget() ); + $this->preErrors[] = array( 'ipb-needreblock', wfEscapeWikiText( (string)$block->getTarget() ) ); } # We always need confirmation to do HideUser @@ -349,7 +349,7 @@ class SpecialBlock extends FormSpecialPage { # Link to unblock the specified user, or to a blank unblock form if( $this->target instanceof User ) { - $message = $this->msg( 'ipb-unblock-addr', $this->target->getName() )->parse(); + $message = $this->msg( 'ipb-unblock-addr', wfEscapeWikiText( $this->target->getName() ) )->parse(); $list = SpecialPage::getTitleFor( 'Unblock', $this->target->getName() ); } else { $message = $this->msg( 'ipb-unblock' )->parse(); @@ -904,7 +904,7 @@ class SpecialBlock extends FormSpecialPage { public function onSuccess() { $out = $this->getOutput(); $out->setPageTitle( $this->msg( 'blockipsuccesssub' ) ); - $out->addWikiMsg( 'blockipsuccesstext', $this->target ); + $out->addWikiMsg( 'blockipsuccesstext', wfEscapeWikiText( $this->target ) ); } } diff --git a/includes/specials/SpecialUnblock.php b/includes/specials/SpecialUnblock.php index fab21cd52e..fb2005b51f 100644 --- a/includes/specials/SpecialUnblock.php +++ b/includes/specials/SpecialUnblock.php @@ -60,14 +60,14 @@ class SpecialUnblock extends SpecialPage { switch( $this->type ){ case Block::TYPE_USER: case Block::TYPE_IP: - $out->addWikiMsg( 'unblocked', $this->target ); + $out->addWikiMsg( 'unblocked', wfEscapeWikiText( $this->target ) ); break; case Block::TYPE_RANGE: - $out->addWikiMsg( 'unblocked-range', $this->target ); + $out->addWikiMsg( 'unblocked-range', wfEscapeWikiText( $this->target ) ); break; case Block::TYPE_ID: case Block::TYPE_AUTO: - $out->addWikiMsg( 'unblocked-id', $this->target ); + $out->addWikiMsg( 'unblocked-id', wfEscapeWikiText( $this->target ) ); break; } } diff --git a/includes/specials/SpecialUndelete.php b/includes/specials/SpecialUndelete.php index 06b578d701..d1bb3f01a4 100644 --- a/includes/specials/SpecialUndelete.php +++ b/includes/specials/SpecialUndelete.php @@ -1015,7 +1015,7 @@ class SpecialUndelete extends SpecialPage { } $out->wrapWikiMsg( "
\n$1\n
\n", - array( 'undeletepagetitle', $this->mTargetObj->getPrefixedText() ) + array( 'undeletepagetitle', wfEscapeWikiText( $this->mTargetObj->getPrefixedText() ) ) ); $archive = new PageArchive( $this->mTargetObj ); -- 2.20.1