dépôts / lhc / web / wiklou.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: bf3cb61)
Add some escaping to r109547, 109548, 109549
authorSam Reed <reedy@users.mediawiki.org>
Thu, 19 Jan 2012 16:55:42 +0000 (16:55 +0000)
committerSam Reed <reedy@users.mediawiki.org>
Thu, 19 Jan 2012 16:55:42 +0000 (16:55 +0000)
Improve RELEASE-NOTES-1.19 also

RELEASE-NOTES-1.19 patch | blob | history
includes/ImageGallery.php patch | blob | history
includes/media/Generic.php patch | blob | history
includes/specials/SpecialMIMEsearch.php patch | blob | history

diff --git a/RELEASE-NOTES-1.19 b/RELEASE-NOTES-1.19
index 740857f..a12e656 100644 (file)
--- a/RELEASE-NOTES-1.19
+++ b/RELEASE-NOTES-1.19
@@ -227,8 +227,8 @@ production.
 * (bug 25800) mw.config wgAction should contain the actually performed action instead
   of whatever the query value contains.
 * (bug 4438) Add CSS hook for current WikiPage action.
-* (bug 33703) Common border-bottom color for <abbr> should inherit default (text) color
-* (bug 33819) Display filesize on Special:NewFiles in appropriate unit.
+* (bug 33703) Common border-bottom color for <abbr> should inherit default (text) color.
+* (bug 33819) Display file sizes in appropriate units.
 
 === API changes in 1.19 ===
 * Made action=edit less likely to return "unknownerror", by returning the actual error
diff --git a/includes/ImageGallery.php b/includes/ImageGallery.php
index 68a5a20..1106124 100644 (file)
--- a/includes/ImageGallery.php
+++ b/includes/ImageGallery.php
@@ -314,7 +314,7 @@ class ImageGallery {
 
                        if( $this->mShowBytes ) {
                                if( $img ) {
-                                       $fileSize = $wgLang->formatSize( $img->getSize() );
+                                       $fileSize = htmlspecialchars( $wgLang->formatSize( $img->getSize() ) );
                                } else {
                                        $fileSize = wfMsgHtml( 'filemissing' );
                                }
diff --git a/includes/media/Generic.php b/includes/media/Generic.php
index d87c1cf..c241cbe 100644 (file)
--- a/includes/media/Generic.php
+++ b/includes/media/Generic.php
@@ -405,7 +405,7 @@ abstract class MediaHandler {
         */
        function getShortDesc( $file ) {
                global $wgLang;
-               return $wgLang->formatSize( $file->getSize() );
+               return htmlspecialchars( $wgLang->formatSize( $file->getSize() ) );
        }
 
        /**
@@ -414,7 +414,7 @@ abstract class MediaHandler {
         */
        function getLongDesc( $file ) {
                global $wgLang;
-               return wfMessage( 'file-info', $wgLang->formatSize( $file->getSize() ),
+               return wfMessage( 'file-info', htmlspecialchars( $wgLang->formatSize( $file->getSize() ) ),
                        $file->getMimeType() )->parse();
        }
 
@@ -710,7 +710,7 @@ abstract class ImageHandler extends MediaHandler {
         */
        function getShortDesc( $file ) {
                global $wgLang;
-               $nbytes = $wgLang->formatSize( $file->getSize() );
+               $nbytes = htmlspecialchars( $wgLang->formatSize( $file->getSize() ) );
                $widthheight = wfMessage( 'widthheight' )->numParams( $file->getWidth(), $file->getHeight() )->escaped();
 
                return "$widthheight ($nbytes)";
@@ -723,13 +723,14 @@ abstract class ImageHandler extends MediaHandler {
        function getLongDesc( $file ) {
                global $wgLang;
                $pages = $file->pageCount();
+               $size = htmlspecialchars( $wgLang->formatSize( $file->getSize() ) );
                if ( $pages === false || $pages <= 1 ) {
                        $msg = wfMessage( 'file-info-size' )->numParams( $file->getWidth(),
-                               $file->getHeight() )->params( $wgLang->formatSize( $file->getSize() ),
+                               $file->getHeight() )->params( $size,
                                $file->getMimeType() )->parse();
                } else {
                        $msg = wfMessage( 'file-info-size-pages' )->numParams( $file->getWidth(),
-                               $file->getHeight() )->params( $wgLang->formatSize( $file->getSize() ),
+                               $file->getHeight() )->params( $size,
                                $file->getMimeType() )->numParams( $pages )->parse();
                }
                return $msg;
diff --git a/includes/specials/SpecialMIMEsearch.php b/includes/specials/SpecialMIMEsearch.php
index 85f1a2e..adf2768 100644 (file)
--- a/includes/specials/SpecialMIMEsearch.php
+++ b/includes/specials/SpecialMIMEsearch.php
@@ -95,7 +95,7 @@ class MIMEsearchPage extends QueryPage {
 
                $download = Linker::makeMediaLinkObj( $nt, wfMsgHtml( 'download' ) );
                $lang = $this->getLanguage();
-               $bytes = $fileSize = $lang->formatSize( $result->img_size );
+               $bytes =  htmlspecialchars( $lang->formatSize( $result->img_size ) );
                $dimensions = htmlspecialchars( wfMsg( 'widthheight',
                        $lang->formatNum( $result->img_width ),
                        $lang->formatNum( $result->img_height )
Wiklou, le Wiki du Wiklou