* (bug 1956) Hide bot uploads from Special:Newimages
* (bug 3216) Don't show empty warning page when no warnings.
* (bug 3218) Use proper quoting on history Compare Revisions button
+* (bug 3220) Fix escaping of block URLs in Recentchanges
=== Caveats ===
$rc_user_text, 'target=' . $rc_user_text );
} else {
$userPage =& Title::makeTitle( NS_USER, $rc_user_text );
- $userLink = $this->skin->makeLinkObj( $userPage, $rc_user_text );
+ $userLink = $this->skin->makeLinkObj( $userPage, htmlspecialchars( $rc_user_text ) );
}
$s .= $userLink;
$userTalkLink = '';
} else {
$userTalkPage =& Title::makeTitle( NS_USER_TALK, $rc_user_text );
- $userTalkLink= $this->skin->makeLinkObj( $userTalkPage, $talkname );
+ $userTalkLink= $this->skin->makeLinkObj( $userTalkPage, htmlspecialchars( $talkname ) );
}
# Block link
$blockLink='';
if ( ( $wgSysopUserBans || 0 == $rc_user ) && $wgUser->isAllowed('block') ) {
$blockLinkPage = Title::makeTitle( NS_SPECIAL, 'Blockip' );
$blockLink = $this->skin->makeKnownLinkObj( $blockLinkPage,
- $message['blocklink'], 'ip='.$rc_user_text );
+ htmlspecialchars( $message['blocklink'] ), 'ip=' . urlencode( $rc_user_text ) );
}
if($blockLink) {