* @param $title Title object of the image that is added to the gallery
* @param $html String: Additional HTML text to be shown. The name and size of the image are always shown.
* @param $alt String: Alt text for the image
+ * @param $link String: Override image link (optional)
*/
- function add( $title, $html = '', $alt = '' ) {
+ function add( $title, $html = '', $alt = '', $link = '') {
if ( $title instanceof File ) {
// Old calling convention
$title = $title->getTitle();
}
- $this->mImages[] = array( $title, $html, $alt );
+ $this->mImages[] = array( $title, $html, $alt, $link );
wfDebug( 'ImageGallery::add ' . $title->getText() . "\n" );
}
/**
- * Add an image at the beginning of the gallery.
- *
- * @param $title Title object of the image that is added to the gallery
- * @param $html String: Additional HTML text to be shown. The name and size of the image are always shown.
- * @param $alt String: Alt text for the image
- */
+ * Add an image at the beginning of the gallery.
+ *
+ * @param $title Title object of the image that is added to the gallery
+ * @param $html String: Additional HTML text to be shown. The name and size of the image are always shown.
+ * @param $alt String: Alt text for the image
+ */
function insert( $title, $html = '', $alt = '' ) {
if ( $title instanceof File ) {
// Old calling convention
$nt = $pair[0];
$text = $pair[1]; # "text" means "caption" here
$alt = $pair[2];
+ $link = $pair[3];
$descQuery = false;
if ( $nt->getNamespace() == NS_FILE ) {
'desc-link' => true,
'desc-query' => $descQuery,
'alt' => $alt,
+ 'custom-url-link' => $link
);
# In the absence of both alt text and caption, fall back on providing screen readers with the filename as alt text
if ( $alt == '' && $text == '' ) {
. '<div style="width: ' . ( $this->mWidths + self::THUMB_PADDING + self::GB_PADDING ) . 'px">'
. $thumbhtml
. "\n\t\t\t" . '<div class="gallerytext">' . "\n"
- . $textlink . $text . $fileSize
+ . $textlink . $text . $fileSize
. "\n\t\t\t</div>"
- . "\n\t\t</div></li>";
+ . "\n\t\t</div></li>";
}
$output .= "\n</ul>";
*/
public function getContextTitle() {
return is_object( $this->contextTitle ) && $this->contextTitle instanceof Title
- ? $this->contextTitle
- : false;
+ ? $this->contextTitle
+ : false;
}
} //class
$label = '';
$alt = '';
+ $link = '';
if ( isset( $matches[3] ) ) {
// look for an |alt= definition while trying not to break existing
// captions with multiple pipes (|) in it, until a more sensible grammar
// is defined for images in galleries
$matches[3] = $this->recursiveTagParse( trim( $matches[3] ) );
- $altmatches = StringUtils::explode('|', $matches[3]);
+ $parameterMatches = StringUtils::explode('|', $matches[3]);
$magicWordAlt = MagicWord::get( 'img_alt' );
+ $magicWordLink = MagicWord::get( 'img_link' );
- foreach ( $altmatches as $altmatch ) {
- $match = $magicWordAlt->matchVariableStartToEnd( $altmatch );
- if ( $match ) {
+ foreach ( $parameterMatches as $parameterMatch ) {
+ if ( $match = $magicWordAlt->matchVariableStartToEnd( $parameterMatch ) ) {
$alt = $this->stripAltText( $match, false );
}
+ elseif( $match = $magicWordLink->matchVariableStartToEnd( $parameterMatch ) ){
+ $link = strip_tags($this->replaceLinkHoldersText($match));
+ $chars = self::EXT_LINK_URL_CLASS;
+ $prots = $this->mUrlProtocols;
+ //check to see if link matches an absolute url, if not then it must be a wiki link.
+ if(!preg_match( "/^($prots)$chars+$/u", $link)){
+ $localLinkTitle = Title::newFromText($link);
+ $link = $localLinkTitle->getLocalURL();
+ }
+ }
else {
// concatenate all other pipes
- $label .= '|' . $altmatch;
+ $label .= '|' . $parameterMatch;
}
}
// remove the first pipe
$label = substr( $label, 1 );
}
- $ig->add( $title, $label, $alt );
+ $ig->add( $title, $label, $alt ,$link);
}
return $ig->toHTML();
}
!! end
+!!test
+Gallery override link with WikiLink (bug 34852)
+!! input
+<gallery>
+File:foobar.jpg|caption|alt=galleryalt|link=InterWikiLink
+</gallery>
+!! result
+<ul class="gallery">
+ <li class="gallerybox" style="width: 155px"><div style="width: 155px">
+ <div class="thumb" style="width: 150px;"><div style="margin:68px auto;"><a href="/wiki/InterWikiLink"><img alt="galleryalt" src="http://example.com/images/3/3a/Foobar.jpg" width="120" height="14" /></a></div></div>
+ <div class="gallerytext">
+<p>caption
+</p>
+ </div>
+ </div></li>
+</ul>
+
+!! end
+
+!!test
+Gallery override link with absolute external link (bug 34852)
+!! input
+<gallery>
+File:foobar.jpg|caption|alt=galleryalt|link=http://www.example.org
+</gallery>
+!! result
+<ul class="gallery">
+ <li class="gallerybox" style="width: 155px"><div style="width: 155px">
+ <div class="thumb" style="width: 150px;"><div style="margin:68px auto;"><a href="http://www.example.org"><img alt="galleryalt" src="http://example.com/images/3/3a/Foobar.jpg" width="120" height="14" /></a></div></div>
+ <div class="gallerytext">
+<p>caption
+</p>
+ </div>
+ </div></li>
+</ul>
+
+!! end
+
+!!test
+Gallery override link with malicious javascript (bug 34852)
+!! input
+<gallery>
+File:foobar.jpg|caption|alt=galleryalt|link=" onclick="alert('malicious javascript code!');
+</gallery>
+!! result
+<ul class="gallery">
+ <li class="gallerybox" style="width: 155px"><div style="width: 155px">
+ <div class="thumb" style="width: 150px;"><div style="margin:68px auto;"><a href="/wiki/%22_onclick%3D%22alert(%27malicious_javascript_code!%27);"><img alt="galleryalt" src="http://example.com/images/3/3a/Foobar.jpg" width="120" height="14" /></a></div></div>
+ <div class="gallerytext">
+<p>caption
+</p>
+ </div>
+ </div></li>
+</ul>
+
+!! end
+
TODO:
more images
more tables