From: Ævar Arnfjörð Bjarmason <avar@users.mediawiki.org>
Date: Sun, 15 May 2005 17:03:55 +0000 (+0000)
Subject: * & is invalid when it's unespecad inside attributes, please make sure your
X-Git-Tag: 1.5.0alpha2~173
X-Git-Url: http://git.cyclocoop.org/%7B%24admin_url%7Dcompta/comptes/journal.php?a=commitdiff_plain;h=8ef2eb8092b1435a81153a14ddfb16151d092ae2;p=lhc%2Fweb%2Fwiklou.git

* & is invalid when it's unespecad inside attributes, please make sure your
  output matches the XML specification.
* Don't use $x = wfMsg( 'foo' ); $x = str_replace( '$1', 'bar', $x ) when you
  can use $x = wfMsg( 'foo', 'bar' );
---

diff --git a/includes/SpecialValidate.php b/includes/SpecialValidate.php
index b73ae6438b..e78be0fdfa 100644
--- a/includes/SpecialValidate.php
+++ b/includes/SpecialValidate.php
@@ -200,14 +200,9 @@ class Validation {
 	
 	# This function returns a link text to the page validation statistics
 	function link2statistics ( &$article ) {
-		$ret = wfMsg ( 'val_rev_stats_link' ) ;
-		$nt = $article->getTitle() ;
-		$ret = str_replace ( "$1" , $nt->getPrefixedText() , $ret ) ;
-
-		$url = $nt->getLocalURL ( "action=validate&mode=list" ) ;
-		$ret = str_replace ( "$2" , $url , $ret ) ;
-
-		return $ret ;
+		$nt = $article->getTitle();
+		$url = htmlspecialchars( $nt->getLocalURL( 'action=validate&mode=list' ) );
+		return wfMsg ( 'val_rev_stats_link', $nt->getPrefixedText(), $url );
 	}
 
 	# Returns the timestamp of a revision based on the revision number