* Convert a DB-encoded expiry into a real string that humans can read.
*
* @param $encoded_expiry String: Database encoded expiry time
- * @return String
+ * @return Html-escaped String
*/
public static function formatExpiry( $encoded_expiry ) {
static $msg = null;
$expirystr = $msg['infiniteblock'];
} else {
global $wgLang;
- $expiretimestr = $wgLang->timeanddate( $expiry, true );
+ $expiretimestr = htmlspecialchars($wgLang->timeanddate( $expiry, true ));
$expirystr = wfMsgReplaceArgs( $msg['expiringblock'], array($expiretimestr) );
}
return $expirystr;
if( '' != $this->lastdate ) {
$s .= "</ul>\n";
}
- $s .=
'<h4>'.$date."</h4>\n<ul class=\"special\">";
+ $s .=
Xml::element( 'h4', null, $date ) . "\n<ul class=\"special\">";
$this->lastdate = $date;
$this->rclistOpen = true;
}
# Process current cache
$ret = $this->recentChangesBlock();
$this->rc_cache = array();
- $ret .= "<h4>{$date}</h4>\n";
+ $ret .= Xml::element( 'h4', null, $date );
$this->lastdate = $date;
}
#if ( "no" == $redirect ) { $q .= "&redirect=no"; }
$action = $wgTitle->escapeLocalURL( $q );
- $summary = wfMsg( 'summary' );
- $subject = wfMsg( 'subject' );
+ $summary = wfMsgExt( 'summary', 'parseinline' );
+ $subject = wfMsgExt( 'subject', 'parseinline' );
$cancel = $sk->makeKnownLink( $wgTitle->getPrefixedText(),
wfMsgExt('cancel', array('parseinline')) );
$editsummary = "<div class='editOptions'>\n";
global $wgParser;
$formattedSummary = wfMsgForContent( 'newsectionsummary', $wgParser->stripSectionName( $this->summary ) );
- $subjectpreview = $summarytext && $this->preview ? "<div class=\"mw-summary-preview\">". wfMsg('subject-preview') . $sk->commentBlock( $formattedSummary, $this->mTitle, true )."</div>\n" : '';
+ $subjectpreview = $summarytext && $this->preview ?
+ "<div class=\"mw-summary-preview\">". wfMsgExt('subject-preview', 'parseinline') . $sk->commentBlock( $formattedSummary, $this->mTitle, true )."</div>\n" : '';
$summarypreview = '';
} else {
$commentsubject = '';
$summarypreview =
Xml::tags( 'div',
array( 'class' => 'mw-summary-preview' ),
- wfMsg( 'summary-preview' ) .
+ wfMsgExt( 'summary-preview', 'parseinline' ) .
$sk->commentBlock( $this->summary, $this->mTitle )
);
}
}
if ( $sectionTitle ) {
$link = $this->link( $sectionTitle,
- wfMsgForContent( 'sectionlink' ), array(), array(),
+ htmlspecialchars( wfMsgForContent( 'sectionlink' ) ), array(), array(),
'noclasses' );
} else {
$link = '';
$revert = '<span class="mw-logevent-actionlink">' . $revert . '</span>';
}
+ $time = htmlspecialchars( $time );
+
return Xml::tags( 'li', array( "class" => implode( ' ', $classes ) ),
$del . $time . ' ' . $userLink . ' ' . $action . ' ' . $comment . ' ' . $revert . " $tagDisplay" ) . "\n";
}
}
if( isset( $wgLogActions[$key] ) ) {
if( is_null( $title ) ) {
- $rv = wfMsg( $wgLogActions[$key] );
+ $rv = wfMsgHtml( $wgLogActions[$key] );
} else {
$titleLink = self::getTitleLink( $type, $skin, $title, $params );
if( $key == 'rights/rights' ) {
}
if( count( $params ) == 0 ) {
if ( $skin ) {
- $rv = wfMsg( $wgLogActions[$key], $titleLink );
+ $rv = wfMsgHtml( $wgLogActions[$key], $titleLink );
} else {
- $rv = wfMsgForContent( $wgLogActions[$key], $titleLink );
+ $rv = wfMsgExt( $wgLogActions[$key], array( 'parsemag', 'escape', 'replaceafter', 'content' ), $titleLink );
}
} else {
$details = '';
$nfield = intval( substr( $params[3], 7 ) ); // <nfield=x>
$details .= ': '.RevisionDeleter::getLogMessage( $count, $nfield, $ofield, true );
}
- $rv = wfMsgReal( $wgLogActions[$key], $params, true, !$skin ) . $details;
+ if ( $skin ) {
+ $rv = wfMsgHtml( $wgLogActions[$key], $params ) . $details;
+ } else {
+ $rv = wfMsgExt( $wgLogActions[$key], array( 'parsemag', 'escape', 'replaceafter', 'content' ), $params ) . $details;
+ }
}
}
} else {
public function addReturnTo( $title ) {
global $wgUser;
$this->addLink( array( 'rel' => 'next', 'href' => $title->getFullUrl() ) );
- $link = wfMsg( 'returnto', $wgUser->getSkin()->link( $title ) );
+ $link = wfMsgHtml( 'returnto', $wgUser->getSkin()->link( $title ) );
$this->addHTML( "<p>{$link}</p>\n" );
}
function revLink( $rev ) {
global $wgLang;
$date = $wgLang->timeanddate( wfTimestamp(TS_MW, $rev->getTimestamp()), true );
+ $date = htmlspecialchars( $date );
if( !$rev->isDeleted( Revision::DELETED_TEXT ) ) {
$link = $this->mSkin->makeKnownLinkObj( $this->mTitle, $date, "oldid=" . $rev->getId() );
} else {
}
$nicenumber = $wgLang->formatNum( $this->mLimit );
$linkTexts = array(
- 'prev' => wfMsgExt( 'pager-newer-n', array( 'parsemag' ), $nicenumber ),
- 'next' => wfMsgExt( 'pager-older-n', array( 'parsemag' ), $nicenumber ),
+ 'prev' => wfMsgExt( 'pager-newer-n', array( 'parsemag', 'escape' ), $nicenumber ),
+ 'next' => wfMsgExt( 'pager-older-n', array( 'parsemag', 'escape' ), $nicenumber ),
'first' => wfMsgHtml( 'histlast' ),
'last' => wfMsgHtml( 'histfirst' )
);
'type' => 'info',
'label' => wfMsgExt( 'prefs-memberingroups', 'parseinline',
count($userEffectiveGroupsArray) ),
- 'default' => $wgLang->commaList( $userEffectiveGroupsArray ),
+ 'default' => htmlspecialchars( $wgLang->commaList( $userEffectiveGroupsArray ) ),
'raw' => true,
'section' => 'personal/info',
);
$time = $wgLang->timeAndDate( $user->getEmailAuthenticationTimestamp(), true );
$d = $wgLang->date( $user->getEmailAuthenticationTimestamp(), true );
$t = $wgLang->time( $user->getEmailAuthenticationTimestamp(), true );
- $emailauthenticated = wfMsg('emailauthenticated', $time, $d, $t ).'<br />';
+ $emailauthenticated = htmlspecialchars(wfMsg('emailauthenticated', $time, $d, $t )).'<br />';
$disableEmailPrefs = false;
} else {
$disableEmailPrefs = true;
global $wgUser; // wgUser is okay here, it's for display
$skin = $wgUser->getSkin();
- $emailauthenticated = wfMsg('emailnotauthenticated').'<br />' .
+ $emailauthenticated = wfMsgHtml('emailnotauthenticated').'<br />' .
$skin->makeKnownLinkObj( SpecialPage::getTitleFor( 'Confirmemail' ),
wfMsg( 'emailconfirmlink' ) ) . '<br />';
}
} else {
$disableEmailPrefs = true;
- $emailauthenticated = wfMsg( 'noemailprefs' );
+ $emailauthenticated = wfMsgHtml( 'noemailprefs' );
}
$defaultPreferences['emailauthentication'] =
array(
'type' => 'radio',
'options' =>
- array_flip( array_map( 'wfMsg', $wgLang->getMathNames() ) ),
+ array_flip( array_map( 'wfMsgHtml', $wgLang->getMathNames() ) ),
'label' => ' ',
'section' => 'rendering/math',
);
if (!$displayNs) $displayNs = wfMsg( 'blanknamespace' );
+ $displayNs = htmlspecialchars( $displayNs );
$nsOptions[$displayNs] = $ns;
}
$ret = array();
$mptitle = Title::newMainPage();
- $previewtext = wfMsg( 'skin-preview' );
+ $previewtext = wfMsgHtml( 'skin-preview' );
# Only show members of Skin::getSkinNames() rather than
# $skinNames (skins is all skin names from Language.php)
$validSkinNames = Skin::getUsableSkins();
$msgName = "skinname-{$skinkey}";
$localisedSkinName = wfMsg( $msgName );
if ( !wfEmptyMsg( $msgName, $localisedSkinName ) ) {
- $skinname = $localisedSkinName;
+ $skinname = htmlspecialchars($localisedSkinName);
}
}
asort($validSkinNames);
global $wgAllowUserCss, $wgAllowUserJs;
if( $wgAllowUserCss ) {
$cssPage = Title::makeTitleSafe( NS_USER, $user->getName().'/'.$skinkey.'.css' );
- $customCSS = $sk->link( $cssPage, wfMsgExt( 'prefs-custom-css', array() ) );
+ $customCSS = $sk->link( $cssPage, wfMsgHtml( 'prefs-custom-css' ) );
$extraLinks .= " ($customCSS)";
}
if( $wgAllowUserJs ) {
$extraLinks .= " ($customJS)";
}
if( $skinkey == $wgDefaultSkin )
- $sn .= ' (' . wfMsg( 'default' ) . ')';
+ $sn .= ' (' . wfMsgHtml( 'default' ) . ')';
$display = "$sn $previewlink{$extraLinks}";
$ret[$display] = $skinkey;
}
$epoch = '20010115161234'; # Wikipedia day
foreach( $dateopts as $key ) {
if( $key == 'default' ) {
- $formatted = wfMsg( 'datedefault' );
+ $formatted = wfMsgHtml( 'datedefault' );
} else {
- $formatted = $wgLang->timeanddate( $epoch, false, $key );
+ $formatted = htmlspecialchars($wgLang->timeanddate( $epoch, false, $key ));
}
$ret[$formatted] = $key;
}
$sk = $wgUser->getSkin();
$t = SpecialPage::getTitleFor( 'Preferences', 'reset' );
- $html .= "\n" . $sk->link( $t, wfMsg( 'restoreprefs' ) );
+ $html .= "\n" . $sk->link( $t, wfMsgHtml( 'restoreprefs' ) );
$html = Xml::tags( 'div', array( 'class' => 'mw-prefs-buttons' ), $html );
return wfSpecialList( $pageLink, $this->makeWlhLink( $title, $skin, $result ) );
} else {
$tsafe = htmlspecialchars( $result->title );
- return wfMsg( 'wantedpages-badtitle', $tsafe );
+ return wfMsgHtml( 'wantedpages-badtitle', $tsafe );
}
}
}
function historyLink() {
- return $this->link( $this->mTitle, wfMsg( 'history' ),
+ return $this->link( $this->mTitle, wfMsgHtml( 'history' ),
array( 'rel' => 'archives' ), array( 'action' => 'history' ) );
}
function whatLinksHere() {
return $this->makeKnownLinkObj(
SpecialPage::getTitleFor( 'Whatlinkshere', $this->mTitle->getPrefixedDBkey() ),
- wfMsg( 'whatlinkshere' ) );
+ wfMsgHtml( 'whatlinkshere' ) );
}
function userContribsLink() {
return $this->makeKnownLinkObj(
SpecialPage::getTitleFor( 'Contributions', $this->mTitle->getDBkey() ),
- wfMsg( 'contributions' ) );
+ wfMsgHtml( 'contributions' ) );
}
function showEmailUser( $id ) {
function localiseLineNumbersCb( $matches ) {
global $wgLang;
- return wfMsgExt( 'lineno', array (), $wgLang->formatNum( $matches[1] ) );
+ return wfMsgExt( 'lineno', 'escape', $wgLang->formatNum( $matches[1] ) );
}
$this->mNewPage = $this->mNewRev->getTitle();
if( $this->mNewRev->isCurrent() ) {
$newLink = $this->mNewPage->escapeLocalUrl( 'oldid=' . $this->mNewid );
- $this->mPagetitle = wfMsgHTML( 'currentrev-asof', $timestamp );
+ $this->mPagetitle = htmlspecialchars( wfMsg( 'currentrev-asof', $timestamp ) );
$newEdit = $this->mNewPage->escapeLocalUrl( 'action=edit' );
$this->mNewtitle = "<a href='$newLink'>{$this->mPagetitle}</a>";
} else {
$newLink = $this->mNewPage->escapeLocalUrl( 'oldid=' . $this->mNewid );
$newEdit = $this->mNewPage->escapeLocalUrl( 'action=edit&oldid=' . $this->mNewid );
- $this->mPagetitle = wfMsgHTML( 'revisionasof', $timestamp );
+ $this->mPagetitle = htmlspecialchars( wfMsg( 'revisionasof', $timestamp ) );
$this->mNewtitle = "<a href='$newLink'>{$this->mPagetitle}</a>";
$this->mNewtitle .= " (<a href='$newEdit'>" . wfMsgHtml( $editable ? 'editold' : 'viewsourceold' ) . "</a>)";
$d = $wgLang->timeanddate( wfTimestamp( TS_MW, $result->value ), true );
$title = Title::makeTitle( $result->namespace, $result->title );
$link = $skin->makeKnownLinkObj( $title, htmlspecialchars( $wgContLang->convert( $title->getPrefixedText() ) ) );
- return wfSpecialList($link, $d);
+ return wfSpecialList($link, htmlspecialchars($d) );
}
}
$comment = $wgContLang->getDirMark() . $sk->revComment( $rev, false, true );
$date = $wgLang->timeanddate( wfTimestamp( TS_MW, $row->rev_timestamp ), true );
- $d = $sk->makeKnownLinkObj( $page, $date, 'oldid='.intval($row->rev_id) );
+ $d = $sk->makeKnownLinkObj( $page, htmlspecialchars($date), 'oldid='.intval($row->rev_id) );
if( $this->target == 'newbies' ) {
$userlink = ' . . ' . $sk->userLink( $row->rev_user, $row->rev_user_text );
$limits = $wgLang->pipeList( $limitLinks );
$this->mNavigationBar = "(" . $wgLang->pipeList( array( $pagingLinks['first'], $pagingLinks['last'] ) ) . ") " .
- wfMsgExt( 'viewprevnext', array( 'parsemag' ), $pagingLinks['prev'], $pagingLinks['next'], $limits );
+ wfMsgExt( 'viewprevnext', array( 'parsemag', 'escape', 'replaceafter' ), $pagingLinks['prev'], $pagingLinks['next'], $limits );
return $this->mNavigationBar;
}
"&diff=prev" );
$comment = $sk->revComment( $rev );
- $d = $wgLang->timeanddate( $rev->getTimestamp(), true );
+ $d = htmlspecialchars( $wgLang->timeanddate( $rev->getTimestamp(), true ) );
if( $rev->isDeleted( Revision::DELETED_TEXT ) ) {
$d = '<span class="history-deleted">' . $d . '</span>';
$titleC = Title::makeTitle( $result->nsc, $result->tc );
$linkA = $skin->makeKnownLinkObj( $titleA, '', 'redirect=no' );
- $edit = $skin->makeBrokenLinkObj( $titleA, "(".wfMsg("qbedit").")" , 'redirect=no');
+ $edit = $skin->makeBrokenLinkObj( $titleA, "(".wfMsgHtml("qbedit").")" , 'redirect=no');
$linkB = $skin->makeKnownLinkObj( $titleB, '', 'redirect=no' );
$linkC = $skin->makeKnownLinkObj( $titleC );
$arr = $wgContLang->getArrow() . $wgContLang->getDirMark();
$plink = $skin->makeKnownLinkObj( $nt, $text );
- $nl = wfMsgExt( 'nrevisions', array( 'parsemag', 'escape'),
+ $nl = wfMsgExt( 'nrevisions', array( 'parsemag', 'escape' ),
$wgLang->formatNum( $result->value ) );
- $redirect = $result->redirect ? ' - ' . wfMsg( 'isredirect' ) : '';
+ $redirect = $result->redirect ? ' - ' . wfMsgHtml( 'isredirect' ) : '';
$nlink = $skin->makeKnownLinkObj( $nt, $nl, 'action=history' ) . $redirect;
if( is_null( $msg ) ) {
$msg = array();
$keys = array( 'infiniteblock', 'expiringblock', 'unblocklink', 'change-blocklink',
- 'anononlyblock', 'createaccountblock', 'noautoblockblock', 'emailblock', 'blocklist-nousertalk' );
+ 'anononlyblock', 'createaccountblock', 'noautoblockblock', 'emailblock', 'blocklist-nousertalk', 'blocklistline' );
foreach( $keys as $key ) {
$msg[$key] = wfMsgHtml( $key );
}
- $msg['blocklistline'] = wfMsg( 'blocklistline' );
}
# Prepare links to the blocker's user and talk pages
. $sk->userToolLinks( $block->mUser, $block->mAddress, false, Linker::TOOL_LINKS_NOBLOCK );
}
- $formattedTime = $wgLang->timeanddate( $block->mTimestamp, true );
+ $formattedTime = htmlspecialchars( $wgLang->timeanddate( $block->mTimestamp, true ) );
$properties = array();
$properties[] = Block::formatExpiry( $block->mExpiry );
# Create changeblocklink for all blocks with exception of autoblocks
if( !$block->mAuto ) {
- $changeblocklink = wfMsg( 'pipe-separator' ) .
+ $changeblocklink = wfMsgExt( 'pipe-separator', 'escapenoentities' ) .
$sk->link( SpecialPage::getTitleFor( 'Blockip', $block->mAddress ),
$msg['change-blocklink'],
array(), array(), 'known' );
$toolLinks = "($unblocklink$changeblocklink)";
}
- $comment = $sk->commentBlock( $block->mReason );
+ $comment = $sk->commentBlock( htmlspecialchars($block->mReason) );
$s = "{$line} $comment";
if ( $block->mHideName )
global $wgLang;
switch ( $field ) {
case 'img_timestamp':
- return $wgLang->timeanddate( $value, true );
+ return htmlspecialchars( $wgLang->timeanddate( $value, true ) );
case 'img_name':
static $imgfile = null;
if ( $imgfile === null ) $imgfile = wfMsg( 'imgfile' );
);
foreach( $wgGroupPermissions as $group => $permissions ) {
- $groupname = ( $group == '*' ) ? 'all' : htmlspecialchars( $group ); // Replace * with a more descriptive groupname
+ $groupname = ( $group == '*' ) ? 'all' : $group; // Replace * with a more descriptive groupname
$msg = wfMsg( 'group-' . $groupname );
if ( wfEmptyMsg( 'group-' . $groupname, $msg ) || $msg == '' ) {
if( $group == '*' ) {
// Do not make a link for the generic * group
- $grouppage = $groupnameLocalized;
+ $grouppage = htmlspecialchars($groupnameLocalized);
} else {
- $grouppage = $this->skin->makeLink( $grouppageLocalized, $groupnameLocalized );
+ $grouppage = $this->skin->makeLink( $grouppageLocalized, htmlspecialchars($groupnameLocalized) );
}
if ( $group === 'user' ) {
global $wgEdititis;
if ( $wgEdititis ) {
$editCount = $wgLang->formatNum( $row->edits );
- $edits = ' [' . wfMsgExt( 'usereditcount', 'parsemag', $editCount ) . ']';
+ $edits = ' [' . wfMsgExt( 'usereditcount', array( 'parsemag', 'escape' ), $editCount ) . ']';
} else {
$edits = '';
}
if( $row->creation ) {
$d = $wgLang->date( wfTimestamp( TS_MW, $row->creation ), true );
$t = $wgLang->time( wfTimestamp( TS_MW, $row->creation ), true );
- $created = ' (' . wfMsgHtml( 'usercreated', $d, $t ) . ')';
+ $created = ' (' . wfMsg( 'usercreated', $d, $t ) . ')';
+ $created = htmlspecialchars( $created );
}
wfRunHooks( 'SpecialListusersFormatRow', array( &$item, $row ) );
protected static function buildGroupLink( $group ) {
static $cache = array();
if( !isset( $cache[$group] ) )
- $cache[$group] = User::makeGroupLinkHtml( $group, User::getGroupMember( $group ) );
+ $cache[$group] = User::makeGroupLinkHtml( $group, htmlspecialchars( User::getGroupMember( $group ) ) );
return $cache[$group];
}
}
$nt = Title::newFromText( $name, NS_FILE );
$ul = $sk->link( Title::makeTitle( NS_USER, $ut ), $ut );
- $gallery->add( $nt, "$ul<br />\n<i>".$wgLang->timeanddate( $s->img_timestamp, true )."</i><br />\n" );
+ $gallery->add( $nt, "$ul<br />\n<i>".htmlspecialchars($wgLang->timeanddate( $s->img_timestamp, true ))."</i><br />\n" );
$timestamp = wfTimestamp( TS_MW, $s->img_timestamp );
if( empty( $firstTimestamp ) ) {
$now = wfTimestampNow();
$d = $wgLang->date( $now, true );
$t = $wgLang->time( $now, true );
- $dateLink = $sk->makeKnownLinkObj( $titleObj, wfMsgHtml( 'sp-newimages-showfrom', $d, $t ),
+ $dateLink = $sk->makeKnownLinkObj( $titleObj, htmlspecialchars( wfMsg( 'sp-newimages-showfrom', $d, $t ) ),
'from='.$now.$botpar.$searchpar );
$botLink = $sk->makeKnownLinkObj($titleObj, wfMsgHtml( 'showhidebots',
$dm = $wgContLang->getDirMark();
$title = Title::makeTitleSafe( $result->rc_namespace, $result->rc_title );
- $time = $wgLang->timeAndDate( $result->rc_timestamp, true );
+ $time = htmlspecialchars( $wgLang->timeAndDate( $result->rc_timestamp, true ) );
$query = $this->patrollable( $result ) ? "rcid={$result->rc_id}&redirect=no" : 'redirect=no';
$plink = $this->skin->makeKnownLinkObj( $title, '', $query );
$hist = $this->skin->makeKnownLinkObj( $title, wfMsgHtml( 'hist' ), 'action=history' );
$nsForm .
'</td>
<td id="mw-prefixindex-nav-form">' .
- $sk->makeKnownLinkObj( $self, wfMsg ( 'allpages' ) );
+ $sk->makeKnownLinkObj( $self, wfMsgHtml( 'allpages' ) );
if( isset( $res ) && $res && ( $n == $this->maxPerPage ) && ( $s = $res->fetchObject() ) ) {
$namespaceparam = $namespace ? "&namespace=$namespace" : "";
$expiry_description = wfMsg( 'protect-expiring' , $wgLang->timeanddate( $expiry ) ,
$wgLang->date( $expiry ) , $wgLang->time( $expiry ) );
- $description_items[] = $expiry_description;
+ $description_items[] = htmlspecialchars($expiry_description);
}
if(!is_null($size = $row->page_len)) {
$opts->consumeValues( array( 'showlinkedto', 'target' ) );
$extraOpts = array();
$extraOpts['namespace'] = $this->namespaceFilterForm( $opts );
- $extraOpts['target'] = array( wfMsg( 'recentchangeslinked-page' ),
+ $extraOpts['target'] = array( wfMsgHtml( 'recentchangeslinked-page' ),
Xml::input( 'target', 40, str_replace('_',' ',$opts['target']) ) .
Xml::check( 'showlinkedto', $opts['showlinkedto'], array('id' => 'showlinkedto') ) . ' ' .
Xml::label( wfMsg("recentchangeslinked-to"), 'showlinkedto' ) );
if ( $type != 'text' )
$out .= Xml::label( wfMsg( $label ), $name );
else
- $out .= wfMsg( $label );
+ $out .= wfMsgHtml( $label );
$out .= '</td>';
$out .= "<td class='mw-input'>";
$out .= $field;
private function logLine( $row ) {
global $wgLang;
- $date = $wgLang->timeanddate( $row->log_timestamp );
+ $date = htmlspecialchars( $wgLang->timeanddate( $row->log_timestamp ) );
$paramArray = LogPage::extractParams( $row->log_params );
$title = Title::makeTitle( $row->log_namespace, $row->log_title );
$targetPage,
wfMsgHtml(
'revisionasof',
- $wgLang->timeanddate( $rev->getTimestamp(), true )
+ htmlspecialchars( $wgLang->timeanddate( $rev->getTimestamp(), true ) )
),
array(),
$targetQuery
}
} else {
$checkBox = '';
- $pageLink = $wgLang->timeanddate( $ts, true );
+ $pageLink = htmlspecialchars( $wgLang->timeanddate( $ts, true ) );
$last = wfMsgHtml('diff');
}
$userLink = $sk->revUserTools( $rev );
function getPageLink( $rev, $titleObj, $ts, $sk ) {
global $wgLang;
+ $time = htmlspecialchars( $wgLang->timeanddate( $ts, true ) );
+
if( !$rev->userCan(Revision::DELETED_TEXT) ) {
- return '<span class="history-deleted">' . $wgLang->timeanddate( $ts, true ) . '</span>';
+ return '<span class="history-deleted">' . $time . '</span>';
} else {
- $link = $sk->makeKnownLinkObj( $titleObj, $wgLang->timeanddate( $ts, true ),
+ $link = $sk->makeKnownLinkObj( $titleObj, $time,
"target=".$this->mTargetObj->getPrefixedUrl()."×tamp=$ts" );
if( $rev->isDeleted(Revision::DELETED_TEXT) )
$link = '<span class="history-deleted">' . $link . '</span>';
private static function buildGroupLink( $group ) {
static $cache = array();
if( !isset( $cache[$group] ) )
- $cache[$group] = User::makeGroupLinkHtml( $group, User::getGroupName( $group ) );
+ $cache[$group] = User::makeGroupLinkHtml( $group, htmlspecialchars( User::getGroupName( $group ) ) );
return $cache[$group];
}
dépôts / lhc / web / wiklou.git / commitdiff