From ade27ecba307a72e822e72e200f3b333904af81c Mon Sep 17 00:00:00 2001 From: "C. Scott Ananian" Date: Wed, 17 Oct 2018 10:28:05 -0400 Subject: [PATCH] Use OutputPage::wrapWikiTextAsInterface() to add safe
wrappers This ensures that broken messages can't break the
wrapper and that the output is tidy. Bug: T205624 Change-Id: I2511adf593a13528e205a82d9fcdc8a524d0a95f --- includes/EditPage.php | 10 +++------- includes/FileDeleteForm.php | 5 +++-- includes/page/Article.php | 7 ++++--- includes/page/ImagePage.php | 16 ++++++---------- includes/specials/SpecialEditTags.php | 4 ++-- includes/specials/SpecialImport.php | 5 +++-- includes/specials/SpecialRevisiondelete.php | 7 +++---- includes/specials/SpecialSpecialpages.php | 7 +++---- includes/specials/SpecialTags.php | 12 ++++-------- includes/specials/SpecialUndelete.php | 9 ++++++--- includes/specials/SpecialUserrights.php | 2 +- 11 files changed, 38 insertions(+), 46 deletions(-) diff --git a/includes/EditPage.php b/includes/EditPage.php index 03b7b45b88..90db70f3be 100644 --- a/includes/EditPage.php +++ b/includes/EditPage.php @@ -1640,11 +1640,7 @@ class EditPage { case self::AS_CANNOT_USE_CUSTOM_MODEL: case self::AS_PARSE_ERROR: case self::AS_UNICODE_NOT_SUPPORTED: - $out->addWikiTextAsInterface( - '
' . "\n" . - $status->getWikiText() . - '
' - ); + $out->wrapWikiTextAsInterface( 'error', $status->getWikiText() ); return true; case self::AS_SUCCESS_NEW_ARTICLE: @@ -2995,7 +2991,7 @@ ERROR; $this->contentFormat, $ex->getMessage() ); - $out->addWikiTextAsInterface( '
' . $msg->plain() . '
' ); + $out->wrapWikiTextAsInterface( 'error', $msg->plain() ); } } @@ -3470,7 +3466,7 @@ ERROR; $this->contentFormat, $ex->getMessage() ); - $out->addWikiTextAsInterface( '
' . $msg->plain() . '
' ); + $out->wrapWikiTextAsInterface( 'error', $msg->plain() ); } } } diff --git a/includes/FileDeleteForm.php b/includes/FileDeleteForm.php index f23d6ec0fb..3e0595ebe4 100644 --- a/includes/FileDeleteForm.php +++ b/includes/FileDeleteForm.php @@ -120,9 +120,10 @@ class FileDeleteForm { if ( !$status->isGood() ) { $wgOut->addHTML( '

' . $this->prepareMessage( 'filedeleteerror-short' ) . "

\n" ); - $wgOut->addWikiTextAsInterface( '
' . + $wgOut->wrapWikiTextAsInterface( + 'error', $status->getWikiText( 'filedeleteerror-short', 'filedeleteerror-long' ) - . '
' ); + ); } if ( $status->isOK() ) { $wgOut->setPageTitle( wfMessage( 'actioncomplete' ) ); diff --git a/includes/page/Article.php b/includes/page/Article.php index 8bc8d1e0e7..e18f524521 100644 --- a/includes/page/Article.php +++ b/includes/page/Article.php @@ -792,7 +792,7 @@ class Article implements Page { $outputPage->setRobotPolicy( 'noindex,nofollow' ); $errortext = $error->getWikiText( false, 'view-pool-error' ); - $outputPage->addWikiTextAsInterface( Html::errorBox( $errortext ) ); + $outputPage->wrapWikiTextAsInterface( 'errorbox', $errortext ); } # Connection or timeout error return; @@ -2087,8 +2087,9 @@ class Article implements Page { ); if ( $error == '' ) { - $outputPage->addWikiTextAsInterface( - "
\n" . $status->getWikiText() . "\n
" + $outputPage->wrapWikiTextAsInterface( + 'error mw-error-cannotdelete', + $status->getWikiText() ); $deleteLogPage = new LogPage( 'delete' ); $outputPage->addHTML( Xml::element( 'h2', null, $deleteLogPage->getName()->text() ) ); diff --git a/includes/page/ImagePage.php b/includes/page/ImagePage.php index 248938648a..5382c55323 100644 --- a/includes/page/ImagePage.php +++ b/includes/page/ImagePage.php @@ -542,16 +542,15 @@ class ImagePage extends Article { // to the filename, because it can get copied with it. // See T27277. // phpcs:disable Generic.Files.LineLength - $out->addWikiTextAsInterface( <<{$medialink} $dirmark$longDesc
-
$warning
+ $out->wrapWikiTextAsInterface( 'fullMedia', <<{$medialink} $dirmark$longDesc EOT ); // phpcs:enable + $out->wrapWikiTextAsInterface( 'mediaWarning', $warning ); } else { - $out->addWikiTextAsInterface( <<{$medialink} {$dirmark}$longDesc -
+ $out->wrapWikiTextAsInterface( 'fullMedia', <<$longDesc EOT ); } @@ -574,10 +573,7 @@ EOT 'file-no-thumb-animation' )->plain(); - $out->addWikiTextAsInterface( <<{$noAnimMesg} -EOT - ); + $out->wrapWikiTextAsInterface( 'mw-noanimatethumb', $noAnimMesg ); } if ( !$this->displayImg->isLocal() ) { diff --git a/includes/specials/SpecialEditTags.php b/includes/specials/SpecialEditTags.php index c5914bae2f..6198a8455b 100644 --- a/includes/specials/SpecialEditTags.php +++ b/includes/specials/SpecialEditTags.php @@ -454,8 +454,8 @@ class SpecialEditTags extends UnlistedSpecialPage { */ protected function failure( $status ) { $this->getOutput()->setPageTitle( $this->msg( 'actionfailed' ) ); - $this->getOutput()->addWikiTextAsInterface( - Html::errorBox( $status->getWikiText( 'tags-edit-failure' ) ) + $this->getOutput()->wrapWikiTextAsInterface( + 'errorbox', $status->getWikiText( 'tags-edit-failure' ) ); $this->showForm(); } diff --git a/includes/specials/SpecialImport.php b/includes/specials/SpecialImport.php index 12b8d50f70..839a9bc487 100644 --- a/includes/specials/SpecialImport.php +++ b/includes/specials/SpecialImport.php @@ -179,8 +179,9 @@ class SpecialImport extends SpecialPage { $out = $this->getOutput(); if ( !$source->isGood() ) { - $out->addWikiTextAsInterface( "
\n" . - $this->msg( 'importfailed', $source->getWikiText() )->parse() . "\n
" ); + $out->wrapWikiTextAsInterface( 'error', + $this->msg( 'importfailed', $source->getWikiText() )->plain() + ); } else { $importer = new WikiImporter( $source->value, $this->getConfig() ); if ( !is_null( $this->namespace ) ) { diff --git a/includes/specials/SpecialRevisiondelete.php b/includes/specials/SpecialRevisiondelete.php index dba4fb8866..7661f28694 100644 --- a/includes/specials/SpecialRevisiondelete.php +++ b/includes/specials/SpecialRevisiondelete.php @@ -641,10 +641,9 @@ class SpecialRevisionDelete extends UnlistedSpecialPage { protected function failure( $status ) { // Messages: revdelete-failure, logdelete-failure $this->getOutput()->setPageTitle( $this->msg( 'actionfailed' ) ); - $this->getOutput()->addWikiTextAsInterface( - Html::errorBox( - $status->getWikiText( $this->typeLabels['failure'] ) - ) + $this->getOutput()->wrapWikiTextAsInterface( + 'errorbox', + $status->getWikiText( $this->typeLabels['failure'] ) ); $this->showForm(); } diff --git a/includes/specials/SpecialSpecialpages.php b/includes/specials/SpecialSpecialpages.php index 6bb0a1c077..585a7cd35f 100644 --- a/includes/specials/SpecialSpecialpages.php +++ b/includes/specials/SpecialSpecialpages.php @@ -151,10 +151,9 @@ class SpecialSpecialpages extends UnlistedSpecialPage { $out->wrapWikiMsg( "

$1

", 'specialpages-note-top' ); - $out->addWikiTextAsInterface( - "
\n" . - implode( "\n", $notes ) . - "\n
" + $out->wrapWikiTextAsInterface( + 'mw-specialpages-notes', + implode( "\n", $notes ) ); } } diff --git a/includes/specials/SpecialTags.php b/includes/specials/SpecialTags.php index 9a9f4f2fef..ca8ce89804 100644 --- a/includes/specials/SpecialTags.php +++ b/includes/specials/SpecialTags.php @@ -321,8 +321,7 @@ class SpecialTags extends SpecialPage { $out->addBacklinkSubtitle( $this->getPageTitle() ); return true; } else { - $out->addWikiTextAsInterface( "
\n" . $status->getWikiText() . - "\n
" ); + $out->wrapWikiTextAsInterface( 'error', $status->getWikiText() ); return false; } } @@ -340,8 +339,7 @@ class SpecialTags extends SpecialPage { // is the tag actually able to be deleted? $canDeleteResult = ChangeTags::canDeleteTag( $tag, $user ); if ( !$canDeleteResult->isGood() ) { - $out->addWikiTextAsInterface( "
\n" . $canDeleteResult->getWikiText() . - "\n
" ); + $out->wrapWikiTextAsInterface( 'error', $canDeleteResult->getWikiText() ); if ( !$canDeleteResult->isOK() ) { return; } @@ -402,8 +400,7 @@ class SpecialTags extends SpecialPage { $func = $activate ? 'canActivateTag' : 'canDeactivateTag'; $result = ChangeTags::$func( $tag, $user ); if ( !$result->isGood() ) { - $out->addWikiTextAsInterface( "
\n" . $result->getWikiText() . - "\n
" ); + $out->wrapWikiTextAsInterface( 'error', $result->getWikiText() ); if ( !$result->isOK() ) { return; } @@ -455,8 +452,7 @@ class SpecialTags extends SpecialPage { $out->addReturnTo( $this->getPageTitle() ); return true; } else { - $out->addWikiTextAsInterface( "
\n" . $status->getWikitext() . - "\n
" ); + $out->wrapWikiTextAsInterface( 'error', $status->getWikitext() ); return false; } } diff --git a/includes/specials/SpecialUndelete.php b/includes/specials/SpecialUndelete.php index be3433f23b..a93dec0313 100644 --- a/includes/specials/SpecialUndelete.php +++ b/includes/specials/SpecialUndelete.php @@ -1177,7 +1177,9 @@ class SpecialUndelete extends SpecialPage { // Show revision undeletion warnings and errors $status = $archive->getRevisionStatus(); if ( $status && !$status->isGood() ) { - $out->addWikiTextAsInterface( '
' . + $out->wrapWikiTextAsInterface( + 'error', + '
' . $status->getWikiText( 'cannotundelete', 'cannotundelete' @@ -1188,11 +1190,12 @@ class SpecialUndelete extends SpecialPage { // Show file undeletion warnings and errors $status = $archive->getFileStatus(); if ( $status && !$status->isGood() ) { - $out->addWikiTextAsInterface( '
' . + $out->wrapWikiTextAsInterface( + 'error', $status->getWikiText( 'undelete-error-short', 'undelete-error-long' - ) . '
' + ) ); } } diff --git a/includes/specials/SpecialUserrights.php b/includes/specials/SpecialUserrights.php index 60f98f1bda..f63c884b27 100644 --- a/includes/specials/SpecialUserrights.php +++ b/includes/specials/SpecialUserrights.php @@ -189,7 +189,7 @@ class UserrightsPage extends SpecialPage { return; } else { // Print an error message and redisplay the form - $out->addWikiTextAsInterface( '
' . $status->getWikiText() . '
' ); + $out->wrapWikiTextAsInterface( 'error', $status->getWikiText() ); } } } -- 2.20.1