From: Brion Vibber <brion@users.mediawiki.org>
Date: Sun, 19 Jun 2005 20:25:32 +0000 (+0000)
Subject: * (bug 2459) Correct escaping in Special:Log prev/next links
X-Git-Tag: 1.5.0beta1~135
X-Git-Url: http://git.cyclocoop.org//%22%22.str_replace%28%27%22%27%2C?a=commitdiff_plain;h=31c5c4fd47cc2ad5a4c76399ba8cb985ee1427aa;p=lhc%2Fweb%2Fwiklou.git

* (bug 2459) Correct escaping in Special:Log prev/next links
---

diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index 0ac6e60e1d..f8dbd460d0 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -306,7 +306,7 @@ Various bugfixes, small features, and a few experimental things:
 * 'developer' group deprecated by default
 * Special:Upload now uses 'upload' permission instead of hardcoding login check
 * Add 'importupload' permission to disable direct uploads to Special:Import
-
+* (bug 2459) Correct escaping in Special:Log prev/next links
 
 === Caveats ===
 
diff --git a/includes/SpecialLog.php b/includes/SpecialLog.php
index bfaee33ec1..244aa197ad 100644
--- a/includes/SpecialLog.php
+++ b/includes/SpecialLog.php
@@ -396,9 +396,9 @@ class LogViewer {
 	function showPrevNext( &$out ) {
 		global $wgContLang,$wgRequest;
 		$pieces = array();
-		$pieces[] = 'type=' . htmlspecialchars( $this->reader->queryType() );
-		$pieces[] = 'user=' . htmlspecialchars( $this->reader->queryUser() );
-		$pieces[] = 'page=' . htmlspecialchars( $this->reader->queryTitle() );
+		$pieces[] = 'type=' . urlencode( $this->reader->queryType() );
+		$pieces[] = 'user=' . urlencode( $this->reader->queryUser() );
+		$pieces[] = 'page=' . urlencode( $this->reader->queryTitle() );
 		$bits = implode( '&', $pieces );
 		list( $limit, $offset ) = $wgRequest->getLimitOffset();