self::formatBlockFlags( $params[2], is_null( $skin ) ) : '';
// Page protections
} else if ( $type == 'protect' && count($params) == 3 ) {
- $details .= " {$params[1]}"; // restrictions and expiries
if( $params[2] ) {
if ( $skin ) {
+ $details .= htmlspecialchars( " {$params[1]}" ); // restrictions and expiries
$details .= ' ['.wfMsg('protect-summary-cascade').']';
} else {
+ $details .= " {$params[1]}";
$details .= ' ['.wfMsgForContent('protect-summary-cascade').']';
}
}
$details .= ': '.RevisionDeleter::getLogMessage( $count, $nfield, $ofield, true );
}
if ( $skin ) {
- $rv = wfMsgHtml( $wgLogActions[$key], $params ) . $details;
+ $rv = htmlspecialchars( wfMsg( $wgLogActions[$key], $params ) ) . $details;
} else {
$rv = wfMsgExt( $wgLogActions[$key], array( 'parsemag', 'escape', 'replaceafter', 'content' ), $params ) . $details;
}
$sk = $wgUser->getSkin();
if( 0 == $id ) {
- $user = $nt->getText();
+ $user = htmlspecialchars( $nt->getText() );
} else {
$user = $sk->link( $nt, htmlspecialchars( $nt->getText() ) );
}
$sk = $wgUser->getSkin();
if ( 0 == $id ) {
- $user = $nt->getText();
+ $user = htmlspecialchars( $nt->getText() );
} else {
$user = $sk->link( $nt, htmlspecialchars( $nt->getText() ) );
}
$ret .= "\t<td style='vertical-align:top;'>\n";
foreach( $column as $group => $checkbox ) {
$attr = $checkbox['disabled'] ? array( 'disabled' => 'disabled' ) : array();
- $text = $checkbox['irreversible']
- ? wfMsgHtml( 'userrights-irreversible-marker', User::getGroupMember( $group ) )
- : User::getGroupMember( $group );
+
+ if ( $checkbox['irreversible'] ) {
+ $text = htmlspecialchars( wfMsg( 'userrights-irreversible-marker',
+ User::getGroupMember( $group ) ) );
+ } else {
+ $text = htmlspecialchars( User::getGroupMember( $group ) );
+ }
$checkboxHtml = Xml::checkLabel( $text, "wpGroup-" . $group,
"wpGroup-" . $group, $checkbox['set'], $attr );
$ret .= "\t\t" . ( $checkbox['disabled']