Escape sidebar ID's. Bug 18688

author Leo Koppelkamm <diebuche@users.mediawiki.org>

Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)

committer Leo Koppelkamm <diebuche@users.mediawiki.org>

Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)
author Leo Koppelkamm <diebuche@users.mediawiki.org>
Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)
committer Leo Koppelkamm <diebuche@users.mediawiki.org>
Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)
diff --git a/includes/Skin.php b/includes/Skin.php

index d571350..2f2cc5c 100644 (file)
--- a/includes/Skin.php
+++ b/includes/Skin.php
@@ -1330,7 +1330,7 @@ abstract class Skin {
                                         $bar[$heading][] = array_merge( array(
                                                 'text' => $text,
                                                 'href' => $href,
-                                               'id' => 'n-' . strtr( $line[1], ' ', '-' ),
+                                               'id' => 'n-' . Sanitizer::escapeId( strtr( $line[1], ' ', '-' ) ),
                                                 'active' => false
                                         ), $extraAttribs );
                                 } elseif ( ( substr( $line, 0, 2 ) == '{{' ) && ( substr( $line, -2 ) == '}}' ) ) {
author	Leo Koppelkamm <diebuche@users.mediawiki.org>
	Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)
committer	Leo Koppelkamm <diebuche@users.mediawiki.org>
	Sun, 10 Jul 2011 14:56:55 +0000 (14:56 +0000)