$image=$wgUploadPath."/".$tool["image"];
$open=$tool["open"];
$close=$tool["close"];
- $sample=$tool["sample"];
+ $sample = addslashes( $tool["sample"] );
// Note that we use the tip both for the ALT tag and the TITLE tag of the image.
// Older browsers show a "speedtip" type message only for ALT.
// Ideally these should be different, realistically they
// probably don't need to be.
- $tip=$tool["tip"];
+ $tip = addslashes( $tool["tip"] );
$toolbar.="addButton('$image','$tip','$open','$close','$sample');\n";
}
- $toolbar.="addInfobox('".addslashes(wfMsg("infobox"))."');\n";
+ $toolbar.="addInfobox('" . addslashes( wfMsg( "infobox" ) ) . "');\n";
$toolbar.="document.writeln(\"</div>\");\n</script>";
return $toolbar;
}
&& (clientPC.indexOf('webtv')==-1) && (clientPC.indexOf('hotjava')==-1)
&& (clientPC.indexOf('khtml')==-1) && (clientPC.indexOf('gecko')==-1));
if(!document.selection && !is_nav) {
+ infoText=escapeQuotesHTML(infoText);
document.write("<form name='infoform' id='infoform'>"+
- "<input size=80 id='infobox' name='infobox' value='"+
- infoText+"' READONLY></form>");
+ "<input size=80 id='infobox' name='infobox' value=\""+
+ infoText+"\" READONLY></form>");
}
}
function escapeQuotes(text) {
var re=new RegExp("'","g");
text=text.replace(re,"\\'");
+ re=new RegExp('"',"g");
+ text=text.replace(re,'"');
re=new RegExp("\\n","g");
text=text.replace(re,"\\n");
return text;
}
+function escapeQuotesHTML(text) {
+ var re=new RegExp('"',"g");
+ text=text.replace(re,""");
+ return text;
+}
+
// apply tagOpen/tagClose to selection in textarea,
// use sampleText instead of selection if there is none
// copied and adapted from phpBB