}
$language = $this->getLanguage();
- $displayedList = $this->msg( 'userrights-groupsmember-type',
- $language->listToText( $list ),
- $language->listToText( $membersList )
- )->plain();
- $displayedAutolist = $this->msg( 'userrights-groupsmember-type',
- $language->listToText( $autoList ),
- $language->listToText( $autoMembersList )
- )->plain();
+ $displayedList = $this->msg( 'userrights-groupsmember-type' )
+ ->rawParams(
+ $language->listToText( $list ),
+ $language->listToText( $membersList )
+ )->escaped();
+ $displayedAutolist = $this->msg( 'userrights-groupsmember-type' )
+ ->rawParams(
+ $language->listToText( $autoList ),
+ $language->listToText( $autoMembersList )
+ )->escaped();
$grouplist = '';
$count = count( $list );
if ( $count > 0 ) {
- $grouplist = $this->msg( 'userrights-groupsmember', $count, $user->getName() )->parse();
+ $grouplist = $this->msg( 'userrights-groupsmember' )
+ ->numParams( $count )
+ ->params( $user->getName() )
+ ->parse();
$grouplist = '<p>' . $grouplist . ' ' . $displayedList . "</p>\n";
}
$count = count( $autoList );
if ( $count > 0 ) {
- $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto', $count, $user->getName() )
+ $autogrouplistintro = $this->msg( 'userrights-groupsmember-auto' )
+ ->numParams( $count )
+ ->params( $user->getName() )
->parse();
$grouplist .= '<p>' . $autogrouplistintro . ' ' . $displayedAutolist . "</p>\n";
}
$member = User::getGroupMember( $group, $user->getName() );
if ( $checkbox['irreversible'] ) {
- $text = $this->msg( 'userrights-irreversible-marker', $member )->escaped();
+ $text = $this->msg( 'userrights-irreversible-marker', $member )->text();
} else {
- $text = htmlspecialchars( $member );
+ $text = $member;
}
$checkboxHtml = Xml::checkLabel( $text, "wpGroup-" . $group,
"wpGroup-" . $group, $checkbox['set'], $attr );
return '';
}
if ( $m > 0 ) {
- $and = $this->getMessageFromDB( 'and' );
- $space = $this->getMessageFromDB( 'word-separator' );
+ $and = htmlspecialchars( $this->getMessageFromDB( 'and' ) );
+ $space = htmlspecialchars( $this->getMessageFromDB( 'word-separator' ) );
if ( $m > 1 ) {
- $comma = $this->getMessageFromDB( 'comma-separator' );
+ $comma = htmlspecialchars( $this->getMessageFromDB( 'comma-separator' ) );
}
}
$s = $l[$m];