X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=includes%2FMessage.php;h=c2c954ab628f6f073c7fe2c31061a1a0ce718285;hb=ae934b945b0a70b39a5794f6e40ccec55c23542c;hp=712d3f17fb8ddabacd78071be11451fa3f46a5e4;hpb=ff13c3d92a3357d2cbb03c4d58dfc33999942b0a;p=lhc%2Fweb%2Fwiklou.git diff --git a/includes/Message.php b/includes/Message.php index 712d3f17fb..c2c954ab62 100644 --- a/includes/Message.php +++ b/includes/Message.php @@ -120,7 +120,7 @@ * * @code * // old style: - * wfMsgExt( 'key', array( 'parseinline' ), 'apple' ); + * wfMsgExt( 'key', [ 'parseinline' ], 'apple' ); * // new style: * wfMessage( 'key', 'apple' )->parse(); * @endcode @@ -131,7 +131,7 @@ * Places where HTML cannot be used. {{-transformation is done. * @code * // old style: - * wfMsgExt( 'key', array( 'parsemag' ), 'apple', 'pear' ); + * wfMsgExt( 'key', [ 'parsemag' ], 'apple', 'pear' ); * // new style: * wfMessage( 'key', 'apple', 'pear' )->text(); * @endcode @@ -402,8 +402,8 @@ class Message implements MessageSpecifier, Serializable { $value = array_shift( $params ); } - if ( $value instanceof RawMessage ) { - $message = new RawMessage( $value->getKey(), $value->getParams() ); + if ( $value instanceof Message ) { // Message, RawMessage, ApiMessage, etc + $message = clone( $value ); } elseif ( $value instanceof MessageSpecifier ) { $message = new Message( $value ); } elseif ( is_string( $value ) ) { @@ -802,10 +802,13 @@ class Message implements MessageSpecifier, Serializable { $string = $this->fetchMessage(); if ( $string === false ) { - if ( $this->format === 'plain' || $this->format === 'text' ) { - return '<' . $this->key . '>'; - } - return '<' . htmlspecialchars( $this->key ) . '>'; + // Err on the side of safety, ensure that the output + // is always html safe in the event the message key is + // missing, since in that case its highly likely the + // message key is user-controlled. + // '⧼' is used instead of '<' to side-step any + // double-escaping issues. + return '⧼' . htmlspecialchars( $this->key ) . '⧽'; } # Replace $* with a list of parameters for &uselang=qqx.