X-Git-Url: https://git.heureux-cyclage.org/?a=blobdiff_plain;f=languages%2FLanguageConverter.php;h=e51dca93eebdd77c0437ca26035dec51d60781b9;hb=4df0c71911500466a6330b8fe29c623ef5b51e41;hp=dcc2cf335fcb7018a9710e1d9155396e8f0c2660;hpb=9f32a4dc89ec5788987e1378b05f156b7d666db3;p=lhc%2Fweb%2Fwiklou.git

diff --git a/languages/LanguageConverter.php b/languages/LanguageConverter.php
index dcc2cf335f..e51dca93ee 100644
--- a/languages/LanguageConverter.php
+++ b/languages/LanguageConverter.php
@@ -85,7 +85,7 @@ class LanguageConverter {
 	 * @param array $flags Defining the custom strings that maps to the flags
 	 * @param array $manualLevel Limit for supported variants
 	 */
-	public function __construct( $langobj, $maincode, $variants = [],
+	public function __construct( Language $langobj, $maincode, $variants = [],
 								$variantfallbacks = [], $flags = [],
 								$manualLevel = [] ) {
 		global $wgDisabledVariants;
@@ -250,7 +250,7 @@ class LanguageConverter {
 	 * @return mixed Variant if one found, null otherwise
 	 */
 	protected function getUserVariant() {
-		global $wgUser, $wgContLang;
+		global $wgUser;
 
 		// memoizing this function wreaks havoc on parserTest.php
 		/*
@@ -266,7 +266,10 @@ class LanguageConverter {
 			return false;
 		}
 		if ( $wgUser->isLoggedIn() ) {
-			if ( $this->mMainLanguageCode == $wgContLang->getCode() ) {
+			if (
+				$this->mMainLanguageCode ==
+				MediaWikiServices::getInstance()->getContentLanguage()->getCode()
+			) {
 				$ret = $wgUser->getOption( 'variant' );
 			} else {
 				$ret = $wgUser->getOption( 'variant-' . $this->mMainLanguageCode );
@@ -639,8 +642,12 @@ class LanguageConverter {
 	 * -{flags|code1:text1;code2:text2;...}-  or
 	 * -{text}- in which case no conversion should take place for text
 	 *
-	 * @param string $text Text to be converted
-	 * @return string Converted text
+	 * @warning Glossary state is maintained between calls. Never feed this
+	 *   method input that hasn't properly been escaped as it may result in
+	 *   an XSS in subsequent calls, even if those subsequent calls properly
+	 *   escape things.
+	 * @param string $text Text to be converted, already html escaped.
+	 * @return string Converted text (html)
 	 */
 	public function convert( $text ) {
 		$variant = $this->getPreferredVariant();
@@ -650,9 +657,11 @@ class LanguageConverter {
 	/**
 	 * Same as convert() except a extra parameter to custom variant.
 	 *
-	 * @param string $text Text to be converted
+	 * @param string $text Text to be converted, already html escaped
+	 * @param-taint $text exec_html
 	 * @param string $variant The target variant code
 	 * @return string Converted text
+	 * @return-taint escaped
 	 */
 	public function convertTo( $text, $variant ) {
 		global $wgDisableLangConversion;
@@ -770,7 +779,7 @@ class LanguageConverter {
 							$warningDone = true;
 						}
 						$startPos += 2;
-						continue;
+						break;
 					}
 					// Recursively parse another rule
 					$inner .= $this->recursiveConvertRule( $text, $variant, $startPos, $depth + 1 );