* Collection of methods to generate HTML content
*
* Copyright © 2009 Aryeh Gregor
- * http://www.mediawiki.org/
+ * https://www.mediawiki.org/
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
* @param array $attrs Associative array of attributes, e.g., [
- * 'href' => 'http://www.mediawiki.org/' ]. See expandAttributes() for
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string[] $modifiers classes to add to the button
- * @see http://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
+ * @see https://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
* @return string Raw HTML
*/
public static function linkButton( $contents, array $attrs, array $modifiers = [] ) {
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
* @param array $attrs Associative array of attributes, e.g., [
- * 'href' => 'http://www.mediawiki.org/' ]. See expandAttributes() for
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string[] $modifiers classes to add to the button
- * @see http://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
+ * @see https://tools.wmflabs.org/styleguide/desktop/index.html for guidance on available modifiers
* @return string Raw HTML
*/
public static function submitButton( $contents, array $attrs, array $modifiers = [] ) {
*
* @param string $element The element's name, e.g., 'a'
* @param array $attribs Associative array of attributes, e.g., [
- * 'href' => 'http://www.mediawiki.org/' ]. See expandAttributes() for
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @param string $contents The raw HTML contents of the element: *not*
* escaped!
* Identical to rawElement(), but HTML-escapes $contents (like
* Xml::element()).
*
- * @param string $element
- * @param array $attribs
+ * @param string $element Name of the element, e.g., 'a'
+ * @param array $attribs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
+ * further documentation.
* @param string $contents
*
* @return string
* Identical to rawElement(), but has no third parameter and omits the end
* tag (and the self-closing '/' in XML mode for empty elements).
*
- * @param string $element
- * @param array $attribs
+ * @param string $element Name of the element, e.g., 'a'
+ * @param array $attribs Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
+ * further documentation.
*
* @return string
*/
*
* @param string $element Name of the element, e.g., 'a'
* @param array $attribs Associative array of attributes, e.g., [
- * 'href' => 'http://www.mediawiki.org/' ]. See expandAttributes() for
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
* further documentation.
* @return array An array of attributes functionally identical to $attribs
*/
/**
* Given an associative array of element attributes, generate a string
* to stick after the element name in HTML output. Like [ 'href' =>
- * 'http://www.mediawiki.org/' ] becomes something like
- * ' href="http://www.mediawiki.org"'. Again, this is like
+ * 'https://www.mediawiki.org/' ] becomes something like
+ * ' href="https://www.mediawiki.org"'. Again, this is like
* Xml::expandAttributes(), but it implements some HTML-specific logic.
*
* Attributes that can contain space-separated lists ('class', 'accesskey' and 'rel') array
* @endcode
*
* @param array $attribs Associative array of attributes, e.g., [
- * 'href' => 'http://www.mediawiki.org/' ]. Values will be HTML-escaped.
- * A value of false means to omit the attribute. For boolean attributes,
+ * 'href' => 'https://www.mediawiki.org/' ]. Values will be HTML-escaped.
+ * A value of false or null means to omit the attribute. For boolean attributes,
* you can omit the key, e.g., [ 'checked' ] instead of
* [ 'checked' => 'checked' ] or such.
*
// and better compression anyway.
$key = strtolower( $key );
- // Bug 23769: Blacklist all form validation attributes for now. Current
- // (June 2010) WebKit has no UI, so the form just refuses to submit
- // without telling the user why, which is much worse than failing
- // server-side validation. Opera is the only other implementation at
- // this time, and has ugly UI, so just kill the feature entirely until
- // we have at least one good implementation.
-
- // As the default value of "1" for "step" rejects decimal
- // numbers to be entered in 'type="number"' fields, allow
- // the special case 'step="any"'.
-
- if ( in_array( $key, [ 'max', 'min', 'pattern', 'required' ] )
- || $key === 'step' && $value !== 'any' ) {
- continue;
- }
-
- // http://www.w3.org/TR/html401/index/attributes.html ("space-separated")
- // http://www.w3.org/TR/html5/index.html#attributes-1 ("space-separated")
+ // https://www.w3.org/TR/html401/index/attributes.html ("space-separated")
+ // https://www.w3.org/TR/html5/index.html#attributes-1 ("space-separated")
$spaceSeparatedListAttributes = [
'class', // html4, html5
'accesskey', // as of html5, multiple space-separated values allowed
if ( in_array( $key, self::$boolAttribs ) ) {
$ret .= " $key=\"\"";
} else {
- // Apparently we need to entity-encode \n, \r, \t, although the
- // spec doesn't mention that. Since we're doing strtr() anyway,
- // we may as well not call htmlspecialchars().
- // @todo FIXME: Verify that we actually need to
- // escape \n\r\t here, and explain why, exactly.
- // We could call Sanitizer::encodeAttribute() for this, but we
- // don't because we're stubborn and like our marginal savings on
- // byte size from not having to encode unnecessary quotes.
- // The only difference between this transform and the one by
- // Sanitizer::encodeAttribute() is ' is not encoded.
- $map = [
- '&' => '&',
- '"' => '"',
- '>' => '>',
- // '<' allegedly allowed per spec
- // but breaks some tools if not escaped.
- "<" => '<',
- "\n" => ' ',
- "\r" => ' ',
- "\t" => '	'
- ];
- $ret .= " $key=$quote" . strtr( $value, $map ) . $quote;
+ $ret .= " $key=$quote" . Sanitizer::encodeAttribute( $value ) . $quote;
}
}
return $ret;
*
* @param string $contents CSS
* @param string $media A media type string, like 'screen'
+ * @param array $attribs (since 1.31) Associative array of attributes, e.g., [
+ * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for
+ * further documentation.
* @return string Raw HTML
*/
- public static function inlineStyle( $contents, $media = 'all' ) {
+ public static function inlineStyle( $contents, $media = 'all', $attribs = [] ) {
// Don't escape '>' since that is used
// as direct child selector.
// Remember, in css, there is no "x" for hexadecimal escapes, and
return self::rawElement( 'style', [
'media' => $media,
- ], $contents );
+ ] + $attribs, $contents );
}
/**
return self::input( $name, $value, 'checkbox', $attribs );
}
+ /**
+ * Return the HTML for a message box.
+ * @since 1.31
+ * @param string $html of contents of box
+ * @param string $className corresponding to box
+ * @param string $heading (optional)
+ * @return string of HTML representing a box.
+ */
+ private static function messageBox( $html, $className, $heading = '' ) {
+ if ( $heading ) {
+ $html = self::element( 'h2', [], $heading ) . $html;
+ }
+ return self::rawElement( 'div', [ 'class' => $className ], $html );
+ }
+
+ /**
+ * Return a warning box.
+ * @since 1.31
+ * @param string $html of contents of box
+ * @return string of HTML representing a warning box.
+ */
+ public static function warningBox( $html ) {
+ return self::messageBox( $html, 'warningbox' );
+ }
+
+ /**
+ * Return an error box.
+ * @since 1.31
+ * @param string $html of contents of error box
+ * @param string $heading (optional)
+ * @return string of HTML representing an error box.
+ */
+ public static function errorBox( $html, $heading = '' ) {
+ return self::messageBox( $html, 'errorbox', $heading );
+ }
+
+ /**
+ * Return a success box.
+ * @since 1.31
+ * @param string $html of contents of box
+ * @return string of HTML representing a success box.
+ */
+ public static function successBox( $html ) {
+ return self::messageBox( $html, 'successbox' );
+ }
+
/**
* Convenience function to produce a radio button (input element with type=radio)
*
$attribs['name'] = $name;
if ( substr( $value, 0, 1 ) == "\n" ) {
- // Workaround for bug 12130: browsers eat the initial newline
+ // Workaround for T14130: browsers eat the initial newline
// assuming that it's just for show, but they do keep the later
// newlines, which we may want to preserve during editing.
// Prepending a single newline
* @return bool
*/
public static function isXmlMimeType( $mimetype ) {
- # http://www.whatwg.org/html/infrastructure.html#xml-mime-type
+ # https://html.spec.whatwg.org/multipage/infrastructure.html#xml-mime-type
# * text/xml
# * application/xml
# * Any MIME type with a subtype ending in +xml (this implicitly includes application/xhtml+xml)
*
* @note srcset width and height values are not supported.
*
- * @see http://www.whatwg.org/html/embedded-content-1.html#attr-img-srcset
+ * @see https://html.spec.whatwg.org/#attr-img-srcset
*
* @par Example:
* @code