X-Git-Url: https://git.heureux-cyclage.org/?p=lhc%2Fweb%2Fwiklou.git;a=blobdiff_plain;f=includes%2FHtml.php;h=dfd80a8c434dd7ef0bd00a9aa7dcefc334e882eb;hp=972f62db1a6ceac7bc18cea95362a78c8a7fbec3;hb=51fb1e29a0276bee59c57715d1a998c87593ee67;hpb=dcfec00f3b1224081e5192d5cf6d426a3c66029c diff --git a/includes/Html.php b/includes/Html.php index 972f62db1a..dfd80a8c43 100644 --- a/includes/Html.php +++ b/includes/Html.php @@ -220,8 +220,10 @@ class Html { * Identical to rawElement(), but HTML-escapes $contents (like * Xml::element()). * - * @param string $element - * @param array $attribs + * @param string $element Name of the element, e.g., 'a' + * @param array $attribs Associative array of attributes, e.g., [ + * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for + * further documentation. * @param string $contents * * @return string @@ -239,8 +241,10 @@ class Html { * Identical to rawElement(), but has no third parameter and omits the end * tag (and the self-closing '/' in XML mode for empty elements). * - * @param string $element - * @param array $attribs + * @param string $element Name of the element, e.g., 'a' + * @param array $attribs Associative array of attributes, e.g., [ + * 'href' => 'https://www.mediawiki.org/' ]. See expandAttributes() for + * further documentation. * * @return string */ @@ -459,7 +463,7 @@ class Html { * * @param array $attribs Associative array of attributes, e.g., [ * 'href' => 'https://www.mediawiki.org/' ]. Values will be HTML-escaped. - * A value of false means to omit the attribute. For boolean attributes, + * A value of false or null means to omit the attribute. For boolean attributes, * you can omit the key, e.g., [ 'checked' ] instead of * [ 'checked' => 'checked' ] or such. * @@ -540,28 +544,7 @@ class Html { if ( in_array( $key, self::$boolAttribs ) ) { $ret .= " $key=\"\""; } else { - // Apparently we need to entity-encode \n, \r, \t, although the - // spec doesn't mention that. Since we're doing strtr() anyway, - // we may as well not call htmlspecialchars(). - // @todo FIXME: Verify that we actually need to - // escape \n\r\t here, and explain why, exactly. - // We could call Sanitizer::encodeAttribute() for this, but we - // don't because we're stubborn and like our marginal savings on - // byte size from not having to encode unnecessary quotes. - // The only difference between this transform and the one by - // Sanitizer::encodeAttribute() is ' is not encoded. - $map = [ - '&' => '&', - '"' => '"', - '>' => '>', - // '<' allegedly allowed per spec - // but breaks some tools if not escaped. - "<" => '<', - "\n" => ' ', - "\r" => ' ', - "\t" => ' ' - ]; - $ret .= " $key=$quote" . strtr( $value, $map ) . $quote; + $ret .= " $key=$quote" . Sanitizer::encodeAttribute( $value ) . $quote; } } return $ret; @@ -692,6 +675,52 @@ class Html { return self::input( $name, $value, 'checkbox', $attribs ); } + /** + * Return the HTML for a message box. + * @since 1.31 + * @param string $html of contents of box + * @param string $className corresponding to box + * @param string $heading (optional) + * @return string of HTML representing a box. + */ + private static function messageBox( $html, $className, $heading = '' ) { + if ( $heading ) { + $html = self::element( 'h2', [], $heading ) . $html; + } + return self::rawElement( 'div', [ 'class' => $className ], $html ); + } + + /** + * Return a warning box. + * @since 1.31 + * @param string $html of contents of box + * @return string of HTML representing a warning box. + */ + public static function warningBox( $html ) { + return self::messageBox( $html, 'warningbox' ); + } + + /** + * Return an error box. + * @since 1.31 + * @param string $html of contents of error box + * @param string $heading (optional) + * @return string of HTML representing an error box. + */ + public static function errorBox( $html, $heading = '' ) { + return self::messageBox( $html, 'errorbox', $heading ); + } + + /** + * Return a success box. + * @since 1.31 + * @param string $html of contents of box + * @return string of HTML representing a success box. + */ + public static function successBox( $html ) { + return self::messageBox( $html, 'successbox' ); + } + /** * Convenience function to produce a radio button (input element with type=radio) *