From 059920c2dac57147116a706a7205c51c69d3ff3a Mon Sep 17 00:00:00 2001
From: vrana
Date: Wed, 6 Feb 2013 16:53:49 -0800
Subject: [PATCH] Convert AphrontErrorView to safe HTML
Summary: Done by searching for `AphrontErrorView` and then `appendChild()`.
Test Plan:
Looked at Commit Detail.
Looked at Revision Detail.
Reviewers: epriestley
Reviewed By: epriestley
CC: aran, Korvin
Maniphest Tasks: T2432
Differential Revision: https://secure.phabricator.com/D4843
---
...AphrontDefaultApplicationConfiguration.php | 2 +-
.../response/AphrontRedirectResponse.php | 5 +--
.../PhabricatorMustVerifyEmailController.php | 9 +++--
.../PhabricatorConduitConsoleController.php | 14 +++-----
.../PhabricatorConfigEditController.php | 4 +--
.../PhabricatorWorkerTaskDetailController.php | 6 ++--
.../DifferentialRevisionViewController.php | 23 +++++++------
.../DifferentialLintFieldSpecification.php | 14 ++++----
.../DifferentialUnitFieldSpecification.php | 14 ++++----
.../view/DifferentialAddCommentView.php | 15 ---------
.../DiffusionBrowseFileController.php | 5 ++-
.../controller/DiffusionCommitController.php | 13 ++++----
.../DiffusionExternalController.php | 12 ++++---
.../view/DiffusionEmptyResultView.php | 17 +++++-----
.../PhabricatorFactHomeController.php | 7 ++--
.../controller/HeraldTranscriptController.php | 6 ++--
.../PhabricatorMetaMTASendController.php | 16 +++++----
...habricatorNotificationStatusController.php | 7 ++--
...PhabricatorEmailVerificationController.php | 33 +++++++++++--------
.../PhabricatorPeopleEditController.php | 7 ++--
.../controller/PhrictionEditController.php | 5 +--
.../PhabricatorRepositoryController.php | 22 ++++++-------
.../PhabricatorRepositoryEditController.php | 3 +-
.../panel/PhabricatorSettingsPanelAccount.php | 3 +-
.../panel/PhabricatorSettingsPanelConduit.php | 8 +++--
...abricatorSettingsPanelEmailPreferences.php | 3 +-
.../PhabricatorSettingsPanelPassword.php | 3 +-
.../panel/PhabricatorSettingsPanelProfile.php | 3 +-
src/view/form/AphrontErrorView.php | 10 +++---
.../layout/PhabricatorObjectItemListView.php | 2 +-
src/view/layout/PhabricatorPinboardView.php | 2 +-
31 files changed, 152 insertions(+), 141 deletions(-)
diff --git a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
index c50f278672..4d18f54528 100644
--- a/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
+++ b/src/aphront/configuration/AphrontDefaultApplicationConfiguration.php
@@ -211,7 +211,7 @@ class AphrontDefaultApplicationConfiguration
if ($ex instanceof AphrontUsageException) {
$error = new AphrontErrorView();
$error->setTitle(phutil_escape_html($ex->getTitle()));
- $error->appendChild(phutil_escape_html($ex->getMessage()));
+ $error->appendChild($ex->getMessage());
$view = new PhabricatorStandardPageView();
$view->setRequest($this->getRequest());
diff --git a/src/aphront/response/AphrontRedirectResponse.php b/src/aphront/response/AphrontRedirectResponse.php
index 254073390d..b01cc3644d 100644
--- a/src/aphront/response/AphrontRedirectResponse.php
+++ b/src/aphront/response/AphrontRedirectResponse.php
@@ -49,10 +49,11 @@ class AphrontRedirectResponse extends AphrontResponse {
),
'Continue to: '.$this->getURI());
- $error->appendChild(
+ $error->appendChild(hsprintf(
'You were stopped here because debug.stop-on-redirect '.
'is set in your configuration.
'.
- ''.$link.'
');
+ '%s
',
+ $link));
$view->appendChild($error);
diff --git a/src/applications/auth/controller/PhabricatorMustVerifyEmailController.php b/src/applications/auth/controller/PhabricatorMustVerifyEmailController.php
index 7aa356f9e6..183954eebe 100644
--- a/src/applications/auth/controller/PhabricatorMustVerifyEmailController.php
+++ b/src/applications/auth/controller/PhabricatorMustVerifyEmailController.php
@@ -31,9 +31,12 @@ final class PhabricatorMustVerifyEmailController
$sent = new AphrontErrorView();
$sent->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$sent->setTitle(pht('Email Sent'));
- $sent->appendChild(''.
- pht('Another verification email was sent to %s.',
- phutil_escape_html($email_address)).'
');
+ $sent->appendChild(phutil_tag(
+ 'p',
+ array(),
+ pht(
+ 'Another verification email was sent to %s.',
+ phutil_tag('strong', array(), $email_address))));
}
$error_view = new AphrontRequestFailureView();
diff --git a/src/applications/conduit/controller/PhabricatorConduitConsoleController.php b/src/applications/conduit/controller/PhabricatorConduitConsoleController.php
index 61248cbbf1..43a645e4d1 100644
--- a/src/applications/conduit/controller/PhabricatorConduitConsoleController.php
+++ b/src/applications/conduit/controller/PhabricatorConduitConsoleController.php
@@ -35,20 +35,16 @@ final class PhabricatorConduitConsoleController
case ConduitAPIMethod::METHOD_STATUS_DEPRECATED:
$status_view->setTitle('Deprecated Method');
$status_view->appendChild(
- phutil_escape_html(
- nonempty(
- $reason,
- "This method is deprecated.")));
+ nonempty($reason, "This method is deprecated."));
break;
case ConduitAPIMethod::METHOD_STATUS_UNSTABLE:
$status_view->setSeverity(AphrontErrorView::SEVERITY_WARNING);
$status_view->setTitle('Unstable Method');
$status_view->appendChild(
- phutil_escape_html(
- nonempty(
- $reason,
- "This method is new and unstable. Its interface is subject ".
- "to change.")));
+ nonempty(
+ $reason,
+ "This method is new and unstable. Its interface is subject ".
+ "to change."));
break;
}
}
diff --git a/src/applications/config/controller/PhabricatorConfigEditController.php b/src/applications/config/controller/PhabricatorConfigEditController.php
index 57ee007a08..c02e20f3cb 100644
--- a/src/applications/config/controller/PhabricatorConfigEditController.php
+++ b/src/applications/config/controller/PhabricatorConfigEditController.php
@@ -108,7 +108,7 @@ final class PhabricatorConfigEditController
$error_view = id(new AphrontErrorView())
->setTitle(pht('Configuration Hidden'))
->setSeverity(AphrontErrorView::SEVERITY_WARNING)
- ->appendChild(''.phutil_escape_html($msg).'
');
+ ->appendChild(phutil_tag('p', array(), $msg));
} else if ($option->getLocked()) {
$msg = pht(
"This configuration is locked and can not be edited from the web ".
@@ -117,7 +117,7 @@ final class PhabricatorConfigEditController
$error_view = id(new AphrontErrorView())
->setTitle(pht('Configuration Locked'))
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
- ->appendChild(''.phutil_escape_html($msg).'
');
+ ->appendChild(phutil_tag('p', array(), $msg));
}
if ($option->getHidden()) {
diff --git a/src/applications/daemon/controller/PhabricatorWorkerTaskDetailController.php b/src/applications/daemon/controller/PhabricatorWorkerTaskDetailController.php
index 75f391c5a2..3444d66dfc 100644
--- a/src/applications/daemon/controller/PhabricatorWorkerTaskDetailController.php
+++ b/src/applications/daemon/controller/PhabricatorWorkerTaskDetailController.php
@@ -23,8 +23,10 @@ final class PhabricatorWorkerTaskDetailController
$error_view = new AphrontErrorView();
$error_view->setTitle('No Such Task');
- $error_view->appendChild(
- 'This task may have recently been garbage collected.
');
+ $error_view->appendChild(phutil_tag(
+ 'p',
+ array(),
+ 'This task may have recently been garbage collected.'));
$error_view->setSeverity(AphrontErrorView::SEVERITY_NODATA);
$content = $error_view;
diff --git a/src/applications/differential/controller/DifferentialRevisionViewController.php b/src/applications/differential/controller/DifferentialRevisionViewController.php
index 5dc9211297..1e572ab334 100644
--- a/src/applications/differential/controller/DifferentialRevisionViewController.php
+++ b/src/applications/differential/controller/DifferentialRevisionViewController.php
@@ -180,21 +180,20 @@ final class DifferentialRevisionViewController extends DifferentialController {
$warning = new AphrontErrorView();
$warning->setTitle('Very Large Diff');
$warning->setSeverity(AphrontErrorView::SEVERITY_WARNING);
- $warning->appendChild(
+ $warning->appendChild(hsprintf(
+ '%s %s',
pht(
'This diff is very large and affects %s files. Load each file '.
'individually.',
- new PhutilNumber($count)).
- " ".
- phutil_tag(
- 'a',
- array(
- 'href' => $request_uri
- ->alter('large', 'true')
- ->setFragment('toc'),
- ),
- pht('Show All Files Inline')).
- "");
+ new PhutilNumber($count)),
+ phutil_tag(
+ 'a',
+ array(
+ 'href' => $request_uri
+ ->alter('large', 'true')
+ ->setFragment('toc'),
+ ),
+ pht('Show All Files Inline'))));
$warning = $warning->render();
$my_inlines = id(new DifferentialInlineComment())->loadAllWhere(
diff --git a/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php b/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
index 8cf2bfab8d..8c9e7b9639 100644
--- a/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
@@ -245,24 +245,24 @@ final class DifferentialLintFieldSpecification
if ($status == DifferentialLintStatus::LINT_SKIP) {
$content =
- "This diff was created without running lint. Make sure you are ".
- "OK with that before you accept this diff.
";
+ "This diff was created without running lint. Make sure you are ".
+ "OK with that before you accept this diff.";
} else if ($status == DifferentialLintStatus::LINT_POSTPONED) {
$severity = AphrontErrorView::SEVERITY_WARNING;
$content =
- "Postponed linters didn't finish yet. Make sure you are OK with ".
- "that before you accept this diff.
";
+ "Postponed linters didn't finish yet. Make sure you are OK with ".
+ "that before you accept this diff.";
} else {
$content =
- "This diff has Lint Problems. Make sure you are OK with them ".
- "before you accept this diff.
";
+ "This diff has Lint Problems. Make sure you are OK with them ".
+ "before you accept this diff.";
}
return id(new AphrontErrorView())
->setSeverity($severity)
- ->appendChild($content)
+ ->appendChild(phutil_tag('p', array(), $content))
->setTitle(idx($titles, $status, 'Warning'));
}
diff --git a/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php b/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
index 0e442314a6..ae189573ff 100644
--- a/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
@@ -200,21 +200,21 @@ final class DifferentialUnitFieldSpecification
);
if ($diff->getUnitStatus() == DifferentialUnitStatus::UNIT_POSTPONED) {
$content =
- "This diff has postponed unit tests. The results should be ".
+ "This diff has postponed unit tests. The results should be ".
"coming in soon. You should probably wait for them before accepting ".
- "this diff.
";
+ "this diff.";
} else if ($diff->getUnitStatus() == DifferentialUnitStatus::UNIT_SKIP) {
$content =
- "Unit tests were skipped when this diff was created. Make sure ".
- "you are OK with that before you accept this diff.
";
+ "Unit tests were skipped when this diff was created. Make sure ".
+ "you are OK with that before you accept this diff.";
} else {
$content =
- "This diff has Unit Test Problems. Make sure you are OK with ".
- "them before you accept this diff.
";
+ "This diff has Unit Test Problems. Make sure you are OK with ".
+ "them before you accept this diff.";
}
$unit_warning = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_ERROR)
- ->appendChild($content)
+ ->appendChild(phutil_tag('p', array(), $content))
->setTitle(idx($titles, $diff->getUnitStatus(), 'Warning'));
}
return $unit_warning;
diff --git a/src/applications/differential/view/DifferentialAddCommentView.php b/src/applications/differential/view/DifferentialAddCommentView.php
index 881b8de3d6..0670a062ca 100644
--- a/src/applications/differential/view/DifferentialAddCommentView.php
+++ b/src/applications/differential/view/DifferentialAddCommentView.php
@@ -46,21 +46,6 @@ final class DifferentialAddCommentView extends AphrontView {
return $this;
}
- private function generateWarningView(
- $status,
- array $titles,
- $id,
- $content) {
-
- $warning = new AphrontErrorView();
- $warning->setSeverity(AphrontErrorView::SEVERITY_ERROR);
- $warning->setID($id);
- $warning->appendChild($content);
- $warning->setTitle(idx($titles, $status, 'Warning'));
-
- return $warning;
- }
-
public function render() {
require_celerity_resource('differential-revision-add-comment-css');
diff --git a/src/applications/diffusion/controller/DiffusionBrowseFileController.php b/src/applications/diffusion/controller/DiffusionBrowseFileController.php
index 93caaab144..474605c44c 100644
--- a/src/applications/diffusion/controller/DiffusionBrowseFileController.php
+++ b/src/applications/diffusion/controller/DiffusionBrowseFileController.php
@@ -96,9 +96,8 @@ final class DiffusionBrowseFileController extends DiffusionController {
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('File Renamed');
$notice->appendChild(
- "File history passes through a rename from '".
- phutil_escape_html($drequest->getPath())."' to '".
- phutil_escape_html($renamed)."'.");
+ "File history passes through a rename from '".$drequest->getPath().
+ "' to '".$renamed."'.");
$content[] = $notice;
}
diff --git a/src/applications/diffusion/controller/DiffusionCommitController.php b/src/applications/diffusion/controller/DiffusionCommitController.php
index 65e47e3af1..8726c5a91c 100644
--- a/src/applications/diffusion/controller/DiffusionCommitController.php
+++ b/src/applications/diffusion/controller/DiffusionCommitController.php
@@ -62,8 +62,8 @@ final class DiffusionCommitController extends DiffusionController {
$error_panel->appendChild(
"This Diffusion repository is configured to track only one ".
"subdirectory of the entire Subversion repository, and this commit ".
- "didn't affect the tracked subdirectory ('".
- phutil_escape_html($subpath)."'), so no information is available.");
+ "didn't affect the tracked subdirectory ('".$subpath."'), so no ".
+ "information is available.");
$content[] = $error_panel;
$content[] = $top_anchor;
} else {
@@ -162,8 +162,7 @@ final class DiffusionCommitController extends DiffusionController {
if ($bad_commit) {
$error_panel = new AphrontErrorView();
$error_panel->setTitle('Bad Commit');
- $error_panel->appendChild(
- phutil_escape_html($bad_commit['description']));
+ $error_panel->appendChild($bad_commit['description']);
$content[] = $error_panel;
} else if ($is_foreign) {
@@ -207,8 +206,10 @@ final class DiffusionCommitController extends DiffusionController {
$warning_view = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_WARNING)
->setTitle('Very Large Commit')
- ->appendChild(
- "This commit is very large. Load each file individually.
");
+ ->appendChild(phutil_tag(
+ 'p',
+ array(),
+ "This commit is very large. Load each file individually."));
$change_panel->appendChild($warning_view);
$change_panel->addButton($show_all_button);
diff --git a/src/applications/diffusion/controller/DiffusionExternalController.php b/src/applications/diffusion/controller/DiffusionExternalController.php
index 738cee81fd..c20e11cb82 100644
--- a/src/applications/diffusion/controller/DiffusionExternalController.php
+++ b/src/applications/diffusion/controller/DiffusionExternalController.php
@@ -60,17 +60,19 @@ final class DiffusionExternalController extends DiffusionController {
if (empty($commits)) {
$desc = null;
if ($uri) {
- $desc = phutil_escape_html($uri).', at ';
+ $desc = $uri.', at ';
}
- $desc .= phutil_escape_html($id);
+ $desc .= $id;
$content = id(new AphrontErrorView())
->setTitle('Unknown External')
->setSeverity(AphrontErrorView::SEVERITY_WARNING)
- ->appendChild(
- "This external ({$desc}) does not appear in any tracked ".
+ ->appendChild(phutil_tag(
+ 'p',
+ array(),
+ "This external ({$desc}) does not appear in any tracked ".
"repository. It may exist in an untracked repository that ".
- "Diffusion does not know about.
");
+ "Diffusion does not know about."));
} else if (count($commits) == 1) {
$commit = head($commits);
$repo = $repositories[$commit->getRepositoryID()];
diff --git a/src/applications/diffusion/view/DiffusionEmptyResultView.php b/src/applications/diffusion/view/DiffusionEmptyResultView.php
index 75997fafa0..7dcba04caf 100644
--- a/src/applications/diffusion/view/DiffusionEmptyResultView.php
+++ b/src/applications/diffusion/view/DiffusionEmptyResultView.php
@@ -43,8 +43,6 @@ final class DiffusionEmptyResultView extends DiffusionView {
$deleted = $this->browseQuery->getDeletedAtCommit();
$existed = $this->browseQuery->getExistedAtCommit();
- $deleted = self::linkCommit($drequest->getRepository(), $deleted);
-
$browse = $this->linkBrowse(
$drequest->getPath(),
array(
@@ -54,11 +52,14 @@ final class DiffusionEmptyResultView extends DiffusionView {
)
);
- $existed = "r{$callsign}{$existed}";
-
$title = 'Path Was Deleted';
- $body = "This path does not exist at {$commit}. It was deleted in ".
- "{$deleted} and last {$browse} at {$existed}.";
+ $body = hsprintf(
+ "This path does not exist at %s. It was deleted in %s and last %s ".
+ "at %s.",
+ $commit,
+ self::linkCommit($drequest->getRepository(), $deleted),
+ $browse,
+ "r{$callsign}{$existed}");
$severity = AphrontErrorView::SEVERITY_WARNING;
break;
case DiffusionBrowseQuery::REASON_IS_UNTRACKED_PARENT:
@@ -66,7 +67,7 @@ final class DiffusionEmptyResultView extends DiffusionView {
$title = 'Directory Not Tracked';
$body =
"This repository is configured to track only one subdirectory ".
- "of the entire repository ('".phutil_escape_html($subdir)."'), ".
+ "of the entire repository ('{$subdir}'), ".
"but you aren't looking at something in that subdirectory, so no ".
"information is available.";
$severity = AphrontErrorView::SEVERITY_WARNING;
@@ -78,7 +79,7 @@ final class DiffusionEmptyResultView extends DiffusionView {
$error_view = new AphrontErrorView();
$error_view->setSeverity($severity);
$error_view->setTitle($title);
- $error_view->appendChild(''.$body.'
');
+ $error_view->appendChild(phutil_tag('p', array(), $body));
return $error_view->render();
}
diff --git a/src/applications/fact/controller/PhabricatorFactHomeController.php b/src/applications/fact/controller/PhabricatorFactHomeController.php
index 4f079392b9..82ce96baa1 100644
--- a/src/applications/fact/controller/PhabricatorFactHomeController.php
+++ b/src/applications/fact/controller/PhabricatorFactHomeController.php
@@ -94,9 +94,10 @@ final class PhabricatorFactHomeController extends PhabricatorFactController {
return id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
->setTitle(pht('No Chartable Facts'))
- ->appendChild(
- ''.pht(
- 'There are no facts that can be plotted yet.').'
');
+ ->appendChild(phutil_tag(
+ 'p',
+ array(),
+ pht('There are no facts that can be plotted yet.')));
}
$form = id(new AphrontFormView())
diff --git a/src/applications/herald/controller/HeraldTranscriptController.php b/src/applications/herald/controller/HeraldTranscriptController.php
index 7008b49c6a..0b80cdf3b4 100644
--- a/src/applications/herald/controller/HeraldTranscriptController.php
+++ b/src/applications/herald/controller/HeraldTranscriptController.php
@@ -35,8 +35,10 @@ final class HeraldTranscriptController extends HeraldController {
$notice = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
->setTitle('Old Transcript')
- ->appendChild(
- 'Details of this transcript have been garbage collected.
');
+ ->appendChild(phutil_tag(
+ 'p',
+ array(),
+ 'Details of this transcript have been garbage collected.'));
$nav->appendChild($notice);
} else {
$filter = $this->getFilterPHIDs();
diff --git a/src/applications/metamta/controller/PhabricatorMetaMTASendController.php b/src/applications/metamta/controller/PhabricatorMetaMTASendController.php
index c2a0b58452..bd423186cd 100644
--- a/src/applications/metamta/controller/PhabricatorMetaMTASendController.php
+++ b/src/applications/metamta/controller/PhabricatorMetaMTASendController.php
@@ -67,12 +67,16 @@ final class PhabricatorMetaMTASendController
$warning = new AphrontErrorView();
$warning->setTitle('Email is Disabled');
$warning->setSeverity(AphrontErrorView::SEVERITY_WARNING);
- $warning->appendChild(
- ''.pht('This installation of Phabricator is currently set to use '.
- 'PhabricatorMailImplementationTestAdapter to deliver '.
- 'outbound email. This completely disables outbound email! All '.
- 'outbound email will be thrown in a deep, dark hole until you '.
- 'configure a real adapter.').'
');
+ $warning->appendChild(phutil_tag(
+ 'p',
+ array(),
+ pht(
+ 'This installation of Phabricator is currently set to use %s to '.
+ 'deliver outbound email. This completely disables outbound email! '.
+ 'All outbound email will be thrown in a deep, dark hole until you '.
+ 'configure a real adapter.',
+ phutil_tag('tt', array(), 'PhabricatorMailImplementationTestAdapter'))
+ ));
}
$phdlink_href = PhabricatorEnv::getDoclink(
diff --git a/src/applications/notification/controller/PhabricatorNotificationStatusController.php b/src/applications/notification/controller/PhabricatorNotificationStatusController.php
index 31a0de4552..5c28923b9f 100644
--- a/src/applications/notification/controller/PhabricatorNotificationStatusController.php
+++ b/src/applications/notification/controller/PhabricatorNotificationStatusController.php
@@ -24,13 +24,14 @@ final class PhabricatorNotificationStatusController
} catch (Exception $ex) {
$status = new AphrontErrorView();
$status->setTitle("Notification Server Issue");
- $status->appendChild(
+ $status->appendChild(hsprintf(
'Unable to determine server status. This probably means the server '.
'is not in great shape. The specific issue encountered was:'.
'
'.
'
'.
- ''.phutil_escape_html(get_class($ex)).' '.
- nl2br(phutil_escape_html($ex->getMessage())));
+ '%s %s',
+ get_class($ex),
+ phutil_escape_html_newlines($ex->getMessage())));
}
return $this->buildStandardPageResponse(
diff --git a/src/applications/people/controller/PhabricatorEmailVerificationController.php b/src/applications/people/controller/PhabricatorEmailVerificationController.php
index 221df9d2a5..80432f15b0 100644
--- a/src/applications/people/controller/PhabricatorEmailVerificationController.php
+++ b/src/applications/people/controller/PhabricatorEmailVerificationController.php
@@ -30,7 +30,9 @@ final class PhabricatorEmailVerificationController
'href' => '/',
),
'Continue to Phabricator');
- $home_link = '
'.$home_link.'
';
+ $home_link = hsprintf(
+ '
%s
',
+ $home_link);
$settings_link = phutil_tag(
'a',
@@ -38,23 +40,26 @@ final class PhabricatorEmailVerificationController
'href' => '/settings/panel/email/',
),
'Return to Email Settings');
- $settings_link = '
'.$settings_link.'
';
-
+ $settings_link = hsprintf(
+ '
%s
',
+ $settings_link);
if (!$email) {
$content = id(new AphrontErrorView())
->setTitle('Unable To Verify')
- ->appendChild(
- 'The verification code is incorrect, the email address has '.
- 'been removed, or the email address is owned by another user. Make '.
- 'sure you followed the link in the email correctly.
');
+ ->appendChild(phutil_tag(
+ 'p',
+ array(),
+ 'The verification code is incorrect, the email address has been '.
+ 'removed, or the email address is owned by another user. Make '.
+ 'sure you followed the link in the email correctly.'));
} else if ($email->getIsVerified()) {
$content = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
->setTitle('Address Already Verified')
- ->appendChild(
- 'This email address has already been verified.
'.
- $settings_link);
+ ->appendChild(hsprintf(
+ 'This email address has already been verified.
%s',
+ $settings_link));
} else {
$guard = AphrontWriteGuard::beginScopedUnguardedWrites();
@@ -65,10 +70,10 @@ final class PhabricatorEmailVerificationController
$content = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NOTICE)
->setTitle('Address Verified')
- ->appendChild(
- 'This email address has now been verified. Thanks!
'.
- $home_link.
- $settings_link);
+ ->appendChild(hsprintf(
+ 'This email address has now been verified. Thanks!
%s%s',
+ $home_link,
+ $settings_link));
}
return $this->buildApplicationPage(
diff --git a/src/applications/people/controller/PhabricatorPeopleEditController.php b/src/applications/people/controller/PhabricatorPeopleEditController.php
index d5e0ca8f0c..bedf1b43fa 100644
--- a/src/applications/people/controller/PhabricatorPeopleEditController.php
+++ b/src/applications/people/controller/PhabricatorPeopleEditController.php
@@ -54,7 +54,8 @@ final class PhabricatorPeopleEditController
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Changes Saved');
- $notice->appendChild('Your changes were saved.
');
+ $notice->appendChild(
+ phutil_tag('p', array(), 'Your changes were saved.'));
$content[] = $notice;
}
@@ -578,10 +579,10 @@ final class PhabricatorPeopleEditController
if ($user->getPHID() == $admin->getPHID()) {
$error = new AphrontErrorView();
$error->setTitle('You Shall Journey No Farther');
- $error->appendChild(
+ $error->appendChild(hsprintf(
'As you stare into the gaping maw of the abyss, something holds '.
'you back.
'.
- 'You can not delete your own account.
');
+ 'You can not delete your own account.
'));
return $error;
}
diff --git a/src/applications/phriction/controller/PhrictionEditController.php b/src/applications/phriction/controller/PhrictionEditController.php
index 43b8c3824a..502feaa9e1 100644
--- a/src/applications/phriction/controller/PhrictionEditController.php
+++ b/src/applications/phriction/controller/PhrictionEditController.php
@@ -183,8 +183,9 @@ final class PhrictionEditController
$draft_note = new AphrontErrorView();
$draft_note->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$draft_note->setTitle('Recovered Draft');
- $draft_note->appendChild(
- 'Showing a saved draft of your edits, you can '.$discard.'.
');
+ $draft_note->appendChild(hsprintf(
+ 'Showing a saved draft of your edits, you can %s.
',
+ $discard));
} else {
$content_text = $content->getContent();
$draft_note = null;
diff --git a/src/applications/repository/controller/PhabricatorRepositoryController.php b/src/applications/repository/controller/PhabricatorRepositoryController.php
index 1f58eca9a4..cf4f986d60 100644
--- a/src/applications/repository/controller/PhabricatorRepositoryController.php
+++ b/src/applications/repository/controller/PhabricatorRepositoryController.php
@@ -41,10 +41,10 @@ abstract class PhabricatorRepositoryController extends PhabricatorController {
),
'Diffusion User Guide');
- $common =
+ $common = hsprintf(
"Without this daemon, Phabricator will not be able to import or update ".
- "repositories. For instructions on starting the daemon, see ".
- "{$documentation}.";
+ "repositories. For instructions on starting the daemon, see %s.",
+ phutil_tag('strong', array(), $documentation));
try {
$daemon_running = $this->isPullDaemonRunning();
@@ -52,17 +52,17 @@ abstract class PhabricatorRepositoryController extends PhabricatorController {
return null;
}
$title = "Repository Daemon Not Running";
- $message =
- "The repository daemon is not running on this machine. ".
- "{$common}
";
+ $message = hsprintf(
+ "The repository daemon is not running on this machine. %s
",
+ $common);
} catch (Exception $ex) {
$title = "Unable To Verify Repository Daemon";
- $message =
+ $message = hsprintf(
"Unable to determine if the repository daemon is running on this ".
- "machine. {$common}
".
- "Exception: ".
- phutil_escape_html($ex->getMessage()).
- "
";
+ "machine. %s
".
+ "Exception: %s
",
+ $common,
+ $ex->getMessage());
}
$view = new AphrontErrorView();
diff --git a/src/applications/repository/controller/PhabricatorRepositoryEditController.php b/src/applications/repository/controller/PhabricatorRepositoryEditController.php
index cbf2574e4c..4a6074a7e8 100644
--- a/src/applications/repository/controller/PhabricatorRepositoryEditController.php
+++ b/src/applications/repository/controller/PhabricatorRepositoryEditController.php
@@ -94,8 +94,7 @@ final class PhabricatorRepositoryEditController
$error_view = new AphrontErrorView();
$error_view->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$error_view->setTitle('Changes Saved');
- $error_view->appendChild(
- 'Repository changes were saved.');
+ $error_view->appendChild('Repository changes were saved.');
}
$encoding_doc_link = PhabricatorEnv::getDoclink(
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelAccount.php b/src/applications/settings/panel/PhabricatorSettingsPanelAccount.php
index 72b58dae2a..a913330530 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelAccount.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelAccount.php
@@ -51,7 +51,8 @@ final class PhabricatorSettingsPanelAccount
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Changes Saved');
- $notice->appendChild('Your changes have been saved.
');
+ $notice->appendChild(
+ phutil_tag('p', array(), 'Your changes have been saved.'));
$notice = $notice->render();
}
} else {
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php b/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
index bdcfd8cada..a80a32d222 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelConduit.php
@@ -53,10 +53,12 @@ final class PhabricatorSettingsPanelConduit
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Certificate Regenerated');
- $notice->appendChild(
- 'Your old certificate has been destroyed and you have been issued '.
+ $notice->appendChild(phutil_tag(
+ 'p',
+ array(),
+ 'Your old certificate has been destroyed and you have been issued '.
'a new certificate. Sessions established under the old certificate '.
- 'are no longer valid.
');
+ 'are no longer valid.'));
$notice = $notice->render();
} else {
$notice = null;
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelEmailPreferences.php b/src/applications/settings/panel/PhabricatorSettingsPanelEmailPreferences.php
index dadca328a6..f3e3c55c2a 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelEmailPreferences.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelEmailPreferences.php
@@ -72,7 +72,8 @@ final class PhabricatorSettingsPanelEmailPreferences
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Changes Saved');
- $notice->appendChild('Your changes have been saved.
');
+ $notice->appendChild(
+ phutil_tag('p', array(), 'Your changes have been saved.'));
}
} else {
$notice = new AphrontErrorView();
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
index e7d6e69879..b6d79811ec 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelPassword.php
@@ -114,7 +114,8 @@ final class PhabricatorSettingsPanelPassword
$notice = new AphrontErrorView();
$notice->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$notice->setTitle('Changes Saved');
- $notice->appendChild('Your password has been updated.
');
+ $notice->appendChild(
+ phutil_tag('p', array(), 'Your password has been updated.'));
}
} else {
$notice = new AphrontErrorView();
diff --git a/src/applications/settings/panel/PhabricatorSettingsPanelProfile.php b/src/applications/settings/panel/PhabricatorSettingsPanelProfile.php
index 358ab27438..d78cbbcd6a 100644
--- a/src/applications/settings/panel/PhabricatorSettingsPanelProfile.php
+++ b/src/applications/settings/panel/PhabricatorSettingsPanelProfile.php
@@ -119,7 +119,8 @@ final class PhabricatorSettingsPanelProfile
$error_view = new AphrontErrorView();
$error_view->setSeverity(AphrontErrorView::SEVERITY_NOTICE);
$error_view->setTitle('Changes Saved');
- $error_view->appendChild('Your changes have been saved.
');
+ $error_view->appendChild(
+ phutil_tag('p', array(), 'Your changes have been saved.'));
$error_view = $error_view->render();
}
}
diff --git a/src/view/form/AphrontErrorView.php b/src/view/form/AphrontErrorView.php
index 06fa19ceb7..cd97ff6a2f 100644
--- a/src/view/form/AphrontErrorView.php
+++ b/src/view/form/AphrontErrorView.php
@@ -92,7 +92,10 @@ final class AphrontErrorView extends AphrontView {
$classes[] = 'aphront-error-severity-'.$this->severity;
$classes = implode(' ', $classes);
- return phutil_render_tag(
+ $children = $this->renderHTMLChildren();
+ $children[] = $list;
+
+ return phutil_tag(
'div',
array(
'id' => $this->id,
@@ -100,13 +103,12 @@ final class AphrontErrorView extends AphrontView {
),
array(
$title,
- phutil_render_tag(
+ phutil_tag(
'div',
array(
'class' => 'aphront-error-view-body',
),
- $this->renderChildren().
- $list),
+ $children),
));
}
}
diff --git a/src/view/layout/PhabricatorObjectItemListView.php b/src/view/layout/PhabricatorObjectItemListView.php
index 4ae41564ca..cc9abb01a4 100644
--- a/src/view/layout/PhabricatorObjectItemListView.php
+++ b/src/view/layout/PhabricatorObjectItemListView.php
@@ -53,7 +53,7 @@ final class PhabricatorObjectItemListView extends AphrontView {
$string = nonempty($this->noDataString, pht('No data.'));
$items = id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NODATA)
- ->appendChild(phutil_escape_html($string));
+ ->appendChild($string);
}
$pager = null;
diff --git a/src/view/layout/PhabricatorPinboardView.php b/src/view/layout/PhabricatorPinboardView.php
index a776025c20..f62a2be459 100644
--- a/src/view/layout/PhabricatorPinboardView.php
+++ b/src/view/layout/PhabricatorPinboardView.php
@@ -22,7 +22,7 @@ final class PhabricatorPinboardView extends AphrontView {
$string = nonempty($this->noDataString, pht('No data.'));
return id(new AphrontErrorView())
->setSeverity(AphrontErrorView::SEVERITY_NODATA)
- ->appendChild(phutil_escape_html($string))
+ ->appendChild($string)
->render();
}