revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-10 17:02:41 +01:00
Code Issues Releases Wiki Activity

Fix most timeline escaping

Browse source 
Summary: Some content might be broken but it's hard to test since JS/Ajax is also a bit broken.

Test Plan: Looked at timeline examples.

Reviewers: vrana

Reviewed By: vrana

CC: aran

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4683
This commit is contained in:
epriestley 2013-01-28 18:09:33 -08:00
parent d83257c29a
commit 47f2df5f51
4 changed files with 49 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/applications/uiexample/examples/PhabricatorTimelineExample.php
View file

@ -98,13 +98,13 @@ final class PhabricatorTimelineExample extends PhabricatorUIExample {
$events[] = id(new PhabricatorTimelineEventView()) $events[] = id(new PhabricatorTimelineEventView())
->setUserHandle($handle) ->setUserHandle($handle)
->setTitle(phutil_escape_html("Colorless")) ->setTitle("Colorless")
->setIcon('lock'); ->setIcon('lock');
foreach ($colors as $color) { foreach ($colors as $color) {
$events[] = id(new PhabricatorTimelineEventView()) $events[] = id(new PhabricatorTimelineEventView())
->setUserHandle($handle) ->setUserHandle($handle)
->setTitle(phutil_escape_html("Color '{$color}'")) ->setTitle("Color '{$color}'")
->setIcon('lock') ->setIcon('lock')
->setColor($color); ->setColor($color);
} }

13
src/view/AphrontView.php
View file

@ -74,6 +74,19 @@ abstract class AphrontView extends Phobject {
} }
} }
final protected function isEmptyContent($content) {
if (is_array($content)) {
foreach ($content as $element) {
if (!$this->isEmptyContent($element)) {
return false;
}
}
return true;
} else {
return !strlen((string)$content);
}
}
abstract public function render(); abstract public function render();
} }

2
src/view/layout/PhabricatorAnchorView.php
View file

@ -39,7 +39,7 @@ final class PhabricatorAnchorView extends AphrontView {
), ),
''); '');
return $marker.$anchor; return $this->renderHTMLView(array($marker, $anchor));
} }
} }

45
src/view/layout/PhabricatorTimelineEventView.php
View file

@ -100,10 +100,10 @@ final class PhabricatorTimelineEventView extends AphrontView {
} }
public function render() { public function render() {
$content = $this->renderChildren(); $content = $this->renderHTMLChildren();
$title = $this->title; $title = $this->title;
if (($title === null) && !strlen($content)) { if (($title === null) && $this->isEmptyContent($content)) {
$title = ''; $title = '';
} }
@ -131,14 +131,14 @@ final class PhabricatorTimelineEventView extends AphrontView {
'')); ''));
} }
$title = phutil_render_tag( $title = phutil_tag(
'div', 'div',
array( array(
'class' => implode(' ', $title_classes), 'class' => implode(' ', $title_classes),
), ),
$title.$extra); array($title, $extra));
$title = $icon.$title; $title = $this->renderHTMLView(array($icon, $title));
} }
$wedge = phutil_tag( $wedge = phutil_tag(
@ -165,32 +165,34 @@ final class PhabricatorTimelineEventView extends AphrontView {
$classes[] = 'phabricator-timeline-border'; $classes[] = 'phabricator-timeline-border';
if ($content) { if ($content) {
$classes[] = 'phabricator-timeline-major-event'; $classes[] = 'phabricator-timeline-major-event';
$content = phutil_render_tag( $content = phutil_tag(
'div', 'div',
array( array(
'class' => implode(' ', $content_classes), 'class' => implode(' ', $content_classes),
), ),
phutil_render_tag( phutil_tag(
'div', 'div',
array( array(
'class' => 'phabricator-timeline-inner-content', 'class' => 'phabricator-timeline-inner-content',
), ),
$title. array(
phutil_render_tag( $title,
phutil_tag(
'div', 'div',
array( array(
'class' => 'phabricator-timeline-core-content', 'class' => 'phabricator-timeline-core-content',
), ),
$content))); $content),
$content = $image.$wedge.$content; )));
$content = array($image, $wedge, $content);
} else { } else {
$classes[] = 'phabricator-timeline-minor-event'; $classes[] = 'phabricator-timeline-minor-event';
$content = phutil_render_tag( $content = phutil_tag(
'div', 'div',
array( array(
'class' => implode(' ', $content_classes), 'class' => implode(' ', $content_classes),
), ),
$image.$wedge.$title); array($image, $wedge, $title));
} }
$outer_classes = $this->classes; $outer_classes = $this->classes;
@ -209,7 +211,7 @@ final class PhabricatorTimelineEventView extends AphrontView {
); );
} }
return javelin_render_tag( return javelin_tag(
'div', 'div',
array( array(
'class' => implode(' ', $outer_classes), 'class' => implode(' ', $outer_classes),
@ -217,7 +219,7 @@ final class PhabricatorTimelineEventView extends AphrontView {
'sigil' => $sigil, 'sigil' => $sigil,
'meta' => $meta, 'meta' => $meta,
), ),
phutil_render_tag( phutil_tag(
'div', 'div',
array( array(
'class' => implode(' ', $classes), 'class' => implode(' ', $classes),
@ -273,25 +275,28 @@ final class PhabricatorTimelineEventView extends AphrontView {
->setAnchorName($this->anchor) ->setAnchorName($this->anchor)
->render(); ->render();
$date = $anchor.phutil_tag( $date = $this->renderHTMLView(
array(
$anchor,
phutil_tag(
'a', 'a',
array( array(
'href' => '#'.$this->anchor, 'href' => '#'.$this->anchor,
), ),
$date); $date),
));
} }
$extra[] = $date; $extra[] = $date;
} }
} }
$extra = implode(' · ', $extra);
if ($extra) { if ($extra) {
$extra = phutil_render_tag( $extra = phutil_tag(
'span', 'span',
array( array(
'class' => 'phabricator-timeline-extra', 'class' => 'phabricator-timeline-extra',
), ),
$extra); array_interleave(" \xC2\xB7 ", $extra));
} }
return $extra; return $extra;