mirror of
https://we.phorge.it/source/phorge.git
synced 2024-12-21 21:10:56 +01:00
Escape result of PhabricatorOAuthProvider::getProviderName()
Test Plan: /settings/page/facebook/ Reviewers: epriestley Reviewed By: epriestley CC: aran, epriestley Differential Revision: https://secure.phabricator.com/D1556
This commit is contained in:
parent
339369dc36
commit
fe4d717cc7
8 changed files with 27 additions and 20 deletions
|
@ -198,14 +198,16 @@ class PhabricatorLoginController extends PhabricatorAuthController {
|
|||
|
||||
if ($provider->isProviderRegistrationEnabled()) {
|
||||
$title = "Login or Register with {$provider_name}";
|
||||
$body = "Login or register for Phabricator using your ".
|
||||
"{$provider_name} account.";
|
||||
$body = 'Login or register for Phabricator using your '.
|
||||
phutil_escape_html($provider_name).' account.';
|
||||
$button = "Login or Register with {$provider_name}";
|
||||
} else {
|
||||
$title = "Login with {$provider_name}";
|
||||
$body = "Login to your existing Phabricator account using your ".
|
||||
"{$provider_name} account.<br /><br /><strong>You can not use ".
|
||||
"{$provider_name} to register a new account.</strong>";
|
||||
$body = 'Login to your existing Phabricator account using your '.
|
||||
phutil_escape_html($provider_name).' account.<br /><br />'.
|
||||
'<strong>You can not use '.
|
||||
phutil_escape_html($provider_name).' to register a new '.
|
||||
'account.</strong>';
|
||||
$button = "Login with {$provider_name}";
|
||||
}
|
||||
|
||||
|
|
|
@ -21,6 +21,7 @@ phutil_require_module('phabricator', 'view/form/control/text');
|
|||
phutil_require_module('phabricator', 'view/form/error');
|
||||
phutil_require_module('phabricator', 'view/layout/panel');
|
||||
|
||||
phutil_require_module('phutil', 'markup');
|
||||
phutil_require_module('phutil', 'parser/uri');
|
||||
phutil_require_module('phutil', 'utils');
|
||||
|
||||
|
|
|
@ -41,7 +41,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
|
|||
return new Aphront400Response();
|
||||
}
|
||||
|
||||
$provider_name = $provider->getProviderName();
|
||||
$provider_name = phutil_escape_html($provider->getProviderName());
|
||||
$provider_key = $provider->getProviderKey();
|
||||
|
||||
$request = $this->getRequest();
|
||||
|
@ -113,7 +113,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
|
|||
if (!$request->isDialogFormPost()) {
|
||||
$dialog = new AphrontDialogView();
|
||||
$dialog->setUser($current_user);
|
||||
$dialog->setTitle('Link '.$provider_name.' Account');
|
||||
$dialog->setTitle('Link '.$provider->getProviderName().' Account');
|
||||
$dialog->appendChild(
|
||||
'<p>Link your '.$provider_name.' account to your Phabricator '.
|
||||
'account?</p>');
|
||||
|
@ -184,7 +184,8 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
|
|||
if (!$provider->isProviderRegistrationEnabled()) {
|
||||
$dialog = new AphrontDialogView();
|
||||
$dialog->setUser($current_user);
|
||||
$dialog->setTitle('No Account Registration With '.$provider_name);
|
||||
$dialog->setTitle('No Account Registration With '.
|
||||
$provider->getProviderName());
|
||||
$dialog->appendChild(
|
||||
'<p>You can not register a new account using '.$provider_name.'; '.
|
||||
'you can only use your '.$provider_name.' account to log into an '.
|
||||
|
|
|
@ -18,6 +18,7 @@ phutil_require_module('phabricator', 'applications/people/storage/useroauthinfo'
|
|||
phutil_require_module('phabricator', 'infrastructure/env');
|
||||
phutil_require_module('phabricator', 'view/dialog');
|
||||
|
||||
phutil_require_module('phutil', 'markup');
|
||||
phutil_require_module('phutil', 'parser/uri');
|
||||
phutil_require_module('phutil', 'symbols');
|
||||
phutil_require_module('phutil', 'utils');
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright 2011 Facebook, Inc.
|
||||
* Copyright 2012 Facebook, Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -35,7 +35,6 @@ class PhabricatorOAuthUnlinkController extends PhabricatorAuthController {
|
|||
"You may not unlink accounts from this OAuth provider.");
|
||||
}
|
||||
|
||||
$provider_name = $provider->getProviderName();
|
||||
$provider_key = $provider->getProviderKey();
|
||||
|
||||
$oauth_info = id(new PhabricatorUserOAuthInfo())->loadOneWhere(
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
<?php
|
||||
|
||||
/*
|
||||
* Copyright 2011 Facebook, Inc.
|
||||
* Copyright 2012 Facebook, Inc.
|
||||
*
|
||||
* Licensed under the Apache License, Version 2.0 (the "License");
|
||||
* you may not use this file except in compliance with the License.
|
||||
|
@ -34,12 +34,12 @@ class PhabricatorOAuthFailureView extends AphrontView {
|
|||
public function render() {
|
||||
$request = $this->request;
|
||||
$provider = $this->provider;
|
||||
$provider_name = $provider->getProviderName();
|
||||
$provider_name = phutil_escape_html($provider->getProviderName());
|
||||
|
||||
$diagnose = null;
|
||||
|
||||
$view = new AphrontRequestFailureView();
|
||||
$view->setHeader($provider_name.' Auth Failed');
|
||||
$view->setHeader($provider->getProviderName().' Auth Failed');
|
||||
if ($this->request) {
|
||||
$view->appendChild(
|
||||
'<p>'.
|
||||
|
|
|
@ -52,9 +52,9 @@ class PhabricatorUserOAuthSettingsPanelController
|
|||
$form
|
||||
->appendChild(
|
||||
'<p class="aphront-form-instructions">There is currently no '.
|
||||
$provider_name.' account linked to your Phabricator account. You '.
|
||||
'can link an account, which will allow you to use it to log into '.
|
||||
'Phabricator.</p>');
|
||||
phutil_escape_html($provider_name).' account linked to your '.
|
||||
'Phabricator account. You can link an account, which will allow you '.
|
||||
'to use it to log into Phabricator.</p>');
|
||||
|
||||
$auth_uri = $provider->getAuthURI();
|
||||
$client_id = $provider->getClientID();
|
||||
|
@ -80,8 +80,9 @@ class PhabricatorUserOAuthSettingsPanelController
|
|||
$form
|
||||
->appendChild(
|
||||
'<p class="aphront-form-instructions">Your account is linked with '.
|
||||
'a '.$provider_name.' account. You may use your '.$provider_name.' '.
|
||||
'credentials to log into Phabricator.</p>')
|
||||
'a '.phutil_escape_html($provider_name).' account. You may use your '.
|
||||
phutil_escape_html($provider_name).' credentials to log into '.
|
||||
'Phabricator.</p>')
|
||||
->appendChild(
|
||||
id(new AphrontFormStaticControl())
|
||||
->setLabel($provider_name.' ID')
|
||||
|
@ -102,8 +103,9 @@ class PhabricatorUserOAuthSettingsPanelController
|
|||
->setUser($user)
|
||||
->appendChild(
|
||||
'<p class="aphront-form-instructions">You may unlink this account '.
|
||||
'from your '.$provider_name.' account. This will prevent you from '.
|
||||
'logging in with your '.$provider_name.' credentials.</p>')
|
||||
'from your '.phutil_escape_html($provider_name).' account. This '.
|
||||
'will prevent you from logging in with your '.
|
||||
phutil_escape_html($provider_name).' credentials.</p>')
|
||||
->appendChild(
|
||||
id(new AphrontFormSubmitControl())
|
||||
->addCancelButton('/oauth/'.$provider_key.'/unlink/', $unlink));
|
||||
|
|
|
@ -15,6 +15,7 @@ phutil_require_module('phabricator', 'view/layout/panel');
|
|||
phutil_require_module('phabricator', 'view/null');
|
||||
phutil_require_module('phabricator', 'view/utils');
|
||||
|
||||
phutil_require_module('phutil', 'markup');
|
||||
phutil_require_module('phutil', 'utils');
|
||||
|
||||
|
||||
|
|
Loading…
Reference in a new issue