revi-archive/phorge-phorge
1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-19 05:12:41 +01:00
Code Issues Releases Wiki Activity

Escape result of PhabricatorOAuthProvider::getProviderName()

Browse source 
Test Plan: /settings/page/facebook/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D1556
This commit is contained in:
vrana 2012-02-02 17:06:02 -08:00
parent 339369dc36
commit fe4d717cc7
8 changed files with 27 additions and 20 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
src/applications/auth/controller/login/PhabricatorLoginController.php
View file

@ -198,14 +198,16 @@ class PhabricatorLoginController extends PhabricatorAuthController {
if ($provider->isProviderRegistrationEnabled()) { if ($provider->isProviderRegistrationEnabled()) {
$title = "Login or Register with {$provider_name}"; $title = "Login or Register with {$provider_name}";
$body = "Login or register for Phabricator using your ". $body = 'Login or register for Phabricator using your '.
"{$provider_name} account."; phutil_escape_html($provider_name).' account.';
$button = "Login or Register with {$provider_name}"; $button = "Login or Register with {$provider_name}";
} else { } else {
$title = "Login with {$provider_name}"; $title = "Login with {$provider_name}";
$body = "Login to your existing Phabricator account using your ". $body = 'Login to your existing Phabricator account using your '.
"{$provider_name} account.<br /><br /><strong>You can not use ". phutil_escape_html($provider_name).' account.<br /><br />'.
"{$provider_name} to register a new account.</strong>"; '<strong>You can not use '.
phutil_escape_html($provider_name).' to register a new '.
'account.</strong>';
$button = "Login with {$provider_name}"; $button = "Login with {$provider_name}";
} }

1
src/applications/auth/controller/login/__init__.php
View file

@ -21,6 +21,7 @@ phutil_require_module('phabricator', 'view/form/control/text');
phutil_require_module('phabricator', 'view/form/error'); phutil_require_module('phabricator', 'view/form/error');
phutil_require_module('phabricator', 'view/layout/panel'); phutil_require_module('phabricator', 'view/layout/panel');
phutil_require_module('phutil', 'markup');
phutil_require_module('phutil', 'parser/uri'); phutil_require_module('phutil', 'parser/uri');
phutil_require_module('phutil', 'utils'); phutil_require_module('phutil', 'utils');

7
src/applications/auth/controller/oauth/PhabricatorOAuthLoginController.php
View file

@ -41,7 +41,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
return new Aphront400Response(); return new Aphront400Response();
} }
$provider_name = $provider->getProviderName(); $provider_name = phutil_escape_html($provider->getProviderName());
$provider_key = $provider->getProviderKey(); $provider_key = $provider->getProviderKey();
$request = $this->getRequest(); $request = $this->getRequest();
@ -113,7 +113,7 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
if (!$request->isDialogFormPost()) { if (!$request->isDialogFormPost()) {
$dialog = new AphrontDialogView(); $dialog = new AphrontDialogView();
$dialog->setUser($current_user); $dialog->setUser($current_user);
$dialog->setTitle('Link '.$provider_name.' Account'); $dialog->setTitle('Link '.$provider->getProviderName().' Account');
$dialog->appendChild( $dialog->appendChild(
'<p>Link your '.$provider_name.' account to your Phabricator '. '<p>Link your '.$provider_name.' account to your Phabricator '.
'account?</p>'); 'account?</p>');
@ -184,7 +184,8 @@ class PhabricatorOAuthLoginController extends PhabricatorAuthController {
if (!$provider->isProviderRegistrationEnabled()) { if (!$provider->isProviderRegistrationEnabled()) {
$dialog = new AphrontDialogView(); $dialog = new AphrontDialogView();
$dialog->setUser($current_user); $dialog->setUser($current_user);
$dialog->setTitle('No Account Registration With '.$provider_name); $dialog->setTitle('No Account Registration With '.
$provider->getProviderName());
$dialog->appendChild( $dialog->appendChild(
'<p>You can not register a new account using '.$provider_name.'; '. '<p>You can not register a new account using '.$provider_name.'; '.
'you can only use your '.$provider_name.' account to log into an '. 'you can only use your '.$provider_name.' account to log into an '.

1
src/applications/auth/controller/oauth/__init__.php
View file

@ -18,6 +18,7 @@ phutil_require_module('phabricator', 'applications/people/storage/useroauthinfo'
phutil_require_module('phabricator', 'infrastructure/env'); phutil_require_module('phabricator', 'infrastructure/env');
phutil_require_module('phabricator', 'view/dialog'); phutil_require_module('phabricator', 'view/dialog');
phutil_require_module('phutil', 'markup');
phutil_require_module('phutil', 'parser/uri'); phutil_require_module('phutil', 'parser/uri');
phutil_require_module('phutil', 'symbols'); phutil_require_module('phutil', 'symbols');
phutil_require_module('phutil', 'utils'); phutil_require_module('phutil', 'utils');

3
src/applications/auth/controller/unlink/PhabricatorOAuthUnlinkController.php
View file

@ -1,7 +1,7 @@
<?php <?php
/* /*
* Copyright 2011 Facebook, Inc. * Copyright 2012 Facebook, Inc.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -35,7 +35,6 @@ class PhabricatorOAuthUnlinkController extends PhabricatorAuthController {
"You may not unlink accounts from this OAuth provider."); "You may not unlink accounts from this OAuth provider.");
} }
$provider_name = $provider->getProviderName();
$provider_key = $provider->getProviderKey(); $provider_key = $provider->getProviderKey();
$oauth_info = id(new PhabricatorUserOAuthInfo())->loadOneWhere( $oauth_info = id(new PhabricatorUserOAuthInfo())->loadOneWhere(

6
src/applications/auth/view/oauthfailure/PhabricatorOAuthFailureView.php
View file

@ -1,7 +1,7 @@
<?php <?php
/* /*
* Copyright 2011 Facebook, Inc. * Copyright 2012 Facebook, Inc.
* *
* Licensed under the Apache License, Version 2.0 (the "License"); * Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
@ -34,12 +34,12 @@ class PhabricatorOAuthFailureView extends AphrontView {
public function render() { public function render() {
$request = $this->request; $request = $this->request;
$provider = $this->provider; $provider = $this->provider;
$provider_name = $provider->getProviderName(); $provider_name = phutil_escape_html($provider->getProviderName());
$diagnose = null; $diagnose = null;
$view = new AphrontRequestFailureView(); $view = new AphrontRequestFailureView();
$view->setHeader($provider_name.' Auth Failed'); $view->setHeader($provider->getProviderName().' Auth Failed');
if ($this->request) { if ($this->request) {
$view->appendChild( $view->appendChild(
'<p>'. '<p>'.

16
src/applications/people/controller/settings/panels/oauth/PhabricatorUserOAuthSettingsPanelController.php
View file

@ -52,9 +52,9 @@ class PhabricatorUserOAuthSettingsPanelController
$form $form
->appendChild( ->appendChild(
'<p class="aphront-form-instructions">There is currently no '. '<p class="aphront-form-instructions">There is currently no '.
$provider_name.' account linked to your Phabricator account. You '. phutil_escape_html($provider_name).' account linked to your '.
'can link an account, which will allow you to use it to log into '. 'Phabricator account. You can link an account, which will allow you '.
'Phabricator.</p>'); 'to use it to log into Phabricator.</p>');
$auth_uri = $provider->getAuthURI(); $auth_uri = $provider->getAuthURI();
$client_id = $provider->getClientID(); $client_id = $provider->getClientID();
@ -80,8 +80,9 @@ class PhabricatorUserOAuthSettingsPanelController
$form $form
->appendChild( ->appendChild(
'<p class="aphront-form-instructions">Your account is linked with '. '<p class="aphront-form-instructions">Your account is linked with '.
'a '.$provider_name.' account. You may use your '.$provider_name.' '. 'a '.phutil_escape_html($provider_name).' account. You may use your '.
'credentials to log into Phabricator.</p>') phutil_escape_html($provider_name).' credentials to log into '.
'Phabricator.</p>')
->appendChild( ->appendChild(
id(new AphrontFormStaticControl()) id(new AphrontFormStaticControl())
->setLabel($provider_name.' ID') ->setLabel($provider_name.' ID')
@ -102,8 +103,9 @@ class PhabricatorUserOAuthSettingsPanelController
->setUser($user) ->setUser($user)
->appendChild( ->appendChild(
'<p class="aphront-form-instructions">You may unlink this account '. '<p class="aphront-form-instructions">You may unlink this account '.
'from your '.$provider_name.' account. This will prevent you from '. 'from your '.phutil_escape_html($provider_name).' account. This '.
'logging in with your '.$provider_name.' credentials.</p>') 'will prevent you from logging in with your '.
phutil_escape_html($provider_name).' credentials.</p>')
->appendChild( ->appendChild(
id(new AphrontFormSubmitControl()) id(new AphrontFormSubmitControl())
->addCancelButton('/oauth/'.$provider_key.'/unlink/', $unlink)); ->addCancelButton('/oauth/'.$provider_key.'/unlink/', $unlink));

1
src/applications/people/controller/settings/panels/oauth/__init__.php
View file

@ -15,6 +15,7 @@ phutil_require_module('phabricator', 'view/layout/panel');
phutil_require_module('phabricator', 'view/null'); phutil_require_module('phabricator', 'view/null');
phutil_require_module('phabricator', 'view/utils'); phutil_require_module('phabricator', 'view/utils');
phutil_require_module('phutil', 'markup');
phutil_require_module('phutil', 'utils'); phutil_require_module('phutil', 'utils');