1
0
Fork 0
mirror of https://we.phorge.it/source/phorge.git synced 2024-11-29 02:02:41 +01:00
Commit graph

332 commits

Author SHA1 Message Date
epriestley
15c9287d43 Emit "did edit task" event correctly for Maniphest comments
Summary: We emit "did edit task" properly elsewhere, but only emit "will edit task" in this case. Emit the second event correctly.

Test Plan: Added a listener, verified it got hit.

Reviewers: skrul, chad

Reviewed By: skrul

CC: aran

Differential Revision: https://secure.phabricator.com/D5419
2013-03-22 13:07:12 -07:00
epriestley
33997d43d0 Fix undefined index in ManiphestTaskSummaryView
Summary:
Currently, my homepage raises a couple of these:

  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message: [2013-03-13 06:44:38] ERROR 8: Undefined index:  at [/INSECURE/devtools/phabricator/src/applications/maniphest/view/ManiphestTaskSummaryView.php:133]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #0 ManiphestTaskSummaryView::render() called at [/INSECURE/devtools/phabricator/src/applications/maniphest/view/ManiphestTaskListView.php:45]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #1 ManiphestTaskListView::render() called at [/INSECURE/devtools/phabricator/src/view/AphrontView.php:63]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #2 AphrontView::producePhutilSafeHTML() called at [/INSECURE/devtools/libphutil/src/markup/render.php:65]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #3 phutil_escape_html(Object ManiphestTaskListView)"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #4 array_map(phutil_escape_html, Array { 0 => Object ManiphestTaskListView }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:120]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #5 phutil_implode_html(, Array { 0 => Object ManiphestTaskListView }) called at [/INSECURE/devtools/phabricator/src/view/layout/AphrontPanelView.php:92]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #6 AphrontPanelView::render() called at [/INSECURE/devtools/phabricator/src/view/AphrontView.php:63]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #7 AphrontView::producePhutilSafeHTML() called at [/INSECURE/devtools/libphutil/src/markup/render.php:65]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #8 phutil_escape_html(Object AphrontPanelView)"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #9 array_map(phutil_escape_html, Array of size 8 starting with: { 0 => Object AphrontPanelView }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:85]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #10 phutil_escape_html(Array of size 8 starting with: { 0 => Object AphrontPanelView })"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #11 array_map(phutil_escape_html, Array of size 2 starting with: { 0 => Array of size 8 starting with: { 0 => Object AphrontPanelView } }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:85]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #12 phutil_escape_html(Array of size 2 starting with: { 0 => Array of size 8 starting with: { 0 => Object AphrontPanelView } })"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #13 array_map(phutil_escape_html, Array of size 2 starting with: { 0 => null }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:85]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #14 phutil_escape_html(Array of size 2 starting with: { 0 => null }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:53]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #15 phutil_tag(div, Array of size 2 starting with: { class => phabricator-nav-content }, Array of size 2 starting with: { 0 => null }) called at [/INSECURE/devtools/phabricator/src/view/layout/AphrontSideNavFilterView.php:297]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #16 AphrontSideNavFilterView::renderFlexNav() called at [/INSECURE/devtools/phabricator/src/view/layout/AphrontSideNavFilterView.php:184]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #17 AphrontSideNavFilterView::render() called at [/INSECURE/devtools/phabricator/src/view/AphrontView.php:63]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #18 AphrontView::producePhutilSafeHTML() called at [/INSECURE/devtools/libphutil/src/markup/render.php:65]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #19 phutil_escape_html(Object AphrontSideNavFilterView)"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #20 array_map(phutil_escape_html, Array { 0 => Object AphrontSideNavFilterView }) called at [/INSECURE/devtools/libphutil/src/markup/render.php:120]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #21 phutil_implode_html(, Array { 0 => Object AphrontSideNavFilterView }) called at [/INSECURE/devtools/phabricator/src/view/page/PhabricatorBarePageView.php:58]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #22 PhabricatorBarePageView::willRenderPage() called at [/INSECURE/devtools/phabricator/src/view/page/PhabricatorStandardPageView.php:104]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #23 PhabricatorStandardPageView::willRenderPage() called at [/INSECURE/devtools/phabricator/src/view/page/AphrontPageView.php:46]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #24 AphrontPageView::render() called at [/INSECURE/devtools/phabricator/src/applications/directory/controller/PhabricatorDirectoryController.php:15]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #25 PhabricatorDirectoryController::buildStandardPageResponse(Object AphrontSideNavFilterView, Array { title => Phabricator }) called at [/INSECURE/devtools/phabricator/src/applications/directory/controller/PhabricatorDirectoryMainController.php:66]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #26 PhabricatorDirectoryMainController::buildMainResponse(Object AphrontSideNavFilterView, Array of size 8 starting with: { 5 => Object PhabricatorProject }) called at [/INSECURE/devtools/phabricator/src/applications/directory/controller/PhabricatorDirectoryMainController.php:27]"
  [13-Mar-2013 06:44:38] WARNING: [pool www] child 27678 said into stderr: "NOTICE: PHP message:   #27 PhabricatorDirectoryMainController::processRequest() called at [/INSECURE/devtools/phabricator/webroot/index.php:91]"

There two cases here:

  - There's no owner. In this case, we might-or-might-not have loaded the handle for the "empty" PHID, but we shouldn't try to render in either case.
  - There is an owner. In this case, we definitely should have loaded the handle, so it's fine for us to fatal if we didn't (it indicates a serious problem with the program).

Test Plan: Loaded home page, no errors.

Reviewers: chad, btrahan

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5329
2013-03-13 08:06:10 -07:00
epriestley
5b0e64435b Fix undefined variable on empty Maniphest results pages
Summary: Fixes T2741. If there are no results, `$result_count` is never initialized.

Test Plan: Looked at an empty results page.

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2741

Differential Revision: https://secure.phabricator.com/D5328
2013-03-13 08:05:44 -07:00
epriestley
855e085c6f Uninstall Conduit calls when uninstalling applications
Summary: Fixes T2698. When applications are installed, their Conduit calls should drop out. This will also let us land Releeph without exposing Conduit calls.

Test Plan:
  - Viewed Conduit console; uninstalled some applications and verified their calls dropped out.
  - Tried to make an uninstalled call; got an appropriate error.

Reviewers: edward, btrahan

Reviewed By: edward

CC: aran

Maniphest Tasks: T2698

Differential Revision: https://secure.phabricator.com/D5302
2013-03-13 07:09:05 -07:00
Chad Little
df0c3df3cc Modernize Maniphest
Summary:
A few things
- pht Maniphest where I could
- implement dust background
- optimize pages for mobile
- adds aphront-two-column-layout
- reworks maniphest page with two column layout
- tweaks task table for mobile, though we should move to object-list-view

Stopping here as I want to get feedback in. Super excited about mobile and the new tasks views. Only sort of excited about the sidebar filters, they need more UI work, but we should talk about that.

Test Plan: Test Maniphest, Differential, and Homepage views. Sort tasks, make reports

Reviewers: epriestley, btrahan

Reviewed By: btrahan

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5314
2013-03-12 23:30:03 -07:00
epriestley
4c914a5c49 Remove all calls to renderSingleView() and deprecate it
Summary: After D5305, this method does nothing since we automatically figure out what we need to do.

Test Plan:
- Viewed a page with the main menu on it (MainMenuView).
- Viewed a revision with transactions on it (TransactionView).
- Viewed timeline UIExample (TimelineView, TimelineEventView).
- Viewed a revision (PropertyListView).
- Viewed a profile (ProfileHeaderView).
- Viewed Pholio list (PinboardView, PinboardItemView).
- Viewed Config (ObjectItemView, ObjectItemListView).
- Viewed Home (MenuView).
- Viewed a revision (HeaderView, CrumbsView, ActionListView).
- Viewed a revision with an inline comment (anchorview).
- Viewed a Phriction diff page (AphrontCrumbsView).
  - Filed T2721 to get rid of this.
- Looked at Pholio and made inlines and comments (mockimages, pholioinlinecomment/save/edit).
- Looked at conpherences.
- Browsed around.

Reviewers: chad, vrana

Reviewed By: chad

CC: edward, aran

Differential Revision: https://secure.phabricator.com/D5307
2013-03-09 13:52:41 -08:00
epriestley
25738e78a1 Harden custom date fields against userland adventures
Summary: Users do things like change the type of a field. Currently, we throw when this happens. Instead, recover somewhat-gracefully.

Test Plan:
Created a "string" field, then changed it to a "date" field.

{F35241}

Reviewers: btrahan, chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5310
2013-03-09 13:51:58 -08:00
epriestley
06b3f21b61 Implement "user" and "users" Maniphest custom fields
Summary:
Ref T2575. Implements "user" (zero or one users) and "users" (zero or more users) field types.

Also allows custom fields to participate in the handle pipeline.

Test Plan: {F35071}

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2575

Differential Revision: https://secure.phabricator.com/D5287
2013-03-07 17:24:58 -08:00
epriestley
30d6cd91da Implement remarkup custom control
Summary: Ref T2575. Adds "remarkup" control, which displays a remarkup control and uses the remarkup cache. Grants fields access to remarkup pipeline.

Test Plan:
{F35067}
{F35068}

Used DarkConsole to verify cache interaction with services.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2575

Differential Revision: https://secure.phabricator.com/D5286
2013-03-07 17:24:33 -08:00
epriestley
3f56ca681f Implement Maniphest auxiliary field 'default' key
Summary: Fixes T404. Ref T2575. Allows default to be set for any field. Date defaults are interpreted by `strtotime()`. Other defaults are interpreted as expected.

Test Plan:
  - Created a string custom field with default value "Orange".
  - Created a date custom field with a fixed default value (my birthday).
  - Created a date custom field with a relative default value ("today 4:59 PM").
  - Created/edited tasks with these fields, verified everything behaved sensibly.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T404, T2575

Differential Revision: https://secure.phabricator.com/D5282
2013-03-07 17:23:30 -08:00
epriestley
ba4649679c Implement Maniphest "date" auxiliary field type
Summary:
Ref T404. Ref T2575. Adds a "date" type to Maniphest.

This doesn't let you default the date to anything other than `time()`; I'll do that in the next diff.

Test Plan: Created and edited a task with date fields.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran, mbishopim3

Maniphest Tasks: T404, T2575

Differential Revision: https://secure.phabricator.com/D5281
2013-03-07 17:23:09 -08:00
epriestley
a3099e27bc Provide Maniphest auxiliary fields access to the viewer and task
Summary:
Maniphest auxiliary fields currently do not have access to the viewing user or task. This is fine for very simple fields, but insufficient for more complex fields. Generally, bring these in line with DifferentialFieldSpecifications.

This supercedes the additional $user/$viewer threading provided by D5247 and provides viewers to all fields, as well as access to the task object itself.

Test Plan: Created, viewed and edited a task with custom fields. Created a similar subtask.

Reviewers: hach-que, btrahan

Reviewed By: btrahan

CC: aran

Maniphest Tasks: T2575

Differential Revision: https://secure.phabricator.com/D5280
2013-03-07 17:22:36 -08:00
epriestley
67e086bba7 Save disk space
Summary: so many bytes saved

Test Plan:
http://local.aphront.com:8080/maniphest/view/custom/?tasks=12,14
http://local.aphront.com:8080/maniphest/view/custom/?tasks=~

Reviewers: vrana

Reviewed By: vrana

CC: aran, AnhNhan

Differential Revision: https://secure.phabricator.com/D5211
2013-03-04 13:35:41 -08:00
epriestley
8ae718c2aa Require a viewer for Remarkup rendering
Summary:
Provide a viewer to all remarkup engines.

This fixes commit summaries in Diffusion, which were failing to link because they didn't have a user and thus couldn't see/load `D123`, e.g.

Test Plan: Grepped for engine creation.

Reviewers: vrana

Reviewed By: vrana

CC: aran, edward

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D5152
2013-03-04 12:33:05 -08:00
epriestley
dc8cc123da Fix Maniphest and Config transaction diff rendering
Summary:
I missed this in review of D5155: `wordwrap()` returns a string, but `phutil_utf8_hard_wrap()` returns an array.

Implode the returned arrays so the stuff underneath it doesn't choke.

Test Plan: Clicked "show details" on a maniphest task description change

Reviewers: AnhNhan, kwadwon

Reviewed By: kwadwon

CC: aran

Differential Revision: https://secure.phabricator.com/D5195
2013-03-03 11:37:45 -08:00
epriestley
cb2d0adf95 Fix exception in Maniphest task ID filtering
Summary:
Ref T2632. When the user enters task IDs, we filter them to allow the user to write `T123` or `task 123` to mean `123`. This filtering is latin-centric and silly, and cuases an exception when accessing, e.g,, `/maniphest/view/custom/?tasks=~`.

Instead of stripping a select few nondigits, strip all nondigits.

Test Plan: Hit `/maniphest/view/custom/?tasks=~`, no exception.

Reviewers: AnhNhan, chad, vrana

Reviewed By: chad

CC: aran

Maniphest Tasks: T2632

Differential Revision: https://secure.phabricator.com/D5193
2013-03-03 10:56:22 -08:00
epriestley
0a069cb55a Require a viewer to load handles
Summary:
Unmuck almost all of the we-sort-of-have-viewers-some-of-the-time mess.

There are a few notable cases here:

  - I used Omnipotent users when indexing objects for search. I think this is correct; we do policy filtering when showing results.
  - I cheated in a bad way in the Remarkup object rule, but fixing this requires fixing all the PhabricatorRemarkupEngine callsites (there are 85). I'll do that in the next diff.
  - I cheated in a few random places, like when sending mail about package edits. These aren't a big deal.

Test Plan:
  - Grepped for all PhabricatorObjectHandleData references.
  - Gave them viewers.

Reviewers: vrana

Reviewed By: vrana

CC: aran, edward

Maniphest Tasks: T603

Differential Revision: https://secure.phabricator.com/D5151
2013-02-28 17:15:09 -08:00
kwadwo
37ee66e27f changed wordwrap call to utf8 hard wrap call in multiple places
Summary: using to phutil_utf8_hard_wrap instead of wordwrap

Test Plan: hard_wrap already unit tested

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5155
2013-02-28 09:17:58 -08:00
epriestley
69dcd47751 Fix two cases where we load Commit handles without a viewer
I missed these in testing D5139 because they aren't in the web UIs and I am dumb and can not brain today.

Auditors: vrana
2013-02-27 11:44:52 -08:00
epriestley
8d20e42c1c Fix a MySQL strict issue with auxiliary task storage
Summary: This table has date columns but we don't populate them correctly. In strict mode with custom fields, this throws when creating a task.

Test Plan: Created a task in strict mode with custom fields.

Reviewers: chad, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5137
2013-02-27 10:51:34 -08:00
epriestley
b5da7b3723 Missing change from D5120 which I incorrectly discarded in a merge.
Auditors: vrana
2013-02-27 07:19:57 -08:00
epriestley
5e11eb7f72 Prepare for hovercards
Summary:
  - Unify all the reference/embed Remarkup rules for Differential, Maniphest, Paste and Ponder.
  - Add rules for Pholio.
  - Does not yet unify Diffusion or Files (both are a bit more involved).
  - Prepare for hovercards.

Test Plan: {F33894}

Reviewers: chad, vrana

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5120
2013-02-26 14:59:31 -08:00
epriestley
fe500f4268 Pre-prepare for hovercards
Summary:
D5120 and followups refactor and generalize object references in Remarkup -- notably, they move remarkup rules from a central location to the implementing applications.

Preserve blame by doing moves/renames only first. This change moves application remarkup rules into those applications, and renames the ones D5120 modifies.

Test Plan: Typed some preview text into a textarea, got a valid Remarkup render.

Reviewers: vrana, chad

Reviewed By: vrana

CC: aran

Differential Revision: https://secure.phabricator.com/D5123
2013-02-26 14:57:41 -08:00
vrana
6404fa5c0e Don't display 0 in launch view
Summary: This includes assigned tasks in the Maniphest number.

Test Plan: Looked at it.

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, epriestley

Differential Revision: https://secure.phabricator.com/D5067
2013-02-22 05:01:30 -08:00
vrana
c29fe2deb6 Display application status in tip for needs attention number
Summary:
Also splits blocking and active revisions.

This could display 0 with non-empty tip over it.
It's intentional meaning that 0 objects need your attention but there is still some work to do.

Test Plan: Hovered over number.

Reviewers: epriestley, chad

Reviewed By: chad

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D5049
2013-02-21 14:57:24 -08:00
vrana
3c989590bf Remove object name from header
Summary: It's displayed right above it in the breadcrumbs including a link.

Test Plan: Looked at the pages.

Reviewers: chad, epriestley

Reviewed By: epriestley

CC: aran, epriestley, s.o.butler

Differential Revision: https://secure.phabricator.com/D5045
2013-02-21 11:00:22 -08:00
vrana
8eb404aea7 Avoid HTML escaping in plain text e-mails
Summary: Seen in e-mail from T2016.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D5016
2013-02-19 14:02:35 -08:00
epriestley
a22bea2a74 Apply lint rules to Phabricator
Summary: Mostly applies a new call spacing rule; also a few things that have slipped through via pull requests and such

Test Plan: `find src/ -type f -name '*.php' | xargs -n16 arc lint --output summary --apply-patches`

Reviewers: chad

Reviewed By: chad

CC: aran

Differential Revision: https://secure.phabricator.com/D5002
2013-02-19 13:33:10 -08:00
epriestley
a5f031835c Notify users when an object they created gets awarded a token
Summary:
  - Publish feed/notification.
  - I think this is too lightweight for an email?
  - We don't tell them which token right now. Laziness? Or intentional aura of mystery?!
  - For tasks, notify both author and current owner.
  - Fixes T2562.

Test Plan: {F33187}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2562

Differential Revision: https://secure.phabricator.com/D5007
2013-02-18 17:44:45 -08:00
epriestley
50efcf1043 Fix double nav on Maniphest reports
Summary: Fixes T2311.

Test Plan: {F33161}

Reviewers: chad

Reviewed By: chad

CC: aran

Maniphest Tasks: T2311

Differential Revision: https://secure.phabricator.com/D5005
2013-02-18 11:44:42 -08:00
epriestley
49c40d209d Tokens v1
Summary:
Features!

  - Giving tokens.
  - Taking tokens back.
  - Not giving tokens.

Test Plan: See screenshots.

Reviewers: chad, vrana

Reviewed By: chad

CC: aran, btrahan

Maniphest Tasks: T2541

Differential Revision: https://secure.phabricator.com/D4964
2013-02-15 07:47:14 -08:00
epriestley
ef7f16180c Restore merge of phutil_tag. 2013-02-13 14:51:18 -08:00
epriestley
73cce6e131 Revert "Promote phutil-tag again"
This reverts commit 8fbabdc06d, reversing
changes made to 2dab1c1e42.
2013-02-13 14:08:57 -08:00
vrana
4eb84149c2 Convert everything to safe HTML
Summary: Sgrepped for `"=~/</"` and manually changed every HTML.

Test Plan: This doesn't work yet but it is hopefully one of the last diffs before Phabricator will be undoubtedly HTML safe.

Reviewers: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4927
2013-02-13 12:35:40 -08:00
vrana
5ad526942b Convert AphrontPanelView to safe HTML (except children)
Summary: Fixes some double escaping and potential XSS.

Test Plan: Looked at homepage.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4917
2013-02-13 10:30:32 -08:00
vrana
80fb84bd94 Convert PhabricatorTransactionView to safe HTML
Test Plan: Looked at revision detail with comments.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4915
2013-02-11 19:01:20 -08:00
vrana
868ca71451 Fix some HTML problems
Summary: I'm too lazy to attaching them for diffs where they were introduced.

Test Plan:
/
/D1, wrote comment with code snippet
DarkConsole
commit detail, wrote comment
task detail, wrote comment

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4911
2013-02-11 18:18:26 -08:00
vrana
ae4e5807d6 Merge renderSingleView() and renderHTMLView()
Summary: They are same because render() returns safe HTML and raw strings are automatically escaped.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4909
2013-02-11 18:18:21 -08:00
vrana
c9ab1fe505 Return safe HTML from all render()
Summary:
This is pretty brutal and it adds some `phutil_safe_html()`.
But it is a big step in the right direction.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4905
2013-02-11 18:18:18 -08:00
vrana
37b98450a5 Replace array_interleave() by phutil_implode_html()
Summary:
I like this abstraction better.
Result of `phutil_implode_html()` may be also used as a param of `hsprintf()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4904
2013-02-11 15:27:43 -08:00
vrana
a22ef4e9b4 Kill most of phutil_escape_html()
Summary:
This resolves lots of double escaping.
We changed most of `phutil_render_tag(, , $s)` to `phutil_tag(, , $s)` which means that `$s` is now auto-escaped.
Also `pht()` auto escapes if it gets `PhutilSafeHTML`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4889
2013-02-11 15:27:38 -08:00
vrana
9b8da73765 Convert AphrontTableView to safe HTML
Summary:
Lots of killed `phutil_escape_html()`.

Done by searching for `AphrontTableView` and then `$rows` (usually) backwards.

Test Plan:
Looked at homepage.

  echo id(new AphrontTableView(array(array('<'))))->render();

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4884
2013-02-09 15:11:38 -08:00
vrana
58b6e2cac6 Convert AphrontDialogView to safe HTML
Summary:
Done by searching for `AphrontDialogView` and then `appendChild()`.

Also added some `pht()`.

Test Plan: None.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Differential Revision: https://secure.phabricator.com/D4882
2013-02-09 15:11:35 -08:00
vrana
d817dfa8fc Convert some phutil_escape_html() to hsprintf()
Summary: Found by `sgrep_php -e '"...".phutil_escape_html(...)'`.

Test Plan:
/
/D1
/uiexample/
/countdown/1/
/herald/transcript/1/all/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4869
2013-02-08 15:59:02 -08:00
vrana
afc5333bb3 Convert AphrontFormView to safe HTML
Summary: Searched for `AphrontFormView` and then for `appendChild()`.

Test Plan: /login/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4855
2013-02-07 18:01:00 -08:00
epriestley
11bb8db970 Merge branch 'master' into phutil_tag
(Sync.)
2013-02-07 08:08:01 -08:00
vrana
6bb7a282b1 Convert AphrontFormControl to safe HTML
Summary: Everything here now should properly handle plain strings and safe HTML.

Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4826
2013-02-05 15:52:46 -08:00
vrana
be4662e667 Convert setCaption() to safe HTML
Test Plan: /settings/panel/display/

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2432

Differential Revision: https://secure.phabricator.com/D4824
2013-02-05 15:52:43 -08:00
Bob Trahan
cb38ab27ce fix find / replace error from addressing feedback in D4708. now links to tasks work again. 2013-02-05 13:48:31 -08:00
Bob Trahan
1d0058abcf Update PeopleMenu to only show integration with applications if they are installed
Summary: do so via event engine. note different order now...

Test Plan: toggled "show beta applications" to off and noted that Conpherence disappeared. Otherwise noted that links showed.

Reviewers: epriestley

Reviewed By: epriestley

CC: aran, Korvin

Maniphest Tasks: T2424

Differential Revision: https://secure.phabricator.com/D4708
2013-02-05 13:46:02 -08:00