diff options
| author | Thomas Steur <thomas.steur@gmail.com> | 2013-11-12 04:06:09 +0400 |
|---|---|---|
| committer | Thomas Steur <thomas.steur@gmail.com> | 2013-11-12 04:06:09 +0400 |
| commit | 6abcb0db75324ff39f6557a1bcfcf90bc1a03d69 (patch) | |
| tree | f50d9bad9150e92c6847835caf724f0cc51a6567 | |
| parent | 84bc3eb3bba66823fe679db023b8b03cba9f0d10 (diff) | |
refs #4256 by default escape notification message
| -rw-r--r-- | core/Notification.php | 9 | ||||
| -rw-r--r-- | core/Plugin/ControllerAdmin.php | 2 | ||||
| -rw-r--r-- | core/Twig.php | 8 | ||||
| -rw-r--r-- | plugins/CoreHome/templates/_notifications.twig | 2 | ||||
| -rw-r--r-- | plugins/CorePluginsAdmin/Controller.php | 2 | ||||
| -rw-r--r-- | plugins/ExampleUI/Controller.php | 2 |
6 files changed, 18 insertions, 7 deletions
diff --git a/core/Notification.php b/core/Notification.php index 6fb733b527..a3e9ac51e1 100644 --- a/core/Notification.php +++ b/core/Notification.php @@ -108,17 +108,22 @@ class Notification */ public $priority; + public $raw = false; + /** - * @param string $message The notification message. Make sure to escape the message if needed. + * @param string $message The notification message. + * @param boolean $raw Set to true in case you want the raw message output. Make sure to escape the text in + * this case by yourself. * @throws \Exception In case the message is empty. */ - public function __construct($message) + public function __construct($message, $raw = false) { if (empty($message)) { throw new \Exception('No notification message given'); } $this->message = $message; + $this->raw = $raw; } public function hasNoClear() diff --git a/core/Plugin/ControllerAdmin.php b/core/Plugin/ControllerAdmin.php index 31f42c3eba..d7d47201cc 100644 --- a/core/Plugin/ControllerAdmin.php +++ b/core/Plugin/ControllerAdmin.php @@ -108,7 +108,7 @@ abstract class ControllerAdmin extends Controller )); if (Piwik::isUserIsSuperUser()) { - $notification = new Notification($invalidPluginsWarning); + $notification = new Notification($invalidPluginsWarning, true); $notification->context = Notification::CONTEXT_WARNING; $notification->title = Piwik::translate('General_Warning') . ':'; Notification\Manager::notify('ControllerAdmin_InvalidPluginsWarning', $notification); diff --git a/core/Twig.php b/core/Twig.php index 389a579a63..01282ef35d 100644 --- a/core/Twig.php +++ b/core/Twig.php @@ -172,7 +172,13 @@ class Twig } $template .= '>'; - $template .= $message; + + if (!empty($options['raw'])) { + $template .= $message; + } else { + $template .= twig_escape_filter($twigEnv, $message, 'html'); + } + $template .= '</div>'; return $template; diff --git a/plugins/CoreHome/templates/_notifications.twig b/plugins/CoreHome/templates/_notifications.twig index 6ac69a9c22..0f3254e5e5 100644 --- a/plugins/CoreHome/templates/_notifications.twig +++ b/plugins/CoreHome/templates/_notifications.twig @@ -2,7 +2,7 @@ {% if notifications|length %} {% for notificationId, n in notifications %} - {{ n.message|notification({'id': notificationId, 'type': n.type, 'title': n.title, 'noclear': n.hasNoClear, 'context': n.context}, false) }} + {{ n.message|notification({'id': notificationId, 'type': n.type, 'title': n.title, 'noclear': n.hasNoClear, 'context': n.context, 'raw': n.raw}, false) }} {% endfor %} {% endif %} diff --git a/plugins/CorePluginsAdmin/Controller.php b/plugins/CorePluginsAdmin/Controller.php index 92f5f9deba..31266da883 100644 --- a/plugins/CorePluginsAdmin/Controller.php +++ b/plugins/CorePluginsAdmin/Controller.php @@ -352,7 +352,7 @@ class Controller extends Plugin\ControllerAdmin $message .= ' ' . Piwik::translate('CorePluginsAdmin_ChangeSettingsPossible', array($target)); } - $notification = new Notification($message); + $notification = new Notification($message, true); $notification->title = Piwik::translate('General_WellDone'); $notification->context = Notification::CONTEXT_SUCCESS; Notification\Manager::notify('CorePluginsAdmin_PluginActivated', $notification); diff --git a/plugins/ExampleUI/Controller.php b/plugins/ExampleUI/Controller.php index 0480ae83cf..ab64b2bdda 100644 --- a/plugins/ExampleUI/Controller.php +++ b/plugins/ExampleUI/Controller.php @@ -71,7 +71,7 @@ class Controller extends \Piwik\Plugin\Controller $notification->type = Notification::TYPE_TOAST; Notification\Manager::notify('ExampleUI_successToast', $notification); - $notification = new Notification('Phasellus tincidunt arcu at justo <a href="#">faucibus</a>, et lacinia est accumsan. '); + $notification = new Notification('Phasellus tincidunt arcu at justo <a href="#">faucibus</a>, et lacinia est accumsan. ', true); $notification->context = Notification::CONTEXT_ERROR; Notification\Manager::notify('ExampleUI_error', $notification); |