diff --git a/modules/akismet/helpers/akismet.php b/modules/akismet/helpers/akismet.php index 7cd598cdf6..acd5cb3e4f 100644 --- a/modules/akismet/helpers/akismet.php +++ b/modules/akismet/helpers/akismet.php @@ -94,7 +94,7 @@ static function check_config() { if (empty($api_key)) { site_status::warning( t("Akismet is not quite ready! Please provide an API Key", - array("url" => html::mark_safe(url::site("admin/akismet")))), + array("url" => html::mark_clean(url::site("admin/akismet")))), "akismet_config"); } else { site_status::clear("akismet_config"); diff --git a/modules/digibug/views/admin_digibug.html.php b/modules/digibug/views/admin_digibug.html.php index c495659122..9a1838f72c 100644 --- a/modules/digibug/views/admin_digibug.html.php +++ b/modules/digibug/views/admin_digibug.html.php @@ -16,7 +16,7 @@
= t("You don't need an account with Digibug, but if you register with Digibug and enter your Digibug id in the Advanced Settings page you can make money off of your photos!", array("signup_url" => "http://www.digibug.com/signup.php", - "advanced_settings_url" => html::mark_safe(url::site("admin/advanced_settings")))) ?> + "advanced_settings_url" => html::mark_clean(url::site("admin/advanced_settings")))) ?>
diff --git a/modules/exif/helpers/exif.php b/modules/exif/helpers/exif.php index 9a4dbeec12..8354062239 100644 --- a/modules/exif/helpers/exif.php +++ b/modules/exif/helpers/exif.php @@ -164,7 +164,7 @@ static function check_index() { if ($remaining) { site_status::warning( t('Your Exif index needs to be updated. Fix this now', - array("url" => html::mark_safe(url::site("admin/maintenance/start/exif_task::update_index?csrf=__CSRF__")))), + array("url" => html::mark_clean(url::site("admin/maintenance/start/exif_task::update_index?csrf=__CSRF__")))), "exif_index_out_of_date"); } } diff --git a/modules/g2_import/views/admin_g2_import.html.php b/modules/g2_import/views/admin_g2_import.html.php index fde3464b99..23ff27a8d4 100644 --- a/modules/g2_import/views/admin_g2_import.html.php +++ b/modules/g2_import/views/admin_g2_import.html.php @@ -39,7 +39,7 @@ = t("Your most common thumbnail size in Gallery 2 is %g2_pixels pixels, but your Gallery 3 thumbnail size is set to %g3_pixels pixels. Using the same value will speed up your import.", array("g2_pixels" => $g2_sizes["thumb"]["size"], "g3_pixels" => $thumb_size, - "url" => html::mark_safe(url::site("admin/theme_options")))) ?> + "url" => html::mark_clean(url::site("admin/theme_options")))) ?> endif ?> @@ -48,7 +48,7 @@ = t("Your most common intermediate size in Gallery 2 is %g2_pixels pixels, but your Gallery 3 thumbnail size is set to %g3_pixels pixels. Using the same value will speed up your import.", array("g2_pixels" => $g2_sizes["resize"]["size"], "g3_pixels" => $resize_size, - "url" => html::mark_safe(url::site("admin/theme_options")))) ?> + "url" => html::mark_clean(url::site("admin/theme_options")))) ?> endif ?> diff --git a/modules/gallery/controllers/admin_languages.php b/modules/gallery/controllers/admin_languages.php index d85c47f949..894daedb67 100644 --- a/modules/gallery/controllers/admin_languages.php +++ b/modules/gallery/controllers/admin_languages.php @@ -111,7 +111,7 @@ private function _share_translations_form() { $group->input("api_key") ->label(empty($api_key) ? t("This is a unique key that will allow you to send translations to the remote server. To get your API key go to %server-link.", - array("server-link" => html::mark_safe(html::anchor($server_link)))) + array("server-link" => html::mark_clean(html::anchor($server_link)))) : t("API Key")) ->value($api_key) ->error_messages("invalid", t("The API key you provided is invalid.")); diff --git a/modules/gallery/helpers/MY_html.php b/modules/gallery/helpers/MY_html.php index 4522d01c83..b29f287fbb 100644 --- a/modules/gallery/helpers/MY_html.php +++ b/modules/gallery/helpers/MY_html.php @@ -51,12 +51,12 @@ static function purify($html) { * * Example:* // Parameters to t() are automatically escaped by default. - * // If the parameter is marked as safe, it won't get escaped. + * // If the parameter is marked as clean, it won't get escaped. * t('Go there', - * array("url" => html::mark_safe(url::current()))) + * array("url" => html::mark_clean(url::current()))) **/ - static function mark_safe($html) { + static function mark_clean($html) { return SafeString::of_safe_html($html); } diff --git a/modules/gallery/helpers/graphics.php b/modules/gallery/helpers/graphics.php index 787f8dc324..acbcb9b2d9 100644 --- a/modules/gallery/helpers/graphics.php +++ b/modules/gallery/helpers/graphics.php @@ -443,7 +443,7 @@ static function choose_default_toolkit() { if (!module::get_var("gallery", "graphics_toolkit")) { site_status::warning( t("Graphics toolkit missing! Please choose a toolkit", - array("url" => html::mark_safe(url::site("admin/graphics")))), + array("url" => html::mark_clean(url::site("admin/graphics")))), "missing_graphics_toolkit"); } } diff --git a/modules/gallery/tests/Html_Helper_Test.php b/modules/gallery/tests/Html_Helper_Test.php index 3623705e17..bfce6dcff7 100644 --- a/modules/gallery/tests/Html_Helper_Test.php +++ b/modules/gallery/tests/Html_Helper_Test.php @@ -32,8 +32,8 @@ public function purify_test() { $this->assert_true($safe_string instanceof SafeString); } - public function mark_safe_test() { - $safe_string = html::mark_safe("hello
world
"); + public function mark_clean_test() { + $safe_string = html::mark_clean("helloworld
"); $this->assert_true($safe_string instanceof SafeString); $safe_string_2 = html::clean($safe_string); $this->assert_equal("helloworld
", diff --git a/modules/gallery/tests/Xss_Security_Test.php b/modules/gallery/tests/Xss_Security_Test.php index ef36f6b7bc..0ba5a58775 100644 --- a/modules/gallery/tests/Xss_Security_Test.php +++ b/modules/gallery/tests/Xss_Security_Test.php @@ -195,7 +195,7 @@ public function find_unescaped_variables_in_views_test() { in_array($tokens[$token_number + 2][1], array("clean", "purify", "js_string", "clean_attribute")) && self::_token_matches("(", $tokens, $token_number + 3)) { - // Not checking for mark_safe(). We want such calls to be marked dirty (thus reviewed). + // Not checking for mark_clean(). We want such calls to be marked dirty (thus reviewed). $method = $tokens[$token_number + 2][1]; $frame->expr_append("::$method("); diff --git a/modules/gallery/views/admin_block_welcome.html.php b/modules/gallery/views/admin_block_welcome.html.php index 71ef43680c..d8c961878c 100644 --- a/modules/gallery/views/admin_block_welcome.html.php +++ b/modules/gallery/views/admin_block_welcome.html.php @@ -5,16 +5,16 @@= t("Your Gallery is up to date.", - array("url" => html::mark_safe(url::site("albums/1")))) ?> + array("url" => html::mark_clean(url::site("albums/1")))) ?>
diff --git a/modules/recaptcha/helpers/recaptcha.php b/modules/recaptcha/helpers/recaptcha.php index 5ac6566133..bead61567c 100644 --- a/modules/recaptcha/helpers/recaptcha.php +++ b/modules/recaptcha/helpers/recaptcha.php @@ -43,7 +43,7 @@ static function check_config() { if (empty($public_key) || empty($private_key)) { site_status::warning( t("reCAPTCHA is not quite ready! Please configure the reCAPTCHA Keys", - array("url" => html::mark_safe(url::site("admin/recaptcha")))), + array("url" => html::mark_clean(url::site("admin/recaptcha")))), "recaptcha_config"); } else { site_status::clear("recaptcha_config"); diff --git a/modules/search/helpers/search.php b/modules/search/helpers/search.php index 5e23a04b9e..0080b4ce2a 100644 --- a/modules/search/helpers/search.php +++ b/modules/search/helpers/search.php @@ -58,7 +58,7 @@ static function check_index() { if ($remaining) { site_status::warning( t('Your search index needs to be updated. Fix this now', - array("url" => html::mark_safe(url::site("admin/maintenance/start/search_task::update_index?csrf=__CSRF__")))), + array("url" => html::mark_clean(url::site("admin/maintenance/start/search_task::update_index?csrf=__CSRF__")))), "search_index_out_of_date"); } } diff --git a/modules/server_add/helpers/server_add.php b/modules/server_add/helpers/server_add.php index a84e1afd6d..27794855bc 100644 --- a/modules/server_add/helpers/server_add.php +++ b/modules/server_add/helpers/server_add.php @@ -25,7 +25,7 @@ static function check_config($paths=null) { if (empty($paths)) { site_status::warning( t("Server Add needs configuration. Configure it now!", - array("url" => html::mark_safe(url::site("admin/server_add")))), + array("url" => html::mark_clean(url::site("admin/server_add")))), "server_add_configuration"); } else { site_status::clear("server_add_configuration"); diff --git a/modules/user/views/login.html.php b/modules/user/views/login.html.php index dfd09661d2..27431ce8bb 100644 --- a/modules/user/views/login.html.php +++ b/modules/user/views/login.html.php @@ -8,7 +8,7 @@ else: ?>= t("We received a request to reset your password for %site_url. If you made this request, you can confirm it by clicking this link. If you didn't request this password reset, it's ok to ignore this mail.", - array("site_url" => html::mark_safe(url::base(false, "http")), + array("site_url" => html::mark_clean(url::base(false, "http")), "confirm_url" => $confirm_url)) ?>