diff options
author | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-11-01 21:26:44 +0000 |
---|---|---|
committer | Angie Byron <webchick@24967.no-reply.drupal.org> | 2009-11-01 21:26:44 +0000 |
commit | ca8eee7545f75c199bde0121bd6a0792d67c5b91 (patch) | |
tree | 5e805f30c93c7a005e0cb422dd0ea95ca849d84f /modules/blog | |
parent | b882d991d01544fb458cb58614fdba4fab0997eb (diff) | |
download | brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.gz brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.bz2 |
#192056 by effulgentsia, Dave Cohen, andypost, hswong3i, geodaniel, pwolanin, and dahacouk: Ensure user's raw login name is never output directly.
Diffstat (limited to 'modules/blog')
-rw-r--r-- | modules/blog/blog.module | 8 | ||||
-rw-r--r-- | modules/blog/blog.pages.inc | 4 | ||||
-rw-r--r-- | modules/blog/blog.test | 14 |
3 files changed, 13 insertions, 13 deletions
diff --git a/modules/blog/blog.module b/modules/blog/blog.module index 0d4878d48..1198f27e2 100644 --- a/modules/blog/blog.module +++ b/modules/blog/blog.module @@ -27,7 +27,7 @@ function blog_user_view($account) { $account->content['summary']['blog'] = array( '#type' => 'user_profile_item', '#title' => t('Blog'), - '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $account->name))))), + '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($account)))))), '#attributes' => array('class' => array('blog')), ); } @@ -60,7 +60,7 @@ function blog_form(stdClass $node, $form_state) { function blog_view(stdClass $node, $build_mode) { if ((bool)menu_get_object()) { // Breadcrumb navigation. - drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => $node->name)), 'blog/' . $node->uid))); + drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => format_username($node))), 'blog/' . $node->uid))); } return $node; } @@ -72,9 +72,9 @@ function blog_node_view(stdClass $node, $build_mode = 'full') { if ($build_mode != 'rss') { if ($node->type == 'blog' && arg(0) != 'blog' || arg(1) != $node->uid) { $links['blog_usernames_blog'] = array( - 'title' => t("!username's blog", array('!username' => $node->name)), + 'title' => t("!username's blog", array('!username' => format_username($node))), 'href' => "blog/$node->uid", - 'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $node->name))), + 'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($node)))), ); $node->content['links']['blog'] = array( '#theme' => 'links', diff --git a/modules/blog/blog.pages.inc b/modules/blog/blog.pages.inc index 6936f54be..a605cfa1c 100644 --- a/modules/blog/blog.pages.inc +++ b/modules/blog/blog.pages.inc @@ -12,7 +12,7 @@ function blog_page_user($account) { global $user; - drupal_set_title($title = t("@name's blog", array('@name' => $account->name)), PASS_THROUGH); + drupal_set_title($title = t("@name's blog", array('@name' => format_username($account))), PASS_THROUGH); $items = array(); @@ -123,7 +123,7 @@ function blog_feed_user($account) { ->execute() ->fetchCol(); - $channel['title'] = t("!name's blog", array('!name' => $account->name)); + $channel['title'] = t("!name's blog", array('!name' => format_username($account))); $channel['link'] = url('blog/' . $account->uid, array('absolute' => TRUE)); node_feed($nids, $channel); diff --git a/modules/blog/blog.test b/modules/blog/blog.test index 597c549e8..c00a93399 100644 --- a/modules/blog/blog.test +++ b/modules/blog/blog.test @@ -38,7 +38,7 @@ class BlogTestCase extends DrupalWebTestCase { $this->drupalGet('blog/' . $this->big_user->uid); $this->assertResponse(200); - $this->assertTitle(t("@name's blog", array('@name' => $this->big_user->name)) . ' | Drupal', t('Blog title was displayed')); + $this->assertTitle(t("@name's blog", array('@name' => format_username($this->big_user))) . ' | Drupal', t('Blog title was displayed')); $this->assertText(t('You are not allowed to post a new blog entry.'), t('No new entries can be posted without the right permission')); } @@ -50,8 +50,8 @@ class BlogTestCase extends DrupalWebTestCase { $this->drupalGet('blog/' . $this->own_user->uid); $this->assertResponse(200); - $this->assertTitle(t("@name's blog", array('@name' => $this->own_user->name)) . ' | Drupal', t('Blog title was displayed')); - $this->assertText(t('!author has not created any blog entries.', array('!author' => $this->own_user->name)), t('Users blog displayed with no entries')); + $this->assertTitle(t("@name's blog", array('@name' => format_username($this->own_user))) . ' | Drupal', t('Blog title was displayed')); + $this->assertText(t('@author has not created any blog entries.', array('@author' => format_username($this->own_user))), t('Users blog displayed with no entries')); } /** @@ -139,7 +139,7 @@ class BlogTestCase extends DrupalWebTestCase { $this->drupalGet('node/' . $node->nid); $this->assertResponse(200); $this->assertTitle($node->title[FIELD_LANGUAGE_NONE][0]['value'] . ' | Drupal', t('Blog node was displayed')); - $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => $node_user->name)), t('Breadcrumbs were displayed')); + $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => format_username($node_user))), t('Breadcrumbs were displayed')); // View blog edit node. $this->drupalGet('node/' . $node->nid . '/edit'); @@ -180,7 +180,7 @@ class BlogTestCase extends DrupalWebTestCase { // Confirm the recent blog entries link goes to the user's blog page. $this->clickLink('View recent blog entries'); - $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('View recent blog entries link target was correct')); + $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('View recent blog entries link target was correct')); // Confirm a blog page was displayed. $this->drupalGet('blog'); @@ -191,7 +191,7 @@ class BlogTestCase extends DrupalWebTestCase { // Confirm a blog page was displayed per user. $this->drupalGet('blog/' . $user->uid); - $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('User blog node was displayed')); + $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('User blog node was displayed')); // Confirm a blog feed was displayed. $this->drupalGet('blog/feed'); @@ -199,6 +199,6 @@ class BlogTestCase extends DrupalWebTestCase { // Confirm a blog feed was displayed per user. $this->drupalGet('blog/' . $user->uid . '/feed'); - $this->assertTitle(t("@name's blog", array('@name' => $user->name)), t('User blog feed was displayed')); + $this->assertTitle(t("@name's blog", array('@name' => format_username($user))), t('User blog feed was displayed')); } } |