#192056 by effulgentsia, Dave Cohen, andypost, hswong3i, geodaniel, pwolanin, and dahacouk: Ensure user's raw login name is never output directly.

author: Angie Byron <webchick@24967.no-reply.drupal.org> 2009-11-01 21:26:44 +0000
committer: Angie Byron <webchick@24967.no-reply.drupal.org> 2009-11-01 21:26:44 +0000
commit: ca8eee7545f75c199bde0121bd6a0792d67c5b91 (patch)
tree: 5e805f30c93c7a005e0cb422dd0ea95ca849d84f /modules/blog
parent: b882d991d01544fb458cb58614fdba4fab0997eb (diff)
download: brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.gz
brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.bz2
3 files changed, 13 insertions, 13 deletions
diff --git a/modules/blog/blog.module b/modules/blog/blog.module
index 0d4878d48..1198f27e2 100644
--- a/modules/blog/blog.module
+++ b/modules/blog/blog.module
@@ -27,7 +27,7 @@ function blog_user_view($account) {
     $account->content['summary']['blog'] =  array(
       '#type' => 'user_profile_item',
       '#title' => t('Blog'),
-      '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $account->name))))),
+      '#markup' => l(t('View recent blog entries'), "blog/$account->uid", array('attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($account)))))),
       '#attributes' => array('class' => array('blog')),
     );
   }
@@ -60,7 +60,7 @@ function blog_form(stdClass $node, $form_state) {
 function blog_view(stdClass $node, $build_mode) {
   if ((bool)menu_get_object()) {
     // Breadcrumb navigation.
-    drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => $node->name)), 'blog/' . $node->uid)));
+    drupal_set_breadcrumb(array(l(t('Home'), NULL), l(t('Blogs'), 'blog'), l(t("!name's blog", array('!name' => format_username($node))), 'blog/' . $node->uid)));
   }
   return $node;
 }
@@ -72,9 +72,9 @@ function blog_node_view(stdClass $node, $build_mode = 'full') {
   if ($build_mode != 'rss') {
     if ($node->type == 'blog' && arg(0) != 'blog' || arg(1) != $node->uid) {
       $links['blog_usernames_blog'] = array(
-        'title' => t("!username's blog", array('!username' => $node->name)),
+        'title' => t("!username's blog", array('!username' => format_username($node))),
         'href' => "blog/$node->uid",
-        'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => $node->name))),
+        'attributes' => array('title' => t("Read !username's latest blog entries.", array('!username' => format_username($node)))),
       );
       $node->content['links']['blog'] = array(
         '#theme' => 'links',
diff --git a/modules/blog/blog.pages.inc b/modules/blog/blog.pages.inc
index 6936f54be..a605cfa1c 100644
--- a/modules/blog/blog.pages.inc
+++ b/modules/blog/blog.pages.inc
@@ -12,7 +12,7 @@
 function blog_page_user($account) {
   global $user;
 
-  drupal_set_title($title = t("@name's blog", array('@name' => $account->name)), PASS_THROUGH);
+  drupal_set_title($title = t("@name's blog", array('@name' => format_username($account))), PASS_THROUGH);
 
   $items = array();
 
@@ -123,7 +123,7 @@ function blog_feed_user($account) {
     ->execute()
     ->fetchCol();
 
-  $channel['title'] = t("!name's blog", array('!name' => $account->name));
+  $channel['title'] = t("!name's blog", array('!name' => format_username($account)));
   $channel['link'] = url('blog/' . $account->uid, array('absolute' => TRUE));
 
   node_feed($nids, $channel);
diff --git a/modules/blog/blog.test b/modules/blog/blog.test
index 597c549e8..c00a93399 100644
--- a/modules/blog/blog.test
+++ b/modules/blog/blog.test
@@ -38,7 +38,7 @@ class BlogTestCase extends DrupalWebTestCase {
 
     $this->drupalGet('blog/' . $this->big_user->uid);
     $this->assertResponse(200);
-    $this->assertTitle(t("@name's blog", array('@name' => $this->big_user->name)) . ' | Drupal', t('Blog title was displayed'));
+    $this->assertTitle(t("@name's blog", array('@name' => format_username($this->big_user))) . ' | Drupal', t('Blog title was displayed'));
     $this->assertText(t('You are not allowed to post a new blog entry.'), t('No new entries can be posted without the right permission'));
   }
 
@@ -50,8 +50,8 @@ class BlogTestCase extends DrupalWebTestCase {
 
     $this->drupalGet('blog/' . $this->own_user->uid);
     $this->assertResponse(200);
-    $this->assertTitle(t("@name's blog", array('@name' => $this->own_user->name)) . ' | Drupal', t('Blog title was displayed'));
-    $this->assertText(t('!author has not created any blog entries.', array('!author' => $this->own_user->name)), t('Users blog displayed with no entries'));
+    $this->assertTitle(t("@name's blog", array('@name' => format_username($this->own_user))) . ' | Drupal', t('Blog title was displayed'));
+    $this->assertText(t('@author has not created any blog entries.', array('@author' => format_username($this->own_user))), t('Users blog displayed with no entries'));
   }
 
   /**
@@ -139,7 +139,7 @@ class BlogTestCase extends DrupalWebTestCase {
     $this->drupalGet('node/' . $node->nid);
     $this->assertResponse(200);
     $this->assertTitle($node->title[FIELD_LANGUAGE_NONE][0]['value'] . ' | Drupal', t('Blog node was displayed'));
-    $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => $node_user->name)), t('Breadcrumbs were displayed'));
+    $this->assertText(t('Home ' . $crumb . ' Blogs ' . $crumb . ' @name' . $quote . 's blog', array('@name' => format_username($node_user))), t('Breadcrumbs were displayed'));
 
     // View blog edit node.
     $this->drupalGet('node/' . $node->nid . '/edit');
@@ -180,7 +180,7 @@ class BlogTestCase extends DrupalWebTestCase {
 
     // Confirm the recent blog entries link goes to the user's blog page.
     $this->clickLink('View recent blog entries');
-    $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('View recent blog entries link target was correct'));
+    $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('View recent blog entries link target was correct'));
 
     // Confirm a blog page was displayed.
     $this->drupalGet('blog');
@@ -191,7 +191,7 @@ class BlogTestCase extends DrupalWebTestCase {
 
     // Confirm a blog page was displayed per user.
     $this->drupalGet('blog/' . $user->uid);
-    $this->assertTitle(t("@name's blog | Drupal", array('@name' => $user->name)), t('User blog node was displayed'));
+    $this->assertTitle(t("@name's blog | Drupal", array('@name' => format_username($user))), t('User blog node was displayed'));
 
     // Confirm a blog feed was displayed.
     $this->drupalGet('blog/feed');
@@ -199,6 +199,6 @@ class BlogTestCase extends DrupalWebTestCase {
 
     // Confirm a blog feed was displayed per user.
     $this->drupalGet('blog/' . $user->uid . '/feed');
-    $this->assertTitle(t("@name's blog", array('@name' => $user->name)), t('User blog feed was displayed'));
+    $this->assertTitle(t("@name's blog", array('@name' => format_username($user))), t('User blog feed was displayed'));
   }
 }
author	Angie Byron <webchick@24967.no-reply.drupal.org>	2009-11-01 21:26:44 +0000
committer	Angie Byron <webchick@24967.no-reply.drupal.org>	2009-11-01 21:26:44 +0000
commit	ca8eee7545f75c199bde0121bd6a0792d67c5b91 (patch)
tree	5e805f30c93c7a005e0cb422dd0ea95ca849d84f /modules/blog
parent	b882d991d01544fb458cb58614fdba4fab0997eb (diff)
download	brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.gz brdo-ca8eee7545f75c199bde0121bd6a0792d67c5b91.tar.bz2