Improve HTML escaping for translations

This commit is contained in:
Frédéric Guillot 2014-02-25 18:00:36 -05:00
parent dfcc574530
commit 99c933e283
5 changed files with 33 additions and 13 deletions

View File

@ -1,6 +1,6 @@
<?php if (empty($items)): ?> <?php if (empty($items)): ?>
<p class="alert"> <p class="alert">
<?= t('This subscription is empty, <a href="?action=unread">go back to unread items</a>') ?> <?= tne('This subscription is empty, <a href="?action=unread">go back to unread items</a>') ?>
</p> </p>
<?php else: ?> <?php else: ?>
@ -8,7 +8,7 @@
<h2><?= Helper\escape($feed['title']) ?> (<?= $nb_items ?>)</h2> <h2><?= Helper\escape($feed['title']) ?> (<?= $nb_items ?>)</h2>
<ul> <ul>
<li> <li>
<a href="?action=feed-items&amp;feed_id=<?= $feed['id'] ?>&amp;order=updated&amp;direction=<?= $direction == 'asc' ? 'desc' : 'asc' ?>"><?= t('sort by date<span class="hide-mobile"> (%s)</span>', $direction == 'desc' ? t('older first') : t('most recent first')) ?></a> <a href="?action=feed-items&amp;feed_id=<?= $feed['id'] ?>&amp;order=updated&amp;direction=<?= $direction == 'asc' ? 'desc' : 'asc' ?>"><?= tne('sort by date<span class="hide-mobile"> (%s)</span>', $direction == 'desc' ? t('older first') : t('most recent first')) ?></a>
</li> </li>
<li> <li>
<a href="?action=mark-feed-as-read&amp;feed_id=<?= $feed['id'] ?>" data-action="mark-feed-read" data-feed-id="<?= $feed['id'] ?>"><?= t('mark all as read') ?></a> <a href="?action=mark-feed-as-read&amp;feed_id=<?= $feed['id'] ?>" data-action="mark-feed-read" data-feed-id="<?= $feed['id'] ?>"><?= t('mark all as read') ?></a>

View File

@ -15,7 +15,7 @@
<?php else: ?> <?php else: ?>
<?php if ($nothing_to_read): ?> <?php if ($nothing_to_read): ?>
<p class="alert"><?= t('Nothing to read, do you want to <a href="?action=refresh-all" data-action="refresh-all">update your subscriptions?</a>') ?></p> <p class="alert"><?= tne('Nothing to read, do you want to <a href="?action=refresh-all" data-action="refresh-all">update your subscriptions?</a>') ?></p>
<?php endif ?> <?php endif ?>
<section class="items"> <section class="items">

View File

@ -3,10 +3,10 @@
<?php else: ?> <?php else: ?>
<div class="page-header"> <div class="page-header">
<h2><?= t('<span id="page-counter">%s</span>unread items', isset($nb_items) ? $nb_items.' ' : '') ?></h2> <h2><?= tne('<span id="page-counter">%s</span>unread items', isset($nb_items) ? $nb_items.' ' : '') ?></h2>
<ul> <ul>
<li> <li>
<a href="?action=unread&amp;order=updated&amp;direction=<?= $direction == 'asc' ? 'desc' : 'asc' ?>"><?= t('sort by date<span class="hide-mobile"> (%s)</span>', $direction == 'desc' ? t('older first') : t('most recent first')) ?></a> <a href="?action=unread&amp;order=updated&amp;direction=<?= $direction == 'asc' ? 'desc' : 'asc' ?>"><?= tne('sort by date<span class="hide-mobile"> (%s)</span>', $direction == 'desc' ? t('older first') : t('most recent first')) ?></a>
</li> </li>
<li> <li>
<a href="?action=mark-as-read" data-action="mark-all-read"><?= t('mark all as read') ?></a> <a href="?action=mark-as-read" data-action="mark-all-read"><?= t('mark all as read') ?></a>

View File

@ -209,3 +209,8 @@ function form_date($name, $values = array(), array $errors = array(), array $att
{ {
return form_input('date', $name, $values, $errors, $attributes, $class); return form_input('date', $name, $values, $errors, $attributes, $class);
} }
function form_number($name, $values = array(), array $errors = array(), array $attributes = array(), $class = '')
{
return form_input('number', $name, $values, $errors, $attributes, $class);
}

View File

@ -21,6 +21,24 @@ namespace PicoTools\Translator {
\array_shift($args); \array_shift($args);
\array_unshift($args, get($identifier, $identifier)); \array_unshift($args, get($identifier, $identifier));
foreach ($args as &$arg) {
$arg = htmlspecialchars($arg, ENT_QUOTES, 'UTF-8', false);
}
return \call_user_func_array(
'sprintf',
$args
);
}
function translate_no_escaping($identifier)
{
$args = \func_get_args();
\array_shift($args);
\array_unshift($args, get($identifier, $identifier));
return \call_user_func_array( return \call_user_func_array(
'sprintf', 'sprintf',
$args $args
@ -122,26 +140,23 @@ namespace PicoTools\Translator {
namespace { namespace {
function t() { function tne() {
return call_user_func_array('\PicoTools\Translator\translate_no_escaping', func_get_args());
}
function t() {
return call_user_func_array('\PicoTools\Translator\translate', func_get_args()); return call_user_func_array('\PicoTools\Translator\translate', func_get_args());
} }
function c() { function c() {
return call_user_func_array('\PicoTools\Translator\currency', func_get_args()); return call_user_func_array('\PicoTools\Translator\currency', func_get_args());
} }
function n() { function n() {
return call_user_func_array('\PicoTools\Translator\number', func_get_args()); return call_user_func_array('\PicoTools\Translator\number', func_get_args());
} }
function dt() { function dt() {
return call_user_func_array('\PicoTools\Translator\datetime', func_get_args()); return call_user_func_array('\PicoTools\Translator\datetime', func_get_args());
} }
} }