Last modified: 2013-06-18 15:48:04 UTC
When adding a right to $wgRestrictionTypes, or adding special page without a mediawiki: message, it displays &lt;MESSAGE&gt; instead of <MESSAGE>.
Please provide more details like where exactly those are shown.
On special:specialpages, when you make a special page and do not give it a message in the i18n file (ie if you remove the 'checkuser' entry from the checkuser extension's i18n file), and on &action=protect, when you add a right but do not make restriction-<right> message. Do you want a screenshot?
And what should happen in this case?
I was just going to enter a new bug: Unknown messages end up in "<message>" instead of "<message>", when I spotted this bug (bug #14531). I was going to say: There is a bug in the method used to display unknown messages. They end up being shown to the user as "<message>" instead of the certainly intended "<message>". Try this experiment: on e.g., Monobook.php change msg('search') to msg('zzzsearch'), and then view what happens in your browser, by browsing any page. Yes, there never should be any unknown messages, but when there are (as occasionally _does_ happen), they should be displayed as intended for unknown messages, and not with < >.
Created attachment 10219 [details] HTML source of a page resulting from missing two messages, wfMessage produces < > An example resulting from removing following messages: nstab-special databaseerror "databaseerror" is rendered as <databaseerror> in the heading as HTML (correctly) "nstab-special" is additionally escaped in the tab &lt;nstab-special&gt; "databaseerror" is rendered as <databaseerror> (not >) in the title
Created attachment 10220 [details] wfMessage is now changd to produce < and > instead nstab-special is now <nstab-special> databaseerror is now <databaseerror> databaseerror is now <databaseerror> in <title>
Created attachment 10221 [details] a simple patch to the Message class - use << >> now instead of < > This is a simple patch to use plain << ... >> instead of < >
Comment on attachment 10221 [details] a simple patch to the Message class - use << >> now instead of < > The original form of placeholder "<message-name>" introduced in r64182 has a pretty interesting property: It survives most kinds of parsing and sanitizing: > print wfMessage("i-dont-exist-aevar")->plain(); <i-dont-exist-aevar> > print wfMessage("i-dont-exist-aevar")->escaped(); <i-dont-exist-aevar> > print wfMessage("i-dont-exist-aevar")->parse(); <i-dont-exist-aevar> > print wfMessage("i-dont-exist-aevar")->parseAsBlock(); <p><i-dont-exist-aevar> </p> > $z = wfMessage("i-dont-exist-aevar")->plain(); > print Sanitizer::removeHTMLtags($z); <i-dont-exist-aevar> > print Sanitizer::normalizeCharReferences(Sanitizer::removeHTMLtags($z)); <i-dont-exist-aevar> > print Sanitizer::stripAllTags(Sanitizer::normalizeCharReferences(Sanitizer::removeHTMLtags($z))); <i-dont-exist-aevar> > print wfMessage('pagetitle')->rawParams(Sanitizer::stripAllTags(Sanitizer::normalizeCharReferences(Sanitizer::removeHTMLtags($z)))); <i-dont-exist-aevar> – TrunkWiki The above is possible because Message uses doubleEncode = false with htmlspecialchars() and therefore it magically does not get quoted again. The <<i-dont-exist-aevar>> form isn't that great anymore: > print Sanitizer::removeHTMLtags("<<i-dont-exist>>"); <<i>></i> > print wfMessage("i-dont-exist-asdasd")->text(); <<i-dont-exist-asdasd>> > print Sanitizer::normalizeCharReferences( Sanitizer::removeHTMLtags("<<i-dont-exist-ever>>")); <<i>></i> > $z = wfMessage("i-dont-exist-aevar")->plain(); > print wfMessage('pagetitle')->rawParams(Sanitizer::stripAllTags(Sanitizer::normalizeCharReferences(Sanitizer::removeHTMLtags($z)))); <> - MiniTest > print wfMessage("i-dont-exist-aevar")->parse(); <<i>></i> it seems like the <<form>> as done by the patch isn't the resistant to various transformations; therefore it is more difficult to spot. It would be best to have a special value (similar to SQL NULL) or exception object that would be transferred down through all sanitizing, escaping and quoting functions. Not sure if this is worth the effort; and probably would not be bug-free. For now, it seems that the current method is very simple way to produce an eye-alterting message despite of various transformations. It does not have to be always very pretty though. a WONTFIX?
Marcin, feel free to remove the "need-review" keyword if the patch is for illustration only.
Let's just fix documentation for $wgRestrictionTypes and let this be.
*** Bug 30681 has been marked as a duplicate of this bug. ***
Santhosh Thottingal proposed a fix under bug 30681 (now dupe) under https://gerrit.wikimedia.org/r/3842
Added phpunit testcases in https://gerrit.wikimedia.org/r/3852, and I think that and https://gerrit.wikimedia.org/r/3842 resolves the issue.