Last modified: 2010-09-10 01:47:22 UTC
I installed MediaWiki 1.16.0 with latest FCKeditor from the 1.16.x branch and it generate the following javascript error for my french language wiki. Here is the error output of firefox's 3.6 linux x86_64 error console: Erreur : missing ; before statement Fichier Source : http://wiki.demo.ep.profweb.qc.ca/index.php?title=Accueil&action=edit Ligne : 274, Colonne : 41 Code Source : fckTools.innerHTML+='<span ' + style + ' id="popup_wpTextbox1">[<a class="fckPopup" href="javascript:void(0)" onclick="ToggleFCKEditor(\'popup\',\'wpTextbox1\')">Ouvrir l'éditeur enrichi dans une nouvelle fenêtre</a>]</span>'; As you can see, the french text "Ouvrir l'éditeur enrichi dans une nouvelle fenêtre" has a single quote wich is not escaped and this prvents the editor from loading. I found a temporary fix by doing the following thing: In file "extensions/FCKeditor/FCKeditor.body.php", I replaced line 430: -> $newWinMsg = wfMsg( 'rich_editor_new_window' ); with -> $newWinMsg = str_replace("'","\'",wfMsg( 'rich_editor_new_window' )); This fixed the problem, the editor now loads normaly. I'm not a programmer so I don't know if this is a FCKeditor problem or a MediaWiki problem and I'm not sure if I corrected this bug by doing the best thing so I will let you guys decide where it should be fixed. Thanx for your great work! I hope you can fix this soon!
Thank you for the quick fix. It works.
committed fix to svn in r72699. (basically same as original poster, but use escaping functions that also do other troublesome characters). This was somewhat of a security issue (XSS), as an evil person could insert code into mediawiki namespace, but not so much as theirs easier ways to be evil if you have privs to edit mediawiki namespace.
