Thijs/wiki.techinc.nl

Fork 0

Commit graph

Author	SHA1	Message	Date
Thiemo Mättig	ef470ebf7f	Remove @param comments that literally repeat what the code says These comments do not add anything. I argue they are worse than having no comments, because I have to read them first to understand they actually don't explain anything. Removing them makes room for actual improvements in the future (if needed). Change-Id: Iee70aad681b3385e9af282d5581c10addbb91ac4	2018-01-10 14:14:26 +01:00
Roan Kattouw	1210916329	Use Sanitizer::stripAllTags( $x ) instead of html_entity_decode( strip_tags( $x ) ) We have a utility function for this, so let's use it. What I don't understand though is why Sanitizer uses custom PHP implementations for both tag stripping and entity decoding, instead of the built-in functions. If there's a security reason for this or the built-ins are inadequate, that's fine, but then that should be documented (and we should possibly ban usage of the built-ins). Change-Id: I2ba2ecd388cb3d9cd2360ecaa236f3d444f0eabf	2017-07-07 16:53:53 -07:00
Brad Jorsch	a90bbf1a48	Add ILocalizedException interface We already throw around some exceptions that are localized (ErrorPageError and its subclasses, MalformedTitleException), but there's no standard way to recognize them. Let's change that. Then let's use them in the API to be able to have internationalized errors when such exceptions are caught, instead of wrapping the English-language version. Change-Id: Iac7c90f92a889f8de9dae373547c07b884addaea	2016-12-08 13:53:24 -05:00

Author

SHA1

Message

Date

Thiemo Mättig

ef470ebf7f

Remove @param comments that literally repeat what the code says

These comments do not add anything. I argue they are worse than having
no comments, because I have to read them first to understand they
actually don't explain anything. Removing them makes room for actual
improvements in the future (if needed).

Change-Id: Iee70aad681b3385e9af282d5581c10addbb91ac4

2018-01-10 14:14:26 +01:00

Roan Kattouw

1210916329

Use Sanitizer::stripAllTags( $x ) instead of html_entity_decode( strip_tags( $x ) )

We have a utility function for this, so let's use it.

What I don't understand though is why Sanitizer uses custom PHP implementations
for both tag stripping and entity decoding, instead of the built-in functions.
If there's a security reason for this or the built-ins are inadequate, that's
fine, but then that should be documented (and we should possibly ban usage
of the built-ins).

Change-Id: I2ba2ecd388cb3d9cd2360ecaa236f3d444f0eabf

2017-07-07 16:53:53 -07:00

Brad Jorsch

a90bbf1a48

Add ILocalizedException interface

We already throw around some exceptions that are localized
(ErrorPageError and its subclasses, MalformedTitleException), but
there's no standard way to recognize them. Let's change that.

Then let's use them in the API to be able to have internationalized
errors when such exceptions are caught, instead of wrapping the
English-language version.

Change-Id: Iac7c90f92a889f8de9dae373547c07b884addaea

2016-12-08 13:53:24 -05:00

3 commits