* Make $wgUser->editToken() work for either logged-in or logged-out users.
* Fix escaping of edit tokens, removed FIXME note. * Added + to EDIT_TOKEN_SUFFIX on report of broken proxy from mutante * Two random minor changes
This commit is contained in:
parent
7ec04c41b7
commit
4750b687d1
|
@ -144,6 +144,7 @@ class EmailContactForm {
|
||||||
$titleObj = SpecialPage::getTitleFor( "Contact" );
|
$titleObj = SpecialPage::getTitleFor( "Contact" );
|
||||||
$action = $titleObj->escapeLocalURL( "action=submit" );
|
$action = $titleObj->escapeLocalURL( "action=submit" );
|
||||||
$token = $wgUser->isAnon() ? EDIT_TOKEN_SUFFIX : $wgUser->editToken(); //this kind of sucks, really...
|
$token = $wgUser->isAnon() ? EDIT_TOKEN_SUFFIX : $wgUser->editToken(); //this kind of sucks, really...
|
||||||
|
$token = htmlspecialchars( $token );
|
||||||
|
|
||||||
$wgOut->addHTML( "
|
$wgOut->addHTML( "
|
||||||
<form id=\"emailuser\" method=\"post\" action=\"{$action}\">
|
<form id=\"emailuser\" method=\"post\" action=\"{$action}\">
|
||||||
|
|
Loading…
Reference in New Issue