From 1d633457c4482ab96bf936e9951ded2d5ebc8c74 Mon Sep 17 00:00:00 2001 From: Andy Staudacher Date: Sat, 29 Aug 2009 11:31:00 -0700 Subject: Have url::site() and other methods return a SafeString, just as t() and t2(). Benefits: - url::site() is often used in views and we can ensure in the url class that returned strings are indeed safe for use in HTML. Makes the list of vars of unknown safety status shorter. - url::site() is often used as message parameter to t() and t2(). The parameter would be HTML-escaped if it wasn't marked as safe HTML already. Makes the usage simpler / shorter. --- modules/gallery/helpers/MY_url.php | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) (limited to 'modules/gallery/helpers/MY_url.php') diff --git a/modules/gallery/helpers/MY_url.php b/modules/gallery/helpers/MY_url.php index c4967c52..b4b7f352 100644 --- a/modules/gallery/helpers/MY_url.php +++ b/modules/gallery/helpers/MY_url.php @@ -30,7 +30,8 @@ class url extends url_Core { if ($parts[0] == "albums" || $parts[0] == "photos") { $uri = model_cache::get("item", $parts[1])->relative_path(); } - return parent::site($uri . $query, $protocol); + $url = parent::site($uri . $query, $protocol); + return SafeString::of($url)->mark_html_safe(); } static function parse_url() { @@ -99,4 +100,25 @@ class url extends url_Core { static function abs_current($qs=false) { return self::abs_site(url::current($qs)); } + + public static function base($index=false, $protocol=false) { + $url = parent::base($index, $protocol); + return SafeString::of($url)->mark_html_safe(); + } + + public static function current($qs=false) { + $url = parent::current($qs); + return SafeString::of($url)->mark_html_safe(); + } + + public static function file($file, $index=false) { + $url = parent::file($file, $index); + return SafeString::of($url)->mark_html_safe(); + } + + public static function merge(array $arguments) { + $url = parent::merge($arguments); + return SafeString::of($url)->mark_html_safe(); + } + } -- cgit v1.2.3