Merge pull request #110 from chillu/trac/7170-i18n-sprintf-injections

2024-06-27 23:19:36 +02:00 · 2012-05-09 19:55:53 +12:00 · 2012-05-09 19:55:53 +12:00 · d79d5987cb
commit d79d5987cb
parent ce58e55cc1 38f1236b1f
9 changed files with 90 additions and 95 deletions
--- a/code/controllers/AssetAdmin.php
+++ b/code/controllers/AssetAdmin.php
@ -507,7 +507,11 @@ JS
 			}
 		}
 		
-		$message = sprintf(_t('AssetAdmin.THUMBSDELETED', '%s unused thumbnails have been deleted'), $count);
+		$message = _t(
+			'AssetAdmin.THUMBSDELETED', 
+			'{count} unused thumbnails have been deleted', 
+			array('count' => $count)
+		);
 		$this->response->addHeader('X-Status', $message);
 		return;
 	}
@ -609,7 +613,7 @@ JS
 		$title = _t("AssetAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
 		return array(
 			"CMS_ACCESS_AssetAdmin" => array(
-				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
+				'name' => _t('CMSMain.ACCESS', "Access to '{title}' section", array('title' => $title)),
 				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
 			)
 		);
--- a/code/controllers/CMSMain.php
+++ b/code/controllers/CMSMain.php
@ -795,13 +795,11 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 			
 			$this->response->addHeader(
 				'X-Status',
-				sprintf(
-					_t(
-						'LeftAndMain.STATUSPUBLISHEDSUCCESS', 
-						"Published '%s' successfully",
-						'Status message after publishing a page, showing the page title'
-					),
-					$record->Title
+				_t(
+					'LeftAndMain.STATUSPUBLISHEDSUCCESS', 
+					"Published '{title}' successfully",
+					'Status message after publishing a page, showing the page title',
+					array('title' => $record->Title)
 				)
 			);
 		} else {
@ -885,16 +883,16 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr

 		if(isset($descendantsRemoved)) {
 			$descRemoved = " and $descendantsRemoved descendants";
-			$descRemoved = sprintf(' '._t('CMSMain.DESCREMOVED', 'and %s descendants'), $descendantsRemoved);
+			$descRemoved = ' ' . _t('CMSMain.DESCREMOVED', 'and {count} descendants', array('count' => $descendantsRemoved));
 		} else {
 			$descRemoved = '';
 		}

 		$form->sessionMessage(
-			sprintf(
-				_t('CMSMain.REMOVED', 'Deleted \'%s\'%s from live site'), 
-				$recordTitle, 
-				$descRemoved
+			_t(
+				'CMSMain.REMOVED', 
+				'Deleted \'{title}\'{additionalinfo} from live site', 
+				array('title' => $recordTitle, 'additionalinfo' => $descRemoved)
 			),
 			'good'
 		);
@ -941,9 +939,11 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		
 		$this->response->addHeader(
 			'X-Status',
-			sprintf(
-				_t('CMSMain.RESTORED',"Restored '%s' successfully",'Param %s is a title'),
-				$record->Title
+			_t(
+				'CMSMain.RESTORED',
+				"Restored '{title}' successfully",
+				'Param %s is a title',
+				array('title' => $record->Title)
 			)
 		);
 		
@ -968,10 +968,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		$record->delete();

 		$form->sessionMessage(
-			sprintf(
-				_t('CMSMain.REMOVEDPAGEFROMDRAFT',"Removed '%s' from the draft site"),
-				$record->Title
-			),
+			_t('CMSMain.REMOVEDPAGEFROMDRAFT',"Removed '{title}' from the draft site", array('title' => $record->Title)),
 			'good'
 		);

@ -996,7 +993,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		
 		$this->response->addHeader(
 			'X-Status',
-			sprintf(_t('CMSMain.REMOVEDPAGE',"Removed '%s' from the published site"),$record->Title)
+			_t('CMSMain.REMOVEDPAGE',"Removed '{title}' from the published site", array('title' => $record->Title))
 		);
 		
 		return $this->getResponseNegotiator()->respond($this->request);
@ -1031,16 +1028,16 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		
 		if($version) {
 			$record->doRollbackTo($version);
-			$message = sprintf(
-				_t('CMSMain.ROLLEDBACKVERSION',"Rolled back to version #%d.  New version number is #%d"),
-				$data['Version'],
-				$record->Version
+			$message = _t(
+				'CMSMain.ROLLEDBACKVERSION',
+				"Rolled back to version #%d.  New version number is #%d",
+				array('version' => $data['Version'], 'versionnew' => $record->Version)
 			);
 		} else {
 			$record->doRollbackTo('Live');
-			$message = sprintf(
-				_t('CMSMain.ROLLEDBACKPUB',"Rolled back to published version. New version number is #%d"),
-				$record->Version
+			$message = _t(
+				'CMSMain.ROLLEDBACKPUB',"Rolled back to published version. New version number is #{version}",
+				array('version' => $record->Version)
 			);
 		}

@ -1155,7 +1152,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 					break;
 				}
 			}
-			$response .= sprintf(_t('CMSMain.PUBPAGES',"Done: Published %d pages"), $count);
+			$response .= _t('CMSMain.PUBPAGES',"Done: Published {count} pages", array('count' => $count));

 		} else {
 			$token = SecurityToken::inst();
@ -1193,9 +1190,10 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		
 		$this->response->addHeader(
 			'X-Status',
-			sprintf(
-				_t('CMSMain.RESTORED',"Restored '%s' successfully",'Param %s is a title'),
-				$restoredPage->TreeTitle
+			_t(
+				'CMSMain.RESTORED',
+				"Restored '{title}' successfully", 
+				array('title' => $restoredPage->TreeTitle)
 			)
 		);
 		
@ -1273,7 +1271,7 @@ class CMSMain extends LeftAndMain implements CurrentPageIdentifier, PermissionPr
 		$title = _t("CMSPagesController.MENUTITLE", LeftAndMain::menu_title_for_class('CMSPagesController'));
 		return array(
 			"CMS_ACCESS_CMSMain" => array(
-				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
+				'name' => _t('CMSMain.ACCESS', "Access to '{title}' section", array('title' => $title)),
 				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access'),
 				'help' => _t(
 					'CMSMain.ACCESS_HELP',
--- a/code/controllers/CMSPageHistoryController.php
+++ b/code/controllers/CMSPageHistoryController.php
@ -99,17 +99,22 @@ class CMSPageHistoryController extends CMSMain {

 			$view = _t('CMSPageHistoryController.VIEW',"view");
 			
-			$message = sprintf(
-				_t('CMSPageHistoryController.COMPARINGVERSION',"Comparing versions %s and %s."),
-				sprintf('%s (<a href="%s">%s</a>)', $versionID, Controller::join_links($link, $versionID), $view),
-				sprintf('%s (<a href="%s">%s</a>)', $compareID, Controller::join_links($link, $compareID), $view)
+			$message = _t(
+				'CMSPageHistoryController.COMPARINGVERSION',
+				"Comparing versions {version1} and {version2}.",
+				array(
+					'version1' => sprintf('%s (<a href="%s">%s</a>)', $versionID, Controller::join_links($link, $versionID), $view),
+					'version2' => sprintf('%s (<a href="%s">%s</a>)', $compareID, Controller::join_links($link, $compareID), $view)
+				)
 			);
 			
 			$revert->setReadonly(true);
 		}
 		else {
-			$message = sprintf(
-				_t('CMSPageHistoryController.VIEWINGVERSION',"Currently viewing version %s."), $versionID
+			$message = _t(
+				'CMSPageHistoryController.VIEWINGVERSION',
+				"Currently viewing version {version}.", 
+				array('version' => $versionID)
 			);
 		}
 		
--- a/code/controllers/ReportAdmin.php
+++ b/code/controllers/ReportAdmin.php
@ -140,7 +140,7 @@ class ReportAdmin extends LeftAndMain implements PermissionProvider {
 		$title = _t("ReportAdmin.MENUTITLE", LeftAndMain::menu_title_for_class($this->class));
 		return array(
 			"CMS_ACCESS_ReportAdmin" => array(
-				'name' => sprintf(_t('CMSMain.ACCESS', "Access to '%s' section"), $title),
+				'name' => _t('CMSMain.ACCESS', "Access to '{title}' section", array('title' => $title)),
 				'category' => _t('Permission.CMS_ACCESS_CATEGORY', 'CMS Access')
 			)
 		);
--- a/code/model/ErrorPage.php
+++ b/code/model/ErrorPage.php
@ -204,12 +204,10 @@ class ErrorPage extends Page {
 			fwrite($fh, $errorContent);
 			fclose($fh);
 		} else {
-			$fileErrorText = sprintf(
-				_t(
-					"ErrorPage.ERRORFILEPROBLEM",
-					"Error opening file \"%s\" for writing. Please check file permissions."
-				),
-				$errorFile
+			$fileErrorText = _t(
+				"ErrorPage.ERRORFILEPROBLEM",
+				"Error opening file \"{filename}\" for writing. Please check file permissions.",
+				array('filename' => $errorFile)
 			);
 			$this->response->addHeader('X-Status', $fileErrorText);
 			return $this->httpError(405);
--- a/code/model/SiteTree.php
+++ b/code/model/SiteTree.php
@ -1495,14 +1495,10 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
 			if($subject->ID && !in_array($subject->ClassName, $allowed)) {
 				
 				$result->error(
-					sprintf(
-						_t(
-							'SiteTree.PageTypeNotAllowed', 
-							'Page type "%s" not allowed as child of this parent page', 
-							
-							'First argument is a class name'
-						),
-						$subject->i18n_singular_name()
+					_t(
+						'SiteTree.PageTypeNotAllowed', 
+						'Page type "{type}" not allowed as child of this parent page', 
+						array('type' => $subject->i18n_singular_name())
 					),
 					'ALLOWED_CHILDREN'
 				);
@ -1512,14 +1508,10 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
 		// "Can be root" validation
 		if(!$this->stat('can_be_root') && !$this->ParentID) {
 			$result->error(
-				sprintf(
-					_t(
-						'SiteTree.PageTypNotAllowedOnRoot', 
-						'Page type "%s" is not allowed on the root level', 
-						
-						'First argument is a class name'
-					),
-					$this->i18n_singular_name()
+				_t(
+					'SiteTree.PageTypNotAllowedOnRoot', 
+					'Page type "{type}" is not allowed on the root level', 
+					array('type' => $this->i18n_singular_name())
 				),
 				'CAN_BE_ROOT'
 			);
@ -1781,9 +1773,10 @@ class SiteTree extends DataObject implements PermissionProvider,i18nEntityProvid
 						. $parentList;
 				}

-				$statusMessage[] = sprintf(
-					_t('SiteTree.APPEARSVIRTUALPAGES', "This content also appears on the virtual pages in the %s sections."),
-					$parentList
+				$statusMessage[] = _t(
+					'SiteTree.APPEARSVIRTUALPAGES', 
+					"This content also appears on the virtual pages in the {title} sections.",
+					array('title' => $parentList)
 				);
 			}
 		}
--- a/code/model/VirtualPage.php
+++ b/code/model/VirtualPage.php
@ -301,14 +301,10 @@ class VirtualPage extends Page {
 		$orig = $this->CopyContentFrom();
 		if(!$orig->stat('can_be_root') && !$this->ParentID) {
 			$result->error(
-				sprintf(
-					_t(
-						'VirtualPage.PageTypNotAllowedOnRoot', 
-						'Original page type "%s" is not allowed on the root level for this virtual page', 
-						
-						'First argument is a class name'
-					),
-					$orig->i18n_singular_name()
+				_t(
+					'VirtualPage.PageTypNotAllowedOnRoot', 
+					'Original page type "{type}" is not allowed on the root level for this virtual page', 
+					array('type' => $orig->i18n_singular_name())
 				),
 				'CAN_BE_ROOT_VIRTUAL'
 			);
--- a/code/reports/SideReport.php
+++ b/code/reports/SideReport.php
@ -50,9 +50,10 @@ class SideReportView extends ViewableData {
 			$result .= "</ul>\n";	
 		} else {
 			$result = "<p class=\"message notice\">" . 
-				sprintf(
-					_t('SideReport.REPEMPTY','The %s report is empty.','%s is a report title'),
-					$this->report->title()
+				_t(
+					'SideReport.REPEMPTY',
+					'The {title} report is empty.',
+					array('title' => $this->report->title())
 				) 
 				. "</p>";
 		}
--- a/lang/en.yml
+++ b/lang/en.yml
@ -19,7 +19,7 @@ en:
    ListView: 'List View'
    NEWFOLDER: NewFolder
    SIZE: Size
-    THUMBSDELETED: '%s unused thumbnails have been deleted'
+    THUMBSDELETED: '{count} unused thumbnails have been deleted'
    TreeView: 'Tree View'
    Upload: Upload
    MENUTITLE: Files
@ -67,7 +67,7 @@ en:
    UNPUBLISHED_PAGES: 'Un-published %d pages'
    UNPUBLISH_PAGES: Un-publish
  CMSMain:
-    ACCESS: 'Access to ''%s'' section'
+    ACCESS: 'Access to ''{title}'' section'
    ACCESS_HELP: 'Allow viewing of the section containing page tree and content. View and edit permissions can be handled through page specific dropdowns, as well as the separate "Content permissions".'
    AddNew: 'Add new page'
    AddNewButton: 'Add new'
@ -76,7 +76,7 @@ en:
    Create: Create
    DELETE: 'Delete draft'
    DELETEFP: Delete
-    DESCREMOVED: 'and %s descendants'
+    DESCREMOVED: 'and {count} descendants'
    EMAIL: Email
    NEW: 'New '
    PAGENOTEXISTS: 'This page doesn''t exist'
@ -86,14 +86,14 @@ en:
    PUBALLCONFIRM: 'Please publish every page in the site, copying content stage to live'
    PUBALLFUN: '"Publish All" functionality'
    PUBALLFUN2: "Pressing this button will do the equivalent of going to every page and pressing \"publish\".  It's\n				intended to be used after there have been massive edits of the content, such as when the site was\n				first built."
-    PUBPAGES: 'Done: Published %d pages'
-    REMOVED: 'Deleted ''%s''%s from live site'
-    REMOVEDPAGE: 'Removed ''%s'' from the published site'
-    REMOVEDPAGEFROMDRAFT: 'Removed ''%s'' from the draft site'
+    PUBPAGES: 'Done: Published {count} pages'
+    REMOVED: 'Deleted ''{title}''{additionalinfo} from live site'
+    REMOVEDPAGE: 'Removed ''{title}'' from the published site'
+    REMOVEDPAGEFROMDRAFT: 'Removed ''{title}'' from the draft site'
    RESTORE: Restore
-    RESTORED: 'Restored ''%s'' successfully'
+    RESTORED: 'Restored ''{title}'' successfully'
    ROLLBACK: 'Roll back to this version'
-    ROLLEDBACKPUB: 'Rolled back to published version. New version number is #%d'
+    ROLLEDBACKPUB: 'Rolled back to published version. New version number is #{version}'
    ROLLEDBACKVERSION: 'Rolled back to version #%d.  New version number is #%d'
    SAVE: Save
    SAVEDRAFT: 'Save Draft'
@ -111,12 +111,12 @@ en:
  CMSPageHistoryController:
    COMPAREMODE: 'Compare mode (select two)'
    COMPAREVERSIONS: 'Compare Versions'
-    COMPARINGVERSION: 'Comparing versions %s and %s.'
+    COMPARINGVERSION: 'Comparing versions {version1} and {version2}.'
    REVERTTOTHISVERSION: 'Revert to this version'
    SHOWUNPUBLISHED: 'Show unpublished versions'
    SHOWVERSION: 'Show Version'
    VIEW: view
-    VIEWINGVERSION: 'Currently viewing version %s.'
+    VIEWINGVERSION: 'Currently viewing version {version}.'
    MENUTITLE: History
  CMSPageHistoryController_versions.ss:
    AUTHOR: Author
@ -197,7 +197,7 @@ en:
    DEFAULTSERVERERRORPAGECONTENT: '<p>Sorry, there was a problem with handling your request.</p>'
    DEFAULTSERVERERRORPAGETITLE: 'Server error'
    DESCRIPTION: 'Custom content for different error cases (e.g. "Page not found")'
-    ERRORFILEPROBLEM: 'Error opening file "%s" for writing. Please check file permissions.'
+    ERRORFILEPROBLEM: 'Error opening file "{filename}" for writing. Please check file permissions.'
  Folder:
    AddFolderButton: 'Add folder'
    DELETEUNUSEDTHUMBNAILS: 'Delete unused thumbnails'
@ -208,7 +208,7 @@ en:
    DESCRIPTION: 'Generic content page'
  LeftAndMain:
    PreviewButton: Preview
-    STATUSPUBLISHEDSUCCESS: 'Published ''%s'' successfully'
+    STATUSPUBLISHEDSUCCESS: 'Published ''{title}'' successfully'
    SearchResults: 'Search Results'
    VersionUnknown: Unknown
  LegacyTableFieldsTestPage:
@ -256,7 +256,7 @@ en:
    LAST2WEEKS: 'Pages edited in the last 2 weeks'
    OtherGroupTitle: Other
    ParameterLiveCheckbox: 'Check live site'
-    REPEMPTY: 'The %s report is empty.'
+    REPEMPTY: 'The {title} report is empty.'
  SilverStripeNavigatorLink:
    ShareInstructions: 'To share a this to this page, copy and paste the link below.'
    ShareLink: 'Share link'
@ -284,7 +284,7 @@ en:
    ADDEDTODRAFTHELP: 'Page has not been published yet'
    ADDEDTODRAFTSHORT: Draft
    ALLOWCOMMENTS: 'Allow comments on this page?'
-    APPEARSVIRTUALPAGES: 'This content also appears on the virtual pages in the %s sections.'
+    APPEARSVIRTUALPAGES: 'This content also appears on the virtual pages in the {title} sections.'
    BUTTONCANCELDRAFT: 'Cancel draft changes'
    BUTTONCANCELDRAFTDESC: 'Delete your draft and revert to the currently published page'
    BUTTONSAVEPUBLISH: 'Save & Publish'
@ -334,8 +334,8 @@ en:
    PERMISSION_GRANTACCESS_DESCRIPTION: 'Manage access rights for content'
    PERMISSION_GRANTACCESS_HELP: 'Allow setting of page-specific access restrictions in the "Pages" section.'
    PLURALNAME: 'Site Tres'
-    PageTypNotAllowedOnRoot: 'Page type "%s" is not allowed on the root level'
-    PageTypeNotAllowed: 'Page type "%s" not allowed as child of this parent page'
+    PageTypNotAllowedOnRoot: 'Page type "{type}" is not allowed on the root level'
+    PageTypeNotAllowed: 'Page type "{type}" not allowed as child of this parent page'
    REMOVEDFROMDRAFTHELP: 'Page is published, but has been deleted from draft'
    REMOVEDFROMDRAFTSHORT: 'Removed from draft'
    REMOVE_INSTALL_WARNING: 'Warning: You should remove install.php from this SilverStripe install for security reasons.'
@ -392,7 +392,7 @@ en:
    EDITCONTENT: 'click here to edit the content'
    HEADER: 'This is a virtual page'
    PLURALNAME: 'Virtual Pags'
-    PageTypNotAllowedOnRoot: 'Original page type "%s" is not allowed on the root level for this virtual page'
+    PageTypNotAllowedOnRoot: 'Original page type "{type}" is not allowed on the root level for this virtual page'
    SINGULARNAME: 'Virtual Page'
  cms:
    FILESYSTEMSYNC: 'Sync files'