Drupal
/
drupal
mirror of https://git.drupalcode.org/project/drupal.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Issue #2089331 by grom358 | thedavidmeister: [meta] Replace calls to check_plain() with Drupal\Component\Utility\String::checkPlain().

8.0.x
webchick 2014-06-12 19:33:48 -07:00
parent 432b5a7810
commit 3a42e91de1
82 changed files with 239 additions and 163 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/modules/block/src/BlockForm.php
View File

@ -195,7 +195,7 @@ class BlockForm extends EntityForm {
}
// Per-role visibility.
$role_options = array_map('check_plain', user_role_names());
$role_options = array_map(array('\Drupal\Component\Utility\String', 'checkPlain'), user_role_names());
$form['visibility']['role'] = array(
'#type' => 'details',
'#title' => $this->t('Roles'),

2
core/modules/block/src/BlockViewBuilder.php
View File

@ -65,7 +65,7 @@ class BlockViewBuilder extends EntityViewBuilder {
// @todo Remove after fixing http://drupal.org/node/1989568.
'#block' => $entity,
);
$build[$entity_id]['#configuration']['label'] = check_plain($configuration['label']);
$build[$entity_id]['#configuration']['label'] = String::checkPlain($configuration['label']);
// Set cache tags; these always need to be set, whether the block is
// cacheable or not, so that the page cache is correctly informed.

3
core/modules/comment/comment.module
View File

@ -13,6 +13,7 @@
use Drupal\comment\CommentInterface;
use Drupal\comment\Entity\Comment;
use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
use Drupal\Component\Utility\String;
use Drupal\Core\Entity\ContentEntityInterface;
use Drupal\Core\Entity\EntityInterface;
use Drupal\entity\Entity\EntityViewDisplay;
@ -1265,7 +1266,7 @@ function comment_preview(CommentInterface $comment, array &$form_state) {
if (!empty($account) && $account->isAuthenticated()) {
$comment->setOwner($account);
$comment->setAuthorName(check_plain($account->getUsername()));
$comment->setAuthorName(String::checkPlain($account->getUsername()));
}
elseif (empty($author_name)) {
$comment->setAuthorName(\Drupal::config('user.settings')->get('anonymous'));

5
core/modules/comment/comment.tokens.inc
View File

@ -5,6 +5,7 @@
* Builds placeholder replacement tokens for comment-related data.
*/
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
/**
@ -141,12 +142,12 @@ function comment_tokens($type, $tokens, array $data = array(), array $options =
// Poster identity information for comments.
case 'hostname':
$replacements[$original] = $sanitize ? check_plain($comment->getHostname()) : $comment->getHostname();
$replacements[$original] = $sanitize ? String::checkPlain($comment->getHostname()) : $comment->getHostname();
break;
case 'mail':
$mail = $comment->getAuthorEmail();
$replacements[$original] = $sanitize ? check_plain($mail) : $mail;
$replacements[$original] = $sanitize ? String::checkPlain($mail) : $mail;
break;
case 'homepage':

3
core/modules/comment/src/Plugin/views/argument/UserUid.php
View File

@ -7,6 +7,7 @@
namespace Drupal\comment\Plugin\views\argument;
use Drupal\Component\Utility\String;
use Drupal\Core\Database\Connection;
use Drupal\views\Plugin\views\argument\ArgumentPluginBase;
use Symfony\Component\DependencyInjection\ContainerInterface;
@ -64,7 +65,7 @@ class UserUid extends ArgumentPluginBase {
return t('No user');
}
return check_plain($title);
return String::checkPlain($title);
}
protected function defaultActions($which = NULL) {

11
core/modules/comment/src/Tests/CommentTokenReplaceTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\comment\Tests;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
/**
@ -53,10 +54,10 @@ class CommentTokenReplaceTest extends CommentTestBase {
// Generate and test sanitized tokens.
$tests = array();
$tests['[comment:cid]'] = $comment->id();
$tests['[comment:hostname]'] = check_plain($comment->getHostname());
$tests['[comment:hostname]'] = String::checkPlain($comment->getHostname());
$tests['[comment:name]'] = Xss::filter($comment->getAuthorName());
$tests['[comment:author]'] = Xss::filter($comment->getAuthorName());
$tests['[comment:mail]'] = check_plain($this->admin_user->getEmail());
$tests['[comment:mail]'] = String::checkPlain($this->admin_user->getEmail());
$tests['[comment:homepage]'] = check_url($comment->getHomepage());
$tests['[comment:title]'] = Xss::filter($comment->getSubject());
$tests['[comment:body]'] = $comment->comment_body->processed;
@ -65,11 +66,11 @@ class CommentTokenReplaceTest extends CommentTestBase {
$tests['[comment:created:since]'] = format_interval(REQUEST_TIME - $comment->getCreatedTime(), 2, $language_interface->id);
$tests['[comment:changed:since]'] = format_interval(REQUEST_TIME - $comment->getChangedTime(), 2, $language_interface->id);
$tests['[comment:parent:cid]'] = $comment->hasParentComment() ? $comment->getParentComment()->id() : NULL;
$tests['[comment:parent:title]'] = check_plain($parent_comment->getSubject());
$tests['[comment:parent:title]'] = String::checkPlain($parent_comment->getSubject());
$tests['[comment:node:nid]'] = $comment->getCommentedEntityId();
$tests['[comment:node:title]'] = check_plain($node->getTitle());
$tests['[comment:node:title]'] = String::checkPlain($node->getTitle());
$tests['[comment:author:uid]'] = $comment->getOwnerId();
$tests['[comment:author:name]'] = check_plain($this->admin_user->getUsername());
$tests['[comment:author:name]'] = String::checkPlain($this->admin_user->getUsername());
// Test to make sure that we generated something for each token.
$this->assertFalse(in_array(0, array_map('strlen', $tests)), 'No empty tokens generated.');

2
core/modules/entity_reference/src/ConfigurableEntityReferenceItem.php
View File

@ -190,7 +190,7 @@ class ConfigurableEntityReferenceItem extends EntityReferenceItem implements All
// entity type specific plugins (e.g. 'default_node', 'default_user',
// ...).
if (in_array($plugin_id, $handler_groups)) {
$handlers_options[$plugin_id] = check_plain($plugin['label']);
$handlers_options[$plugin_id] = String::checkPlain($plugin['label']);
}
}

3
core/modules/entity_reference/src/Plugin/Field/FieldFormatter/EntityReferenceLabelFormatter.php
View File

@ -7,6 +7,7 @@
namespace Drupal\entity_reference\Plugin\Field\FieldFormatter;
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldItemListInterface;
/**
@ -77,7 +78,7 @@ class EntityReferenceLabelFormatter extends EntityReferenceFormatterBase {
) + $uri->toRenderArray();
}
else {
$elements[$delta] = array('#markup' => check_plain($label));
$elements[$delta] = array('#markup' => String::checkPlain($label));
}
$elements[$delta]['#cache']['tags'] = $referenced_entity->getCacheTag();
}

3
core/modules/entity_reference/src/Plugin/entity_reference/selection/SelectionBase.php
View File

@ -7,6 +7,7 @@
namespace Drupal\entity_reference\Plugin\entity_reference\selection;
use Drupal\Component\Utility\String;
use Drupal\Core\Database\Query\AlterableInterface;
use Drupal\Core\Database\Query\SelectInterface;
use Drupal\Core\Entity\EntityInterface;
@ -183,7 +184,7 @@ class SelectionBase implements SelectionInterface {
$entities = entity_load_multiple($target_type, $result);
foreach ($entities as $entity_id => $entity) {
$bundle = $entity->bundle();
$options[$bundle][$entity_id] = check_plain($entity->label());
$options[$bundle][$entity_id] = String::checkPlain($entity->label());
}
return $options;

7
core/modules/entity_reference/src/Tests/EntityReferenceSelectionAccessTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\entity_reference\Tests;
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Language\LanguageInterface;
use Drupal\comment\CommentInterface;
@ -114,7 +115,7 @@ class EntityReferenceSelectionAccessTest extends WebTestBase {
$node = entity_create('node', $values);
$node->save();
$nodes[$key] = $node;
$node_labels[$key] = check_plain($node->label());
$node_labels[$key] = String::checkPlain($node->label());
}
// Test as a non-admin.
@ -260,7 +261,7 @@ class EntityReferenceSelectionAccessTest extends WebTestBase {
$account = $values;
}
$users[$key] = $account;
$user_labels[$key] = check_plain($account->getUsername());
$user_labels[$key] = String::checkPlain($account->getUsername());
}
// Test as a non-admin.
@ -439,7 +440,7 @@ class EntityReferenceSelectionAccessTest extends WebTestBase {
$comment = entity_create('comment', $values);
$comment->save();
$comments[$key] = $comment;
$comment_labels[$key] = check_plain($comment->label());
$comment_labels[$key] = String::checkPlain($comment->label());
}
// Test as a non-admin.

3
core/modules/entity_reference/src/Tests/EntityReferenceSelectionSortTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\entity_reference\Tests;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
/**
@ -115,7 +116,7 @@ class EntityReferenceSelectionSortTest extends WebTestBase {
$node = entity_create('node', $values);
$node->save();
$nodes[$key] = $node;
$node_labels[$key] = check_plain($node->label());
$node_labels[$key] = String::checkPlain($node->label());
}
// Test as a non-admin.

3
core/modules/field/src/Plugin/views/argument/FieldList.php
View File

@ -7,6 +7,7 @@
namespace Drupal\field\Plugin\views\argument;
use Drupal\Component\Utility\String;
use Drupal\views\ViewExecutable;
use Drupal\views\Plugin\views\display\DisplayPluginBase;
use Drupal\views\Plugin\views\argument\Numeric;
@ -69,7 +70,7 @@ class FieldList extends Numeric {
}
// else fallback to the key.
else {
return check_plain($value);
return String::checkPlain($value);
}
}

3
core/modules/field/src/Plugin/views/argument/ListString.php
View File

@ -7,6 +7,7 @@
namespace Drupal\field\Plugin\views\argument;
use Drupal\Component\Utility\String as UtilityString;
use Drupal\views\ViewExecutable;
use Drupal\views\Plugin\views\display\DisplayPluginBase;
use Drupal\views\Plugin\views\argument\String;
@ -71,7 +72,7 @@ class ListString extends String {
}
// else fallback to the key.
else {
return $this->caseTransform(check_plain($value), $this->options['case']);
return $this->caseTransform(UtilityString::checkPlain($value), $this->options['case']);
}
}

3
core/modules/field/src/Tests/FormTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\field\Tests;
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldDefinitionInterface;
/**
@ -107,7 +108,7 @@ class FormTest extends FieldTestBase {
$this->drupalGet('entity_test/add');
// Create token value expected for description.
$token_description = check_plain(\Drupal::config('system.site')->get('name')) . '_description';
$token_description = String::checkPlain(\Drupal::config('system.site')->get('name')) . '_description';
$this->assertText($token_description, 'Token replacement for description is displayed');
$this->assertFieldByName("{$field_name}[0][value]", '', 'Widget is displayed');
$this->assertNoField("{$field_name}[1][value]", 'No extraneous widget is displayed');

3
core/modules/field_ui/src/DisplayOverviewBase.php
View File

@ -8,6 +8,7 @@
namespace Drupal\field_ui;
use Drupal\Component\Plugin\PluginManagerBase;
use Drupal\Component\Utility\String;
use Drupal\Core\Config\ConfigFactoryInterface;
use Drupal\Core\Entity\Display\EntityDisplayInterface;
use Drupal\Core\Entity\EntityManagerInterface;
@ -275,7 +276,7 @@ abstract class DisplayOverviewBase extends OverviewBase {
'defaultPlugin' => $this->getDefaultPlugin($field_definition->getType()),
),
'human_name' => array(
'#markup' => check_plain($label),
'#markup' => String::checkPlain($label),
),
'weight' => array(
'#type' => 'textfield',

3
core/modules/field_ui/src/FieldOverview.php
View File

@ -7,6 +7,7 @@
namespace Drupal\field_ui;
use Drupal\Component\Utility\String;
use Drupal\Core\Entity\EntityListBuilderInterface;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Extension\ModuleHandlerInterface;
@ -125,7 +126,7 @@ class FieldOverview extends OverviewBase {
'id' => drupal_html_class($name),
),
'label' => array(
'#markup' => check_plain($instance->getLabel()),
'#markup' => String::checkPlain($instance->getLabel()),
),
'field_name' => array(
'#markup' => $instance->getName(),

3
core/modules/file/file.field.inc
View File

@ -6,6 +6,7 @@
*/
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Render\Element;
@ -188,7 +189,7 @@ function theme_file_upload_help($variables) {
$descriptions[] = t('!size limit.', array('!size' => format_size($upload_validators['file_validate_size'][0])));
}
if (isset($upload_validators['file_validate_extensions'])) {
$descriptions[] = t('Allowed types: !extensions.', array('!extensions' => check_plain($upload_validators['file_validate_extensions'][0])));
$descriptions[] = t('Allowed types: !extensions.', array('!extensions' => String::checkPlain($upload_validators['file_validate_extensions'][0])));
}
if (isset($upload_validators['file_validate_image_resolution'])) {

15
core/modules/file/file.module
View File

@ -5,6 +5,7 @@
* Defines a "managed_file" Form API field and a "file" field for Field module.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Render\Element;
use Drupal\file\Entity\File;
@ -1048,15 +1049,15 @@ function file_tokens($type, $tokens, array $data = array(), array $options = arr
// Essential file data
case 'name':
$replacements[$original] = $sanitize ? check_plain($file->getFilename()) : $file->getFilename();
$replacements[$original] = $sanitize ? String::checkPlain($file->getFilename()) : $file->getFilename();
break;
case 'path':
$replacements[$original] = $sanitize ? check_plain($file->getFileUri()) : $file->getFileUri();
$replacements[$original] = $sanitize ? String::checkPlain($file->getFileUri()) : $file->getFileUri();
break;
case 'mime':
$replacements[$original] = $sanitize ? check_plain($file->getMimeType()) : $file->getMimeType();
$replacements[$original] = $sanitize ? String::checkPlain($file->getMimeType()) : $file->getMimeType();
break;
case 'size':
@ -1064,7 +1065,7 @@ function file_tokens($type, $tokens, array $data = array(), array $options = arr
break;
case 'url':
$replacements[$original] = $sanitize ? check_plain(file_create_url($file->getFileUri())) : file_create_url($file->getFileUri());
$replacements[$original] = $sanitize ? String::checkPlain(file_create_url($file->getFileUri())) : file_create_url($file->getFileUri());
break;
// These tokens are default variations on the chained tokens handled below.
@ -1078,7 +1079,7 @@ function file_tokens($type, $tokens, array $data = array(), array $options = arr
case 'owner':
$name = $file->getOwner()->label();
$replacements[$original] = $sanitize ? check_plain($name) : $name;
$replacements[$original] = $sanitize ? String::checkPlain($name) : $name;
break;
}
}
@ -1626,7 +1627,7 @@ function theme_file_link($variables) {
}
else {
$link_text = $variables['description'];
$options['attributes']['title'] = check_plain($file->getFilename());
$options['attributes']['title'] = String::checkPlain($file->getFilename());
}
$file_icon = array(
@ -1654,7 +1655,7 @@ function theme_file_icon($variables) {
$file = $variables['file'];
$icon_directory = $variables['icon_directory'];
$mime = check_plain($file->getMimeType());
$mime = String::checkPlain($file->getMimeType());
$icon_url = file_icon_url($file, $icon_directory);
return '<img class="file-icon" alt="" title="' . $mime . '" src="' . $icon_url . '" />';
}

3
core/modules/file/src/Plugin/Field/FieldWidget/FileWidget.php
View File

@ -7,6 +7,7 @@
namespace Drupal\file\Plugin\Field\FieldWidget;
use Drupal\Component\Utility\String;
use Drupal\Core\Field\FieldDefinitionInterface;
use Drupal\Core\Field\WidgetBase;
use Drupal\Core\Field\FieldItemListInterface;
@ -94,7 +95,7 @@ class FileWidget extends WidgetBase {
break;
}
$title = check_plain($this->fieldDefinition->getLabel());
$title = String::checkPlain($this->fieldDefinition->getLabel());
$description = field_filter_xss($this->fieldDefinition->getDescription());
$elements = array();

12
core/modules/file/src/Tests/FileTokenReplaceTest.php
View File

@ -7,6 +7,8 @@
namespace Drupal\file\Tests;
use Drupal\Component\Utility\String;
/**
* Tests the file token replacement in strings.
*/
@ -46,16 +48,16 @@ class FileTokenReplaceTest extends FileFieldTestBase {
// Generate and test sanitized tokens.
$tests = array();
$tests['[file:fid]'] = $file->id();
$tests['[file:name]'] = check_plain($file->getFilename());
$tests['[file:path]'] = check_plain($file->getFileUri());
$tests['[file:mime]'] = check_plain($file->getMimeType());
$tests['[file:name]'] = String::checkPlain($file->getFilename());
$tests['[file:path]'] = String::checkPlain($file->getFileUri());
$tests['[file:mime]'] = String::checkPlain($file->getMimeType());
$tests['[file:size]'] = format_size($file->getSize());
$tests['[file:url]'] = check_plain(file_create_url($file->getFileUri()));
$tests['[file:url]'] = String::checkPlain(file_create_url($file->getFileUri()));
$tests['[file:created]'] = format_date($file->getCreatedTime(), 'medium', '', NULL, $language_interface->id);
$tests['[file:created:short]'] = format_date($file->getCreatedTime(), 'short', '', NULL, $language_interface->id);
$tests['[file:changed]'] = format_date($file->getChangedTime(), 'medium', '', NULL, $language_interface->id);
$tests['[file:changed:short]'] = format_date($file->getChangedTime(), 'short', '', NULL, $language_interface->id);
$tests['[file:owner]'] = check_plain(user_format_name($this->admin_user));
$tests['[file:owner]'] = String::checkPlain(user_format_name($this->admin_user));
$tests['[file:owner:uid]'] = $file->getOwnerId();
// Test to make sure that we generated something for each token.

14
core/modules/filter/filter.module
View File

@ -984,8 +984,8 @@ function _filter_url_parse_full_links($match) {
$i = 1;
$match[$i] = decode_entities($match[$i]);
$caption = check_plain(_filter_url_trim($match[$i]));
$match[$i] = check_plain($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="' . $match[$i] . '">' . $caption . '</a>';
}
@ -999,8 +999,8 @@ function _filter_url_parse_email_links($match) {
$i = 0;
$match[$i] = decode_entities($match[$i]);
$caption = check_plain(_filter_url_trim($match[$i]));
$match[$i] = check_plain($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="mailto:' . $match[$i] . '">' . $caption . '</a>';
}
@ -1014,8 +1014,8 @@ function _filter_url_parse_partial_links($match) {
$i = 1;
$match[$i] = decode_entities($match[$i]);
$caption = check_plain(_filter_url_trim($match[$i]));
$match[$i] = check_plain($match[$i]);
$caption = String::checkPlain(_filter_url_trim($match[$i]));
$match[$i] = String::checkPlain($match[$i]);
return '<a href="http://' . $match[$i] . '">' . $caption . '</a>';
}
@ -1147,7 +1147,7 @@ function _filter_autop($text) {
* Escapes all HTML tags, so they will be visible instead of being effective.
*/
function _filter_html_escape($text) {
return trim(check_plain($text));
return trim(String::checkPlain($text));
}
/**

7
core/modules/filter/src/Plugin/Filter/FilterHtml.php
View File

@ -7,6 +7,7 @@
namespace Drupal\filter\Plugin\Filter;
use Drupal\Component\Utility\String;
use Drupal\filter\FilterProcessResult;
use Drupal\filter\Plugin\FilterBase;
@ -100,7 +101,7 @@ class FilterHtml extends FilterBase {
$output .= '<p>' . $this->t('This site allows HTML content. While learning all of HTML may feel intimidating, learning how to use a very small number of the most basic HTML "tags" is very easy. This table provides examples for each tag that is enabled on this site.') . '</p>';
$output .= '<p>' . $this->t('For more information see W3C\'s <a href="@html-specifications">HTML Specifications</a> or use your favorite search engine to find other sites that explain HTML.', array('@html-specifications' => 'http://www.w3.org/TR/html/')) . '</p>';
$tips = array(
'a' => array($this->t('Anchors are used to make links to other pages.'), '<a href="' . $base_url . '">' . check_plain(\Drupal::config('system.site')->get('name')) . '</a>'),
'a' => array($this->t('Anchors are used to make links to other pages.'), '<a href="' . $base_url . '">' . String::checkPlain(\Drupal::config('system.site')->get('name')) . '</a>'),
'br' => array($this->t('By default line break tags are automatically added, so use this tag to add additional ones. Use of this tag is different because it is not used with an open/close pair like all the others. Use the extra " /" inside the tag to maintain XHTML 1.0 compatibility'), $this->t('Text with <br />line break')),
'p' => array($this->t('By default paragraph tags are automatically added, so use this tag to add additional ones.'), '<p>' . $this->t('Paragraph one.') . '</p> <p>' . $this->t('Paragraph two.') . '</p>'),
'strong' => array($this->t('Strong', array(), array('context' => 'Font weight')), '<strong>' . $this->t('Strong', array(), array('context' => 'Font weight')) . '</strong>'),
@ -142,7 +143,7 @@ class FilterHtml extends FilterBase {
if (!empty($tips[$tag])) {
$rows[] = array(
array('data' => $tips[$tag][0], 'class' => array('description')),
array('data' => '<code>' . check_plain($tips[$tag][1]) . '</code>', 'class' => array('type')),
array('data' => '<code>' . String::checkPlain($tips[$tag][1]) . '</code>', 'class' => array('type')),
array('data' => $tips[$tag][1], 'class' => array('get'))
);
}
@ -173,7 +174,7 @@ class FilterHtml extends FilterBase {
foreach ($entities as $entity) {
$rows[] = array(
array('data' => $entity[0], 'class' => array('description')),
array('data' => '<code>' . check_plain($entity[1]) . '</code>', 'class' => array('type')),
array('data' => '<code>' . String::checkPlain($entity[1]) . '</code>', 'class' => array('type')),
array('data' => $entity[1], 'class' => array('get'))
);
}

3
core/modules/filter/src/Tests/FilterAdminTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\filter\Tests;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
/**
@ -304,7 +305,7 @@ class FilterAdminTest extends WebTestBase {
$edit['body[0][format]'] = $plain;
$this->drupalPostForm('node/' . $node->id() . '/edit', $edit, t('Save'));
$this->drupalGet('node/' . $node->id());
$this->assertText(check_plain($text), 'The "Plain text" text format escapes all HTML tags.');
$this->assertText(String::checkPlain($text), 'The "Plain text" text format escapes all HTML tags.');
\Drupal::config('filter.settings')
->set('always_show_fallback_choice', FALSE)
->save();

9
core/modules/filter/src/Tests/FilterUnitTest.php
View File

@ -8,6 +8,7 @@
namespace Drupal\filter\Tests;
use Drupal\Component\Utility\Html;
use Drupal\Component\Utility\String;
use Drupal\simpletest\DrupalUnitTestBase;
use Drupal\filter\FilterBag;
@ -360,7 +361,7 @@ class FilterUnitTest extends DrupalUnitTestBase {
/**
* Tests the HTML escaping filter.
*
* check_plain() is not tested here.
* \Drupal\Component\Utility\String::checkPlain() is not tested here.
*/
function testHtmlEscapeFilter() {
// Get FilterHtmlEscape object.
@ -726,10 +727,10 @@ www.example.com with a newline in comments -->
)));
}
if (!$success) {
$this->verbose('Source:<pre>' . check_plain(var_export($source, TRUE)) . '</pre>'
. '<hr />' . 'Result:<pre>' . check_plain(var_export($result, TRUE)) . '</pre>'
$this->verbose('Source:<pre>' . String::checkPlain(var_export($source, TRUE)) . '</pre>'
. '<hr />' . 'Result:<pre>' . String::checkPlain(var_export($result, TRUE)) . '</pre>'
. '<hr />' . ($is_expected ? 'Expected:' : 'Not expected:')
. '<pre>' . check_plain(var_export($value, TRUE)) . '</pre>'
. '<pre>' . String::checkPlain(var_export($value, TRUE)) . '</pre>'
);
}
}

11
core/modules/node/node.tokens.inc
View File

@ -5,6 +5,7 @@
* Builds placeholder replacement tokens for node-related data.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Language\LanguageInterface;
/**
@ -112,16 +113,16 @@ function node_tokens($type, $tokens, array $data = array(), array $options = arr
break;
case 'type':
$replacements[$original] = $sanitize ? check_plain($node->getType()) : $node->getType();
$replacements[$original] = $sanitize ? String::checkPlain($node->getType()) : $node->getType();
break;
case 'type-name':
$type_name = node_get_type_label($node);
$replacements[$original] = $sanitize ? check_plain($type_name) : $type_name;
$replacements[$original] = $sanitize ? String::checkPlain($type_name) : $type_name;
break;
case 'title':
$replacements[$original] = $sanitize ? check_plain($node->getTitle()) : $node->getTitle();
$replacements[$original] = $sanitize ? String::checkPlain($node->getTitle()) : $node->getTitle();
break;
case 'body':
@ -160,7 +161,7 @@ function node_tokens($type, $tokens, array $data = array(), array $options = arr
break;
case 'langcode':
$replacements[$original] = $sanitize ? check_plain($node->language()->id) : $node->language()->id;
$replacements[$original] = $sanitize ? String::checkPlain($node->language()->id) : $node->language()->id;
break;
case 'url':
@ -174,7 +175,7 @@ function node_tokens($type, $tokens, array $data = array(), array $options = arr
// Default values for the chained tokens handled below.
case 'author':
$account = $node->getOwner() ? $node->getOwner() : user_load(0);
$replacements[$original] = $sanitize ? check_plain($account->label()) : $account->label();
$replacements[$original] = $sanitize ? String::checkPlain($account->label()) : $account->label();
break;
case 'created':

7
core/modules/node/src/Plugin/Search/NodeSearch.php
View File

@ -7,6 +7,7 @@
namespace Drupal\node\Plugin\Search;
use Drupal\Component\Utility\String;
use Drupal\Core\Config\Config;
use Drupal\Core\Database\Connection;
use Drupal\Core\Database\Query\SelectExtender;
@ -279,7 +280,7 @@ class NodeSearch extends ConfigurableSearchPluginBase implements AccessibleInter
);
$results[] = array(
'link' => $node->url('canonical', array('absolute' => TRUE, 'language' => $language)),
'type' => check_plain($this->entityManager->getStorage('node_type')->load($node->bundle())->label()),
'type' => String::checkPlain($this->entityManager->getStorage('node_type')->load($node->bundle())->label()),
'title' => $node->label(),
'user' => drupal_render($username),
'date' => $node->getChangedTime(),
@ -358,7 +359,7 @@ class NodeSearch extends ConfigurableSearchPluginBase implements AccessibleInter
unset($build['#theme']);
$node->rendered = drupal_render($build);
$text = '<h1>' . check_plain($node->label($language->id)) . '</h1>' . $node->rendered;
$text = '<h1>' . String::checkPlain($node->label($language->id)) . '</h1>' . $node->rendered;
// Fetch extra data normally not visible.
$extra = $this->moduleHandler->invokeAll('node_update_index', array($node, $language->id));
@ -430,7 +431,7 @@ class NodeSearch extends ConfigurableSearchPluginBase implements AccessibleInter
);
// Add node types.
$types = array_map('check_plain', node_type_get_names());
$types = array_map(array('\Drupal\Component\Utility\String', 'checkPlain'), node_type_get_names());
$form['advanced']['types-fieldset'] = array(
'#type' => 'fieldset',
'#title' => t('Types'),

3
core/modules/node/src/Plugin/views/argument/Nid.php
View File

@ -7,6 +7,7 @@
namespace Drupal\node\Plugin\views\argument;
use Drupal\Component\Utility\String;
use Drupal\views\Plugin\views\argument\Numeric;
/**
@ -24,7 +25,7 @@ class Nid extends Numeric {
$nodes = node_load_multiple($this->value);
foreach ($nodes as $node) {
$titles[] = check_plain($node->label());
$titles[] = String::checkPlain($node->label());
}
return $titles;
}

3
core/modules/node/src/Plugin/views/argument/Type.php
View File

@ -7,6 +7,7 @@
namespace Drupal\node\Plugin\views\argument;
use Drupal\Component\Utility\String as UtilityString;
use Drupal\views\Plugin\views\argument\String;
/**
@ -35,7 +36,7 @@ class Type extends String {
function node_type($type_name) {
$type = entity_load('node_type', $type_name);
$output = $type ? $type->label() : t('Unknown content type');
return check_plain($output);
return UtilityString::checkPlain($output);
}
}

3
core/modules/node/src/Plugin/views/argument/Vid.php
View File

@ -7,6 +7,7 @@
namespace Drupal\node\Plugin\views\argument;
use Drupal\Component\Utility\String;
use Drupal\Core\Database\Connection;
use Drupal\views\Plugin\views\argument\Numeric;
use Symfony\Component\DependencyInjection\ContainerInterface;
@ -66,7 +67,7 @@ class Vid extends Numeric {
foreach ($results as $result) {
$nodes[$result['nid']]->set('title', $result['title']);
$titles[] = check_plain($nodes[$result['nid']]->label());
$titles[] = String::checkPlain($nodes[$result['nid']]->label());
}
return $titles;

3
core/modules/node/src/Plugin/views/row/Rss.php
View File

@ -7,6 +7,7 @@
namespace Drupal\node\Plugin\views\row;
use Drupal\Component\Utility\String;
use Drupal\views\Plugin\views\row\RowPluginBase;
/**
@ -74,7 +75,7 @@ class Rss extends RowPluginBase {
public function summaryTitle() {
$options = $this->buildOptionsForm_summary_options();
return check_plain($options[$this->options['item_length']]);
return String::checkPlain($options[$this->options['item_length']]);
}
public function preRender($values) {

4
core/modules/node/src/Tests/NodeTokenReplaceTest.php
View File

@ -73,10 +73,10 @@ class NodeTokenReplaceTest extends TokenReplaceUnitTestBase {
$tests['[node:vid]'] = $node->getRevisionId();
$tests['[node:type]'] = 'article';
$tests['[node:type-name]'] = 'Article';
$tests['[node:title]'] = check_plain($node->getTitle());
$tests['[node:title]'] = String::checkPlain($node->getTitle());
$tests['[node:body]'] = $node->body->processed;
$tests['[node:summary]'] = $node->body->summary_processed;
$tests['[node:langcode]'] = check_plain($node->language()->id);
$tests['[node:langcode]'] = String::checkPlain($node->language()->id);
$tests['[node:url]'] = url('node/' . $node->id(), $url_options);
$tests['[node:edit-url]'] = url('node/' . $node->id() . '/edit', $url_options);
$tests['[node:author]'] = String::checkPlain($account->getUsername());

3
core/modules/rdf/rdf.module
View File

@ -5,6 +5,7 @@
* Enables semantically enriched output for Drupal sites in the form of RDFa.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Template\Attribute;
use Symfony\Cmf\Component\Routing\RouteObjectInterface;
use Symfony\Component\HttpFoundation\Request;
@ -418,7 +419,7 @@ function rdf_preprocess_username(&$variables) {
// Long usernames are truncated by template_preprocess_username(). Store the
// full name in the content attribute so it can be extracted in RDFa.
if ($variables['truncated']) {
$attributes['content'] = check_plain($variables['name_raw']);
$attributes['content'] = String::checkPlain($variables['name_raw']);
}
// The remaining attributes can have multiple values listed, with whitespace
// separating the values in the RDFa attributes

3
core/modules/responsive_image/src/Entity/ResponsiveImageMapping.php
View File

@ -7,6 +7,7 @@
namespace Drupal\responsive_image\Entity;
use Drupal\Component\Utility\String;
use Drupal\Core\Config\Entity\ConfigEntityBase;
use Drupal\responsive_image\ResponsiveImageMappingInterface;
@ -122,7 +123,7 @@ class ResponsiveImageMapping extends ConfigEntityBase implements ResponsiveImage
public function createDuplicate() {
return entity_create('responsive_image_mapping', array(
'id' => '',
'label' => t('Clone of !label', array('!label' => check_plain($this->label()))),
'label' => t('Clone of !label', array('!label' => String::checkPlain($this->label()))),
'mappings' => $this->getMappings(),
));
}

3
core/modules/responsive_image/src/ResponsiveImageMappingForm.php
View File

@ -7,6 +7,7 @@
namespace Drupal\responsive_image;
use Drupal\Component\Utility\String;
use Drupal\Core\Entity\EntityForm;
/**
@ -78,7 +79,7 @@ class ResponsiveImageMappingForm extends EntityForm {
$label = $multiplier . ' ' . $breakpoint->name . ' [' . $breakpoint->mediaQuery . ']';
$form['mappings'][$breakpoint_id][$multiplier] = array(
'#type' => 'select',
'#title' => check_plain($label),
'#title' => String::checkPlain($label),
'#options' => $image_styles,
'#default_value' => $image_style,
'#description' => $this->t('Select an image style for this breakpoint.'),

3
core/modules/rest/src/Plugin/views/display/RestExport.php
View File

@ -7,6 +7,7 @@
namespace Drupal\rest\Plugin\views\display;
use Drupal\Component\Utility\String;
use Drupal\Core\Form\FormErrorInterface;
use Drupal\Core\State\StateInterface;
use Drupal\Core\Routing\RouteProviderInterface;
@ -286,7 +287,7 @@ class RestExport extends PathPluginBase {
// Wrap the output in a pre tag if this is for a live preview.
if (!empty($this->view->live_preview)) {
$build['#prefix'] = '<pre>';
$build['#markup'] = check_plain($build['#markup']);
$build['#markup'] = String::checkPlain($build['#markup']);
$build['#suffix'] = '</pre>';
}

3
core/modules/rest/src/Tests/Views/StyleSerializerTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\rest\Tests\Views;
use Drupal\Component\Utility\String;
use Drupal\views\Views;
use Drupal\views\Tests\Plugin\PluginTestBase;
use Drupal\views\Tests\ViewTestData;
@ -280,7 +281,7 @@ class StyleSerializerTest extends PluginTestBase {
$entities[] = $row->_entity;
}
$expected = check_plain($serializer->serialize($entities, 'json'));
$expected = String::checkPlain($serializer->serialize($entities, 'json'));
$view->display_handler->setContentType('json');
$view->live_preview = TRUE;

5
core/modules/search/search.module
View File

@ -5,6 +5,7 @@
* Enables site-wide keyword searching.
*/
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Unicode;
use Symfony\Component\HttpFoundation\Request;
@ -675,7 +676,7 @@ function search_excerpt($keys, $text, $langcode = NULL) {
// We didn't find any keyword matches, so just return the first part of the
// text. We also need to re-encode any HTML special characters that we
// entity-decoded above.
return check_plain(truncate_utf8($text, 256, TRUE, TRUE));
return String::checkPlain(truncate_utf8($text, 256, TRUE, TRUE));
}
// Sort the text ranges by starting position.
@ -716,7 +717,7 @@ function search_excerpt($keys, $text, $langcode = NULL) {
// translated. Let translators have the … separator text as one chunk.
$ellipses = explode('!excerpt', t('… !excerpt … !excerpt …'));
$text = (isset($new_ranges[0]) ? '' : $ellipses[0]) . implode($ellipses[1], $out) . (($max_end < strlen($text) - 1) ? $ellipses[2] : '');
$text = check_plain($text);
$text = String::checkPlain($text);
// Highlight keywords. Must be done at once to prevent conflicts ('strong'
// and '<strong>').

5
core/modules/search/search.pages.inc
View File

@ -5,6 +5,7 @@
* User page callbacks for the Search module.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Language\LanguageInterface;
/**
@ -35,7 +36,7 @@ function template_preprocess_search_result(&$variables) {
$result = $variables['result'];
$variables['url'] = check_url($result['link']);
$variables['title'] = check_plain($result['title']);
$variables['title'] = String::checkPlain($result['title']);
if (isset($result['language']) && $result['language'] != $language_interface->id && $result['language'] != LanguageInterface::LANGCODE_NOT_SPECIFIED) {
$variables['title_attributes']['lang'] = $result['language'];
$variables['content_attributes']['lang'] = $result['language'];
@ -43,7 +44,7 @@ function template_preprocess_search_result(&$variables) {
$info = array();
if (!empty($result['plugin_id'])) {
$info['plugin_id'] = check_plain($result['plugin_id']);
$info['plugin_id'] = String::checkPlain($result['plugin_id']);
}
if (!empty($result['user'])) {
$info['user'] = $result['user'];

3
core/modules/search/src/Tests/SearchCommentTest.php
View File

@ -8,6 +8,7 @@
namespace Drupal\search\Tests;
use Drupal\comment\Plugin\Field\FieldType\CommentItemInterface;
use Drupal\Component\Utility\String;
use Drupal\field\Entity\FieldInstanceConfig;
/**
@ -124,7 +125,7 @@ class SearchCommentTest extends SearchTestBase {
// Verify that comment is rendered using proper format.
$this->assertText($comment_body, 'Comment body text found in search results.');
$this->assertNoRaw(t('n/a'), 'HTML in comment body is not hidden.');
$this->assertNoRaw(check_plain($edit_comment['comment_body[0][value]']), 'HTML in comment body is not escaped.');
$this->assertNoRaw(String::checkPlain($edit_comment['comment_body[0][value]']), 'HTML in comment body is not escaped.');
// Hide comments.
$this->drupalLogin($this->admin_user);

3
core/modules/shortcut/shortcut.admin.inc
View File

@ -4,6 +4,7 @@
* @file
* Administrative page callbacks for the shortcut module.
*/
use Drupal\Component\Utility\String;
use Drupal\shortcut\Entity\ShortcutSet;
/**
@ -40,7 +41,7 @@ function shortcut_set_switch($form, &$form_state, $account = NULL) {
$options = array();
foreach ($sets as $name => $set) {
$options[$name] = check_plain($set->label());
$options[$name] = String::checkPlain($set->label());
}
// Only administrators can add shortcut sets.

5
core/modules/simpletest/simpletest.install
View File

@ -6,6 +6,7 @@
*/
use Drupal\Component\Utility\Environment;
use Drupal\Component\Utility\String;
/**
* Minimum value of PHP memory_limit for SimpleTest.
@ -67,7 +68,7 @@ function simpletest_requirements($phase) {
'value' => is_dir(DRUPAL_ROOT . '/' . $site_directory) ? t('Not writable') : t('Missing'),
'severity' => REQUIREMENT_ERROR,
'description' => t('The testing framework requires the !sites-simpletest directory to exist and be writable in order to run tests.', array(
'!sites-simpletest' => '<code>./' . check_plain($site_directory) . '</code>',
'!sites-simpletest' => '<code>./' . String::checkPlain($site_directory) . '</code>',
)),
);
}
@ -77,7 +78,7 @@ function simpletest_requirements($phase) {
'value' => t('Not protected'),
'severity' => REQUIREMENT_ERROR,
'description' => t('The file !file does not exist and could not be created automatically, which poses a security risk. Ensure that the directory is writable.', array(
'!file' => '<code>./' . check_plain($site_directory) . '/.htaccess</code>',
'!file' => '<code>./' . String::checkPlain($site_directory) . '/.htaccess</code>',
)),
);
}

12
core/modules/simpletest/src/WebTestBase.php
View File

@ -1518,7 +1518,7 @@ abstract class WebTestBase extends TestBase {
$verbose = 'GET request to: ' . $path .
'<hr />Ending URL: ' . $this->getUrl();
if ($this->dumpHeaders) {
$verbose .= '<hr />Headers: <pre>' . check_plain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>';
$verbose .= '<hr />Headers: <pre>' . String::checkPlain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>';
}
$verbose .= '<hr />' . $out;
@ -1708,7 +1708,7 @@ abstract class WebTestBase extends TestBase {
$verbose = 'POST request to: ' . $path;
$verbose .= '<hr />Ending URL: ' . $this->getUrl();
if ($this->dumpHeaders) {
$verbose .= '<hr />Headers: <pre>' . check_plain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>';
$verbose .= '<hr />Headers: <pre>' . String::checkPlain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>';
}
$verbose .= '<hr />Fields: ' . highlight_string('<?php ' . var_export($post_array, TRUE), TRUE);
$verbose .= '<hr />' . $out;
@ -2108,7 +2108,7 @@ abstract class WebTestBase extends TestBase {
if ($this->dumpHeaders) {
$this->verbose('GET request to: ' . $path .
'<hr />Ending URL: ' . $this->getUrl() .
'<hr />Headers: <pre>' . check_plain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>');
'<hr />Headers: <pre>' . String::checkPlain(var_export(array_map('trim', $this->headers), TRUE)) . '</pre>');
}
return $out;
@ -3129,9 +3129,9 @@ abstract class WebTestBase extends TestBase {
*/
protected function assertThemeOutput($callback, array $variables = array(), $expected, $message = '', $group = 'Other') {
$output = _theme($callback, $variables);
$this->verbose('Variables:' . '<pre>' . check_plain(var_export($variables, TRUE)) . '</pre>'
. '<hr />' . 'Result:' . '<pre>' . check_plain(var_export($output, TRUE)) . '</pre>'
. '<hr />' . 'Expected:' . '<pre>' . check_plain(var_export($expected, TRUE)) . '</pre>'
$this->verbose('Variables:' . '<pre>' . String::checkPlain(var_export($variables, TRUE)) . '</pre>'
. '<hr />' . 'Result:' . '<pre>' . String::checkPlain(var_export($output, TRUE)) . '</pre>'
. '<hr />' . 'Expected:' . '<pre>' . String::checkPlain(var_export($expected, TRUE)) . '</pre>'
. '<hr />' . $output
);
if (!$message) {

4
core/modules/system/form.api.php
View File

@ -5,6 +5,8 @@
* Callbacks provided by the form system.
*/
use Drupal\Component\Utility\String;
/**
* @addtogroup callbacks
* @{
@ -74,7 +76,7 @@ function callback_batch_operation($MULTIPLE_PARAMS, &$context) {
node_save($node);
// Store some result for post-processing in the finished callback.
$context['results'][] = check_plain($node->title);
$context['results'][] = String::checkPlain($node->title);
// Update our progress information.
$context['sandbox']['progress']++;

3
core/modules/system/src/Form/FileSystemForm.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Form;
use Drupal\Component\Utility\String;
use Drupal\Core\StreamWrapper\PublicStream;
use Drupal\Core\Form\ConfigFormBase;
@ -55,7 +56,7 @@ class FileSystemForm extends ConfigFormBase {
// Any visible, writeable wrapper can potentially be used for the files
// directory, including a remote file system that integrates with a CDN.
foreach (file_get_stream_wrappers(STREAM_WRAPPERS_WRITE_VISIBLE) as $scheme => $info) {
$options[$scheme] = check_plain($info['description']);
$options[$scheme] = String::checkPlain($info['description']);
}
if (!empty($options)) {

3
core/modules/system/src/Form/ModulesListForm.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Form;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Unicode;
use Drupal\Core\Entity\EntityManagerInterface;
use Drupal\Core\Entity\Query\QueryFactory;
@ -116,7 +117,7 @@ class ModulesListForm extends FormBase {
*/
public function buildForm(array $form, array &$form_state) {
require_once DRUPAL_ROOT . '/core/includes/install.inc';
$distribution = check_plain(drupal_install_profile_distribution_name());
$distribution = String::checkPlain(drupal_install_profile_distribution_name());
// Include system.admin.inc so we can use the sort callbacks.
$this->moduleHandler->loadInclude('system', 'inc', 'system.admin');

3
core/modules/system/src/Tests/Common/CascadingStylesheetsTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Common;
use Drupal\Component\Utility\String;
use Drupal\simpletest\DrupalUnitTestBase;
/**
@ -78,7 +79,7 @@ class CascadingStylesheetsTest extends DrupalUnitTestBase {
$this->assertTrue(strpos($styles, $css) > 0, 'Rendered CSS includes the added stylesheet.');
// Verify that newlines are properly added inside style tags.
$query_string = $this->container->get('state')->get('system.css_js_query_string') ?: '0';
$css_processed = '<link rel="stylesheet" href="' . check_plain(file_create_url($css)) . "?" . $query_string . '" media="all" />';
$css_processed = '<link rel="stylesheet" href="' . String::checkPlain(file_create_url($css)) . "?" . $query_string . '" media="all" />';
$this->assertEqual(trim($styles), $css_processed, 'Rendered CSS includes newlines inside style tags for JavaScript use.');
}

5
core/modules/system/src/Tests/Common/RenderWebTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Common;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
/**
@ -153,8 +154,8 @@ class RenderWebTest extends WebTestBase {
protected function assertRenderedElement(array $element, $xpath, array $xpath_args = array()) {
$original_element = $element;
$this->drupalSetContent(drupal_render($element));
$this->verbose('<pre>' . check_plain(var_export($original_element, TRUE)) . '</pre>'
. '<pre>' . check_plain(var_export($element, TRUE)) . '</pre>'
$this->verbose('<pre>' . String::checkPlain(var_export($original_element, TRUE)) . '</pre>'
. '<pre>' . String::checkPlain(var_export($element, TRUE)) . '</pre>'
. '<hr />' . $this->drupalGetContent()
);

13
core/modules/system/src/Tests/Common/TableSortExtenderUnitTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Common;
use Drupal\Component\Utility\String;
use Drupal\simpletest\UnitTestBase;
use Symfony\Component\HttpFoundation\Request;
@ -43,7 +44,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
$request->query->replace(array());
\Drupal::getContainer()->set('request', $request);
$ts = tablesort_init($headers);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Simple table headers sorted correctly.');
// Test with simple table headers plus $_GET parameters that should _not_
@ -56,7 +57,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
));
\Drupal::getContainer()->set('request', $request);
$ts = tablesort_init($headers);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Simple table headers plus non-overriding $_GET parameters sorted correctly.');
// Test with simple table headers plus $_GET parameters that _should_
@ -72,7 +73,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
$expected_ts['sort'] = 'desc';
$expected_ts['query'] = array('alpha' => 'beta');
$ts = tablesort_init($headers);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Simple table headers plus $_GET parameters sorted correctly.');
// Test complex table headers.
@ -104,7 +105,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
'sort' => 'desc',
'query' => array(),
);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Complex table headers sorted correctly.');
// Test complex table headers plus $_GET parameters that should _not_
@ -123,7 +124,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
'sort' => 'asc',
'query' => array(),
);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Complex table headers plus non-overriding $_GET parameters sorted correctly.');
// Test complex table headers plus $_GET parameters that _should_
@ -144,7 +145,7 @@ class TableSortExtenderUnitTest extends UnitTestBase {
'query' => array('alpha' => 'beta'),
);
$ts = tablesort_init($headers);
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => check_plain(var_export($ts, TRUE)))));
$this->verbose(strtr('$ts: <pre>!ts</pre>', array('!ts' => String::checkPlain(var_export($ts, TRUE)))));
$this->assertEqual($ts, $expected_ts, 'Complex table headers plus $_GET parameters sorted correctly.');
}
}

2
core/modules/system/src/Tests/Form/FormTest.php
View File

@ -610,7 +610,7 @@ class FormTest extends WebTestBase {
$path = strtr($path, array('!type' => $type));
// Verify that the element exists.
$element = $this->xpath($path, array(
':name' => check_plain($name),
':name' => String::checkPlain($name),
':div-class' => $class,
':value' => isset($item['#value']) ? $item['#value'] : '',
));

5
core/modules/system/src/Tests/Mail/HtmlToTextTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Mail;
use Drupal\Component\Utility\String;
use Drupal\Core\Site\Settings;
use Drupal\simpletest\WebTestBase;
@ -37,7 +38,7 @@ class HtmlToTextTest extends WebTestBase {
str_replace(
array("\n", ' '),
array('\n', '&nbsp;'),
check_plain($text)
String::checkPlain($text)
) . '"';
}
@ -59,7 +60,7 @@ class HtmlToTextTest extends WebTestBase {
$tested_tags = implode(', ', array_unique($matches[1]));
$message .= ' (' . $tested_tags . ')';
$result = drupal_html_to_text($html, $allowed_tags);
$pass = $this->assertEqual($result, $text, check_plain($message));
$pass = $this->assertEqual($result, $text, String::checkPlain($message));
$verbose = 'html = <pre>' . $this->stringToHtml($html)
. '</pre><br />' . 'result = <pre>' . $this->stringToHtml($result)
. '</pre><br />' . 'expected = <pre>' . $this->stringToHtml($text)

3
core/modules/system/src/Tests/Menu/BreadcrumbTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Menu;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Unicode;
/**
@ -272,7 +273,7 @@ class BreadcrumbTest extends MenuTestBase {
$link['link_path'] => $link['link_title'],
);
$this->assertBreadcrumb($link['link_path'], $trail, $term->getName(), $tree);
$this->assertRaw(check_plain($parent->getTitle()), 'Tagged node found.');
$this->assertRaw(String::checkPlain($parent->getTitle()), 'Tagged node found.');
// Additionally make sure that this link appears only once; i.e., the
// untranslated menu links automatically generated from menu router items

3
core/modules/system/src/Tests/Menu/MenuTestBase.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Menu;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
abstract class MenuTestBase extends WebTestBase {
@ -65,7 +66,7 @@ abstract class MenuTestBase extends WebTestBase {
foreach ($trail as $path => $title) {
$url = url($path);
$part = array_shift($parts);
$pass = ($pass && $part['href'] === $url && $part['text'] === check_plain($title));
$pass = ($pass && $part['href'] === $url && $part['text'] === String::checkPlain($title));
}
}
// No parts must be left, or an expected "Home" will always pass.

5
core/modules/system/src/Tests/System/PageTitleTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\System;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Utility\Title;
use Drupal\simpletest\WebTestBase;
@ -65,7 +66,7 @@ class PageTitleTest extends WebTestBase {
$node = $this->drupalGetNodeByTitle($edit['title[0][value]']);
$this->assertNotNull($node, 'Node created and found in database');
$this->drupalGet("node/" . $node->id());
$this->assertText(check_plain($edit['title[0][value]']), 'Check to make sure tags in the node title are converted.');
$this->assertText(String::checkPlain($edit['title[0][value]']), 'Check to make sure tags in the node title are converted.');
}
/**
@ -74,7 +75,7 @@ class PageTitleTest extends WebTestBase {
function testTitleXSS() {
// Set some title with JavaScript and HTML chars to escape.
$title = '</title><script type="text/javascript">alert("Title XSS!");</script> & < > " \' ';
$title_filtered = check_plain($title);
$title_filtered = String::checkPlain($title);
$slogan = '<script type="text/javascript">alert("Slogan XSS!");</script>';
$slogan_filtered = Xss::filterAdmin($slogan);

25
core/modules/system/src/Tests/Theme/FunctionsTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\system\Tests\Theme;
use Drupal\Component\Utility\String;
use Drupal\Core\Session\UserSession;
use Drupal\simpletest\WebTestBase;
use Symfony\Cmf\Component\Routing\RouteObjectInterface;
@ -198,10 +199,10 @@ class FunctionsTest extends WebTestBase {
$expected_links = '';
$expected_links .= '<ul id="somelinks">';
$expected_links .= '<li class="a-link"><a href="' . url('a/link') . '">' . check_plain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text">' . check_plain('Plain "text"') . '</li>';
$expected_links .= '<li class="front-page"><a href="' . url('<front>') . '">' . check_plain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '">' . check_plain('Test route') . '</a></li>';
$expected_links .= '<li class="a-link"><a href="' . url('a/link') . '">' . String::checkPlain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text">' . String::checkPlain('Plain "text"') . '</li>';
$expected_links .= '<li class="front-page"><a href="' . url('<front>') . '">' . String::checkPlain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '">' . String::checkPlain('Test route') . '</a></li>';
$expected_links .= '</ul>';
// Verify that passing a string as heading works.
@ -234,10 +235,10 @@ class FunctionsTest extends WebTestBase {
);
$expected_links = '';
$expected_links .= '<ul id="somelinks">';
$expected_links .= '<li class="a-link"><a href="' . url('a/link') . '" class="a/class">' . check_plain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text"><span class="a/class">' . check_plain('Plain "text"') . '</span></li>';
$expected_links .= '<li class="front-page"><a href="' . url('<front>') . '">' . check_plain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '">' . check_plain('Test route') . '</a></li>';
$expected_links .= '<li class="a-link"><a href="' . url('a/link') . '" class="a/class">' . String::checkPlain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text"><span class="a/class">' . String::checkPlain('Plain "text"') . '</span></li>';
$expected_links .= '<li class="front-page"><a href="' . url('<front>') . '">' . String::checkPlain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '">' . String::checkPlain('Test route') . '</a></li>';
$expected_links .= '</ul>';
$expected = $expected_heading . $expected_links;
$this->assertThemeOutput('links', $variables, $expected);
@ -247,10 +248,10 @@ class FunctionsTest extends WebTestBase {
$variables['set_active_class'] = TRUE;
$expected_links = '';
$expected_links .= '<ul id="somelinks">';
$expected_links .= '<li class="a-link" data-drupal-link-system-path="a/link"><a href="' . url('a/link') . '" class="a/class" data-drupal-link-system-path="a/link">' . check_plain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text"><span class="a/class">' . check_plain('Plain "text"') . '</span></li>';
$expected_links .= '<li class="front-page" data-drupal-link-system-path="&lt;front&gt;"><a href="' . url('<front>') . '" data-drupal-link-system-path="&lt;front&gt;">' . check_plain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test" data-drupal-link-system-path="router_test/test1"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '" data-drupal-link-system-path="router_test/test1">' . check_plain('Test route') . '</a></li>';
$expected_links .= '<li class="a-link" data-drupal-link-system-path="a/link"><a href="' . url('a/link') . '" class="a/class" data-drupal-link-system-path="a/link">' . String::checkPlain('A <link>') . '</a></li>';
$expected_links .= '<li class="plain-text"><span class="a/class">' . String::checkPlain('Plain "text"') . '</span></li>';
$expected_links .= '<li class="front-page" data-drupal-link-system-path="&lt;front&gt;"><a href="' . url('<front>') . '" data-drupal-link-system-path="&lt;front&gt;">' . String::checkPlain('Front page') . '</a></li>';
$expected_links .= '<li class="router-test" data-drupal-link-system-path="router_test/test1"><a href="' . \Drupal::urlGenerator()->generate('router_test.1') . '" data-drupal-link-system-path="router_test/test1">' . String::checkPlain('Test route') . '</a></li>';
$expected_links .= '</ul>';
$expected = $expected_heading . $expected_links;
$this->assertThemeOutput('links', $variables, $expected);

5
core/modules/system/system.api.php
View File

@ -5,6 +5,7 @@
* Hooks provided by Drupal core and the System module.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Utility\UpdateException;
/**
@ -2428,7 +2429,7 @@ function hook_tokens($type, $tokens, array $data = array(), array $options = arr
break;
case 'title':
$replacements[$original] = $sanitize ? check_plain($node->getTitle()) : $node->getTitle();
$replacements[$original] = $sanitize ? String::checkPlain($node->getTitle()) : $node->getTitle();
break;
case 'edit-url':
@ -2438,7 +2439,7 @@ function hook_tokens($type, $tokens, array $data = array(), array $options = arr
// Default values for the chained tokens handled below.
case 'author':
$account = $node->getOwner() ? $node->getOwner() : user_load(0);
$replacements[$original] = $sanitize ? check_plain($account->label()) : $account->label();
$replacements[$original] = $sanitize ? String::checkPlain($account->label()) : $account->label();
break;
case 'created':

5
core/modules/system/system.tokens.inc
View File

@ -7,6 +7,7 @@
* This file handles tokens for the global 'site' and 'date' tokens.
*/
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
/**
@ -106,7 +107,7 @@ function system_tokens($type, $tokens, array $data = array(), array $options = a
switch ($name) {
case 'name':
$site_name = \Drupal::config('system.site')->get('name');
$replacements[$original] = $sanitize ? check_plain($site_name) : $site_name;
$replacements[$original] = $sanitize ? String::checkPlain($site_name) : $site_name;
break;
case 'slogan':
@ -160,7 +161,7 @@ function system_tokens($type, $tokens, array $data = array(), array $options = a
break;
case 'raw':
$replacements[$original] = $sanitize ? check_plain($date) : $date;
$replacements[$original] = $sanitize ? String::checkPlain($date) : $date;
break;
}
}

2
core/modules/system/templates/links.html.twig
View File

@ -12,7 +12,7 @@
* item in the links list. If 'href' is supplied, the entire link is passed
* to l() as its $options parameter.
* - html: (optional) Whether or not 'title' is HTML. If set, the title will
* not be passed through check_plain().
* not be passed through \Drupal\Component\Utility\String::checkPlain().
* - attributes: (optional) HTML attributes for the anchor, or for the <span>
* tag if no 'href' is supplied.
* - heading: (optional) A heading to precede the links.

2
core/modules/system/tests/modules/database_test/database_test.module
View File

@ -215,7 +215,7 @@ function database_test_theme_tablesort($form, &$form_state) {
foreach (user_load_multiple($uids) as $account) {
$options[$account->id()] = array(
'title' => array('data' => array('#title' => String::checkPlain($account->getUsername()))),
'username' => check_plain($account->getUsername()),
'username' => String::checkPlain($account->getUsername()),
'status' => $account->isActive() ? t('active') : t('blocked'),
);
}

5
core/modules/system/tests/modules/entity_test/src/EntityTestViewBuilder.php
View File

@ -7,6 +7,7 @@
namespace Drupal\entity_test;
use Drupal\Component\Utility\String;
use Drupal\Core\Entity\EntityViewBuilder;
/**
@ -25,7 +26,7 @@ class EntityTestViewBuilder extends EntityViewBuilder {
foreach ($entities as $id => $entity) {
$build[$id]['label'] = array(
'#weight' => -100,
'#markup' => check_plain($entity->label()),
'#markup' => String::checkPlain($entity->label()),
);
$build[$id]['separator'] = array(
'#weight' => -150,
@ -33,7 +34,7 @@ class EntityTestViewBuilder extends EntityViewBuilder {
);
$build[$id]['view_mode'] = array(
'#weight' => -200,
'#markup' => check_plain($view_mode),
'#markup' => String::checkPlain($view_mode),
);
}
}

3
core/modules/system/tests/modules/form_test/form_test.module
View File

@ -6,6 +6,7 @@
*/
use Drupal\Component\Serialization\Json;
use Drupal\Component\Utility\String;
use Drupal\Core\Database\Database;
use Drupal\Core\Language\LanguageInterface;
use Drupal\form_test\Callbacks;
@ -640,7 +641,7 @@ function form_storage_test_form_continue_submit($form, &$form_state) {
* Form submit handler to finish multi-step form.
*/
function form_test_storage_form_submit($form, &$form_state) {
drupal_set_message("Title: " . check_plain($form_state['values']['title']));
drupal_set_message("Title: " . String::checkPlain($form_state['values']['title']));
drupal_set_message("Form constructions: " . $_SESSION['constructions']);
if (isset($form_state['storage']['thing']['changed'])) {
drupal_set_message("The thing has been changed.");

2
core/modules/text/src/Plugin/Field/FieldType/TextItemBase.php
View File

@ -49,7 +49,7 @@ abstract class TextItemBase extends FieldItemBase {
* {@inheritdoc}
*/
public function applyDefaultValue($notify = TRUE) {
// Default to a simple check_plain().
// Default to a simple \Drupal\Component\Utility\String::checkPlain().
// @todo: Add in the filter default format here.
$this->setValue(array('format' => NULL), $notify);
return $this;

5
core/modules/text/src/Tests/Formatter/TextPlainUnitTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\text\Tests\Formatter;
use Drupal\Component\Utility\String;
use Drupal\Core\Entity\ContentEntityInterface;
use Drupal\Core\Entity\Display\EntityViewDisplayInterface;
use Drupal\Core\Language\LanguageInterface;
@ -144,7 +145,7 @@ class TextPlainUnitTest extends DrupalUnitTestBase {
* @return string
* The $message with exported replacement tokens, sanitized for HTML output.
*
* @see check_plain()
* @see \Drupal\Component\Utility\String::checkPlain()
* @see format_string()
*/
protected function formatString($message, array $args) {
@ -304,7 +305,7 @@ class TextPlainUnitTest extends DrupalUnitTestBase {
$this->renderEntityFields($entity, $this->display);
$this->assertText($value);
$this->assertNoRaw($value);
$this->assertRaw(nl2br(check_plain($value)));
$this->assertRaw(nl2br(String::checkPlain($value)));
}
}

3
core/modules/text/src/Tests/TextFieldTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\text\Tests;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
/**
@ -212,7 +213,7 @@ class TextFieldTest extends WebTestBase {
$content = $display->build($entity);
$this->drupalSetContent(drupal_render($content));
$this->assertNoRaw($value, 'HTML tags are not displayed.');
$this->assertRaw(check_plain($value), 'Escaped HTML is displayed correctly.');
$this->assertRaw(String::checkPlain($value), 'Escaped HTML is displayed correctly.');
// Create a new text format that does not escape HTML, and grant the user
// access to it.

3
core/modules/text/src/TextProcessed.php
View File

@ -49,7 +49,8 @@ class TextProcessed extends TypedData {
$item = $this->getParent();
$text = $item->{($this->definition->getSetting('text source'))};
// Avoid running check_markup() or check_plain() on empty strings.
// Avoid running check_markup() or
// \Drupal\Component\Utility\String::checkPlain() on empty strings.
if (!isset($text) || $text === '') {
$this->processed = '';
}

3
core/modules/toolbar/toolbar.module
View File

@ -5,6 +5,7 @@
* Administration toolbar for quick access to top level administration items.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Cache\Cache;
use Drupal\Core\Render\Element;
use Drupal\Core\Template\Attribute;
@ -458,7 +459,7 @@ function toolbar_menu_navigation_links(&$tree) {
'toolbar-icon',
'toolbar-icon-' . strtolower(str_replace(' ', '-', $item['link']['link_title'])),
),
'title' => check_plain($item['link']['description']),
'title' => String::checkPlain($item['link']['description']),
);
}
}

3
core/modules/tour/src/Plugin/tour/tip/TipPluginText.php
View File

@ -7,6 +7,7 @@
namespace Drupal\tour\Plugin\tour\tip;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Plugin\ContainerFactoryPluginInterface;
use Drupal\Core\Utility\Token;
@ -119,7 +120,7 @@ class TipPluginText extends TipPluginBase implements ContainerFactoryPluginInter
* Implements \Drupal\tour\TipPluginInterface::getOutput().
*/
public function getOutput() {
$output = '<h2 class="tour-tip-label" id="tour-tip-' . $this->getAriaId() . '-label">' . check_plain($this->getLabel()) . '</h2>';
$output = '<h2 class="tour-tip-label" id="tour-tip-' . $this->getAriaId() . '-label">' . String::checkPlain($this->getLabel()) . '</h2>';
$output .= '<p class="tour-tip-body" id="tour-tip-' . $this->getAriaId() . '-contents">' . Xss::filterAdmin($this->token->replace($this->getBody())) . '</p>';
return array('#markup' => $output);
}

3
core/modules/tour/tests/tour_test/src/Plugin/tour/tip/TipPluginImage.php
View File

@ -7,6 +7,7 @@
namespace Drupal\tour_test\Plugin\tour\tip;
use Drupal\Component\Utility\String;
use Drupal\tour\TipPluginBase;
/**
@ -44,7 +45,7 @@ class TipPluginImage extends TipPluginBase {
'#uri' => $this->get('url'),
'#alt' => $this->get('alt'),
);
$output = '<h2 class="tour-tip-label" id="tour-tip-' . $this->get('ariaId') . '-label">' . check_plain($this->get('label')) . '</h2>';
$output = '<h2 class="tour-tip-label" id="tour-tip-' . $this->get('ariaId') . '-label">' . String::checkPlain($this->get('label')) . '</h2>';
$output .= '<p class="tour-tip-image" id="tour-tip-' . $this->get('ariaId') . '-contents">' . drupal_render($image) . '</p>';
return array('#markup' => $output);
}

4
core/modules/tracker/tracker.pages.inc
View File

@ -5,6 +5,8 @@
* User page callbacks for tracker.module.
*/
use Drupal\Component\Utility\String;
/**
* Page callback: Generates a page of tracked nodes for the site.
@ -86,7 +88,7 @@ function tracker_page($account = NULL) {
);
$row = array(
'type' => check_plain(node_get_type_label($node)),
'type' => String::checkPlain(node_get_type_label($node)),
'title' => array('data' => l($node->getTitle(), 'node/' . $node->id()) . ' ' . drupal_render($mark_build)),
'author' => array('data' => array('#theme' => 'username', '#account' => $node->getOwner())),
'replies' => array('class' => array('replies'), 'data' => $comments),

7
core/modules/update/update.manager.inc
View File

@ -36,6 +36,7 @@
* root.
*/
use Drupal\Component\Utility\String;
use Drupal\Core\Updater\Updater;
use Drupal\Core\FileTransfer\Local;
use Symfony\Component\HttpFoundation\RedirectResponse;
@ -108,14 +109,14 @@ function update_manager_update_form($form, $form_state = array(), $context) {
$project_name = l($project['title'], $project['link']);
}
else {
$project_name = check_plain($project['title']);
$project_name = String::checkPlain($project['title']);
}
}
elseif (!empty($project['info']['name'])) {
$project_name = check_plain($project['info']['name']);
$project_name = String::checkPlain($project['info']['name']);
}
else {
$project_name = check_plain($name);
$project_name = String::checkPlain($name);
}
if ($project['project_type'] == 'theme' || $project['project_type'] == 'theme-disabled') {
$project_name .= ' ' . t('(Theme)');

12
core/modules/update/update.report.inc
View File

@ -5,6 +5,8 @@
* Code required only when rendering the available updates report.
*/
use Drupal\Component\Utility\String;
/**
* Returns HTML for the project status report.
*
@ -83,7 +85,7 @@ function theme_update_report($variables) {
$row = '<div class="version-status">';
$update_status_label = array('#theme' => 'update_status_label', '#status' => $project['status']);
$status_label = drupal_render($update_status_label);
$row .= !empty($status_label) ? $status_label : check_plain($project['reason']);
$row .= !empty($status_label) ? $status_label : String::checkPlain($project['reason']);
$row .= '<span class="icon">' . drupal_render($icon) . '</span>';
$row .= "</div>\n";
@ -93,13 +95,13 @@ function theme_update_report($variables) {
$row .= l($project['title'], $project['link']);
}
else {
$row .= check_plain($project['title']);
$row .= String::checkPlain($project['title']);
}
}
else {
$row .= check_plain($project['name']);
$row .= String::checkPlain($project['name']);
}
$row .= ' ' . check_plain($project['existing_version']);
$row .= ' ' . String::checkPlain($project['existing_version']);
if ($project['install_type'] == 'dev' && !empty($project['datestamp'])) {
$row .= ' <span class="version-date">(' . format_date($project['datestamp'], 'custom', 'Y-M-d') . ')</span>';
}
@ -201,7 +203,7 @@ function theme_update_report($variables) {
$row .= '<div class="extra">' . "\n";
foreach ($project['extra'] as $value) {
$row .= '<div class="' . implode(' ', $value['class']) . '">';
$row .= check_plain($value['label']) . ': ';
$row .= String::checkPlain($value['label']) . ': ';
$row .= drupal_placeholder($value['data']);
$row .= "</div>\n";
}

2
core/modules/user/src/AccountForm.php
View File

@ -193,7 +193,7 @@ abstract class AccountForm extends ContentEntityForm {
'#access' => $admin,
);
$roles = array_map('check_plain', user_role_names(TRUE));
$roles = array_map(array('\Drupal\Component\Utility\String', 'checkPlain'), user_role_names(TRUE));
// The disabled checkbox subelement for the 'authenticated user' role
// must be generated separately and added to the checkboxes element,
// because of a limitation in Form API not supporting a single disabled

3
core/modules/user/src/Plugin/views/access/Role.php
View File

@ -7,6 +7,7 @@
namespace Drupal\user\Plugin\views\access;
use Drupal\Component\Utility\String;
use Drupal\views\Plugin\views\access\AccessPluginBase;
use Symfony\Component\Routing\Route;
use Drupal\Core\Session\AccountInterface;
@ -56,7 +57,7 @@ class Role extends AccessPluginBase {
else {
$rids = user_role_names();
$rid = reset($this->options['role']);
return check_plain($rids[$rid]);
return String::checkPlain($rids[$rid]);
}
}

2
core/modules/user/src/Plugin/views/argument_validator/User.php
View File

@ -62,7 +62,7 @@ class User extends Entity {
$form['roles'] = array(
'#type' => 'checkboxes',
'#title' => $this->t('Restrict to the selected roles'),
'#options' => array_map('check_plain', user_role_names(TRUE)),
'#options' => array_map(array('\Drupal\Component\Utility\String', 'checkPlain'), user_role_names(TRUE)),
'#default_value' => $this->options['roles'],
'#description' => $this->t('If no roles are selected, users from any role will be allowed.'),
'#states' => array(

3
core/modules/user/src/Plugin/views/field/Name.php
View File

@ -7,6 +7,7 @@
namespace Drupal\user\Plugin\views\field;
use Drupal\Component\Utility\String;
use Drupal\user\Plugin\views\field\User;
use Drupal\views\Plugin\views\display\DisplayPluginBase;
use Drupal\views\ResultRow;
@ -84,7 +85,7 @@ class Name extends User {
if (!empty($this->options['link_to_user']) || !empty($this->options['overwrite_anonymous'])) {
if (!empty($this->options['overwrite_anonymous']) && !$account->id()) {
// This is an anonymous user, and we're overriting the text.
return check_plain($this->options['anonymous_text']);
return String::checkPlain($this->options['anonymous_text']);
}
elseif (!empty($this->options['link_to_user'])) {
$account->name = $this->getValue($values);

3
core/modules/user/src/Plugin/views/field/Roles.php
View File

@ -7,6 +7,7 @@
namespace Drupal\user\Plugin\views\field;
use Drupal\Component\Utility\String;
use Drupal\Core\Database\Connection;
use Drupal\views\Plugin\views\display\DisplayPluginBase;
use Drupal\views\ViewExecutable;
@ -80,7 +81,7 @@ class Roles extends PrerenderList {
$roles = user_roles();
$result = $this->database->query('SELECT u.uid, u.rid FROM {users_roles} u WHERE u.uid IN (:uids) AND u.rid IN (:rids)', array(':uids' => $uids, ':rids' => array_keys($roles)));
foreach ($result as $role) {
$this->items[$role->uid][$role->rid]['role'] = check_plain($roles[$role->rid]->label());
$this->items[$role->uid][$role->rid]['role'] = String::checkPlain($roles[$role->rid]->label());
$this->items[$role->uid][$role->rid]['rid'] = $role->rid;
}
// Sort the roles for each user by role weight.

5
core/modules/user/src/Tests/UserAutocompleteTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\user\Tests;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
/**
@ -51,9 +52,9 @@ class UserAutocompleteTest extends WebTestBase {
$anonymous_name = $this->randomString() . '<script>alert();</script>';
\Drupal::config('user.settings')->set('anonymous', $anonymous_name)->save();
// Test that anonymous username is in the result when requested and escaped
// with check_plain().
// with \Drupal\Component\Utility\String::checkPlain().
$users = $this->drupalGetJSON('user/autocomplete/anonymous', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4))));
$this->assertEqual(check_plain($anonymous_name), $users[0]['label'], 'The anonymous name found in autocompletion results.');
$this->assertEqual(String::checkPlain($anonymous_name), $users[0]['label'], 'The anonymous name found in autocompletion results.');
$users = $this->drupalGetJSON('user/autocomplete', array('query' => array('q' => drupal_substr($anonymous_name, 0, 4))));
$this->assertTrue(empty($users), 'The anonymous name not found in autocompletion results without enabling anonymous username.');
}

7
core/modules/user/src/Tests/UserTokenReplaceTest.php
View File

@ -7,6 +7,7 @@
namespace Drupal\user\Tests;
use Drupal\Component\Utility\String;
use Drupal\simpletest\WebTestBase;
use Drupal\Core\Language\Language;
@ -62,15 +63,15 @@ class UserTokenReplaceTest extends WebTestBase {
// Generate and test sanitized tokens.
$tests = array();
$tests['[user:uid]'] = $account->id();
$tests['[user:name]'] = check_plain(user_format_name($account));
$tests['[user:mail]'] = check_plain($account->getEmail());
$tests['[user:name]'] = String::checkPlain(user_format_name($account));
$tests['[user:mail]'] = String::checkPlain($account->getEmail());
$tests['[user:url]'] = url("user/" . $account->id(), $url_options);
$tests['[user:edit-url]'] = url("user/" . $account->id() . "/edit", $url_options);
$tests['[user:last-login]'] = format_date($account->getLastLoginTime(), 'medium', '', NULL, $language_interface->id);
$tests['[user:last-login:short]'] = format_date($account->getLastLoginTime(), 'short', '', NULL, $language_interface->id);
$tests['[user:created]'] = format_date($account->getCreatedTime(), 'medium', '', NULL, $language_interface->id);
$tests['[user:created:short]'] = format_date($account->getCreatedTime(), 'short', '', NULL, $language_interface->id);
$tests['[current-user:name]'] = check_plain(user_format_name($global_account));
$tests['[current-user:name]'] = String::checkPlain(user_format_name($global_account));
// Test to make sure that we generated something for each token.
$this->assertFalse(in_array(0, array_map('strlen', $tests)), 'No empty tokens generated.');

13
core/modules/user/user.module
View File

@ -1,6 +1,7 @@
<?php
use Drupal\Component\Utility\Crypt;
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Unicode;
use Drupal\Core\Cache\Cache;
use Drupal\Core\Entity\EntityInterface;
@ -583,8 +584,8 @@ function user_preprocess_block(&$variables) {
*
* @return
* An unsanitized string with the username to display. The code receiving
* this result must ensure that check_plain() is called on it before it is
* printed to the page.
* this result must ensure that \Drupal\Component\Utility\String::checkPlain()
* is called on it before it is printed to the page.
*
* @deprecated in Drupal 8.x-dev, will be removed before Drupal 8.0.
* Use \Drupal\Core\Session\Interface::getUsername().
@ -621,7 +622,8 @@ function user_template_preprocess_default_variables_alter(&$variables) {
*
* Modules that make any changes to variables like 'name' or 'extra' must ensure
* that the final string is safe to include directly in the output by using
* check_plain() or \Drupal\Component\Utility\Xss::filter().
* \Drupal\Component\Utility\String::checkPlain() or
* \Drupal\Component\Utility\Xss::filter().
*/
function template_preprocess_username(&$variables) {
$account = $variables['account'] ?: new AnonymousUserSession();
@ -647,7 +649,7 @@ function template_preprocess_username(&$variables) {
else {
$variables['truncated'] = FALSE;
}
$variables['name'] = check_plain($name);
$variables['name'] = String::checkPlain($name);
$variables['profile_access'] = \Drupal::currentUser()->hasPermission('access user profiles');
// Populate link path and attributes if appropriate.
@ -664,7 +666,8 @@ function template_preprocess_username(&$variables) {
$variables['link_path'] = $account->homepage;
$variables['homepage'] = $account->homepage;
}
// We do not want the l() function to check_plain() a second time.
// We do not want the l() function to
// \Drupal\Component\Utility\String::checkPlain() a second time.
$variables['link_options']['html'] = TRUE;
// Set a default class.
$variables['link_options']['attributes']['class'] = array('username');

6
core/modules/user/user.tokens.inc
View File

@ -5,6 +5,8 @@
* Builds placeholder replacement tokens for user-related data.
*/
use Drupal\Component\Utility\String;
/**
* Implements hook_token_info().
*/
@ -88,11 +90,11 @@ function user_tokens($type, $tokens, array $data = array(), array $options = arr
case 'name':
$name = user_format_name($account);
$replacements[$original] = $sanitize ? check_plain($name) : $name;
$replacements[$original] = $sanitize ? String::checkPlain($name) : $name;
break;
case 'mail':
$replacements[$original] = $sanitize ? check_plain($account->getEmail()) : $account->getEmail();
$replacements[$original] = $sanitize ? String::checkPlain($account->getEmail()) : $account->getEmail();
break;
case 'url':

3
core/modules/xmlrpc/xmlrpc.inc
View File

@ -11,6 +11,7 @@
* This version is made available under the GNU GPL License
*/
use Drupal\Component\Utility\String;
use GuzzleHttp\Exception\RequestException;
/**
@ -122,7 +123,7 @@ function xmlrpc_value_get_xml($xmlrpc_value) {
case 'struct':
$return = '<struct>' . "\n";
foreach ($xmlrpc_value->data as $name => $value) {
$return .= " <member><name>" . check_plain($name) . "</name><value>";
$return .= " <member><name>" . String::checkPlain($name) . "</name><value>";
$return .= xmlrpc_value_get_xml($value) . "</value></member>\n";
}
$return .= '</struct>';

3
core/themes/bartik/bartik.theme
View File

@ -5,6 +5,7 @@
* Functions to support theming in the Bartik theme.
*/
use Drupal\Component\Utility\String;
use Drupal\Component\Utility\Xss;
use Drupal\Core\Template\RenderWrapper;
use Drupal\Core\Template\Attribute;
@ -181,7 +182,7 @@ function _bartik_process_page(&$variables) {
$variables['hide_site_slogan'] = theme_get_setting('features.slogan') ? FALSE : TRUE;
if ($variables['hide_site_name']) {
// If toggle_name is FALSE, the site_name will be empty, so we rebuild it.
$variables['site_name'] = check_plain($site_config->get('name'));
$variables['site_name'] = String::checkPlain($site_config->get('name'));
}
if ($variables['hide_site_slogan']) {
// If toggle_site_slogan is FALSE, the site_slogan will be empty, so we

4
core/themes/seven/seven.theme
View File

@ -119,7 +119,7 @@ function seven_node_add_list($variables) {
$output = '<ul class="admin-list">';
foreach ($content as $type) {
$output .= '<li class="clearfix">';
$content = '<span class="label">' . check_plain($type->name) . '</span>';
$content = '<span class="label">' . String::checkPlain($type->name) . '</span>';
$content .= '<div class="description">' . Xss::filterAdmin($type->description) . '</div>';
$options['html'] = TRUE;
$output .= l($content, 'node/add/' . $type->type, $options);
@ -144,7 +144,7 @@ function seven_block_content_add_list($variables) {
$output = '<ul class="admin-list">';
foreach ($variables['types'] as $id => $type) {
$output .= '<li class="clearfix">';
$content = '<span class="label">' . check_plain($type['title']) . '</span>';
$content = '<span class="label">' . String::checkPlain($type['title']) . '</span>';
$content .= '<div class="description">' . Xss::filterAdmin($type['description']) . '</div>';
$options = $type['localized_options'];
$options['html'] = TRUE;