Updates for 20.10.1 release

sreichel · sreichel · commit 736d5fc26c99 · 2024-07-27T19:48:48.000+02:00
diff --git a/app/code/core/Mage/Adminhtml/Block/Sales/Order/Comments/View.php b/app/code/core/Mage/Adminhtml/Block/Sales/Order/Comments/View.php
@@ -77,9 +77,9 @@ public function canSendCommentEmail()
     /**
      * Replace links in string
      *
-     * @param array|string $data
-     * @param null|array $allowedTags
-     * @return string
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
      */
     public function escapeHtml($data, $allowedTags = null)
     {
diff --git a/app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php b/app/code/core/Mage/Adminhtml/Block/Sales/Order/View/History.php
@@ -80,9 +80,9 @@ public function isCustomerNotificationNotApplicable(Mage_Sales_Model_Order_Statu
     /**
      * Replace links in string
      *
-     * @param array|string $data
-     * @param null|array $allowedTags
-     * @return string
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
      */
     public function escapeHtml($data, $allowedTags = null)
     {
diff --git a/app/code/core/Mage/Adminhtml/Helper/Sales.php b/app/code/core/Mage/Adminhtml/Helper/Sales.php
@@ -109,9 +109,9 @@ public function applySalableProductTypesFilter($collection)
     /**
      * Escape string preserving links
      *
-     * @param array|string $data
-     * @param null|array $allowedTags
-     * @return string
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
      */
     public function escapeHtmlWithLinks($data, $allowedTags = null)
     {
diff --git a/app/code/core/Mage/Core/Block/Abstract.php b/app/code/core/Mage/Core/Block/Abstract.php
@@ -1185,9 +1185,9 @@ public function htmlEscape($data, $allowedTags = null)
     /**
      * Escape html entities
      *
-     * @param   string|array $data
-     * @param   array $allowedTags
-     * @return  string
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
      */
     public function escapeHtml($data, $allowedTags = null)
     {
diff --git a/app/code/core/Mage/Core/Helper/Abstract.php b/app/code/core/Mage/Core/Helper/Abstract.php
@@ -178,9 +178,10 @@ public function __()
     }
 
     /**
-     * @param array $data
-     * @param array $allowedTags
-     * @return mixed
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
+     *
      * @see self::escapeHtml()
      * @deprecated after 1.4.0.0-rc1
      */
@@ -192,9 +193,9 @@ public function htmlEscape($data, $allowedTags = null)
     /**
      * Escape html entities
      *
-     * @param   string|array $data
-     * @param   array $allowedTags
-     * @return  mixed
+     * @param string|string[] $data
+     * @param array|null $allowedTags
+     * @return null|string|string[]
      */
     public function escapeHtml($data, $allowedTags = null)
     {
@@ -244,7 +245,7 @@ function ($matches) {
      * Wrapper for standard strip_tags() function with extra functionality for html entities
      *
      * @param string $data
-     * @param string $allowableTags
+     * @param null|string|string[] $allowableTags
      * @param bool $escape
      * @return string
      */
@@ -320,9 +321,9 @@ public function escapeScriptIdentifiers($data)
     /**
      * Escape quotes in java script
      *
-     * @param mixed $data
+     * @param string|string[] $data
      * @param string $quote
-     * @return mixed
+     * @return string|string[]
      */
     public function jsQuoteEscape($data, $quote = '\'')
     {
diff --git a/app/code/core/Mage/Core/Model/Security/HtmlEscapedString.php b/app/code/core/Mage/Core/Model/Security/HtmlEscapedString.php
@@ -3,12 +3,35 @@
 declare(strict_types=1);
 
 /**
+ * OpenMage
  *
+ * This source file is subject to the Open Software License (OSL 3.0)
+ * that is bundled with this package in the file LICENSE.txt.
+ * It is also available at https://opensource.org/license/osl-3-0-php
+ *
+ * @category   Mage
+ * @package    Mage_Core
+ * @copyright  Copyright (c) 2024 The OpenMage Contributors (https://www.openmage.org)
+ * @license    https://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
+ */
+
+/**
+ * Wrapper to escape value und keep the original value
+ *
+ * @category   Mage
+ * @package    Mage_Core
  */
 class Mage_Core_Model_Security_HtmlEscapedString implements Stringable
 {
-    protected $originalValue;
-    protected $allowedTags;
+    /**
+     * @var string
+     */
+    protected string $originalValue;
+
+    /**
+     * @var array|string[]|null
+     */
+    protected ?array $allowedTags;
 
     /**
      * @param string $originalValue
@@ -20,6 +43,9 @@ public function __construct(string $originalValue, ?array $allowedTags = null)
         $this->allowedTags = $allowedTags;
     }
 
+    /**
+     * @return string
+     */
     public function __toString(): string
     {
         return (string) Mage::helper('core')->escapeHtml(
@@ -28,6 +54,9 @@ public function __toString(): string
         );
     }
 
+    /**
+     * @return string
+     */
     public function getUnescapedValue(): string
     {
         return $this->originalValue;
diff --git a/app/code/core/Mage/Page/Block/Html/Header.php b/app/code/core/Mage/Page/Block/Html/Header.php
@@ -57,9 +57,7 @@ public function setLogo($logo_src, $logo_alt)
     public function getLogoSrc()
     {
         if (empty($this->_data['logo_src'])) {
-            $this->_data['logo_src'] =  new Mage_Core_Model_Security_HtmlEscapedString(
-                (string) Mage::getStoreConfig('design/header/logo_src')
-            );
+            $this->_data['logo_src'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_src'));
         }
         return $this->getSkinUrl($this->_data['logo_src']);
     }
@@ -70,9 +68,7 @@ public function getLogoSrc()
     public function getLogoSrcSmall()
     {
         if (empty($this->_data['logo_src_small'])) {
-            $this->_data['logo_src_small'] =  new Mage_Core_Model_Security_HtmlEscapedString(
-                (string) Mage::getStoreConfig('design/header/logo_src_small')
-            );
+            $this->_data['logo_src_small'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_src_small'));
         }
         return $this->getSkinUrl($this->_data['logo_src_small']);
     }
@@ -83,9 +79,7 @@ public function getLogoSrcSmall()
     public function getLogoAlt()
     {
         if (empty($this->_data['logo_alt'])) {
-            $this->_data['logo_alt'] = new Mage_Core_Model_Security_HtmlEscapedString(
-                (string) Mage::getStoreConfig('design/header/logo_alt')
-            );
+            $this->_data['logo_alt'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_alt'));
         }
         return $this->_data['logo_alt'];
     }
@@ -103,9 +97,7 @@ public function getWelcome()
             if (Mage::isInstalled() && Mage::getSingleton('customer/session')->isLoggedIn()) {
                 $this->_data['welcome'] = $this->__('Welcome, %s!', $this->escapeHtml(Mage::getSingleton('customer/session')->getCustomer()->getName()));
             } else {
-                $this->_data['welcome'] = new Mage_Core_Model_Security_HtmlEscapedString(
-                    (string) Mage::getStoreConfig('design/header/welcome')
-                );
+                $this->_data['welcome'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/welcome'));
             }
         }
 
diff --git a/app/code/core/Mage/Page/Block/Html/Welcome.php b/app/code/core/Mage/Page/Block/Html/Welcome.php
@@ -44,9 +44,7 @@ protected function _toHtml()
             if (Mage::isInstalled() && $this->_getSession()->isLoggedIn()) {
                 $this->_data['welcome'] = $this->__('Welcome, %s!', $this->escapeHtml($this->_getSession()->getCustomer()->getName()));
             } else {
-                $this->_data['welcome'] = new Mage_Core_Model_Security_HtmlEscapedString(
-                    (string) Mage::getStoreConfig('design/header/welcome')
-                );
+                $this->_data['welcome'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/welcome'));
             }
         }
 

Original file line number	Diff line number	Diff line change
`@@ -77,9 +77,9 @@ public function canSendCommentEmail()`
`77`	`77`	`/**`
`78`	`78`	`* Replace links in string`
`79`	`79`	`*`
`80`		`- * @param array\|string $data`
`81`		`- * @param null\|array $allowedTags`
`82`		`- * @return string`
	`80`	`+ * @param string\|string[] $data`
	`81`	`+ * @param array\|null $allowedTags`
	`82`	`+ * @return null\|string\|string[]`
`83`	`83`	`*/`
`84`	`84`	`public function escapeHtml($data, $allowedTags = null)`
`85`	`85`	`{`
Original file line number	Diff line number	Diff line change
`@@ -80,9 +80,9 @@ public function isCustomerNotificationNotApplicable(Mage_Sales_Model_Order_Statu`
`80`	`80`	`/**`
`81`	`81`	`* Replace links in string`
`82`	`82`	`*`
`83`		`- * @param array\|string $data`
`84`		`- * @param null\|array $allowedTags`
`85`		`- * @return string`
	`83`	`+ * @param string\|string[] $data`
	`84`	`+ * @param array\|null $allowedTags`
	`85`	`+ * @return null\|string\|string[]`
`86`	`86`	`*/`
`87`	`87`	`public function escapeHtml($data, $allowedTags = null)`
`88`	`88`	`{`
Original file line number	Diff line number	Diff line change
`@@ -109,9 +109,9 @@ public function applySalableProductTypesFilter($collection)`
`109`	`109`	`/**`
`110`	`110`	`* Escape string preserving links`
`111`	`111`	`*`
`112`		`- * @param array\|string $data`
`113`		`- * @param null\|array $allowedTags`
`114`		`- * @return string`
	`112`	`+ * @param string\|string[] $data`
	`113`	`+ * @param array\|null $allowedTags`
	`114`	`+ * @return null\|string\|string[]`
`115`	`115`	`*/`
`116`	`116`	`public function escapeHtmlWithLinks($data, $allowedTags = null)`
`117`	`117`	`{`
Original file line number	Diff line number	Diff line change
`@@ -1185,9 +1185,9 @@ public function htmlEscape($data, $allowedTags = null)`
`1185`	`1185`	`/**`
`1186`	`1186`	`* Escape html entities`
`1187`	`1187`	`*`
`1188`		`- * @param string\|array $data`
`1189`		`- * @param array $allowedTags`
`1190`		`- * @return string`
	`1188`	`+ * @param string\|string[] $data`
	`1189`	`+ * @param array\|null $allowedTags`
	`1190`	`+ * @return null\|string\|string[]`
`1191`	`1191`	`*/`
`1192`	`1192`	`public function escapeHtml($data, $allowedTags = null)`
`1193`	`1193`	`{`
Original file line number	Diff line number	Diff line change
`@@ -57,9 +57,7 @@ public function setLogo($logo_src, $logo_alt)`
`57`	`57`	`public function getLogoSrc()`
`58`	`58`	`{`
`59`	`59`	`if (empty($this->_data['logo_src'])) {`
`60`		`- $this->_data['logo_src'] = new Mage_Core_Model_Security_HtmlEscapedString(`
`61`		`- (string) Mage::getStoreConfig('design/header/logo_src')`
`62`		`- );`
	`60`	`+ $this->_data['logo_src'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_src'));`
`63`	`61`	`}`
`64`	`62`	`return $this->getSkinUrl($this->_data['logo_src']);`
`65`	`63`	`}`
`@@ -70,9 +68,7 @@ public function getLogoSrc()`
`70`	`68`	`public function getLogoSrcSmall()`
`71`	`69`	`{`
`72`	`70`	`if (empty($this->_data['logo_src_small'])) {`
`73`		`- $this->_data['logo_src_small'] = new Mage_Core_Model_Security_HtmlEscapedString(`
`74`		`- (string) Mage::getStoreConfig('design/header/logo_src_small')`
`75`		`- );`
	`71`	`+ $this->_data['logo_src_small'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_src_small'));`
`76`	`72`	`}`
`77`	`73`	`return $this->getSkinUrl($this->_data['logo_src_small']);`
`78`	`74`	`}`
`@@ -83,9 +79,7 @@ public function getLogoSrcSmall()`
`83`	`79`	`public function getLogoAlt()`
`84`	`80`	`{`
`85`	`81`	`if (empty($this->_data['logo_alt'])) {`
`86`		`- $this->_data['logo_alt'] = new Mage_Core_Model_Security_HtmlEscapedString(`
`87`		`- (string) Mage::getStoreConfig('design/header/logo_alt')`
`88`		`- );`
	`82`	`+ $this->_data['logo_alt'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/logo_alt'));`
`89`	`83`	`}`
`90`	`84`	`return $this->_data['logo_alt'];`
`91`	`85`	`}`
`@@ -103,9 +97,7 @@ public function getWelcome()`
`103`	`97`	`if (Mage::isInstalled() && Mage::getSingleton('customer/session')->isLoggedIn()) {`
`104`	`98`	`$this->_data['welcome'] = $this->__('Welcome, %s!', $this->escapeHtml(Mage::getSingleton('customer/session')->getCustomer()->getName()));`
`105`	`99`	`} else {`
`106`		`- $this->_data['welcome'] = new Mage_Core_Model_Security_HtmlEscapedString(`
`107`		`- (string) Mage::getStoreConfig('design/header/welcome')`
`108`		`- );`
	`100`	`+ $this->_data['welcome'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/welcome'));`
`109`	`101`	`}`
`110`	`102`	`}`
`111`	`103`
Original file line number	Diff line number	Diff line change
`@@ -44,9 +44,7 @@ protected function _toHtml()`
`44`	`44`	`if (Mage::isInstalled() && $this->_getSession()->isLoggedIn()) {`
`45`	`45`	`$this->_data['welcome'] = $this->__('Welcome, %s!', $this->escapeHtml($this->_getSession()->getCustomer()->getName()));`
`46`	`46`	`} else {`
`47`		`- $this->_data['welcome'] = new Mage_Core_Model_Security_HtmlEscapedString(`
`48`		`- (string) Mage::getStoreConfig('design/header/welcome')`
`49`		`- );`
	`47`	`+ $this->_data['welcome'] = $this->escapeHtml((string) Mage::getStoreConfig('design/header/welcome'));`
`50`	`48`	`}`
`51`	`49`	`}`
`52`	`50`