diff --git a/src/applications/base/controller/PhabricatorController.php b/src/applications/base/controller/PhabricatorController.php
index 6e79333711..e3d5d15196 100644
--- a/src/applications/base/controller/PhabricatorController.php
+++ b/src/applications/base/controller/PhabricatorController.php
@@ -264,7 +264,7 @@ abstract class PhabricatorController extends AphrontController {
*/
protected function renderHandlesForPHIDs(array $phids, $style = "\n") {
$style_map = array(
- "\n" => '
',
+ "\n" => phutil_tag('br'),
',' => ', ',
);
@@ -277,7 +277,7 @@ abstract class PhabricatorController extends AphrontController {
$items[] = $this->getHandle($phid)->renderLink();
}
- return phutil_safe_html(implode($style_map[$style], $items));
+ return array_interleave($style_map[$style], $items);
}
protected function buildApplicationMenu() {
diff --git a/src/applications/config/view/PhabricatorSetupIssueView.php b/src/applications/config/view/PhabricatorSetupIssueView.php
index e212d71010..a65dae3e63 100644
--- a/src/applications/config/view/PhabricatorSetupIssueView.php
+++ b/src/applications/config/view/PhabricatorSetupIssueView.php
@@ -53,20 +53,20 @@ final class PhabricatorSetupIssueView extends AphrontView {
$install_these = pht(
"Install these %d PHP extension(s):", count($extensions));
- $install_info = phutil_safe_html(pht(
- "You can usually install a PHP extension using apt-get or ".
- "yum. Common package names are ".
- "php-extname or php5-extname. ".
- "Try commands like these:"));
+ $install_info = pht(
+ "You can usually install a PHP extension using %s or %s. Common ".
+ "package names are %s or %s. Try commands like these:",
+ phutil_tag('tt', array(), 'apt-get'),
+ phutil_tag('tt', array(), 'yum'),
+ hsprintf('php-%s', pht('extname')),
+ hsprintf('php5-%s', pht('extname')));
// TODO: We should do a better job of detecting how to install extensions
// on the current system.
- $install_commands = array(
- "$ sudo apt-get install php5-extname # Debian / Ubuntu",
- "$ sudo yum install php-extname # Red Hat / Derivatives",
+ $install_commands = hsprintf(
+ "\$ sudo apt-get install php5-extname # Debian / Ubuntu\n".
+ "\$ sudo yum install php-extname # Red Hat / Derivatives"
);
- $install_commands = implode("\n", $install_commands);
- $install_commands = phutil_safe_html($install_commands);
$fallback_info = pht(
"If those commands don't work, try Google. The process of installing ".
@@ -76,8 +76,8 @@ final class PhabricatorSetupIssueView extends AphrontView {
$restart_info = pht(
"After installing new PHP extensions, restart your webserver ".
- "for the changes to take effect.");
- $restart_info = phutil_safe_html($restart_info);
+ "for the changes to take effect.",
+ hsprintf(''));
$description[] = phutil_tag(
'div',
@@ -274,17 +274,19 @@ final class PhabricatorSetupIssueView extends AphrontView {
$info[] = phutil_tag(
'p',
array(),
- phutil_safe_html(pht(
+ pht(
'You can find more information about PHP configuration values in the '.
'PHP Documentation.',
- 'http://php.net/manual/ini.list.php')));
+ 'http://php.net/manual/ini.list.php',
+ hsprintf('')));
$info[] = phutil_tag(
'p',
array(),
- phutil_safe_html(pht(
+ pht(
"After editing the PHP configuration, restart your ".
- "webserver for the changes to take effect.")));
+ "webserver for the changes to take effect.",
+ hsprintf('')));
return phutil_tag(
'div',
diff --git a/src/applications/differential/field/specification/DifferentialDependsOnFieldSpecification.php b/src/applications/differential/field/specification/DifferentialDependsOnFieldSpecification.php
index 09da33abc2..05c8ebef91 100644
--- a/src/applications/differential/field/specification/DifferentialDependsOnFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialDependsOnFieldSpecification.php
@@ -26,7 +26,7 @@ final class DifferentialDependsOnFieldSpecification
$links[] = $this->getHandle($revision_phids)->renderLink();
}
- return phutil_safe_html(implode('
', $links));
+ return array_interleave(phutil_tag('br'), $links);
}
private function getDependentRevisionPHIDs() {
diff --git a/src/applications/differential/field/specification/DifferentialFieldSpecification.php b/src/applications/differential/field/specification/DifferentialFieldSpecification.php
index 9453668fae..d1b6dbdb3b 100644
--- a/src/applications/differential/field/specification/DifferentialFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialFieldSpecification.php
@@ -283,7 +283,7 @@ abstract class DifferentialFieldSpecification {
$links[] = $handle->renderLink();
}
- return phutil_safe_html(implode(', ', $links));
+ return array_interleave(', ', $links);
}
diff --git a/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php b/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
index 36080efee4..8cf2bfab8d 100644
--- a/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialLintFieldSpecification.php
@@ -43,7 +43,7 @@ final class DifferentialLintFieldSpecification
$rows[] = array(
'style' => 'star',
- 'name' => phutil_safe_html($lstar),
+ 'name' => $lstar,
'value' => $lmsg,
'show' => true,
);
@@ -53,7 +53,7 @@ final class DifferentialLintFieldSpecification
$rows[] = array(
'style' => 'excuse',
'name' => 'Excuse',
- 'value' => phutil_safe_html(nl2br(phutil_escape_html($excuse))),
+ 'value' => phutil_escape_html_newlines($excuse),
'show' => true,
);
}
@@ -131,10 +131,7 @@ final class DifferentialLintFieldSpecification
if (strlen($description)) {
$rows[] = array(
'style' => 'details',
- 'value' =>
- phutil_safe_html(
- nl2br(
- phutil_escape_html($description))),
+ 'value' => phutil_escape_html_newlines($description),
'show' => false,
);
if (empty($hidden['details'])) {
diff --git a/src/applications/differential/field/specification/DifferentialManiphestTasksFieldSpecification.php b/src/applications/differential/field/specification/DifferentialManiphestTasksFieldSpecification.php
index 44890675bd..38379da8f2 100644
--- a/src/applications/differential/field/specification/DifferentialManiphestTasksFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialManiphestTasksFieldSpecification.php
@@ -29,7 +29,7 @@ final class DifferentialManiphestTasksFieldSpecification
$links[] = $this->getHandle($task_phid)->renderLink();
}
- return phutil_safe_html(implode('
', $links));
+ return array_interleave(phutil_tag('br'), $links);
}
private function getManiphestTaskPHIDs() {
diff --git a/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php b/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
index b19ae2f798..0e442314a6 100644
--- a/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
+++ b/src/applications/differential/field/specification/DifferentialUnitFieldSpecification.php
@@ -37,7 +37,7 @@ final class DifferentialUnitFieldSpecification
$rows[] = array(
'style' => 'star',
- 'name' => phutil_safe_html($ustar),
+ 'name' => $ustar,
'value' => $umsg,
'show' => true,
);
@@ -47,7 +47,7 @@ final class DifferentialUnitFieldSpecification
$rows[] = array(
'style' => 'excuse',
'name' => 'Excuse',
- 'value' => phutil_safe_html(nl2br(phutil_escape_html($excuse))),
+ 'value' => phutil_escape_html_newlines($excuse),
'show' => true,
);
}
diff --git a/src/applications/differential/view/DifferentialRevisionUpdateHistoryView.php b/src/applications/differential/view/DifferentialRevisionUpdateHistoryView.php
index 718d837f53..67e6ee4da4 100644
--- a/src/applications/differential/view/DifferentialRevisionUpdateHistoryView.php
+++ b/src/applications/differential/view/DifferentialRevisionUpdateHistoryView.php
@@ -293,10 +293,10 @@ final class DifferentialRevisionUpdateHistoryView extends AphrontView {
private static function renderDiffStar($star) {
$class = 'diff-star-'.$star;
- return
- ''.
- "\xE2\x98\x85".
- '';
+ return phutil_tag(
+ 'span',
+ array('class' => $class),
+ "\xE2\x98\x85");
}
private function renderBaseRevision(DifferentialDiff $diff) {
diff --git a/src/applications/diffusion/controller/DiffusionController.php b/src/applications/diffusion/controller/DiffusionController.php
index cc30b41141..3025434485 100644
--- a/src/applications/diffusion/controller/DiffusionController.php
+++ b/src/applications/diffusion/controller/DiffusionController.php
@@ -247,8 +247,7 @@ abstract class DiffusionController extends PhabricatorController {
case 'change':
$view_name = 'Change';
$crumb_list[] = $crumb->setName(
- phutil_safe_html(
- phutil_escape_html($path).' ('.$commit_link.')'));
+ hsprintf('%s (%s)', $path, $commit_link));
return $crumb_list;
}
@@ -278,6 +277,7 @@ abstract class DiffusionController extends PhabricatorController {
$thus_far = '';
foreach ($path_parts as $path_part) {
$thus_far .= $path_part.'/';
+ $path_sections[] = '/';
$path_sections[] = phutil_tag(
'a',
array(
@@ -289,11 +289,10 @@ abstract class DiffusionController extends PhabricatorController {
$path_part);
}
- $path_sections[] = phutil_escape_html($last);
- $path_sections = '/'.implode('/', $path_sections);
+ $path_sections[] = '/'.$last;
$crumb_list[] = id(new PhabricatorCrumbView())
- ->setName(phutil_safe_html($path_sections));
+ ->setName($path_sections);
}
$last_crumb = array_pop($crumb_list);
@@ -310,11 +309,11 @@ abstract class DiffusionController extends PhabricatorController {
'Jump to HEAD');
$name = $last_crumb->getName();
- $name = phutil_safe_html($name." @ {$commit_link} ({$jump_link})");
+ $name = hsprintf('%s @ %s (%s)', $name, $commit_link, $jump_link);
$last_crumb->setName($name);
} else if ($spec['view'] != 'lint') {
$name = $last_crumb->getName();
- $name = phutil_safe_html($name.' @ HEAD');
+ $name = hsprintf('%s @ HEAD', $name);
$last_crumb->setName($name);
}
diff --git a/src/applications/herald/controller/HeraldRuleController.php b/src/applications/herald/controller/HeraldRuleController.php
index b5fee57e90..6371e5ad2e 100644
--- a/src/applications/herald/controller/HeraldRuleController.php
+++ b/src/applications/herald/controller/HeraldRuleController.php
@@ -134,8 +134,7 @@ final class HeraldRuleController extends HeraldController {
),
'Create New Condition'))
->setDescription(
- phutil_safe_html(
- 'When '.$must_match_selector.' these conditions are met:'))
+ hsprintf('When %s these conditions are met:', $must_match_selector))
->setContent(javelin_tag(
'table',
array(
diff --git a/src/applications/phame/view/PhamePostView.php b/src/applications/phame/view/PhamePostView.php
index 8c5a47c452..874d4c0513 100644
--- a/src/applications/phame/view/PhamePostView.php
+++ b/src/applications/phame/view/PhamePostView.php
@@ -162,15 +162,16 @@ final class PhamePostView extends AphrontView {
'');
$c_uri = '//connect.facebook.net/en_US/all.js#xfbml=1&appId='.$fb_id;
- $fb_js = phutil_safe_html(
+ $fb_js = hsprintf(
+ '',
jsprintf(
- '',
+ '}(document, \'script\', \'facebook-jssdk\'));',
$c_uri));
@@ -211,9 +212,9 @@ final class PhamePostView extends AphrontView {
);
// protip - try some var disqus_developer = 1; action to test locally
- $disqus_js = phutil_safe_html(
+ $disqus_js = hsprintf(
+ '',
jsprintf(
- '',
+ '})();',
$post->getPHID(),
$this->getSkin()->getURI('post/'.$this->getPost()->getPhameTitle()),
$post->getTitle()));
diff --git a/src/applications/uiexample/examples/PhabricatorPropertyListExample.php b/src/applications/uiexample/examples/PhabricatorPropertyListExample.php
index 0e0e6dc2ec..9ac216d82b 100644
--- a/src/applications/uiexample/examples/PhabricatorPropertyListExample.php
+++ b/src/applications/uiexample/examples/PhabricatorPropertyListExample.php
@@ -49,7 +49,7 @@ final class PhabricatorPropertyListExample extends PhabricatorUIExample {
$view->addSectionHeader('Haiku About Pasta');
$view->addTextContent(
- phutil_safe_html(
+ hsprintf(
'this is a pasta
'.
'haiku. it is very bad.
'.
'what did you expect?'));