Apply suggestions from code review

Reverted changes to escapeHtml() ... see OpenMage#2884
elidrissidev · Jan 3, 2023 · 2a86ee6 · 2a86ee6
1 parent 0ca6922
commit 2a86ee6
Show file tree

Hide file tree

Showing 33 changed files with 71 additions and 71 deletions.
diff --git a/app/code/core/Mage/Adminhtml/Block/Notification/Window.php b/app/code/core/Mage/Adminhtml/Block/Notification/Window.php
@@ -60,7 +60,7 @@ protected function _construct()
         $this->setMajorText($this->escapeHtml($this->__('MAJOR')));
         $this->setCriticalText($this->escapeHtml($this->__('CRITICAL')));
 
-        $this->setNoticeMessageText($this->escapeHtml((string)$this->getLastNotice()->getTitle()));
+        $this->setNoticeMessageText($this->escapeHtml($this->getLastNotice()->getTitle()));
         $this->setNoticeMessageUrl($this->escapeUrl($this->getLastNotice()->getUrl()));
 
         switch ($this->getLastNotice()->getSeverity()) {

diff --git a/app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Comment.php b/app/code/core/Mage/Adminhtml/Block/Sales/Order/Create/Comment.php
@@ -51,7 +51,7 @@ public function getHeaderText()
      */
     public function getCommentNote()
     {
-        return $this->escapeHtml((string)$this->getQuote()->getCustomerNote());
+        return $this->escapeHtml($this->getQuote()->getCustomerNote());
     }
 
     /**

diff --git a/app/code/core/Mage/Adminhtml/Block/Widget/Form.php b/app/code/core/Mage/Adminhtml/Block/Widget/Form.php
@@ -192,7 +192,7 @@ protected function _setFieldset($attributes, $fieldset, $exclude = [])
                         'label'     => $attribute->getFrontend()->getLabel(),
                         'class'     => $attribute->getFrontend()->getClass(),
                         'required'  => $attribute->getIsRequired(),
-                        'note'      => $this->escapeHtml((string)$attribute->getNote()),
+                        'note'      => $this->escapeHtml($attribute->getNote()),
                     ]
                 )
                 ->setEntityAttribute($attribute);

diff --git a/app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Filter/Select.php b/app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Filter/Select.php
@@ -62,7 +62,7 @@ protected function _getOptions()
     protected function _renderOption($option, $value)
     {
         $selected = (($option['value'] == $value && (!is_null($value))) ? ' selected="selected"' : '');
-        return '<option value="' . $this->escapeHtml((string)$option['value']) . '"' . $selected . '>' . $this->escapeHtml($option['label']) . '</option>';
+        return '<option value="' . $this->escapeHtml($option['value']) . '"' . $selected . '>' . $this->escapeHtml($option['label']) . '</option>';
     }
 
     /**

diff --git a/app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Abstract.php b/app/code/core/Mage/Adminhtml/Block/Widget/Grid/Column/Renderer/Abstract.php
@@ -133,9 +133,9 @@ public function renderHeader()
             }
             $out = '<a href="#" name="' . $this->getColumn()->getId() . '" title="' . $nDir
                    . '" class="' . $className . '"><span class="sort-title">'
-                   . $this->escapeHtml((string)$this->getColumn()->getHeader()) . '</span></a>';
+                   . $this->escapeHtml($this->getColumn()->getHeader()) . '</span></a>';
         } else {
-            $out = $this->escapeHtml((string)$this->getColumn()->getHeader());
+            $out = $this->escapeHtml($this->getColumn()->getHeader());
         }
         return $out;
     }

diff --git a/app/code/core/Mage/Cms/Helper/Page.php b/app/code/core/Mage/Cms/Helper/Page.php
@@ -109,7 +109,7 @@ protected function _renderPage(Mage_Core_Controller_Varien_Action  $action, $pag
 
         $contentHeadingBlock = $action->getLayout()->getBlock('page_content_heading');
         if ($contentHeadingBlock) {
-            $contentHeading = $this->escapeHtml((string)$page->getContentHeading());
+            $contentHeading = $this->escapeHtml($page->getContentHeading());
             $contentHeadingBlock->setContentHeading($contentHeading);
         }
 

diff --git a/app/code/core/Mage/Customer/Block/Address/Renderer/Default.php b/app/code/core/Mage/Customer/Block/Address/Renderer/Default.php
@@ -131,7 +131,7 @@ public function render(Mage_Customer_Model_Address_Abstract $address, $format =
 
         if ($this->getType()->getHtmlEscape()) {
             foreach ($data as $key => $value) {
-                $data[$key] = $this->escapeHtml($value ?? '');
+                $data[$key] = $this->escapeHtml($value);
             }
         }
 

diff --git a/...fault/default/template/downloadable/sales/items/column/downloadable/creditmemo/name.phtml b/...fault/default/template/downloadable/sales/items/column/downloadable/creditmemo/name.phtml
@@ -53,5 +53,5 @@
             <?php endforeach ?>
         </dl>
     <?php endif ?>
-    <?php echo $this->escapeHtml((string)$_item->getDescription()) ?>
+    <?php echo $this->escapeHtml($_item->getDescription()) ?>
 <?php endif ?>
diff --git a/.../default/default/template/downloadable/sales/items/column/downloadable/invoice/name.phtml b/.../default/default/template/downloadable/sales/items/column/downloadable/invoice/name.phtml
@@ -53,5 +53,5 @@
             <?php endforeach ?>
         </dl>
     <?php endif ?>
-    <?php echo $this->escapeHtml((string)$_item->getDescription()) ?>
+    <?php echo $this->escapeHtml($_item->getDescription()) ?>
 <?php endif ?>
diff --git a/...dminhtml/default/default/template/downloadable/sales/items/column/downloadable/name.phtml b/...dminhtml/default/default/template/downloadable/sales/items/column/downloadable/name.phtml
@@ -53,5 +53,5 @@
             <?php endforeach ?>
         </dl>
     <?php endif ?>
-    <?php echo $this->escapeHtml((string)$_item->getDescription()) ?>
+    <?php echo $this->escapeHtml($_item->getDescription()) ?>
 <?php endif ?>
diff --git a/app/design/adminhtml/default/default/template/sales/items/column/name.phtml b/app/design/adminhtml/default/default/template/sales/items/column/name.phtml
@@ -51,5 +51,5 @@
         <?php endforeach ?>
         </dl>
     <?php endif ?>
-    <?php echo $this->escapeHtml((string)$_item->getDescription()) ?>
+    <?php echo $this->escapeHtml($_item->getDescription()) ?>
 <?php endif ?>
diff --git a/app/design/frontend/base/default/template/checkout/cart/coupon.phtml b/app/design/frontend/base/default/template/checkout/cart/coupon.phtml
@@ -26,7 +26,7 @@
             <label for="coupon_code"><?php echo $this->__('Enter your coupon code if you have one.') ?></label>
             <input type="hidden" name="remove" id="remove-coupone" value="0" />
             <div class="input-box">
-                <input class="input-text" id="coupon_code" name="coupon_code" value="<?php echo $this->escapeHtml((string)$this->getCouponCode()) ?>" />
+                <input class="input-text" id="coupon_code" name="coupon_code" value="<?php echo $this->escapeHtml($this->getCouponCode()) ?>" />
             </div>
             <div class="buttons-set">
                 <button type="button" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Apply Coupon')) ?>" class="button" onclick="discountForm.submit(false)" value="<?php echo Mage::helper('core')->quoteEscape($this->__('Apply Coupon')) ?>"><span><span><?php echo $this->__('Apply Coupon') ?></span></span></button>

diff --git a/app/design/frontend/base/default/template/checkout/cart/shipping.phtml b/app/design/frontend/base/default/template/checkout/cart/shipping.phtml
@@ -44,7 +44,7 @@
                            $('region_id').setAttribute('defaultValue',  "<?php echo $this->getEstimateRegionId() ?>");
                        //]]>
                        </script>
-                       <input type="text" id="region" name="region" value="<?php echo $this->escapeHtml((string)$this->getEstimateRegion()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text" style="display:none;" />
+                       <input type="text" id="region" name="region" value="<?php echo $this->escapeHtml($this->getEstimateRegion()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text" style="display:none;" />
                    </div>
                 </li>
             <?php //endif ?>
@@ -59,7 +59,7 @@
                 <li>
                     <label for="postcode"<?php if ($this->isZipCodeRequired()) echo ' class="required"' ?>><?php if ($this->isZipCodeRequired()) echo '<em>*</em>' ?><?php echo $this->__('Zip/Postal Code') ?></label>
                     <div class="input-box">
-                        <input class="input-text validate-postcode<?php if ($this->isZipCodeRequired()):?> required-entry<?php endif ?>" type="text" id="postcode" name="estimate_postcode" value="<?php echo $this->escapeHtml((string)$this->getEstimatePostcode()) ?>" />
+                        <input class="input-text validate-postcode<?php if ($this->isZipCodeRequired()):?> required-entry<?php endif ?>" type="text" id="postcode" name="estimate_postcode" value="<?php echo $this->escapeHtml($this->getEstimatePostcode()) ?>" />
                     </div>
                 </li>
             </ul>

diff --git a/app/design/frontend/base/default/template/checkout/onepage/shipping.phtml b/app/design/frontend/base/default/template/checkout/onepage/shipping.phtml
@@ -38,7 +38,7 @@
                         <div class="fields">
                             <label for="shipping:company"><?php echo $this->__('Company') ?></label>
                             <div class="input-box">
-                                <input type="text" id="shipping:company" name="shipping[company]" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getCompany()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Company')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('company') ?>" onchange="shipping.setSameAsBilling(false);" />
+                                <input type="text" id="shipping:company" name="shipping[company]" value="<?php echo $this->escapeHtml($this->getAddress()->getCompany()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Company')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('company') ?>" onchange="shipping.setSameAsBilling(false);" />
                             </div>
                         </div>
                     </li>
@@ -69,7 +69,7 @@
                         <div class="field">
                             <label for="shipping:city" class="required"><em>*</em><?php echo $this->__('City') ?></label>
                             <div class="input-box">
-                                <input type="text" title="<?php echo Mage::helper('core')->quoteEscape($this->__('City')) ?>" name="shipping[city]" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getCity()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('city') ?>" id="shipping:city" onchange="shipping.setSameAsBilling(false);" />
+                                <input type="text" title="<?php echo Mage::helper('core')->quoteEscape($this->__('City')) ?>" name="shipping[city]" value="<?php echo $this->escapeHtml($this->getAddress()->getCity()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('city') ?>" id="shipping:city" onchange="shipping.setSameAsBilling(false);" />
                             </div>
                         </div>
                         <div class="field">
@@ -83,15 +83,15 @@
                                     $('shipping:region_id').setAttribute('defaultValue',  "<?php echo $this->getAddress()->getRegionId() ?>");
                                 //]]>
                                 </script>
-                                <input type="text" id="shipping:region" name="shipping[region]" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getRegion()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('region') ?>" style="display:none;" />
+                                <input type="text" id="shipping:region" name="shipping[region]" value="<?php echo $this->escapeHtml($this->getAddress()->getRegion()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('region') ?>" style="display:none;" />
                             </div>
                         </div>
                     </li>
                     <li class="fields">
                         <div class="field">
                             <label for="shipping:postcode" class="required"><em>*</em><?php echo $this->__('Zip/Postal Code') ?></label>
                             <div class="input-box">
-                                <input type="text" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Zip/Postal Code')) ?>" name="shipping[postcode]" id="shipping:postcode" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getPostcode()) ?>" class="input-text validate-zip-international <?php echo $this->helper('customer/address')->getAttributeValidationClass('postcode') ?>" onchange="shipping.setSameAsBilling(false);" />
+                                <input type="text" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Zip/Postal Code')) ?>" name="shipping[postcode]" id="shipping:postcode" value="<?php echo $this->escapeHtml($this->getAddress()->getPostcode()) ?>" class="input-text validate-zip-international <?php echo $this->helper('customer/address')->getAttributeValidationClass('postcode') ?>" onchange="shipping.setSameAsBilling(false);" />
                             </div>
                         </div>
                         <div class="field">
@@ -105,13 +105,13 @@
                         <div class="field">
                             <label for="shipping:telephone" class="required"><em>*</em><?php echo $this->__('Telephone') ?></label>
                             <div class="input-box">
-                                <input type="text" name="shipping[telephone]" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getTelephone()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Telephone')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('telephone') ?>" id="shipping:telephone" onchange="shipping.setSameAsBilling(false);" />
+                                <input type="text" name="shipping[telephone]" value="<?php echo $this->escapeHtml($this->getAddress()->getTelephone()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Telephone')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('telephone') ?>" id="shipping:telephone" onchange="shipping.setSameAsBilling(false);" />
                             </div>
                         </div>
                         <div class="field">
                             <label for="shipping:fax"><?php echo $this->__('Fax') ?></label>
                             <div class="input-box">
-                                <input type="text" name="shipping[fax]" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getFax()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Fax')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('fax') ?>" id="shipping:fax" onchange="shipping.setSameAsBilling(false);" />
+                                <input type="text" name="shipping[fax]" value="<?php echo $this->escapeHtml($this->getAddress()->getFax()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Fax')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('fax') ?>" id="shipping:fax" onchange="shipping.setSameAsBilling(false);" />
                             </div>
                         </div>
                     </li>

diff --git a/app/design/frontend/base/default/template/customer/address/edit.phtml b/app/design/frontend/base/default/template/customer/address/edit.phtml
@@ -45,20 +45,20 @@
             <li class="wide">
                 <label for="company"><?php echo $this->__('Company') ?></label>
                 <div class="input-box">
-                    <input type="text" name="company" id="company" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Company')) ?>" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getCompany()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('company') ?>" />
+                    <input type="text" name="company" id="company" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Company')) ?>" value="<?php echo $this->escapeHtml($this->getAddress()->getCompany()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('company') ?>" />
                 </div>
             </li>
             <li class="fields">
                 <div class="field">
                     <label for="telephone" class="required"><em>*</em><?php echo $this->__('Telephone') ?></label>
                     <div class="input-box">
-                        <input type="text" name="telephone" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getTelephone()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Telephone')) ?>" class="input-text  <?php echo $this->helper('customer/address')->getAttributeValidationClass('telephone') ?>" id="telephone" />
+                        <input type="text" name="telephone" value="<?php echo $this->escapeHtml($this->getAddress()->getTelephone()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Telephone')) ?>" class="input-text  <?php echo $this->helper('customer/address')->getAttributeValidationClass('telephone') ?>" id="telephone" />
                     </div>
                 </div>
                 <div class="field">
                     <label for="fax"><?php echo $this->__('Fax') ?></label>
                     <div class="input-box">
-                        <input type="text" name="fax" id="fax" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Fax')) ?>" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getFax()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('fax') ?>" />
+                        <input type="text" name="fax" id="fax" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Fax')) ?>" value="<?php echo $this->escapeHtml($this->getAddress()->getFax()) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('fax') ?>" />
                     </div>
                 </div>
             </li>
@@ -94,7 +94,7 @@
                 <div class="field">
                     <label for="city" class="required"><em>*</em><?php echo $this->__('City') ?></label>
                     <div class="input-box">
-                        <input type="text" name="city" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getCity()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('City')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('city') ?>" id="city" />
+                        <input type="text" name="city" value="<?php echo $this->escapeHtml($this->getAddress()->getCity()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('City')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('city') ?>" id="city" />
                     </div>
                 </div>
                 <div class="field">
@@ -108,15 +108,15 @@
                             $('region_id').setAttribute('defaultValue',  "<?php echo $this->getAddress()->getRegionId() ?>");
                         //]]>
                         </script>
-                        <input type="text" id="region" name="region" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getRegion()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('region') ?>" />
+                        <input type="text" id="region" name="region" value="<?php echo $this->escapeHtml($this->getAddress()->getRegion()) ?>"  title="<?php echo Mage::helper('core')->quoteEscape($this->__('State/Province')) ?>" class="input-text <?php echo $this->helper('customer/address')->getAttributeValidationClass('region') ?>" />
                     </div>
                 </div>
             </li>
             <li class="fields">
                 <div class="field">
                     <label for="zip" class="required"><em>*</em><?php echo $this->__('Zip/Postal Code') ?></label>
                     <div class="input-box">
-                        <input type="text" name="postcode" value="<?php echo $this->escapeHtml((string)$this->getAddress()->getPostcode()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Zip/Postal Code')) ?>" id="zip" class="input-text validate-zip-international <?php echo $this->helper('customer/address')->getAttributeValidationClass('postcode') ?>" />
+                        <input type="text" name="postcode" value="<?php echo $this->escapeHtml($this->getAddress()->getPostcode()) ?>" title="<?php echo Mage::helper('core')->quoteEscape($this->__('Zip/Postal Code')) ?>" id="zip" class="input-text validate-zip-international <?php echo $this->helper('customer/address')->getAttributeValidationClass('postcode') ?>" />
                     </div>
                 </div>
                 <div class="field">

diff --git a/app/design/frontend/base/default/template/customer/form/forgotpassword.phtml b/app/design/frontend/base/default/template/customer/form/forgotpassword.phtml
@@ -30,7 +30,7 @@
             <li>
                 <label for="email_address" class="required"><em>*</em><?php echo $this->__('Email Address') ?></label>
                 <div class="input-box">
-                    <input type="text" name="email" alt="email" id="email_address" class="input-text required-entry validate-email" value="<?php echo $this->escapeHtml((string)$this->getEmailValue()) ?>" />
+                    <input type="text" name="email" alt="email" id="email_address" class="input-text required-entry validate-email" value="<?php echo $this->escapeHtml($this->getEmailValue()) ?>" />
                 </div>
             </li>
             <?php echo $this->getChildHtml('form.additional.info'); ?>
-Original file line number
+Diff line change
@@ Expand Up / @@ -51,7 +51,7 @@ public function getHeaderText() @@
          */
         public function getCommentNote()
         {
-            return $this->escapeHtml((string)$this->getQuote()->getCustomerNote());
+            return $this->escapeHtml($this->getQuote()->getCustomerNote());
         }
         /**
@@ Expand Down @@