View Issue Details

IDProjectCategoryView StatusLast Update
0027383mantisbttoolspublic2023-10-31 16:32
Reporterdregad Assigned Todregad  
PrioritynormalSeverityminorReproducibilityN/A
Status closedResolutionfixed 
Target Version2.26.0Fixed in Version2.26.0 
Summary0027383: Refactor and improve output of 'test_langs.php' admin script
Description

Following discussion in 0027362, we can get rid of the script while keeping the functionality to help admins check for 3rd-party plugins language files by moving the logic into the Admin checks.

TagsNo tags attached.

Relationships

related to 0027362 closeddregad Sourceforge [admin/test_langs.php] File missing from installation packages ( mantisbt-2.24.3.zip & mantisbt-2.24.3.tar.gz) 
related to 0029026 closeddregad Language checks should warn about languages not defined in config 

Activities

dregad

dregad

2020-10-08 19:54

developer   ~0064536

Last edited: 2020-10-09 04:02

The script relies on eval() to check the language scripts' syntax.

I'm concerned with this, as this could lead to execution of potentially harmful code (scenario where admin installs a "trojan horse" 3rd-party plugin).
We need to find an alternative approach.

dregad

dregad

2021-08-07 13:54

developer   ~0065737

PR https://github.com/mantisbt/mantisbt/pull/1772

dregad

dregad

2021-08-24 07:51

developer   ~0065785

Changing issue title, reflecting the fact that the functionality was kept as a standalone script and not integrated into admin checks as planned initially.

Related Changesets

MantisBT: master c951fd38

2020-10-05 14:05

dregad


Details Diff
Loading schema.php is no longer needed

Since 2.20.0, this is handled transparently in print_admin_menu_bar().

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File

MantisBT: master ac3d7849

2021-08-24 02:53

dregad


Details Diff
Refactor and improve output of admin/test_langs.php

This is a nearly complete rewrite of this page, which now has

- a nice "2.x" GUI displaying errors, similar to the Installer
- split output in 2 distinct sections: Core strings and plugins.
- errors and warnings displayed as bulleted lists, with red or yellow
background depending on severity.

Fixes 0027383, PR https://github.com/mantisbt/mantisbt/pull/1772
Affected Issues
0027383
mod - admin/test_langs.php Diff File
rm - build/check_lang.php Diff

MantisBT: master 18738d4c

2022-05-18 08:49

dregad


Details Diff
Add newlines to make generated HTML more readable

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File

MantisBT: master 5ab669df

2022-05-18 09:52

dregad


Details Diff
Add missing error messages

A couple of error cases were left out in the script's refactoring.

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File

MantisBT: master b658d76e

2022-05-25 18:35

dregad


Details Diff
Make Plugin header (th) more visible

Add a lightgrey background color.

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File
mod - css/default.css Diff File

MantisBT: master b8262934

2022-05-25 18:39

dregad


Details Diff
List plugins TOC with anchor links

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File
mod - css/default.css Diff File

MantisBT: master ceea4017

2022-05-25 18:45

dregad


Details Diff
Add toolbar buttons to facilitate page navigation

Allows jumping back and forth between Core and Plugins sections.

Issue 0027383
Affected Issues
0027383
mod - admin/test_langs.php Diff File

MantisBT: master a19acf4b

2022-06-12 06:05

dregad


Details Diff
Further improvements to admin/test_langs.php

This is a follow-up on PR https://github.com/mantisbt/mantisbt/pull/1772.

It includes a bit of code cleanup, and brings a few additional UI
enhancements (related to issue 0027383):

- add missing error messages
- improved visibility for plugin headers in table
- add a TOC for tested plugins, allowing user to scroll straight to a
specific one
- add buttons to navigate between the core and plugin sections

It also implements 2 extra checks for language strings:

- basic syntax check (invalid tags, unexpected end tags, open/end tag
mismatch, etc), fixing 0030447
- Use HTMLPurifier to detect if any unauthorized tags are present, which
is partially fixes #12242

PR https://github.com/mantisbt/mantisbt/pull/1822
Affected Issues
0027383
mod - admin/test_langs.php Diff File
mod - composer.json Diff File
mod - composer.lock Diff File
mod - css/default.css Diff File