[development] Proposed hook_message_alter
Karoly Negyesi
karoly at negyesi.net
Sat Mar 17 05:23:42 UTC 2007
----- Start Original Message -----
Sent: Fri, 16 Mar 2007 10:49:13 -0700
From: "Greg Holsclaw" <Greg.Holsclaw at trouvemedia.com>
To: <development at drupal.org>
Subject: Re: [development] Proposed hook_message_alter
> Unfortunately, there are many. I will try to compile a list and submit
> bugs, but even the best modules like devel miss t() on a message or two.
> A quick search results in 1305 uses of drupal_set_message in 5.x
> releases modules, and quick look around found almost 10 in less than 100
> messages checked.
It's not just messages. And also, if there a lot, then there should be critical (yes, this IS critical) bugs filed for every single project saying "there are t calls missing" and adding a few examples. Let the (co)maintainers find the others. It's not that you shall scourge 1000+ modules.
t() must be a habit because if you get used to output raw, then you will have an XSS hole before long which t() could have avoided. That's why it's critical.
More information about the development
mailing list