Button text translation
-
I noticed that the "Save" button was not being translated (e.g. to "Salvar" when the UI is in pt_BR). I made this little pull request that translates the button name:
https://github.com/pfsense/pfsense/pull/2723It has side-effects in dumb code that compares $POST values to literal untranslated strings, like in services_dhcpv6.php :
if ($_POST['apply'] == "Apply Changes") { $savemsg = dhcpv6_apply_changes(false); } elseif ($_POST['save'] == "Save") {
Where the code needs to be changed:
if ($_POST['apply'] == gettext("Apply Changes")) { $savemsg = dhcpv6_apply_changes(false); } elseif ($_POST['save'] == gettext("Save")) {
What is the best way to engineer all this stuff so that the text of all the UI elements gets translated, and so that dumb code like the above does not need to happen?
-
It would need testing but I have to wonder with the new framework if we even need to check the value of those submissions at all. Them being non-empty may be enough of a flag the way things work now.
-
It would need testing but I have to wonder with the new framework if we even need to check the value of those submissions at all. Them being non-empty may be enough of a flag the way things work now.
Yes, I am inclined to think that also. If something has been $POSTed in the 'save' element then that is just a flag sent from the client to say "please save the POSTed data".
From a security point of view, I don't see any problem - if a client manages to make a good HTTPS connection and be authenticated and then sends a $POST['save'] with some different string in it, then they could easily have sent "Save" as the string anyway. So actually who cares what the actual string is.Some other places just check for isset($POST['save']) - perhaps just the existence is enough?
-
Some other places just check for isset($POST['save']) - perhaps just the existence is enough?
That's what I would think.ย If the value is not being saved and existence just a flag then does seem pointless to test the value.
-
IIRC it was from a long time ago when we had multiple buttons on the page that had the same name but submitted different values, so testing the value was needed. But over time that practice changed as we refined other parts. Testing the presence of the button may be enough now.