Merge branch 'develop' into FearlessKiwis-MAGETWO-55117-ShippingMethodManagement-estimateByAddressId-not-full

Author: Arpita Barua

.htaccess

@@ -32,34 +32,6 @@
 
     DirectoryIndex index.php
 
-<IfModule mod_php5.c>
-
-############################################
-## adjust memory limit
-
-    php_value memory_limit 768M
-    php_value max_execution_time 18000
-
-############################################
-## disable automatic session start
-## before autoload was initialized
-
-    php_flag session.auto_start off
-
-############################################
-## enable resulting html compression
-
-    #php_flag zlib.output_compression on
-
-###########################################
-## disable user agent verification to not break multiple image upload
-
-    php_flag suhosin.session.cryptua off
-
-</IfModule>
-
-<IfModule mod_php7.c>
-
 ############################################
 ## adjust memory limit
 
@@ -82,8 +54,6 @@
 
     php_flag suhosin.session.cryptua off
 
-</IfModule>
-
 <IfModule mod_security.c>
 ###########################################
 ## disable POST processing to not break multiple image upload

.htaccess.sample

@@ -32,34 +32,6 @@
 
     DirectoryIndex index.php
 
-<IfModule mod_php5.c>
-
-############################################
-## adjust memory limit
-
-    php_value memory_limit 768M
-    php_value max_execution_time 18000
-
-############################################
-## disable automatic session start
-## before autoload was initialized
-
-    php_flag session.auto_start off
-
-############################################
-## enable resulting html compression
-
-    #php_flag zlib.output_compression on
-
-###########################################
-## disable user agent verification to not break multiple image upload
-
-    php_flag suhosin.session.cryptua off
-
-</IfModule>
-
-<IfModule mod_php7.c>
-
 ############################################
 ## adjust memory limit
 
@@ -82,8 +54,6 @@
 
     php_flag suhosin.session.cryptua off
 
-</IfModule>
-
 <IfModule mod_security.c>
 ###########################################
 ## disable POST processing to not break multiple image upload

app/code/Magento/AdminNotification/Block/Grid/Renderer/Notice.php

@@ -18,9 +18,8 @@ class Notice extends \Magento\Backend\Block\Widget\Grid\Column\Renderer\Abstract
     public function render(\Magento\Framework\DataObject $row)
     {
         return '<span class="grid-row-title">' .
-            $row->getTitle() .
+            $this->escapeHtml($row->getTitle()) .
             '</span>' .
-            ($row->getDescription() ? '<br />' .
-            $row->getDescription() : '');
+            ($row->getDescription() ? '<br />' . $this->escapeHtml($row->getDescription()) : '');
     }
 }

app/code/Magento/AdvancedPricingImportExport/Model/Export/AdvancedPricing.php

@@ -395,7 +395,8 @@ protected function _getWebsiteCode($websiteId)
     {
         $storeName = ($websiteId == 0)
             ? ImportAdvancedPricing::VALUE_ALL_WEBSITES
-            : $this->_storeManager->getWebsite($websiteId)->getName();
+            : $this->_storeManager->getWebsite($websiteId)->getCode();
+        $currencyCode = '';
         if ($websiteId == 0) {
             $currencyCode = $this->_storeManager->getWebsite($websiteId)->getBaseCurrencyCode();
         }

app/code/Magento/Authorizenet/Controller/Directpost/Payment/Place.php

@@ -131,7 +131,10 @@ protected function placeCheckoutOrder()
             $result->setData('error_messages', $exception->getMessage());
         } catch (\Exception $exception) {
             $result->setData('error', true);
-            $result->setData('error_messages', __('Unable to place order. Please try again later.'));
+            $result->setData(
+                'error_messages',
+                __('An error occurred on the server. Please try to place the order again.')
+            );
         }
         if ($response instanceof Http) {
             $response->representJson($this->jsonHelper->jsonEncode($result));

app/code/Magento/Authorizenet/Model/Source/Cctype.php

@@ -17,6 +17,6 @@ class Cctype extends PaymentCctype
      */
     public function getAllowedTypes()
     {
-        return ['VI', 'MC', 'AE', 'DI', 'OT'];
+        return ['VI', 'MC', 'AE', 'DI'];
     }
 }

app/code/Magento/Authorizenet/Test/Unit/Controller/Directpost/Payment/PlaceTest.php

@@ -280,7 +280,10 @@ public function textExecuteFailedPlaceOrderDataProvider()
     {
         $objectFailed = new \Magento\Framework\DataObject();
         $objectFailed->setData('error', true);
-        $objectFailed->setData('error_messages', __('Unable to place order. Please try again later.'));
+        $objectFailed->setData(
+            'error_messages',
+            __('An error occurred on the server. Please try to place the order again.')
+        );
 
         return [
             [

app/code/Magento/Authorizenet/i18n/en_US.csv

@@ -2,7 +2,7 @@
 "Order saving error: %1","Order saving error: %1"
 "Please choose a payment method.","Please choose a payment method."
 "We can\'t process your order right now. Please try again later.","We can\'t process your order right now. Please try again later."
-"Unable to place order. Please try again later.","Unable to place order. Please try again later."
+"An error occurred on the server. Please try to place the order again.","An error occurred on the server. Please try to place the order again."
 "Credit Card: xxxx-%1","Credit Card: xxxx-%1"
 "amount %1","amount %1"
 failed.,failed.

app/code/Magento/Backend/Block/Widget/Button.php

@@ -113,7 +113,7 @@ protected function _attributesToHtml($attributes)
             if ($attributeValue === null || $attributeValue == '') {
                 continue;
             }
-            $html .= $attributeKey . '="' . $this->escapeHtml($attributeValue) . '" ';
+            $html .= $attributeKey . '="' . $this->escapeHtmlAttr($attributeValue, false) . '" ';
         }
 
         return $html;

app/code/Magento/Backend/Block/Widget/Button/SplitButton.php

@@ -229,7 +229,7 @@ protected function _getAttributesString($attributes)
             if ($attributeValue === null || $attributeValue == '') {
                 continue;
             }
-            $html[] = $attributeKey . '="' . $this->escapeHtml($attributeValue) . '"';
+            $html[] = $attributeKey . '="' . $this->escapeHtmlAttr($attributeValue, false) . '"';
         }
         return join(' ', $html);
     }