template escapes
This commit is contained in:
		
					parent
					
						
							
								d6d24f3b6a
							
						
					
				
			
			
				commit
				
					
						63277b57fc
					
				
			
		
					 3 changed files with 32 additions and 14 deletions
				
			
		|  | @ -485,7 +485,7 @@ function conversation(&$a, $items, $mode, $update) { | ||||||
| 
 | 
 | ||||||
| 
 | 
 | ||||||
| 			$tmp_item = replace_macros($template,array( | 			$tmp_item = replace_macros($template,array( | ||||||
| 				'$body' => $body, | 				'$body' => template_escape($body), | ||||||
| 				'$id' => $item['item_id'], | 				'$id' => $item['item_id'], | ||||||
| 				'$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), | 				'$linktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['author-link'])) ? $item['author-link'] : $item['url'])), | ||||||
| 				'$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), | 				'$olinktitle' => sprintf( t('View %s\'s profile @ %s'), $profile_name, ((strlen($item['owner-link'])) ? $item['owner-link'] : $item['url'])), | ||||||
|  | @ -494,18 +494,18 @@ function conversation(&$a, $items, $mode, $update) { | ||||||
| 				'$vwall' => t('via Wall-To-Wall:'), | 				'$vwall' => t('via Wall-To-Wall:'), | ||||||
| 				'$profile_url' => $profile_link, | 				'$profile_url' => $profile_link, | ||||||
| 				'$item_photo_menu' => item_photo_menu($item), | 				'$item_photo_menu' => item_photo_menu($item), | ||||||
| 				'$name' => $profile_name, | 				'$name' => template_escape($profile_name), | ||||||
| 				'$thumb' => $profile_avatar, | 				'$thumb' => $profile_avatar, | ||||||
| 				'$osparkle' => $osparkle, | 				'$osparkle' => $osparkle, | ||||||
| 				'$sparkle' => $sparkle, | 				'$sparkle' => $sparkle, | ||||||
| 				'$title' => $item['title'], | 				'$title' => template_escape($item['title']), | ||||||
| 				'$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), | 				'$ago' => ((($item['app']) && ($item['id'] == $item['parent'])) ? sprintf( t('%s from %s'),relative_date($item['created']),$item['app']) : relative_date($item['created'])), | ||||||
| 				'$lock' => $lock, | 				'$lock' => $lock, | ||||||
| 				'$location' => $location, | 				'$location' => template_escape($location), | ||||||
| 				'$indent' => $indent, | 				'$indent' => $indent, | ||||||
| 				'$owner_url' => $owner_url, | 				'$owner_url' => $owner_url, | ||||||
| 				'$owner_photo' => $owner_photo, | 				'$owner_photo' => $owner_photo, | ||||||
| 				'$owner_name' => $owner_name, | 				'$owner_name' => template_escape($owner_name), | ||||||
| 				'$plink' => get_plink($item), | 				'$plink' => get_plink($item), | ||||||
| 				'$edpost' => $edpost, | 				'$edpost' => $edpost, | ||||||
| 				'$star' => $star, | 				'$star' => $star, | ||||||
|  |  | ||||||
|  | @ -196,8 +196,26 @@ | ||||||
| 				$os=$s; $count++; | 				$os=$s; $count++; | ||||||
| 				$s = str_replace($this->search,$this->replace, $s); | 				$s = str_replace($this->search,$this->replace, $s); | ||||||
| 			} | 			} | ||||||
| 			return $s; | 			return template_unescape($s); | ||||||
| 		} | 		} | ||||||
| 	} | 	} | ||||||
| 	 | 	 | ||||||
| 	$t = new Template; | 	$t = new Template; | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | function template_escape($s) { | ||||||
|  | 
 | ||||||
|  | 	return str_replace(array('$','{{'),array('!_Doll^Ars1Az_!','!_DoubLe^BraceS4Rw_!'),$s); | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | } | ||||||
|  | 
 | ||||||
|  | function template_unescape($s) { | ||||||
|  | 
 | ||||||
|  | 	return str_replace(array('!_Doll^Ars1Az_!','!_DoubLe^BraceS4Rw_!'),array('$','{{'),$s); | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | 
 | ||||||
|  | } | ||||||
|  |  | ||||||
|  | @ -159,10 +159,10 @@ function message_content(&$a) { | ||||||
| 				'$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'], | 				'$from_url' => $a->get_baseurl() . '/redir/' . $rr['contact-id'], | ||||||
| 				'$sparkle' => ' sparkle', | 				'$sparkle' => ' sparkle', | ||||||
| 				'$from_photo' => $rr['thumb'], | 				'$from_photo' => $rr['thumb'], | ||||||
| 				'$subject' => (($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>'), | 				'$subject' => template_escape((($rr['mailseen']) ? $rr['title'] : '<strong>' . $rr['title'] . '</strong>')), | ||||||
| 				'$delete' => t('Delete conversation'), | 				'$delete' => t('Delete conversation'), | ||||||
| 				'$body' => $rr['body'], | 				'$body' => template_escape($rr['body']), | ||||||
| 				'$to_name' => $rr['name'], | 				'$to_name' => template_escape($rr['name']), | ||||||
| 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')) | 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$rr['mailcreated'], t('D, d M Y - g:i A')) | ||||||
| 			)); | 			)); | ||||||
| 		} | 		} | ||||||
|  | @ -221,14 +221,14 @@ function message_content(&$a) { | ||||||
| 			} | 			} | ||||||
| 			$o .= replace_macros($tpl, array( | 			$o .= replace_macros($tpl, array( | ||||||
| 				'$id' => $message['id'], | 				'$id' => $message['id'], | ||||||
| 				'$from_name' =>$message['from-name'], | 				'$from_name' => template_escape($message['from-name']), | ||||||
| 				'$from_url' => $from_url, | 				'$from_url' => $from_url, | ||||||
| 				'$sparkle' => $sparkle, | 				'$sparkle' => $sparkle, | ||||||
| 				'$from_photo' => $message['from-photo'], | 				'$from_photo' => $message['from-photo'], | ||||||
| 				'$subject' => $message['title'], | 				'$subject' => template_escape($message['title']), | ||||||
| 				'$body' => smilies(bbcode($message['body'])), | 				'$body' => template_escape(smilies(bbcode($message['body']))), | ||||||
| 				'$delete' => t('Delete message'), | 				'$delete' => t('Delete message'), | ||||||
| 				'$to_name' => $message['name'], | 				'$to_name' => template_escape($message['name']), | ||||||
| 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A') | 				'$date' => datetime_convert('UTC',date_default_timezone_get(),$message['created'],'D, d M Y - g:i A') | ||||||
| 			)); | 			)); | ||||||
| 				 | 				 | ||||||
|  | @ -240,7 +240,7 @@ function message_content(&$a) { | ||||||
| 			'$header' => t('Send Reply'), | 			'$header' => t('Send Reply'), | ||||||
| 			'$to' => t('To:'), | 			'$to' => t('To:'), | ||||||
| 			'$subject' => t('Subject:'), | 			'$subject' => t('Subject:'), | ||||||
| 			'$subjtxt' => $message['title'], | 			'$subjtxt' => template_escape($message['title']), | ||||||
| 			'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', | 			'$readonly' => ' readonly="readonly" style="background: #BBBBBB;" ', | ||||||
| 			'$yourmessage' => t('Your message:'), | 			'$yourmessage' => t('Your message:'), | ||||||
| 			'$select' => $select, | 			'$select' => $select, | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue