Remove redundant htmlentities/htmlspecialchars
This commit is contained in:
parent
52ca6f34cd
commit
761e94d134
14 changed files with 47 additions and 64 deletions
|
@ -1444,9 +1444,7 @@ function admin_page_site(App $a)
|
||||||
$banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>';
|
$banner = '<a href="https://friendi.ca"><img id="logo-img" src="images/friendica-32.png" alt="logo" /></a><span id="logo-text"><a href="https://friendi.ca">Friendica</a></span>';
|
||||||
}
|
}
|
||||||
|
|
||||||
$banner = htmlspecialchars($banner);
|
|
||||||
$info = Config::get('config', 'info');
|
$info = Config::get('config', 'info');
|
||||||
$info = htmlspecialchars($info);
|
|
||||||
|
|
||||||
// Automatically create temporary paths
|
// Automatically create temporary paths
|
||||||
get_temppath();
|
get_temppath();
|
||||||
|
|
|
@ -81,9 +81,9 @@ function allfriends_content(App $a)
|
||||||
$entry = [
|
$entry = [
|
||||||
'url' => $rr['url'],
|
'url' => $rr['url'],
|
||||||
'itemurl' => defaults($contact_details, 'addr', $rr['url']),
|
'itemurl' => defaults($contact_details, 'addr', $rr['url']),
|
||||||
'name' => htmlentities($contact_details['name']),
|
'name' => $contact_details['name'],
|
||||||
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
|
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
|
||||||
'img_hover' => htmlentities($contact_details['name']),
|
'img_hover' => $contact_details['name'],
|
||||||
'details' => $contact_details['location'],
|
'details' => $contact_details['location'],
|
||||||
'tags' => $contact_details['keywords'],
|
'tags' => $contact_details['keywords'],
|
||||||
'about' => $contact_details['about'],
|
'about' => $contact_details['about'],
|
||||||
|
@ -100,9 +100,7 @@ function allfriends_content(App $a)
|
||||||
$tab_str = Module\Contact::getTabsHTML($a, $contact, 4);
|
$tab_str = Module\Contact::getTabsHTML($a, $contact, 4);
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl');
|
$tpl = Renderer::getMarkupTemplate('viewcontact_template.tpl');
|
||||||
|
|
||||||
$o .= Renderer::replaceMacros($tpl, [
|
$o .= Renderer::replaceMacros($tpl, [
|
||||||
//'$title' => L10n::t('Friends of %s', htmlentities($c[0]['name'])),
|
|
||||||
'$tab_str' => $tab_str,
|
'$tab_str' => $tab_str,
|
||||||
'$contacts' => $entries,
|
'$contacts' => $entries,
|
||||||
'$paginate' => $pager->renderFull($total),
|
'$paginate' => $pager->renderFull($total),
|
||||||
|
|
|
@ -142,7 +142,7 @@ function babel_content()
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('babel.tpl');
|
$tpl = Renderer::getMarkupTemplate('babel.tpl');
|
||||||
$o = Renderer::replaceMacros($tpl, [
|
$o = Renderer::replaceMacros($tpl, [
|
||||||
'$text' => ['text', L10n::t('Source text'), htmlentities(defaults($_REQUEST, 'text', '')), ''],
|
'$text' => ['text', L10n::t('Source text'), defaults($_REQUEST, 'text', ''), ''],
|
||||||
'$type_bbcode' => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'],
|
'$type_bbcode' => ['type', L10n::t('BBCode'), 'bbcode', '', defaults($_REQUEST, 'type', 'bbcode') == 'bbcode'],
|
||||||
'$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'],
|
'$type_markdown' => ['type', L10n::t('Markdown'), 'markdown', '', defaults($_REQUEST, 'type', 'bbcode') == 'markdown'],
|
||||||
'$type_html' => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'],
|
'$type_html' => ['type', L10n::t('HTML'), 'html', '', defaults($_REQUEST, 'type', 'bbcode') == 'html'],
|
||||||
|
|
|
@ -50,7 +50,7 @@ function common_content(App $a)
|
||||||
|
|
||||||
if (DBA::isResult($contact)) {
|
if (DBA::isResult($contact)) {
|
||||||
$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [
|
$vcard_widget = Renderer::replaceMacros(Renderer::getMarkupTemplate("vcard-widget.tpl"), [
|
||||||
'$name' => htmlentities($contact['name']),
|
'$name' => $contact['name'],
|
||||||
'$photo' => $contact['photo'],
|
'$photo' => $contact['photo'],
|
||||||
'url' => 'contact/' . $cid
|
'url' => 'contact/' . $cid
|
||||||
]);
|
]);
|
||||||
|
@ -123,7 +123,7 @@ function common_content(App $a)
|
||||||
'itemurl' => defaults($contact_details, 'addr', $common_friend['url']),
|
'itemurl' => defaults($contact_details, 'addr', $common_friend['url']),
|
||||||
'name' => $contact_details['name'],
|
'name' => $contact_details['name'],
|
||||||
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
|
'thumb' => ProxyUtils::proxifyUrl($contact_details['thumb'], false, ProxyUtils::SIZE_THUMB),
|
||||||
'img_hover' => htmlentities($contact_details['name']),
|
'img_hover' => $contact_details['name'],
|
||||||
'details' => $contact_details['location'],
|
'details' => $contact_details['location'],
|
||||||
'tags' => $contact_details['keywords'],
|
'tags' => $contact_details['keywords'],
|
||||||
'about' => $contact_details['about'],
|
'about' => $contact_details['about'],
|
||||||
|
|
|
@ -13,7 +13,7 @@ function credits_content()
|
||||||
{
|
{
|
||||||
/* fill the page with credits */
|
/* fill the page with credits */
|
||||||
$credits_string = file_get_contents('util/credits.txt');
|
$credits_string = file_get_contents('util/credits.txt');
|
||||||
$names = explode("\n", htmlspecialchars($credits_string));
|
$names = explode("\n", $credits_string);
|
||||||
$tpl = Renderer::getMarkupTemplate('credits.tpl');
|
$tpl = Renderer::getMarkupTemplate('credits.tpl');
|
||||||
return Renderer::replaceMacros($tpl, [
|
return Renderer::replaceMacros($tpl, [
|
||||||
'$title' => L10n::t('Credits'),
|
'$title' => L10n::t('Credits'),
|
||||||
|
|
|
@ -158,8 +158,8 @@ function crepair_content(App $a)
|
||||||
$remote_self_options
|
$remote_self_options
|
||||||
],
|
],
|
||||||
|
|
||||||
'$name' => ['name', L10n::t('Name') , htmlentities($contact['name'])],
|
'$name' => ['name', L10n::t('Name') , $contact['name']],
|
||||||
'$nick' => ['nick', L10n::t('Account Nickname'), htmlentities($contact['nick'])],
|
'$nick' => ['nick', L10n::t('Account Nickname'), $contact['nick']],
|
||||||
'$attag' => ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']],
|
'$attag' => ['attag', L10n::t('@Tagname - overrides Name/Nickname'), $contact['attag']],
|
||||||
'$url' => ['url', L10n::t('Account URL'), $contact['url']],
|
'$url' => ['url', L10n::t('Account URL'), $contact['url']],
|
||||||
'$request' => ['request', L10n::t('Friend Request URL'), $contact['request']],
|
'$request' => ['request', L10n::t('Friend Request URL'), $contact['request']],
|
||||||
|
|
|
@ -6,6 +6,7 @@ use Friendica\App;
|
||||||
use Friendica\Content\Feature;
|
use Friendica\Content\Feature;
|
||||||
use Friendica\Core\Addon;
|
use Friendica\Core\Addon;
|
||||||
use Friendica\Core\Config;
|
use Friendica\Core\Config;
|
||||||
|
use Friendica\Core\Hook;
|
||||||
use Friendica\Core\L10n;
|
use Friendica\Core\L10n;
|
||||||
use Friendica\Core\Renderer;
|
use Friendica\Core\Renderer;
|
||||||
use Friendica\Core\System;
|
use Friendica\Core\System;
|
||||||
|
@ -54,8 +55,6 @@ function editpost_content(App $a)
|
||||||
'$nickname' => $a->user['nickname']
|
'$nickname' => $a->user['nickname']
|
||||||
]);
|
]);
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate("jot.tpl");
|
|
||||||
|
|
||||||
if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
|
if (strlen($item['allow_cid']) || strlen($item['allow_gid']) || strlen($item['deny_cid']) || strlen($item['deny_gid'])) {
|
||||||
$lockstate = 'lock';
|
$lockstate = 'lock';
|
||||||
} else {
|
} else {
|
||||||
|
@ -84,9 +83,9 @@ function editpost_content(App $a)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
Addon::callHooks('jot_tool', $jotplugins);
|
Hook::callAll('jot_tool', $jotplugins);
|
||||||
//Addon::callHooks('jot_networks', $jotnets);
|
|
||||||
|
|
||||||
|
$tpl = Renderer::getMarkupTemplate("jot.tpl");
|
||||||
$o .= Renderer::replaceMacros($tpl, [
|
$o .= Renderer::replaceMacros($tpl, [
|
||||||
'$is_edit' => true,
|
'$is_edit' => true,
|
||||||
'$return_path' => '/display/' . $item['guid'],
|
'$return_path' => '/display/' . $item['guid'],
|
||||||
|
@ -119,7 +118,7 @@ function editpost_content(App $a)
|
||||||
'$emailcc' => L10n::t('CC: email addresses'),
|
'$emailcc' => L10n::t('CC: email addresses'),
|
||||||
'$public' => L10n::t('Public post'),
|
'$public' => L10n::t('Public post'),
|
||||||
'$jotnets' => $jotnets,
|
'$jotnets' => $jotnets,
|
||||||
'$title' => htmlspecialchars($item['title']),
|
'$title' => $item['title'],
|
||||||
'$placeholdertitle' => L10n::t('Set title'),
|
'$placeholdertitle' => L10n::t('Set title'),
|
||||||
'$category' => FileTag::fileToList($item['file'], 'category'),
|
'$category' => FileTag::fileToList($item['file'], 'category'),
|
||||||
'$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''),
|
'$placeholdercategory' => (Feature::isEnabled(local_user(),'categories') ? L10n::t("Categories \x28comma-separated list\x29") : ''),
|
||||||
|
|
|
@ -144,11 +144,8 @@ function follow_content(App $a)
|
||||||
$r[0]['about'] = '';
|
$r[0]['about'] = '';
|
||||||
}
|
}
|
||||||
|
|
||||||
$header = L10n::t('Connect/Follow');
|
|
||||||
|
|
||||||
$o = Renderer::replaceMacros($tpl, [
|
$o = Renderer::replaceMacros($tpl, [
|
||||||
'$header' => htmlentities($header),
|
'$header' => L10n::t('Connect/Follow'),
|
||||||
//'$photo' => ProxyUtils::proxifyUrl($ret['photo'], false, ProxyUtils::SIZE_SMALL),
|
|
||||||
'$desc' => '',
|
'$desc' => '',
|
||||||
'$pls_answer' => L10n::t('Please answer the following:'),
|
'$pls_answer' => L10n::t('Please answer the following:'),
|
||||||
'$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]],
|
'$does_know_you' => ['knowyou', L10n::t('Does %s know you?', $ret['name']), false, '', [L10n::t('No'), L10n::t('Yes')]],
|
||||||
|
@ -170,13 +167,6 @@ function follow_content(App $a)
|
||||||
'$url_label' => L10n::t('Profile URL'),
|
'$url_label' => L10n::t('Profile URL'),
|
||||||
'$myaddr' => $myaddr,
|
'$myaddr' => $myaddr,
|
||||||
'$request' => $request,
|
'$request' => $request,
|
||||||
/*
|
|
||||||
* @TODO commented out?
|
|
||||||
'$location' => Friendica\Content\Text\BBCode::::convert($r[0]['location']),
|
|
||||||
'$location_label'=> L10n::t('Location:'),
|
|
||||||
'$about' => Friendica\Content\Text\BBCode::::convert($r[0]['about'], false, false),
|
|
||||||
'$about_label' => L10n::t('About:'),
|
|
||||||
*/
|
|
||||||
'$keywords' => $r[0]['keywords'],
|
'$keywords' => $r[0]['keywords'],
|
||||||
'$keywords_label'=> L10n::t('Tags:')
|
'$keywords_label'=> L10n::t('Tags:')
|
||||||
]);
|
]);
|
||||||
|
|
|
@ -247,22 +247,22 @@ function message_content(App $a)
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('prv_message.tpl');
|
$tpl = Renderer::getMarkupTemplate('prv_message.tpl');
|
||||||
$o .= Renderer::replaceMacros($tpl, [
|
$o .= Renderer::replaceMacros($tpl, [
|
||||||
'$header' => L10n::t('Send Private Message'),
|
'$header' => L10n::t('Send Private Message'),
|
||||||
'$to' => L10n::t('To:'),
|
'$to' => L10n::t('To:'),
|
||||||
'$showinputs' => 'true',
|
'$showinputs' => 'true',
|
||||||
'$prefill' => $prefill,
|
'$prefill' => $prefill,
|
||||||
'$preid' => $preid,
|
'$preid' => $preid,
|
||||||
'$subject' => L10n::t('Subject:'),
|
'$subject' => L10n::t('Subject:'),
|
||||||
'$subjtxt' => !empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : '',
|
'$subjtxt' => defaults($_REQUEST, 'subject', ''),
|
||||||
'$text' => !empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : '',
|
'$text' => defaults($_REQUEST, 'body', ''),
|
||||||
'$readonly' => '',
|
'$readonly' => '',
|
||||||
'$yourmessage' => L10n::t('Your message:'),
|
'$yourmessage'=> L10n::t('Your message:'),
|
||||||
'$select' => $select,
|
'$select' => $select,
|
||||||
'$parent' => '',
|
'$parent' => '',
|
||||||
'$upload' => L10n::t('Upload photo'),
|
'$upload' => L10n::t('Upload photo'),
|
||||||
'$insert' => L10n::t('Insert web link'),
|
'$insert' => L10n::t('Insert web link'),
|
||||||
'$wait' => L10n::t('Please wait'),
|
'$wait' => L10n::t('Please wait'),
|
||||||
'$submit' => L10n::t('Submit')
|
'$submit' => L10n::t('Submit')
|
||||||
]);
|
]);
|
||||||
return $o;
|
return $o;
|
||||||
}
|
}
|
||||||
|
|
|
@ -667,7 +667,7 @@ function networkThreadedView(App $a, $update, $parent)
|
||||||
|
|
||||||
$entries[0] = [
|
$entries[0] = [
|
||||||
'id' => 'network',
|
'id' => 'network',
|
||||||
'name' => htmlentities($contact['name']),
|
'name' => $contact['name'],
|
||||||
'itemurl' => defaults($contact, 'addr', $contact['nurl']),
|
'itemurl' => defaults($contact, 'addr', $contact['nurl']),
|
||||||
'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
|
'thumb' => ProxyUtils::proxifyUrl($contact['thumb'], false, ProxyUtils::SIZE_THUMB),
|
||||||
'details' => $contact['location'],
|
'details' => $contact['location'],
|
||||||
|
|
|
@ -114,10 +114,8 @@ function unfollow_content(App $a)
|
||||||
// Makes the connection request for friendica contacts easier
|
// Makes the connection request for friendica contacts easier
|
||||||
$_SESSION['fastlane'] = $contact['url'];
|
$_SESSION['fastlane'] = $contact['url'];
|
||||||
|
|
||||||
$header = L10n::t('Disconnect/Unfollow');
|
|
||||||
|
|
||||||
$o = Renderer::replaceMacros($tpl, [
|
$o = Renderer::replaceMacros($tpl, [
|
||||||
'$header' => htmlentities($header),
|
'$header' => L10n::t('Disconnect/Unfollow'),
|
||||||
'$desc' => '',
|
'$desc' => '',
|
||||||
'$pls_answer' => '',
|
'$pls_answer' => '',
|
||||||
'$does_know_you' => '',
|
'$does_know_you' => '',
|
||||||
|
|
|
@ -125,20 +125,20 @@ function wallmessage_content(App $a) {
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('wallmessage.tpl');
|
$tpl = Renderer::getMarkupTemplate('wallmessage.tpl');
|
||||||
$o = Renderer::replaceMacros($tpl, [
|
$o = Renderer::replaceMacros($tpl, [
|
||||||
'$header' => L10n::t('Send Private Message'),
|
'$header' => L10n::t('Send Private Message'),
|
||||||
'$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']),
|
'$subheader' => L10n::t('If you wish for %s to respond, please check that the privacy settings on your site allow private mail from unknown senders.', $user['username']),
|
||||||
'$to' => L10n::t('To:'),
|
'$to' => L10n::t('To:'),
|
||||||
'$subject' => L10n::t('Subject:'),
|
'$subject' => L10n::t('Subject:'),
|
||||||
'$recipname' => $user['username'],
|
'$recipname' => $user['username'],
|
||||||
'$nickname' => $user['nickname'],
|
'$nickname' => $user['nickname'],
|
||||||
'$subjtxt' => (!empty($_REQUEST['subject']) ? strip_tags($_REQUEST['subject']) : ''),
|
'$subjtxt' => defaults($_REQUEST, 'subject', ''),
|
||||||
'$text' => (!empty($_REQUEST['body']) ? Strings::escapeHtml(htmlspecialchars($_REQUEST['body'])) : ''),
|
'$text' => defaults($_REQUEST, 'body', ''),
|
||||||
'$readonly' => '',
|
'$readonly' => '',
|
||||||
'$yourmessage' => L10n::t('Your message:'),
|
'$yourmessage'=> L10n::t('Your message:'),
|
||||||
'$parent' => '',
|
'$parent' => '',
|
||||||
'$upload' => L10n::t('Upload photo'),
|
'$upload' => L10n::t('Upload photo'),
|
||||||
'$insert' => L10n::t('Insert web link'),
|
'$insert' => L10n::t('Insert web link'),
|
||||||
'$wait' => L10n::t('Please wait')
|
'$wait' => L10n::t('Please wait')
|
||||||
]);
|
]);
|
||||||
|
|
||||||
return $o;
|
return $o;
|
||||||
|
|
|
@ -961,7 +961,7 @@ class HTML
|
||||||
$save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
|
$save_label = $mode === 'text' ? L10n::t('Save') : L10n::t('Follow');
|
||||||
|
|
||||||
$values = [
|
$values = [
|
||||||
'$s' => htmlspecialchars($s),
|
'$s' => $s,
|
||||||
'$id' => $id,
|
'$id' => $id,
|
||||||
'$action_url' => $url,
|
'$action_url' => $url,
|
||||||
'$search_label' => L10n::t('Search'),
|
'$search_label' => L10n::t('Search'),
|
||||||
|
|
|
@ -25,12 +25,12 @@ class Itemsource extends \Friendica\BaseModule
|
||||||
$conversation = Model\Conversation::getByItemUri($item['uri']);
|
$conversation = Model\Conversation::getByItemUri($item['uri']);
|
||||||
|
|
||||||
$item_uri = $item['uri'];
|
$item_uri = $item['uri'];
|
||||||
$source = htmlspecialchars($conversation['source']);
|
$source = $conversation['source'];
|
||||||
}
|
}
|
||||||
|
|
||||||
$tpl = Renderer::getMarkupTemplate('debug/itemsource.tpl');
|
$tpl = Renderer::getMarkupTemplate('debug/itemsource.tpl');
|
||||||
$o = Renderer::replaceMacros($tpl, [
|
$o = Renderer::replaceMacros($tpl, [
|
||||||
'$guid' => ['guid', L10n::t('Item Guid'), htmlentities(defaults($_REQUEST, 'guid', '')), ''],
|
'$guid' => ['guid', L10n::t('Item Guid'), defaults($_REQUEST, 'guid', ''), ''],
|
||||||
'$source' => $source,
|
'$source' => $source,
|
||||||
'$item_uri' => $item_uri
|
'$item_uri' => $item_uri
|
||||||
]);
|
]);
|
||||||
|
|
Loading…
Reference in a new issue