mirror of
https://github.com/friendica/friendica
synced 2024-12-21 15:04:54 +01:00
template escapes
This commit is contained in:
parent
c2ccb78869
commit
660787916e
2 changed files with 22 additions and 22 deletions
10
boot.php
10
boot.php
|
@ -954,16 +954,16 @@ EOT;
|
|||
$tpl = get_markup_template('profile_vcard.tpl');
|
||||
|
||||
$o .= replace_macros($tpl, array(
|
||||
'$fullname' => $fullname,
|
||||
'$pdesc' => $pdesc,
|
||||
'$fullname' => template_escape($fullname),
|
||||
'$pdesc' => template_escape($pdesc),
|
||||
'$tabs' => $tabs,
|
||||
'$photo' => $photo,
|
||||
'$connect' => $connect,
|
||||
'$location' => $location,
|
||||
'$location' => template_escape($location),
|
||||
'$gender' => $gender,
|
||||
'$pubkey' => $pubkey,
|
||||
'$marital' => $marital,
|
||||
'$homepage' => $homepage,
|
||||
'$marital' => template_escape($marital),
|
||||
'$homepage' => template_escape($homepage),
|
||||
'$diaspora' => $diaspora_vcard
|
||||
));
|
||||
|
||||
|
|
|
@ -889,9 +889,9 @@ function photos_content(&$a) {
|
|||
'$nickname' => $a->data['user']['nickname'],
|
||||
'$newalbum' => t('New album name: '),
|
||||
'$existalbumtext' => t('or existing album name: '),
|
||||
'$albumselect' => $albumselect,
|
||||
'$albumselect' => template_escape($albumselect),
|
||||
'$permissions' => t('Permissions'),
|
||||
'$aclselect' => (($visitor) ? '' : populate_acl($a->user, $celeb)),
|
||||
'$aclselect' => (($visitor) ? '' : template_escape(populate_acl($a->user, $celeb))),
|
||||
'$uploader' => $ret['addon_text'],
|
||||
'$default' => (($ret['default_upload']) ? $default_upload : ''),
|
||||
'$uploadurl' => $ret['post_url']
|
||||
|
@ -932,7 +932,7 @@ function photos_content(&$a) {
|
|||
$o .= replace_macros($edit_tpl,array(
|
||||
'$nametext' => t('New album name: '),
|
||||
'$nickname' => $a->data['user']['nickname'],
|
||||
'$album' => $album,
|
||||
'$album' => template_escape($album),
|
||||
'$hexalbum' => bin2hex($album),
|
||||
'$submit' => t('Submit'),
|
||||
'$dropsubmit' => t('Delete Album')
|
||||
|
@ -957,8 +957,8 @@ function photos_content(&$a) {
|
|||
'$photolink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/image/' . $rr['resource-id'],
|
||||
'$phototitle' => t('View Photo'),
|
||||
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . $rr['scale'] . '.jpg',
|
||||
'$imgalt' => $rr['filename'],
|
||||
'$desc'=> $rr['desc']
|
||||
'$imgalt' => template_escape($rr['filename']),
|
||||
'$desc'=> template_escape($rr['desc'])
|
||||
));
|
||||
|
||||
}
|
||||
|
@ -1132,16 +1132,16 @@ function photos_content(&$a) {
|
|||
$edit_tpl = get_markup_template('photo_edit.tpl');
|
||||
$edit = replace_macros($edit_tpl, array(
|
||||
'$id' => $ph[0]['id'],
|
||||
'$album' => $ph[0]['album'],
|
||||
'$album' => template_escape($ph[0]['album']),
|
||||
'$newalbum' => t('New album name'),
|
||||
'$nickname' => $a->data['user']['nickname'],
|
||||
'$resource_id' => $ph[0]['resource-id'],
|
||||
'$capt_label' => t('Caption'),
|
||||
'$caption' => $ph[0]['desc'],
|
||||
'$caption' => template_escape($ph[0]['desc']),
|
||||
'$tag_label' => t('Add a Tag'),
|
||||
'$tags' => $link_item['tag'],
|
||||
'$permissions' => t('Permissions'),
|
||||
'$aclselect' => populate_acl($ph[0]),
|
||||
'$aclselect' => template_escape(populate_acl($ph[0])),
|
||||
'$help_tags' => t('Example: @bob, @Barbara_Jensen, @jim@example.com, #California, #camping'),
|
||||
'$item_id' => ((count($linked_items)) ? $link_item['id'] : 0),
|
||||
'$submit' => t('Submit'),
|
||||
|
@ -1287,11 +1287,11 @@ function photos_content(&$a) {
|
|||
$comments .= replace_macros($template,array(
|
||||
'$id' => $item['item_id'],
|
||||
'$profile_url' => $profile_link,
|
||||
'$name' => $profile_name,
|
||||
'$name' => template_escape($profile_name),
|
||||
'$thumb' => $profile_avatar,
|
||||
'$sparkle' => $sparkle,
|
||||
'$title' => $item['title'],
|
||||
'$body' => bbcode($item['body']),
|
||||
'$title' => template_escape($item['title']),
|
||||
'$body' => template_escape(bbcode($item['body'])),
|
||||
'$ago' => relative_date($item['created']),
|
||||
'$indent' => (($item['parent'] != $item['item_id']) ? ' comment' : ''),
|
||||
'$drop' => $drop,
|
||||
|
@ -1306,18 +1306,18 @@ function photos_content(&$a) {
|
|||
$photo_tpl = get_markup_template('photo_view.tpl');
|
||||
$o .= replace_macros($photo_tpl, array(
|
||||
'$id' => $ph[0]['id'],
|
||||
'$album' => array($album_link,$ph[0]['album']),
|
||||
'$album' => array($album_link,template_escape($ph[0]['album'])),
|
||||
'$tools' => $tools,
|
||||
'$lock' => $lock,
|
||||
'$photo' => $photo,
|
||||
'$prevlink' => $prevlink,
|
||||
'$nextlink' => $nextlink,
|
||||
'$desc' => $ph[0]['desc'],
|
||||
'$tags' => $tags,
|
||||
'$tags' => template_escape($tags),
|
||||
'$edit' => $edit,
|
||||
'$likebuttons' => $likebuttons,
|
||||
'$like' => $like,
|
||||
'$dislike' => $dislike,
|
||||
'$like' => template_escape($like),
|
||||
'$dislike' => template_escape($dislike),
|
||||
'$comments' => $comments,
|
||||
'$paginate' => $paginate,
|
||||
));
|
||||
|
@ -1365,9 +1365,9 @@ function photos_content(&$a) {
|
|||
'$phototitle' => t('View Photo'),
|
||||
'$imgsrc' => $a->get_baseurl() . '/photo/' . $rr['resource-id'] . '-' . ((($rr['scale']) == 6) ? 4 : $rr['scale']) . '.jpg',
|
||||
'$albumlink' => $a->get_baseurl() . '/photos/' . $a->data['user']['nickname'] . '/album/' . bin2hex($rr['album']),
|
||||
'$albumname' => $rr['album'],
|
||||
'$albumname' => template_escape($rr['album']),
|
||||
'$albumalt' => t('View Album'),
|
||||
'$imgalt' => $rr['filename']
|
||||
'$imgalt' => template_escape($rr['filename'])
|
||||
));
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue