mirror of
https://github.com/owncloud/bookmarks.git
synced 2024-11-30 05:24:09 +01:00
Merge pull request #631 from owncloud/from-insane-autoescape-to-p
Replace insane auto sanitization with p()- WIP
This commit is contained in:
commit
d6db39c5e7
@ -65,5 +65,5 @@ foreach($qtags as $tag) {
|
||||
$tmpl = new OCP\Template( 'bookmarks', 'addBm', 'base' );
|
||||
$tmpl->assign('requesttoken', OC_Util::callRegister());
|
||||
$tmpl->assign('bookmark', $bm);
|
||||
$tmpl->assign('tags', json_encode($tags), false);
|
||||
$tmpl->assign('tags', json_encode($tags));
|
||||
$tmpl->printPage();
|
||||
|
@ -1,43 +1,43 @@
|
||||
<form class="addBm" method="post" action="<?php echo OCP\Util::linkTo('bookmarks', 'ajax/editBookmark.php');?>">
|
||||
<form class="addBm" method="post" action="<?php print_unescaped(OCP\Util::linkTo('bookmarks', 'ajax/editBookmark.php'));?>">
|
||||
<?php if(!isset($embedded) || !$embedded):?>
|
||||
<script type="text/javascript" src="<?php echo OC_Helper::linkTo('bookmarks/js', 'full_tags.php');?>"></script>
|
||||
<script type="text/javascript" src="<?php print_unescaped(OC_Helper::linkTo('bookmarks/js', 'full_tags.php'));?>"></script>
|
||||
|
||||
<h1><?php echo $l->t('Add a bookmark');?></h1>
|
||||
<h1><?php p($l->t('Add a bookmark'));?></h1>
|
||||
<div class="close_btn">
|
||||
<a href="javascript:self.close()" class="ui-icon ui-icon-closethick">
|
||||
<?php echo $l->t('Close');?>
|
||||
<?php p($l->t('Close'));?>
|
||||
</a>
|
||||
</div>
|
||||
<?php endif;?>
|
||||
<fieldset class="bm_desc">
|
||||
<ul>
|
||||
<li>
|
||||
<input type="text" name="title" class="title" value="<?php echo $_['bookmark']['title']; ?>"
|
||||
placeholder="<?php echo $l->t('The title of the page');?>" />
|
||||
<input type="text" name="title" class="title" value="<?php p($_['bookmark']['title']); ?>"
|
||||
placeholder="<?php p($l->t('The title of the page'));?>" />
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<input type="text" name="url" class="url_input" value="<?php echo $_['bookmark']['url']; ?>"
|
||||
placeholder="<?php echo $l->t('The address of the page');?>" />
|
||||
<input type="text" name="url" class="url_input" value="<?php p($_['bookmark']['url']); ?>"
|
||||
placeholder="<?php p($l->t('The address of the page'));?>" />
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<ul class="tags" >
|
||||
<?php foreach($_['bookmark']['tags'] as $tag):?>
|
||||
<li><?php echo $tag;?></li>
|
||||
<li><?php p($tag);?></li>
|
||||
<?php endforeach;?>
|
||||
</ul>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<textarea name="description" class="desc" value="<?php echo $_['bookmark']['desc']; ?>"
|
||||
placeholder="<?php echo $l->t('Description of the page');?>"></textarea>
|
||||
<textarea name="description" class="desc" value="<?php p($_['bookmark']['desc']); ?>"
|
||||
placeholder="<?php p($l->t('Description of the page'));?>"></textarea>
|
||||
</li>
|
||||
|
||||
<li>
|
||||
<input type="submit" class="submit" value="<?php echo $l->t("Save");?>" />
|
||||
<input type="submit" class="submit" value="<?php p($l->t("Save"));?>" />
|
||||
<input type="hidden" class="record_id" value="" name="record_id" />
|
||||
<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>">
|
||||
<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>">
|
||||
</li>
|
||||
|
||||
</ul>
|
||||
|
@ -2,8 +2,8 @@
|
||||
<div class="bookmark_single" data-id="<%= id %>">
|
||||
<p class="bookmark_actions">
|
||||
<span class="bookmark_delete">
|
||||
<img class="svg" src="<?php echo OCP\image_path("", "actions/delete.svg");?>"
|
||||
title="<?php echo $l->t('Delete');?>">
|
||||
<img class="svg" src="<?php print_unescaped(OCP\image_path("", "actions/delete.svg"));?>"
|
||||
title="<?php p($l->t('Delete'));?>">
|
||||
</span>
|
||||
</p>
|
||||
<p class="bookmark_title">
|
||||
@ -11,7 +11,7 @@
|
||||
<%= escapeHTML(title == '' ? encodeURI(url) : title ) %>
|
||||
</a>
|
||||
<span class="bookmark_edit bookmark_edit_btn">
|
||||
<img class="svg" src="<?php echo OCP\image_path("", "actions/rename.svg");?>" title="<?php echo $l->t('Edit');?>">
|
||||
<img class="svg" src="<?php print_unescaped(OCP\image_path("", "actions/rename.svg"));?>" title="<?php p($l->t('Edit'));?>">
|
||||
</span>
|
||||
</p>
|
||||
<span class="bookmark_desc"><%= escapeHTML(description)%> </span>
|
||||
@ -21,14 +21,14 @@
|
||||
|
||||
<script type="text/html" id="item_form_tmpl">
|
||||
<div class="bookmark_single_form" data-id="<%= id %>">
|
||||
<form method="post" action="<?php echo OCP\Util::linkTo('bookmarks', 'ajax/editBookmark.php');?>" >
|
||||
<form method="post" action="<?php p(OCP\Util::linkTo('bookmarks', 'ajax/editBookmark.php'));?>" >
|
||||
<input type="hidden" name="record_id" value="<%= id %>" />
|
||||
<p class="bookmark_form_title">
|
||||
<input type="text" name="title" placeholder="<?php echo $l->t('The title of the page');?>"
|
||||
<input type="text" name="title" placeholder="<?php p($l->t('The title of the page'));?>"
|
||||
value="<%= escapeHTML(title) %>"/>
|
||||
</p>
|
||||
<p class="bookmark_form_url">
|
||||
<input type="text" name="url" placeholder="<?php echo $l->t('The address of the page');?>"
|
||||
<input type="text" name="url" placeholder="<?php p($l->t('The address of the page'));?>"
|
||||
value="<%= encodeURI(url)%>"/>
|
||||
</p>
|
||||
<div class="bookmark_form_tags"><ul>
|
||||
@ -37,11 +37,11 @@
|
||||
<% } %>
|
||||
</ul></div>
|
||||
<p class="bookmark_form_desc">
|
||||
<textarea name="description" placeholder="<?php echo $l->t('Description of the page');?>"
|
||||
<textarea name="description" placeholder="<?php p($l->t('Description of the page'));?>"
|
||||
><%= escapeHTML(description) %></textarea>
|
||||
</p>
|
||||
<p class="bookmark_form_submit"><button class="reset" ><?php echo $l->t('Cancel');?></button>
|
||||
<input type="submit" value="<?php echo $l->t('Save');?>">
|
||||
<p class="bookmark_form_submit"><button class="reset" ><?php p($l->t('Cancel'));?></button>
|
||||
<input type="submit" value="<?php p($l->t('Save'));?>">
|
||||
</p>
|
||||
</form>
|
||||
</div>
|
||||
@ -50,12 +50,12 @@
|
||||
<li><a href="" class="tag"><%= tag %></a>
|
||||
<p class="tags_actions">
|
||||
<span class="tag_edit">
|
||||
<img class="svg" src="<?php echo OCP\image_path("", "actions/rename.svg");?>"
|
||||
title="<?php echo $l->t('Edit');?>">
|
||||
<img class="svg" src="<?php print_unescaped(OCP\image_path("", "actions/rename.svg"));?>"
|
||||
title="<?php p($l->t('Edit'));?>">
|
||||
</span>
|
||||
<span class="tag_delete">
|
||||
<img class="svg" src="<?php echo OCP\image_path("", "actions/delete.svg");?>"
|
||||
title="<?php echo $l->t('Delete');?>">
|
||||
<img class="svg" src="<?php print_unescaped(OCP\image_path("", "actions/delete.svg"));?>"
|
||||
title="<?php p($l->t('Delete'));?>">
|
||||
</span>
|
||||
</p>
|
||||
<em><%= nbr %></em>
|
||||
|
@ -19,25 +19,25 @@ function bookmarklet(){
|
||||
<div id="leftcontent">
|
||||
|
||||
<form id="add_form">
|
||||
<input type="text" id="add_url" value="" placeholder="<?php echo $l->t('Address'); ?>"/>
|
||||
<input type="submit" value="<?php echo $l->t('Add'); ?>" id="bookmark_add_submit" />
|
||||
<input type="text" id="add_url" value="" placeholder="<?php p($l->t('Address')); ?>"/>
|
||||
<input type="submit" value="<?php p($l->t('Add')); ?>" id="bookmark_add_submit" />
|
||||
</form>
|
||||
|
||||
<p id="tag_filter">
|
||||
<input type="text" value="<?php echo $_['req_tag']; ?>"/>
|
||||
<input type="text" value="<?php p($_['req_tag']); ?>"/>
|
||||
</p>
|
||||
<input type="hidden" id="bookmarkFilterTag" value="<?php echo $_['req_tag']; ?>" />
|
||||
<input type="hidden" id="bookmarkFilterTag" value="<?php p($_['req_tag']); ?>" />
|
||||
|
||||
<label><?php echo $l->t('Related Tags'); ?></label>
|
||||
<label><?php p($l->t('Related Tags')); ?></label>
|
||||
<ul class="tag_list">
|
||||
</ul>
|
||||
|
||||
|
||||
<div id="bookmark_settings" class="">
|
||||
<ul class="controls">
|
||||
<li id="settingsbtn" title="<?php echo $l->t('Settings'); ?>">
|
||||
<img class="svg" src="<?php echo OCP\Util::imagePath('core', 'actions/settings.png'); ?>"
|
||||
alt="<?php echo $l->t('Settings'); ?>" />
|
||||
<li id="settingsbtn" title="<?php p($l->t('Settings')); ?>">
|
||||
<img class="svg" src="<?php print_unescaped(OCP\Util::imagePath('core', 'actions/settings.png')); ?>"
|
||||
alt="<?php p($l->t('Settings')); ?>" />
|
||||
</li>
|
||||
</ul>
|
||||
<div id="bm_setting_panel">
|
||||
@ -51,16 +51,16 @@ function bookmarklet(){
|
||||
<div id="distance"></div>
|
||||
<div id="firstrun_message">
|
||||
<?php
|
||||
echo $l->t('You have no bookmarks');
|
||||
p($l->t('You have no bookmarks'));
|
||||
$embedded = true;
|
||||
|
||||
echo bookmarklet();?><br/><br />
|
||||
print_unescaped(bookmarklet());?><br/><br />
|
||||
|
||||
<small><a href="#" id="firstrun_setting"><?php echo $l->t('You can also try to import a bookmark file');?></a></small>
|
||||
<small><a href="#" id="firstrun_setting"><?php p($l->t('You can also try to import a bookmark file'));?></a></small>
|
||||
</div>
|
||||
</div>
|
||||
<div class="bookmarks_list"></div>
|
||||
</div>
|
||||
<script type="text/javascript" src="<?php echo OC_Helper::linkTo('bookmarks/js', 'full_tags.php');?>"></script>
|
||||
<script type="text/javascript" src="<?php print_unescaped(OC_Helper::linkTo('bookmarks/js', 'full_tags.php'));?>"></script>
|
||||
|
||||
<?php require 'js_tpl.php';?>
|
@ -8,22 +8,22 @@
|
||||
?>
|
||||
|
||||
<fieldset class="personalblock">
|
||||
<legend><strong><?php echo $l->t('Bookmarklet');?></strong></legend>
|
||||
<?php echo bookmarklet();?><br />
|
||||
<legend><strong><?php p($l->t('Bookmarklet'));?></strong></legend>
|
||||
<?php print_unescaped(bookmarklet());?><br />
|
||||
</fieldset>
|
||||
|
||||
<form id="import_bookmark" action="<?php echo OCP\Util::linkTo( "bookmarks", "ajax/import.php" );?>"
|
||||
<form id="import_bookmark" action="<?php print_unescaped(OCP\Util::linkTo( "bookmarks", "ajax/import.php" ));?>"
|
||||
method="post" enctype="multipart/form-data">
|
||||
<fieldset class="personalblock">
|
||||
<?php if(isset($_['error'])): ?>
|
||||
<h3><?php echo $_['error']['error']; ?></h3>
|
||||
<p><?php echo $_['error']['hint']; ?></p>
|
||||
<h3><?php p($_['error']['error']); ?></h3>
|
||||
<p><?php p($_['error']['hint']); ?></p>
|
||||
<?php endif; ?>
|
||||
|
||||
<legend><strong><?php echo $l->t('Export & Import');?></strong></legend>
|
||||
<input type="button" id="bm_export" href="<?php echo OCP\Util::linkTo('bookmarks', 'export.php') ;?>" value="<?php echo $l->t('Export'); ?>" />
|
||||
<legend><strong><?php p($l->t('Export & Import'));?></strong></legend>
|
||||
<input type="button" id="bm_export" href="<?php print_unescaped(OCP\Util::linkTo('bookmarks', 'export.php')) ;?>" value="<?php p($l->t('Export')); ?>" />
|
||||
<input type="file" id="bm_import" name="bm_import" size="5">
|
||||
<button type="button" name="bm_import_btn" id="bm_import_submit"><?php echo $l->t('Import'); ?></button>
|
||||
<button type="button" name="bm_import_btn" id="bm_import_submit"><?php p($l->t('Import')); ?></button>
|
||||
<div id="upload"></div>
|
||||
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user