summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMax Kremmel <xing@synapse.plus.com>2006-03-25 20:47:40 +0000
committerMax Kremmel <xing@synapse.plus.com>2006-03-25 20:47:40 +0000
commit07edace0d12965fe23f68838774286af0e4f95c3 (patch)
tree43de8d121d7a6c3b2a007f1c2014981a38c34d52
parent844dc14c9e5faacab585e8d00681437c32f0293e (diff)
downloadblogs-07edace0d12965fe23f68838774286af0e4f95c3.tar.gz
blogs-07edace0d12965fe23f68838774286af0e4f95c3.tar.bz2
blogs-07edace0d12965fe23f68838774286af0e4f95c3.zip
escape htmlspecialchars on output instead of during store process
-rw-r--r--modules/mod_last_created_blogs.tpl4
-rw-r--r--modules/mod_last_modified_blogs.tpl4
-rw-r--r--modules/mod_top_active_blogs.tpl4
-rw-r--r--modules/mod_top_visited_blogs.tpl4
-rw-r--r--templates/admin_blogs.tpl2
-rw-r--r--templates/blog_list_post.tpl2
-rw-r--r--templates/blog_post.tpl4
-rw-r--r--templates/blogs_send_link.tpl2
-rw-r--r--templates/list_blogs.tpl6
-rw-r--r--templates/print_blog_post.tpl6
-rw-r--r--templates/ranking.tpl2
-rw-r--r--templates/send_blog_post.tpl2
-rw-r--r--templates/view_blog_post.tpl6
13 files changed, 24 insertions, 24 deletions
diff --git a/modules/mod_last_created_blogs.tpl b/modules/mod_last_created_blogs.tpl
index 1af38d5..f9c60c4 100644
--- a/modules/mod_last_created_blogs.tpl
+++ b/modules/mod_last_created_blogs.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_last_created_blogs.tpl,v 1.5 2006/02/09 14:52:46 squareing Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_last_created_blogs.tpl,v 1.6 2006/03/25 20:47:39 squareing Exp $ *}
{strip}
{if $gBitSystem->isPackageActive( 'blogs' )}
{if $nonums eq 'y'}
@@ -9,7 +9,7 @@
{bitmodule title="$moduleTitle" name="last_created_blogs"}
<ol class="blogs">
{section name=ix loop=$modLastCreatedBlogs}
- <li><a href="{$modLastCreatedBlogs[ix].blog_url}">{$modLastCreatedBlogs[ix].title|default:"Blog `$modLastCreatedBlogs[ix].blog_id`"}</a></li>
+ <li><a href="{$modLastCreatedBlogs[ix].blog_url}">{$modLastCreatedBlogs[ix].title|escape|default:"Blog `$modLastCreatedBlogs[ix].blog_id`"}</a></li>
{sectionelse}
<li></li>
{/section}
diff --git a/modules/mod_last_modified_blogs.tpl b/modules/mod_last_modified_blogs.tpl
index 6c86b9e..aebcda4 100644
--- a/modules/mod_last_modified_blogs.tpl
+++ b/modules/mod_last_modified_blogs.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_last_modified_blogs.tpl,v 1.5 2006/02/09 14:52:46 squareing Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_last_modified_blogs.tpl,v 1.6 2006/03/25 20:47:40 squareing Exp $ *}
{strip}
{if $gBitSystem->isPackageActive( 'blogs' )}
{if $nonums eq 'y'}
@@ -9,7 +9,7 @@
{bitmodule title="$moduleTitle" name="last_modified_blogs"}
<ol class="blogs">
{section name=ix loop=$modLastModifiedBlogs}
- <li><a href="{$modLastModifiedBlogs[ix].blog_url}">{$modLastModifiedBlogs[ix].title|default:"Blog `$modLastModifiedBlogs[ix].blog_id`"}</a></li>
+ <li><a href="{$modLastModifiedBlogs[ix].blog_url}">{$modLastModifiedBlogs[ix].title|escape|default:"Blog `$modLastModifiedBlogs[ix].blog_id`"}</a></li>
{sectionelse}
<li></li>
{/section}
diff --git a/modules/mod_top_active_blogs.tpl b/modules/mod_top_active_blogs.tpl
index 6c885a8..617a20e 100644
--- a/modules/mod_top_active_blogs.tpl
+++ b/modules/mod_top_active_blogs.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_top_active_blogs.tpl,v 1.4 2005/08/24 20:49:32 squareing Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_top_active_blogs.tpl,v 1.5 2006/03/25 20:47:40 squareing Exp $ *}
{strip}
{if $gBitSystem->isPackageActive( 'blogs' ) && $gBitUser->hasPermission( 'bit_p_read_blog' )}
{if $nonums eq 'y'}
@@ -9,7 +9,7 @@
{bitmodule title="$moduleTitle" name="top_active_blogs"}
<ol class="blogs">
{section name=ix loop=$modTopActiveBlogs}
- <li><a href="{$modTopActiveBlogs[ix].blog_url}">{$modTopActiveBlogs[ix].title|default:"Blog `$modTopActiveBlogs[ix].blog_id`"}</a></li>
+ <li><a href="{$modTopActiveBlogs[ix].blog_url}">{$modTopActiveBlogs[ix].title|escape|default:"Blog `$modTopActiveBlogs[ix].blog_id`"}</a></li>
{sectionelse}
<li></li>
{/section}
diff --git a/modules/mod_top_visited_blogs.tpl b/modules/mod_top_visited_blogs.tpl
index 2cd4cc1..64fff52 100644
--- a/modules/mod_top_visited_blogs.tpl
+++ b/modules/mod_top_visited_blogs.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_top_visited_blogs.tpl,v 1.4 2005/08/24 20:49:32 squareing Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_blogs/modules/mod_top_visited_blogs.tpl,v 1.5 2006/03/25 20:47:40 squareing Exp $ *}
{strip}
{if $gBitSystem->isPackageActive( 'blogs' )}
{if $nonums eq 'y'}
@@ -10,7 +10,7 @@
{bitmodule title="$moduleTitle" name="top_visited_blogs"}
<ol class="blogs">
{section name=ix loop=$modTopVisitedBlogs}
- <li><a href="{$modTopVisitedBlogs[ix].blog_url}">{$modTopVisitedBlogs[ix].title|default:"Blog `$modTopVisitedBlogs[ix].blog_id`"}</a></li>
+ <li><a href="{$modTopVisitedBlogs[ix].blog_url}">{$modTopVisitedBlogs[ix].title|escape|default:"Blog `$modTopVisitedBlogs[ix].blog_id`"}</a></li>
{sectionelse}
<li></li>
{/section}
diff --git a/templates/admin_blogs.tpl b/templates/admin_blogs.tpl
index d4a5e87..cd98e94 100644
--- a/templates/admin_blogs.tpl
+++ b/templates/admin_blogs.tpl
@@ -9,7 +9,7 @@
{forminput}
<select name="homeBlog" id="homeBlog">
{section name=ix loop=$blogs}
- <option value="{$blogs[ix].blog_id|escape}" {if $blogs[ix].blog_id eq $home_blog}selected="selected"{/if}>{$blogs[ix].title|truncate:20:"...":true}</option>
+ <option value="{$blogs[ix].blog_id|escape}" {if $blogs[ix].blog_id eq $home_blog}selected="selected"{/if}>{$blogs[ix].title|escape|truncate:20:"...":true}</option>
{sectionelse}
<option>{tr}No records found{/tr}</option>
{/section}
diff --git a/templates/blog_list_post.tpl b/templates/blog_list_post.tpl
index 4ef3df9..10359cc 100644
--- a/templates/blog_list_post.tpl
+++ b/templates/blog_list_post.tpl
@@ -23,7 +23,7 @@
<div class="header">
{if $aPost.title}
- <h1>{$aPost.title}</h1>
+ <h1>{$aPost.title|escape}</h1>
{/if}
<div class="date">
diff --git a/templates/blog_post.tpl b/templates/blog_post.tpl
index f60b4f7..0d9384b 100644
--- a/templates/blog_post.tpl
+++ b/templates/blog_post.tpl
@@ -1,4 +1,4 @@
-{* $Header: /cvsroot/bitweaver/_bit_blogs/templates/blog_post.tpl,v 1.11 2006/01/30 17:34:17 squareing Exp $ *}
+{* $Header: /cvsroot/bitweaver/_bit_blogs/templates/blog_post.tpl,v 1.12 2006/03/25 20:47:40 squareing Exp $ *}
{strip}
<div class="edit blogs">
<div class="header">
@@ -29,7 +29,7 @@
{forminput}
<select name="blog_id" id="blog_id">
{section name=ix loop=$blogs}
- <option value="{$blogs[ix].blog_id|escape}" {if $blogs[ix].blog_id eq $blog_id}selected="selected"{/if}>{$blogs[ix].title}</option>
+ <option value="{$blogs[ix].blog_id|escape}" {if $blogs[ix].blog_id eq $blog_id}selected="selected"{/if}>{$blogs[ix].title|escape}</option>
{/section}
</select>
{/forminput}
diff --git a/templates/blogs_send_link.tpl b/templates/blogs_send_link.tpl
index 5f30d25..c6f0714 100644
--- a/templates/blogs_send_link.tpl
+++ b/templates/blogs_send_link.tpl
@@ -2,5 +2,5 @@
{$mail_user} has sent you this link:{/tr}
-{tr}Blog post:{/tr} {$post_info.title}
+{tr}Blog post:{/tr} {$post_info.title|escape}
{tr}at:{/tr} {$mail_machine}
diff --git a/templates/list_blogs.tpl b/templates/list_blogs.tpl
index dcd3598..eea70da 100644
--- a/templates/list_blogs.tpl
+++ b/templates/list_blogs.tpl
@@ -59,13 +59,13 @@
{/if}
{/if}
{if $gBitUser->isAdmin()}
- <a title="{tr}perms{/tr}" href="{$smarty.const.KERNEL_PKG_URL}object_permissions.php?objectName=blog%20{$listpages[changes].title}&amp;objectType=blog&amp;permType=blogs&amp;object_id={$listpages[changes].blog_id}">{if $listpages[changes].individual eq 'y'}{biticon ipackage=liberty iname="permissionsi_set" iexplain="set permissions"}{else}{biticon ipackage=liberty iname="permissions" iexplain="set permissions"}{/if}</a>
+ <a title="{tr}perms{/tr}" href="{$smarty.const.KERNEL_PKG_URL}object_permissions.php?objectName=blog%20{$listpages[changes].title|escape}&amp;objectType=blog&amp;permType=blogs&amp;object_id={$listpages[changes].blog_id}">{if $listpages[changes].individual eq 'y'}{biticon ipackage=liberty iname="permissionsi_set" iexplain="set permissions"}{else}{biticon ipackage=liberty iname="permissions" iexplain="set permissions"}{/if}</a>
{/if}
</div>
{if $blog_list_title eq 'y'}
- <h2>{if ($gBitUser->isAdmin()) or ($listpages[changes].individual eq 'n') or ($listpages[changes].individual_gBitUser->hasPermission( 'bit_p_read_blog' ))}<a title="{$listpages[changes].title}" href="{$listpages[changes].blog_url}">{/if}
- {$listpages[changes].title}{if ($gBitUser->isAdmin()) or ($listpages[changes].individual eq 'n') or ($listpages[changes].individual_gBitUser->hasPermission( 'bit_p_read_blog' ))}</a>{/if}</h2>
+ <h2>{if ($gBitUser->isAdmin()) or ($listpages[changes].individual eq 'n') or ($listpages[changes].individual_gBitUser->hasPermission( 'bit_p_read_blog' ))}<a title="{$listpages[changes].title|escape}" href="{$listpages[changes].blog_url}">{/if}
+ {$listpages[changes].title|escape}{if ($gBitUser->isAdmin()) or ($listpages[changes].individual eq 'n') or ($listpages[changes].individual_gBitUser->hasPermission( 'bit_p_read_blog' ))}</a>{/if}</h2>
{/if}
{if $blog_list_description eq 'y'}
diff --git a/templates/print_blog_post.tpl b/templates/print_blog_post.tpl
index a641d0e..4d851e4 100644
--- a/templates/print_blog_post.tpl
+++ b/templates/print_blog_post.tpl
@@ -1,7 +1,7 @@
<html>
<head>
<title>
-{if $post_info.use_title eq 'y'}{$post_info.title} {tr}posted by{/tr} {displayname hash=$post_info nolink=TRUE} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {displayname hash=$post_info}{/if}
+{if $post_info.use_title eq 'y'}{$post_info.title|escape} {tr}posted by{/tr} {displayname hash=$post_info nolink=TRUE} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {displayname hash=$post_info}{/if}
</title>
</head>
<style type="text/css">
@@ -33,7 +33,7 @@ a:hover { background-color : #deceae; }
<rdf:Description
rdf:about="{$uri}"
dc:identifer="{$uri}"
- dc:title="{if $post_info.use_title eq 'y'}{$post_info.title} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {$post_info.user}{/if}"
+ dc:title="{if $post_info.use_title eq 'y'}{$post_info.title|escape} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {$post_info.user}{/if}"
trackback:ping="{$uri2}" />
</rdf:RDF>
-->
@@ -42,7 +42,7 @@ a:hover { background-color : #deceae; }
<div class="head">
{if $post_info.use_title eq 'y'}
-<div>{$post_info.title}</div>
+<div>{$post_info.title|escape}</div>
<div class="postedby">{tr}posted by{/tr} {displayname hash=$post_info} on {$post_info.created|bit_short_datetime}</div>
{else}
<div class="postedby">{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {displayname hash=$post_info}</div>
diff --git a/templates/ranking.tpl b/templates/ranking.tpl
index ca47276..455296c 100644
--- a/templates/ranking.tpl
+++ b/templates/ranking.tpl
@@ -36,7 +36,7 @@
{/form}
{section name=ix loop=$rankings}
- <h2>{$rankings[ix].title}&nbsp;&nbsp;&nbsp; <small>[{$rankings[ix].y}]</small></h2>
+ <h2>{$rankings[ix].title|escape}&nbsp;&nbsp;&nbsp; <small>[{$rankings[ix].y}]</small></h2>
<ol>
{section name=xi loop=$rankings[ix].data}
<li class="{cycle values="even,odd"}">
diff --git a/templates/send_blog_post.tpl b/templates/send_blog_post.tpl
index 58e85c1..08e5cec 100644
--- a/templates/send_blog_post.tpl
+++ b/templates/send_blog_post.tpl
@@ -5,7 +5,7 @@
<rdf:Description
rdf:about="{$uri}"
dc:identifer="{$uri}"
- dc:title="{if $blog_data.use_title eq 'y'}{$post_info.title} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime}{tr}posted by{/tr} {$post_info.user}{/if}"
+ dc:title="{if $blog_data.use_title eq 'y'}{$post_info.title|escape} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime}{tr}posted by{/tr} {$post_info.user}{/if}"
trackback:ping="{$uri2}" />
</rdf:RDF>
-->
diff --git a/templates/view_blog_post.tpl b/templates/view_blog_post.tpl
index c189ddf..5068586 100644
--- a/templates/view_blog_post.tpl
+++ b/templates/view_blog_post.tpl
@@ -5,7 +5,7 @@
<rdf:Description
rdf:about="{$uri}"
dc:identifer="{$uri}"
- dc:title="{if $post_info.use_title eq 'y'}{$post_info.title} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {$post_info.user}{/if}"
+ dc:title="{if $post_info.use_title eq 'y'}{$post_info.title|escape} {tr}posted by{/tr} {$post_info.user} on {$post_info.created|bit_short_datetime}{else}{$post_info.created|bit_short_datetime} {tr}posted by{/tr} {$post_info.user}{/if}"
trackback:ping="{$uri2}" />
</rdf:RDF>
-->
@@ -33,7 +33,7 @@
<div class="header">
<h1>
{if $post_info.use_title eq 'y'}
- {$post_info.title}
+ {$post_info.title|escape}
{else}
{$post_info.created|bit_long_date}
{/if}
@@ -89,7 +89,7 @@
{cycle values="even,odd" print=false}
{foreach from=$post_info.trackbacks_from key=key item=item}
<tr class="{cycle}">
- <td>{$item.title}</td>
+ <td>{$item.title|escape}</td>
<td><a href="{$key}" title="{$key}" class="external">{$key|truncate:"40"}</a></td>
<td>{$item.blog_name}</td>
</tr>