summaryrefslogtreecommitdiff
path: root/templates
diff options
context:
space:
mode:
authorMax Kremmel <xing@synapse.plus.com>2006-03-25 20:50:46 +0000
committerMax Kremmel <xing@synapse.plus.com>2006-03-25 20:50:46 +0000
commitda17decc22aff823627fc89719a5980195f1811d (patch)
tree32f78d30f8be5e0870e6476f801b2606f8bf3d0a /templates
parent0ca5a3fe7358e1feda811cab02efa011c4d3aca9 (diff)
downloadnewsletters-da17decc22aff823627fc89719a5980195f1811d.tar.gz
newsletters-da17decc22aff823627fc89719a5980195f1811d.tar.bz2
newsletters-da17decc22aff823627fc89719a5980195f1811d.zip
escape htmlspecialchars on output instead of during store process
Diffstat (limited to 'templates')
-rw-r--r--templates/confirm_newsletter_subscription.tpl4
-rw-r--r--templates/edit_edition.tpl2
-rw-r--r--templates/list_editions_inc.tpl2
-rw-r--r--templates/list_newsletters.tpl4
-rw-r--r--templates/newsletters.tpl2
-rw-r--r--templates/user_subscriptions.tpl6
6 files changed, 10 insertions, 10 deletions
diff --git a/templates/confirm_newsletter_subscription.tpl b/templates/confirm_newsletter_subscription.tpl
index 7144158..6ef9f2e 100644
--- a/templates/confirm_newsletter_subscription.tpl
+++ b/templates/confirm_newsletter_subscription.tpl
@@ -1,10 +1,10 @@
{tr}Somebody or you tried to subscribe this email address at our site:{/tr} {$server_name}
-{tr}To the newsletter:{/tr} {$info.title}
+{tr}To the newsletter:{/tr} {$info.title|escape}
{tr}Description:{/tr}
{$info.description}
{tr}In order to confirm your subscription you must access the following URL:{/tr}
-{$url_subscribe}?confirm_subscription={$code} \ No newline at end of file
+{$url_subscribe}?confirm_subscription={$code}
diff --git a/templates/edit_edition.tpl b/templates/edit_edition.tpl
index 85af84f..a7244de 100644
--- a/templates/edit_edition.tpl
+++ b/templates/edit_edition.tpl
@@ -27,7 +27,7 @@
{forminput}
<select name="nl_content_id" id="nl_content_id">
{foreach from=$newsletters item=nl key=nlConId}
- <option value="{$nlConId}" {if $nl.con_id eq $nl_id}selected="selected"{/if}>{$nl.title}</option>
+ <option value="{$nlConId}" {if $nl.con_id eq $nl_id}selected="selected"{/if}>{$nl.title|escape}</option>
{/foreach}
</select>
{formhelp note="Pick the newsletter you want to post to."}
diff --git a/templates/list_editions_inc.tpl b/templates/list_editions_inc.tpl
index 7117e0c..91ed7a6 100644
--- a/templates/list_editions_inc.tpl
+++ b/templates/list_editions_inc.tpl
@@ -7,7 +7,7 @@
{/if}
</div>
- <h2><a href="{$ed.display_url}">{$ed.title}</a></h2>
+ <h2><a href="{$ed.display_url}">{$ed.title|escape}</a></h2>
<p>
{$ed.data|truncate:200:'...'}
<br />
diff --git a/templates/list_newsletters.tpl b/templates/list_newsletters.tpl
index be4b750..99954ee 100644
--- a/templates/list_newsletters.tpl
+++ b/templates/list_newsletters.tpl
@@ -26,7 +26,7 @@
{foreach key=nlId from=$newsletters item=nl}
<tr class="{cycle values='odd,even'}">
- <td><a href="{$smarty.const.NEWSLETTERS_PKG_URL}index.php?nl_id={$nlId}">{$nl.title}</a></td>
+ <td><a href="{$smarty.const.NEWSLETTERS_PKG_URL}index.php?nl_id={$nlId}">{$nl.title|escape}</a></td>
<td>{$nl.data}</td>
<td>{$nl.created|bit_short_date}</td>
<td>{$nl.last_sent|bit_short_date}</td>
@@ -35,7 +35,7 @@
<a href="{$smarty.const.NEWSLETTERS_PKG_URL}edition_edit.php?nl_id={$nl.nl_id}">{biticon ipackage=liberty iname=new iexplain="New Edition"}</a>
<a href="{$smarty.const.NEWSLETTERS_PKG_URL}newsletters.php?remove=1&amp;nl_id={$nl.nl_id}">{biticon ipackage=liberty iname=delete iexplain=Remove}</a>
<a href="{$smarty.const.NEWSLETTERS_PKG_URL}newsletters.php?&amp;nl_id={$nl.nl_id}">{biticon ipackage=liberty iname=edit iexplain=Edit}</a>
- {if $channels[user].individual eq 'y'}({/if}<a href="{$smarty.const.KERNEL_PKG_URL}object_permissions.php?objectName=newsletter%20{$nl.title}&amp;object_type={$smarty.const.BITNEWSLETTER_CONTENT_TYPE_GUID}&amp;permType=newsletters&amp;object_id={$nlId}">{biticon ipackage=liberty iname=permissions iexplain=Permissions}</a>{if $nl.individual eq 'y'}){/if}
+ {if $channels[user].individual eq 'y'}({/if}<a href="{$smarty.const.KERNEL_PKG_URL}object_permissions.php?objectName=newsletter%20{$nl.title|escape}&amp;object_type={$smarty.const.BITNEWSLETTER_CONTENT_TYPE_GUID}&amp;permType=newsletters&amp;object_id={$nlId}">{biticon ipackage=liberty iname=permissions iexplain=Permissions}</a>{if $nl.individual eq 'y'}){/if}
</td>
</tr>
{foreachelse}
diff --git a/templates/newsletters.tpl b/templates/newsletters.tpl
index bfd9323..acb3a7b 100644
--- a/templates/newsletters.tpl
+++ b/templates/newsletters.tpl
@@ -60,7 +60,7 @@
{foreach from=$newsletters item=nl key=nlId}
{if $newsletters.individual ne 'y' or $newsletters.individual_bit_p_subscribe_newsletters eq 'y'}
<tr class="{cycle values='odd,even'}">
- <td><a href="{$smarty.const.NEWSLETTERS_PKG_URL}index.php?nl_id={$nl.nl_id}">{$nl.title}</a></td>
+ <td><a href="{$smarty.const.NEWSLETTERS_PKG_URL}index.php?nl_id={$nl.nl_id}">{$nl.title|escape}</a></td>
<td>{$nl.data}</td>
</tr>
{/if}
diff --git a/templates/user_subscriptions.tpl b/templates/user_subscriptions.tpl
index fd034d3..c005c05 100644
--- a/templates/user_subscriptions.tpl
+++ b/templates/user_subscriptions.tpl
@@ -15,7 +15,7 @@
<em>
{formlabel label="In Response To"}
{forminput}
- {tr}{$subInfo.content_description}{/tr}: {$subInfo.title}
+ {tr}{$subInfo.content_description}{/tr}: {$subInfo.title|escape}
{/forminput}
</em>
</div>
@@ -31,7 +31,7 @@
{formlabel label="Subscriptions"}
{forminput}
{foreach from=$newsletters key=nlId item=nl}
- {if $nl.allow_user_sub}<input type="checkbox" name="nl_content_id[]" value="{$nlId}" {if !$unsubs.$nlId && !$subInfo.unsubscribe_all}checked="checked"{/if}/>{/if} <a href="{$nl.display_url}"/>{$nl.title}</a> <br/>
+ {if $nl.allow_user_sub}<input type="checkbox" name="nl_content_id[]" value="{$nlId}" {if !$unsubs.$nlId && !$subInfo.unsubscribe_all}checked="checked"{/if}/>{/if} <a href="{$nl.display_url}"/>{$nl.title|escape}</a> <br/>
{foreachelse}
{tr}No newsletters were found{/tr}
{/foreach}
@@ -52,4 +52,4 @@
{/strip}
{else}
{include file="bitpackage:newsletters/list_newsletters.tpl"}
-{/if} \ No newline at end of file
+{/if}