From cc5ab399cc3c8f78158c8e3027cb0ecf038648dc Mon Sep 17 00:00:00 2001
From: Greg Roach ', I18N::translate('This entry is ignored if you have entered a URL into the filename field.'), ' ', I18N::translate('If you have a large number of media files, you can organize them into folders and subfolders.'), '';
if (Auth::isManager($WT_TREE)) {
- echo '';
} else {
@@ -318,7 +318,7 @@ if ($gedfile === 'FILE') {
}
} else {
echo $fileName;
- echo '';
+ echo '';
}
echo ' ';
echo '';
@@ -357,7 +357,7 @@ if (!$isExternal) {
echo '
= Filter::escapeHtml($file_to_delete) ?>= Html::escape($file_to_delete) ?>' . I18N::translate('Create') . ' — ' . Filter::escapeHtml($media_tree) . '
'; + '
' . I18N::translate('Create') . ' — ' . Html::escape($media_tree) . '
'; } } @@ -476,7 +476,7 @@ function all_media_files($media_folder, $media_path, $subfolders, $filter) { function mediaFileInfo($media_folder, $media_path, $file) { $html = '
= /* I18N: Help text for the "Data folder" site configuration setting */ I18N::translate('This folder will be used by webtrees to store media files, GEDCOM files, temporary files, etc. These files may contain private data, and should not be made available over the internet.') ?>
@@ -199,7 +199,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Memory limit') ?>= /* I18N: %s is an amount of memory, such as 32MB */ I18N::translate('By default, your server allows scripts to use %s of memory.', get_cfg_var('memory_limit')) ?> = I18N::translate('You can request a higher or lower limit, although the server may ignore this request.') ?> @@ -214,7 +214,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('PHP time limit') ?>
= I18N::plural( 'By default, your server allows scripts to run for %s second.', @@ -289,7 +289,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Session timeout') ?>
= /* I18N: Help text for the “Session timeout” site configuration setting */ I18N::translate('The time in seconds that a webtrees session remains active before requiring a new sign-in. The default is 7200, which is 2 hours.') ?> = I18N::translate('Leave this blank to use the default value.') ?> @@ -319,7 +319,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Sender name') ?>
= /* I18N: Help text for the “Sender name” site configuration setting */ I18N::translate('This name is used in the “From” field, when sending automatic emails from this server.') ?>
@@ -334,7 +334,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Server name') ?>= /* I18N: Help text for the “Server name” site configuration setting */ I18N::translate('This is the name of the SMTP server. “localhost” means that the mail service is running on the same computer as your web server.') ?>
@@ -347,7 +347,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Port number') ?>= /* I18N: Help text for the "Port number" site configuration setting */ I18N::translate('By default, SMTP works on port 25.') ?>
@@ -375,7 +375,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Username') ?>= /* I18N: Help text for the "Username" site configuration setting */ I18N::translate('The username required for authentication with the SMTP server.') ?>
@@ -414,7 +414,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Sending server name') ?>= /* I18N: Help text for the "Sending server name" site configuration setting */ I18N::translate('Many mail servers require that the sending server identifies itself correctly, using a valid domain name.') ?>
@@ -439,7 +439,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Sign-in URL') ?>= /* I18N: Help text for the "Login URL" site configuration setting */ I18N::translate('You only need to enter a Sign-in URL if you want to redirect to a different website or location when your users sign in. This is very useful if you need to switch from http to https when your users sign in. Include the full URL to login.php. For example, https://www.yourserver.com/webtrees/login.php .') ?>
@@ -464,7 +464,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Custom welcome text') ?>= /* I18N: Help text for the "Custom welcome text" site configuration setting */ I18N::translate('To set this text for other languages, you must switch to that language, and visit this page again.') ?>
@@ -521,7 +521,7 @@ echo Bootstrap4::breadcrumbs([ - value="= Filter::escapeHtml(Site::getPreference('BING_WEBMASTER_ID')) ?>" + value="= Html::escape(Site::getPreference('BING_WEBMASTER_ID')) ?>" maxlength="255" pattern="[0-9a-zA-Z+=/_:.!-]*" >@@ -542,7 +542,7 @@ echo Bootstrap4::breadcrumbs([ - value="= Filter::escapeHtml(Site::getPreference('GOOGLE_WEBMASTER_ID')) ?>" + value="= Html::escape(Site::getPreference('GOOGLE_WEBMASTER_ID')) ?>" maxlength="255" pattern="[0-9a-zA-Z+=/_:.!-]*" >
@@ -560,7 +560,7 @@ echo Bootstrap4::breadcrumbs([ Google Analytics
= I18N::translate('Tracking and analytics are not added to the control panel.') ?>
@@ -575,7 +575,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Site identification code') ?>= I18N::translate('Tracking and analytics are not added to the control panel.') ?>
@@ -600,7 +600,7 @@ echo Bootstrap4::breadcrumbs([ = /* I18N: A configuration setting */ I18N::translate('Site identification code') ?>= I18N::translate('Tracking and analytics are not added to the control panel.') ?>
diff --git a/admin_site_info.php b/admin_site_info.php index d498259580..d3dbbcada0 100644 --- a/admin_site_info.php +++ b/admin_site_info.php @@ -62,8 +62,8 @@ echo Bootstrap4::breadcrumbs([= /* I18N: Help text for the “Age at which to assume an individual is dead” configuration setting */ I18N::translate('If this individual has any events other than death, burial, or cremation more recent than this number of years, they are considered to be “alive”. Children’s birth dates are considered to be such events for this purpose.') ?> @@ -558,7 +558,7 @@ echo Bootstrap4::breadcrumbs([ name="title" required type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('title')) ?>" + value="= Html::escape($WT_TREE->getPreference('title')) ?>" > @@ -803,7 +803,7 @@ echo Bootstrap4::breadcrumbs([ name="WEBTREES_EMAIL" required type="email" - value="= Filter::escapeHtml($WT_TREE->getPreference('WEBTREES_EMAIL')) ?>" + value="= Html::escape($WT_TREE->getPreference('WEBTREES_EMAIL')) ?>" >
= /* I18N: Help text for the “webtrees reply address” configuration setting */ I18N::translate('Email address to be used in the “From:” field of emails that webtrees creates automatically.
webtrees can automatically create emails to notify administrators of changes that need to be reviewed. webtrees also sends notification emails to users who have requested an account.
Usually, the “From:” field of these automatically created emails is something like From: webtrees-noreply@yoursite to show that no response to the email is required. To guard against spam or other email abuse, some email systems require each message’s “From:” field to reflect a valid email account and will not accept messages that are apparently from account webtrees-noreply.') ?>
@@ -822,7 +822,7 @@ echo Bootstrap4::breadcrumbs([
@@ -844,7 +844,7 @@ echo Bootstrap4::breadcrumbs([
@@ -869,7 +869,7 @@ echo Bootstrap4::breadcrumbs([
maxlength="255"
name="META_TITLE"
type="text"
- value="= Filter::escapeHtml($WT_TREE->getPreference('META_TITLE')) ?>"
+ value="= Html::escape($WT_TREE->getPreference('META_TITLE')) ?>"
>
= /* I18N: Help text for the “Add to TITLE header tag” configuration setting */ I18N::translate('This text will be appended to each page title. It will be shown in the browser’s title bar, bookmarks, etc.') ?> @@ -889,7 +889,7 @@ echo Bootstrap4::breadcrumbs([ maxlength="255" name="META_DESCRIPTION" type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('META_DESCRIPTION')) ?>" + value="= Html::escape($WT_TREE->getPreference('META_DESCRIPTION')) ?>" >
= /* I18N: Help text for the “Description META tag” configuration setting */ I18N::translate('The value to place in the “meta description” tag in the HTML page header. Leave this field empty to use the name of the family tree.') ?> @@ -945,7 +945,7 @@ echo Bootstrap4::breadcrumbs([ maxlength="255" name="MEDIA_DIRECTORY" type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('MEDIA_DIRECTORY')) ?>" + value="= Html::escape($WT_TREE->getPreference('MEDIA_DIRECTORY')) ?>" >
@@ -1075,7 +1075,7 @@ echo Bootstrap4::breadcrumbs([ name="SUBLIST_TRIGGER_I" required type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('SUBLIST_TRIGGER_I')) ?>" + value="= Html::escape($WT_TREE->getPreference('SUBLIST_TRIGGER_I')) ?>" >
= /* I18N: Help text for the “Maximum number of surnames on individual list” configuration setting */ I18N::translate('Long lists of individuals with the same surname can be broken into smaller sub-lists according to the first letter of the individual’s given name.
This option determines when sub-listing of surnames will occur. To disable sub-listing completely, set this option to zero.') ?>
@@ -1142,7 +1142,7 @@ echo Bootstrap4::breadcrumbs([
name="DEFAULT_PEDIGREE_GENERATIONS"
required
type="text"
- value="= Filter::escapeHtml($WT_TREE->getPreference('DEFAULT_PEDIGREE_GENERATIONS')) ?>"
+ value="= Html::escape($WT_TREE->getPreference('DEFAULT_PEDIGREE_GENERATIONS')) ?>"
>
= /* I18N: Help text for the “Default pedigree generations” configuration setting */ I18N::translate('Set the default number of generations to display on descendancy and pedigree charts.') ?> @@ -1162,7 +1162,7 @@ echo Bootstrap4::breadcrumbs([ maxlength="5" name="MAX_PEDIGREE_GENERATIONS" type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('MAX_PEDIGREE_GENERATIONS')) ?>" + value="= Html::escape($WT_TREE->getPreference('MAX_PEDIGREE_GENERATIONS')) ?>" >
= /* I18N: Help text for the “Maximum pedigree generations” configuration setting */ I18N::translate('Set the maximum number of generations to display on pedigree charts.') ?> @@ -1182,7 +1182,7 @@ echo Bootstrap4::breadcrumbs([ maxlength="5" name="MAX_DESCENDANCY_GENERATIONS" type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('MAX_DESCENDANCY_GENERATIONS')) ?>" + value="= Html::escape($WT_TREE->getPreference('MAX_DESCENDANCY_GENERATIONS')) ?>" >
= /* I18N: Help text for the “Maximum descendancy generations” configuration setting */ I18N::translate('Set the maximum number of generations to display on descendancy charts.') ?> @@ -1249,7 +1249,7 @@ echo Bootstrap4::breadcrumbs([ maxlength="255" name="CHART_BOX_TAGS" type="text" - value="= Filter::escapeHtml($WT_TREE->getPreference('CHART_BOX_TAGS')) ?>" + value="= Html::escape($WT_TREE->getPreference('CHART_BOX_TAGS')) ?>" >
diff --git a/admin_trees_manage.php b/admin_trees_manage.php index abe665ced2..323bc2f9b1 100644 --- a/admin_trees_manage.php +++ b/admin_trees_manage.php @@ -69,10 +69,10 @@ case 'new_tree': if (Filter::checkCsrf() && $basename && $tree_title) { if (Tree::findByName($basename)) { - FlashMessages::addMessage(/* I18N: %s is the name of a family tree */ I18N::translate('The family tree “%s” already exists.', Filter::escapeHtml($basename)), 'danger'); + FlashMessages::addMessage(/* I18N: %s is the name of a family tree */ I18N::translate('The family tree “%s” already exists.', Html::escape($basename)), 'danger'); } else { Tree::create($basename, $tree_title); - FlashMessages::addMessage(/* I18N: %s is the name of a family tree */ I18N::translate('The family tree “%s” has been created.', Filter::escapeHtml($basename)), 'success'); + FlashMessages::addMessage(/* I18N: %s is the name of a family tree */ I18N::translate('The family tree “%s” has been created.', Html::escape($basename)), 'success'); } } header('Location: admin_trees_manage.php?ged=' . Filter::escapeUrl($basename)); @@ -140,7 +140,7 @@ case 'synchronize': if ($tree->getPreference('filemtime') != $filemtime) { $tree->importGedcomFile($gedcom_file, $basename); $tree->setPreference('filemtime', $filemtime); - FlashMessages::addMessage(I18N::translate('The GEDCOM file “%s” has been imported.', Filter::escapeHtml($basename)), 'success'); + FlashMessages::addMessage(I18N::translate('The GEDCOM file “%s” has been imported.', Html::escape($basename)), 'success'); } } @@ -192,9 +192,9 @@ case 'importform':= /* I18N: %s is the name of a family tree */ I18N::translate('This will delete all the genealogy data from “%s” and replace it with data from a GEDCOM file.', $tree->getTitleHtml()) ?>
-
diff --git a/app/Module/HtmlBlockModule.php b/app/Module/HtmlBlockModule.php
index 0a781f3a19..ad1a5b6a95 100644
--- a/app/Module/HtmlBlockModule.php
+++ b/app/Module/HtmlBlockModule.php
@@ -21,6 +21,7 @@ use Fisharebest\Webtrees\Filter;
use Fisharebest\Webtrees\FontAwesome;
use Fisharebest\Webtrees\Functions\FunctionsDate;
use Fisharebest\Webtrees\Functions\FunctionsEdit;
+use Fisharebest\Webtrees\Html;
use Fisharebest\Webtrees\I18N;
use Fisharebest\Webtrees\Site;
use Fisharebest\Webtrees\Stats;
@@ -273,7 +274,7 @@ class HtmlBlockModule extends AbstractModule implements ModuleBlockInterface {
= I18N::translate('Title') ?>
= I18N::translate('Usernames are case-insensitive and ignore accented letters, so that “chloe”, “chloë”, and “Chloe” are considered to be the same.') ?>
@@ -144,7 +144,7 @@ function checkform(frm) { = I18N::translate('Real name') ?>= I18N::translate('This is your real name, as you would like it displayed on screen.') ?>
@@ -233,7 +233,7 @@ function checkform(frm) { = I18N::translate('Email address') ?>= I18N::translate('This email address will be used to send password reminders, website notifications, and messages from other family members who are registered on the website.') ?>
@@ -248,7 +248,7 @@ function checkform(frm) {