Skip to content

Commit

Permalink
Fixes badly escaped strings in templates.
Browse files Browse the repository at this point in the history
  • Loading branch information
kalvn committed Sep 15, 2015
1 parent 9fee856 commit 10f77f3
Show file tree
Hide file tree
Showing 11 changed files with 31 additions and 24 deletions.
4 changes: 2 additions & 2 deletions material/daily.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,12 +37,12 @@
{if="$link.tags"}
<div class="dailyEntryTags">
{loop="link.taglist"}
{$value|htmlspecialchars} -
{$value} -
{/loop}
</div>
{/if}
<div class="dailyEntryTitle">
<a href="{$link.url}">{$link.title|htmlspecialchars}</a>
<a href="{$link.url}">{$link.title}</a>
</div>
{if="$link.thumbnail"}
<div class="dailyEntryThumbnail">{$link.thumbnail}</div>
Expand Down
6 changes: 3 additions & 3 deletions material/dailyrss.html
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
{$dateFormat=isset($GLOBALS['config']['MATERIAL_PHP_DATE_PATTERN'])?$GLOBALS['config']['MATERIAL_PHP_DATE_PATTERN']:'%c'}
{loop="links"}
<h3><a href="{$value.url}">{$value.title|htmlspecialchars}</a></h3>
<small>{if="!$GLOBALS['config']['HIDE_TIMESTAMPS']"}{function="strftime($dateFormat, $value.timestamp)"} - {/if}{if="$value.tags"}{$value.tags|htmlspecialchars}{/if}<br>
{$value.url|htmlspecialchars}</small><br>
<h3><a href="{$value.url}">{$value.title}</a></h3>
<small>{if="!$GLOBALS['config']['HIDE_TIMESTAMPS']"}{function="strftime($dateFormat, $value.timestamp)"} - {/if}{if="$value.tags"}{$value.tags}{/if}<br>
{$value.url}</small><br>
{if="$value.thumbnail"}{$value.thumbnail}{/if}<br>
{if="$value.description"}{$value.formatedDescription}{/if}
<br><br><hr>
Expand Down
10 changes: 5 additions & 5 deletions material/editlink.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,25 +17,25 @@
<form method="POST" name="linkform" class="card">
<input type="hidden" name="lf_linkdate" value="{$link.linkdate}">
<input type="hidden" name="token" value="{$token}">
{if="$http_referer"}<input type="hidden" name="returnurl" value="{$http_referer|htmlspecialchars}">{/if}
{if="$http_referer"}<input type="hidden" name="returnurl" value="{$http_referer}">{/if}

<div class="card-title">{if="!$link_is_new"}Edit a link{else}Add a new link{/if}</div>
<div class="card-body">
<div class="form-entry">
<label for="lf_url">URL</label><br/>
<input type="text" name="lf_url" id="lf_url" value="{$link.url|htmlspecialchars}" placeholder="Type a url...">
<input type="text" name="lf_url" id="lf_url" value="{$link.url}" placeholder="Type a url...">
</div>
<div class="form-entry">
<label for="lf_title">Title</label><br/>
<input type="text" name="lf_title" id="lf_title" value="{$link.title|htmlspecialchars}" placeholder="Title...">
<input type="text" name="lf_title" id="lf_title" value="{$link.title}" placeholder="Title...">
</div>
<div class="form-entry">
<label for="lf_description">Description</label><br/>
<textarea name="lf_description" id="lf_description" placeholder="Describe the link..." rows="4">{$link.description|htmlspecialchars}</textarea>
<textarea name="lf_description" id="lf_description" placeholder="Describe the link..." rows="4">{$link.description}</textarea>
</div>
<div class="form-entry">
<label for="lf_tags">Tags</label><br/>
<input type="text" id="lf_tags" name="lf_tags" id="lf_tags" value="{$link.tags|htmlspecialchars}" class="lf_input"
<input type="text" id="lf_tags" name="lf_tags" id="lf_tags" value="{$link.tags}" class="lf_input"
data-list="{loop="$tags"}{$key}, {/loop}" data-multiple autocomplete="off" />
</div>
<div class="form-entry">
Expand Down
4 changes: 2 additions & 2 deletions material/import.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,14 +8,14 @@
<div class="col-md-6 col-md-offset-3">
<form method="POST" action="?do=upload" enctype="multipart/form-data" name="uploadform" id="uploadform" class="card">
<input type="hidden" name="token" value="{$token}">
<input type="hidden" name="MAX_FILE_SIZE" value="{$maxfilesize|htmlspecialchars}">
<input type="hidden" name="MAX_FILE_SIZE" value="{$maxfilesize}">
<div class="card-title">Import links</div>
<div class="card-body">
<p>Import Netscape HTML bookmarks (as exported from Firefox/Chrome/Opera/Delicious/Diigo...).</p>
<div class="form-entry">
<label for="filetoupload">File to upload</label>
<input type="file" id="filetoupload" name="filetoupload"/>
<div class="sublabel">(Max: {$maxfilesize|htmlspecialchars} bytes)</div>
<div class="sublabel">(Max: {$maxfilesize} bytes)</div>
</div>
<div class="form-entry">
<label for="private"><input type="checkbox" name="private" id="private">Import all links as private</label>
Expand Down
7 changes: 7 additions & 0 deletions material/includes.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,13 @@
div.awesomplete > ul > li[aria-selected=true]{
background-color: {$GLOBALS['config']['MATERIAL_COLOR']};
}
div.awesomplete > ul > li[aria-selected=true]:hover{
{if="isset($GLOBALS['config']['MATERIAL_COLOR_FOCUS'])"}
background-color: {$GLOBALS['config']['MATERIAL_COLOR_FOCUS']};
{else}
background-color: {$GLOBALS['config']['MATERIAL_COLOR']};
{/if}
}
</style>
{/if}
{if="is_file('src/user.css')"}<link type="text/css" rel="stylesheet" href="src/user.css" />{/if}
Expand Down
12 changes: 6 additions & 6 deletions material/linklist.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
<div class="text-center">
<img src="images/sad_star.png" alt="Nothing found" />
</div>
<div class="nothing-found">Sorry... We found nothing{if="$search_type=='fulltext'"} for <strong>{$search_crits}</strong>{elseif="$search_type=='tags'"} for<strong>{loop="search_crits"} {$value|htmlspecialchars}{/loop}</strong>{else}{/if}.</div>
<div class="nothing-found">Sorry... We found nothing{if="$search_type=='fulltext'"} for <strong>{$search_crits}</strong>{elseif="$search_type=='tags'"} for<strong>{loop="search_crits"} {$value}{/loop}</strong>{else}{/if}.</div>
{else}
{if="$search_type=='fulltext'"}
<div id="searchcriteria">{$result_count} results for <strong>{$search_crits}</strong></div>
Expand All @@ -21,7 +21,7 @@
<div id="searchcriteria">{$result_count} results for tags <i>
{loop="search_crits"}
<span class="link-tag-filter" title="Remove tag">
<a href="?removetag={$value|htmlspecialchars}">{$value|htmlspecialchars}&nbsp;
<a href="?removetag={$value}">{$value}&nbsp;
<span class="remove">&#x2715;</span>
</a>
</span>
Expand All @@ -36,7 +36,7 @@
<div class="link-header">
<div class="row">
<div class="col-sm-8">
<a class="link-title" href="{$redirector}{$value.url|htmlspecialchars}">{$value.title|htmlspecialchars}</a>
<a class="link-title" href="{$redirector}{$value.url}">{$value.title}</a>
</div>
<div class="col-sm-4">
<div class="link-date">
Expand All @@ -46,7 +46,7 @@
<span title="Short link here"><a href="?{$value.linkdate|smallHash}">Permalink</a></span>
{/if}
{if="$GLOBALS['config']['ARCHIVE_ORG']"}
<span class="link-archive"><span> - </span><a href="https://web.archive.org/web/{$value.url|htmlspecialchars}">archive</a></span>
<span class="link-archive"><span> - </span><a href="https://web.archive.org/web/{$value.url}">archive</a></span>
{/if}
</div>
</div>
Expand All @@ -68,7 +68,7 @@
{if="$value.tags"}
<div class="link-tag-list">
{loop="value.taglist"}
<span class="link-tag" title="Add tag"><a href="?addtag={$value|urlencode}">{$value|htmlspecialchars}</a></span>
<span class="link-tag" title="Add tag"><a href="?addtag={$value|urlencode}">{$value}</a></span>
{/loop}
</div>
{/if}
Expand All @@ -78,7 +78,7 @@
{else}
<div class="col-sm-5 link-url-container">
{/if}
<a href="{$value.url|htmlspecialchars}" class="link-url"><span title="Short link">{$value.url|htmlspecialchars}</span></a>
<a href="{$value.url}" class="link-url"><span title="Short link">{$value.url}</span></a>
</div>
{if="isLoggedIn()"}
<div class="col-sm-2 link-actions">
Expand Down
2 changes: 1 addition & 1 deletion material/loginform.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@
<div class="card-footer">
<input type="submit" value="Login" class="button-raised button-primary pull-right" tabindex="4">
<input type="hidden" name="token" value="{$token}">
{if="$returnurl"}<input type="hidden" name="returnurl" value="{$returnurl|htmlspecialchars}">{/if}
{if="$returnurl"}<input type="hidden" name="returnurl" value="{$returnurl}">{/if}
<div class="clearfix"></div>
</div>
</form>
Expand Down
2 changes: 1 addition & 1 deletion material/page.footer.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,6 @@
<b><a href="https://github.com/shaarli/Shaarli">Shaarli</a></b> - The personal, minimalist, super-fast, no-database delicious clone by the <a href="https://github.com/shaarli/Shaarli">Shaarli</a> community - <a href="doc/index.html">Help</a> - Theme by <a href="https://github.com/kalvn">kalvn</a>
</div>
{if="$newversion"}
<div id="newversion"><span id="version_id">&#x25CF;</span> Shaarli {$newversion|htmlspecialchars} is <a href="https://github.com/shaarli/Shaarli/releases">available</a>.</div>
<div id="newversion"><span id="version_id">&#x25CF;</span> Shaarli {$newversion} is <a href="https://github.com/shaarli/Shaarli/releases">available</a>.</div>
{/if}
</div>
4 changes: 2 additions & 2 deletions material/page.header.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@
<div class="header-main container-fluid">
<div class="row">
<div class="col-lg-2">
<a href="?" class="header-brand">{$shaarlititle|htmlspecialchars}</a>
<a href="?" class="header-brand">{$shaarlititle}</a>
<a href="#" class="icon-rss icon-unfold pull-right hidden-lg" title="Show/hide menu"></a>
</div>
<form method="GET" method="searchform" class="col-lg-8 header-middle">
Expand All @@ -25,7 +25,7 @@


<div class="col-sm-3">
<input type="search" id="searchform_value" name="searchterm" value="{if="isset($search_type)"}{if="$search_type=='fulltext'"}{$search_crits}{elseif="$search_type=='tags'"}{loop="search_crits"}{$value|htmlspecialchars} {/loop}{else}{/if}{/if}" placeholder="Search something here..." />
<input type="search" id="searchform_value" name="searchterm" value="{if="isset($search_type)"}{if="$search_type=='fulltext'"}{$search_crits}{elseif="$search_type=='tags'"}{loop="search_crits"}{$value} {/loop}{else}{/if}{/if}" placeholder="Search something here..." />
</div>
<div class="col-sm-4">
<div class="row">
Expand Down
2 changes: 1 addition & 1 deletion material/picwall.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
<div id="picwall_container text-center">
{loop="linksToDisplay"}
<div class="picwall-pictureframe">
{$value.thumbnail}<a class="picwall-link" href="{$value.url}"><span class="info">{$value.title|htmlspecialchars}</span></a>
{$value.thumbnail}<a class="picwall-link" href="{$value.url}"><span class="info">{$value.title}</span></a>
</div>
{/loop}
</div>
Expand Down
2 changes: 1 addition & 1 deletion material/tagcloud.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
<div class="center container">
<div id="cloudtag">
{loop="tags"}
<span class="count">{$value.count}</span><a href="?searchtags={$key|urlencode}" style="font-size:{$value.size}pt;">{$key|htmlspecialchars}</a>
<span class="count">{$value.count}</span><a href="?searchtags={$key|urlencode}" style="font-size:{$value.size}pt;">{$key}</a>
{/loop}
</div>
</div>
Expand Down

0 comments on commit 10f77f3

Please sign in to comment.