fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Fix double escaping and outdated function call in document module templates

Browse source
This commit is contained in:
Kijin Sung 2019-11-25 15:43:32 +09:00
parent 9256503bea
commit 4aec371983
3 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

4
modules/document/tpl/document_list.html
View file

@ -51,7 +51,7 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
<tr loop="$document_list => $no, $oDocument">
<td class="title">
<a href="{getUrl('','document_srl',$oDocument->document_srl)}" target="_blank"><!--@if(trim($oDocument->getTitleText()))-->{htmlspecialchars($oDocument->getTitleText())}<!--@else--><em>{$lang->no_title_document}</em><!--@end--></a>
<a href="{getUrl('','document_srl',$oDocument->document_srl)}" target="_blank"><!--@if(trim($oDocument->getTitleText()))-->{escape($oDocument->getTitleText(), false)}<!--@else--><em>{$lang->no_title_document}</em><!--@end--></a>
<span cond="isset($module_list[$oDocument->get('module_srl')])">
- <a href="{getUrl('', 'mid', $module_list[$oDocument->get('module_srl')]->mid)}" target="_blank">{$module_list[$oDocument->get('module_srl')]->browser_title}</a>
@ -129,7 +129,7 @@ xe.lang.msg_empty_search_keyword = '{$lang->msg_empty_search_keyword}';
<option value="{$key}" <!--@if($search_target==$key)-->selected="selected"<!--@end-->>{$val}</option>
<!--@end-->
</select>
<input type="search" name="search_keyword" value="{htmlspecialchars($search_keyword, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}" title="{$lang->cmd_search}" />
<input type="search" name="search_keyword" value="{escape($search_keyword, false)}" title="{$lang->cmd_search}" />
<button type="submit" class="x_btn x_btn-inverse">{$lang->cmd_search}</button>
<a href="{getUrl('','module',$module,'act',$act)}" class="x_btn">{$lang->cmd_cancel}</a>
</form>

2
modules/document/tpl/document_trash_list.html
View file

@ -44,7 +44,7 @@
[{$oDocument->getTrackbackCount()}]
<!--@end-->
</td>
<td><a href="#popup_menu_area" class="member_{$oDocument->get('trash_member_srl')}">{htmlspecialchars($oDocument->get('trash_nick_name'), ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</a></td>
<td><a href="#popup_menu_area" class="member_{$oDocument->get('trash_member_srl')}">{escape($oDocument->get('trash_nick_name'), false)}</a></td>
<td>{zdate($oDocument->get('trash_date'), "Y-m-d H:i:s")}</td>
<td>{$oDocument->get('ipaddress')}</td>
<td >{$oDocument->get('trash_description')}</td>

2
modules/document/tpl/extra_keys.html
View file

@ -30,7 +30,7 @@
<div class="x_control-group">
<label class="x_control-label" for="lang_name">{$lang->column_name}</label>
<div class="x_controls">
<input type="text" name="name" id="name" value="<!--@if(strpos($selected_var->name, '$user_lang->') === false)-->{$selected_var->name}<!--@else-->{htmlspecialchars($selected_var->name, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}<!--@end-->" class="lang_code" placeholder="Ex) Your favorite color." />
<input type="text" name="name" id="name" value="<!--@if(strpos($selected_var->name, '$user_lang->') === false)-->{$selected_var->name}<!--@else-->{escape($selected_var->name, false)}<!--@end-->" class="lang_code" placeholder="Ex) Your favorite color." />
</div>
</div>
<div class="x_control-group">