fanbinit/rhymix
1
0
Fork 0
mirror of https://github.com/Lastorder-DC/rhymix.git synced 2026-01-03 16:51:40 +09:00
Code Issues Projects Releases Packages Wiki Activity

Explicitly declare noescape

Browse source
This commit is contained in:
Kijin Sung 2018-10-10 13:08:24 +09:00
parent 56f20e84c0
commit aac678de48
27 changed files with 33 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

10
common/tpl/common_layout.html
View file

@ -44,7 +44,7 @@
<block loop="Context::getOpenGraphData() => $og_metadata"> <block loop="Context::getOpenGraphData() => $og_metadata">
<meta property="{$og_metadata['property']}" content="{$og_metadata['content']}" /> <meta property="{$og_metadata['property']}" content="{$og_metadata['content']}" />
</block> </block>
{Context::getHtmlHeader()} {Context::getHtmlHeader()|noescape}
<!-- COMMON JS VARIABLES --> <!-- COMMON JS VARIABLES -->
<script> <script>
@ -63,12 +63,12 @@
</head> </head>
<!-- BODY START --> <!-- BODY START -->
<body{Context::getBodyClass()}> <body{Context::getBodyClass()|noescape}>
<!-- PAGE CONTENT --> <!-- PAGE CONTENT -->
{Context::getBodyHeader()} {Context::getBodyHeader()|noescape}
{$content} {$content|noescape}
{Context::getHtmlFooter()} {Context::getHtmlFooter()|noescape}
<!-- ETC --> <!-- ETC -->
<div id="rhymix_waiting" class="wfsr" cond="!$m">{$lang->msg_call_server}</div> <div id="rhymix_waiting" class="wfsr" cond="!$m">{$lang->msg_call_server}</div>

2
common/tpl/default_layout.html
View file

@ -1 +1 @@
{$content} {$content|noescape}

2
common/tpl/popup_layout.html
View file

@ -1,7 +1,7 @@
<load target="../../modules/admin/tpl/css/admin.bootstrap.css" /> <load target="../../modules/admin/tpl/css/admin.bootstrap.css" />
<load target="../../modules/admin/tpl/css/admin.css" /> <load target="../../modules/admin/tpl/css/admin.css" />
<div class="x popup"> <div class="x popup">
{$content} {$content|noescape}
</div> </div>
<script> <script>
jQuery(function() { jQuery(function() {

2
layouts/default/layout.html
View file

@ -98,7 +98,7 @@
<!-- /LNB --> <!-- /LNB -->
<!-- CONTENT --> <!-- CONTENT -->
<div class="content" id="content"> <div class="content" id="content">
{$content} {$content|noescape}
</div> </div>
<!-- /CONTENT --> <!-- /CONTENT -->
</div> </div>

6
layouts/simple_world/layout.html
View file

@ -138,9 +138,9 @@
</section> </section>
</div> </div>
<div class="layout_content" id="content"> <div class="layout_content" id="content">
{$layout_info->before_content} {$layout_info->before_content|noescape}
{$content} {$content|noescape}
{$layout_info->after_content} {$layout_info->after_content|noescape}
</div> </div>
<!--// CONTENT --> <!--// CONTENT -->
<div class="layout_outright" cond="trim($layout_info->right_content)"> <div class="layout_outright" cond="trim($layout_info->right_content)">

2
layouts/user_layout/layout.html
View file

@ -40,7 +40,7 @@
</ul> </ul>
</div> </div>
<hr /> <hr />
<div class="content">.content{$content}</div> <div class="content">.content{$content|noescape}</div>
</div> </div>
<hr /> <hr />
<div class="footer">.footer</div> <div class="footer">.footer</div>

2
layouts/xedition/layout.html
View file

@ -371,7 +371,7 @@
<!-- /LNB --> <!-- /LNB -->
<!-- CONTENT --> <!-- CONTENT -->
<div class="content" id="content"> <div class="content" id="content">
{$content} {$content|noescape}
</div> </div>
<!--@if($layout_info->use_demo === 'Y')--> <!--@if($layout_info->use_demo === 'Y')-->
<include target="./demo/welcome_main.html" /> <include target="./demo/welcome_main.html" />

2
m.layouts/colorCode/layout.html
View file

@ -24,7 +24,7 @@
</header> </header>
<hr class="head_hr" /> <hr class="head_hr" />
<section id="ct" class="ct"> <section id="ct" class="ct">
{$content} {$content|noescape}
</section> </section>
<footer class="lo_foot"> <footer class="lo_foot">
<ul class="link"> <ul class="link">

2
m.layouts/default/layout.html
View file

@ -19,7 +19,7 @@
<!--@end--> <!--@end-->
<!--@end--> <!--@end-->
</div> </div>
{$content} {$content|noescape}
<ul class="ft"> <ul class="ft">
<!--@if($is_logged)--> <!--@if($is_logged)-->
<li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li> <li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>

2
m.layouts/simpleGray/layout.html
View file

@ -5,7 +5,7 @@
<div class="fr"><a href="{getUrl('act','dispMenuMenu','menu_srl',$layout_info->menu->main_menu->menu_srl)}" class="bn">{$lang->menu}</a></div> <div class="fr"><a href="{getUrl('act','dispMenuMenu','menu_srl',$layout_info->menu->main_menu->menu_srl)}" class="bn">{$lang->menu}</a></div>
<!--@end--> <!--@end-->
</div> </div>
{$content} {$content|noescape}
<ul class="eg ft"> <ul class="eg ft">
<!--@if($is_logged)--> <!--@if($is_logged)-->
<li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li> <li class="fl"><a href="{getUrl('act','dispMemberLogout')}">{$lang->cmd_logout}</a></li>

2
modules/admin/tpl/layout.html
View file

@ -6,7 +6,7 @@
{$lang->get('admin.msg_blacklisted_reason.'.$blacklisted_plugin_name)} {$lang->get('admin.msg_blacklisted_reason.'.$blacklisted_plugin_name)}
</p> </p>
</div> </div>
{$content} {$content|noescape}
</div> </div>
<include target="./_footer.html" /> <include target="./_footer.html" />

2
modules/admin/tpl/popup_layout.html
View file

@ -1,7 +1,7 @@
<include target="./_admin_common.html" /> <include target="./_admin_common.html" />
<div class="x"> <div class="x">
<div class="content" id="content"> <div class="content" id="content">
{$content} {$content|noescape}
</div> </div>
</div> </div>
<script>opener.top.fullSetupWinLoaded();</script> <script>opener.top.fullSetupWinLoaded();</script>

2
modules/communication/m.skins/default/read_message.html
View file

@ -4,7 +4,7 @@
<h2>{$message->title}</h2><span class="ex">{$message->nick_name} | {zdate($message->regdate, "Y.m.d H:i")}</span> <h2>{$message->title}</h2><span class="ex">{$message->nick_name} | {zdate($message->regdate, "Y.m.d H:i")}</span>
</div> </div>
<div class="co"> <div class="co">
<div class="xe_content">{$message->content}</div> <div class="xe_content">{$message->content|noescape}</div>
</div> </div>
<div class="bna"> <div class="bna">
<span class="fl"><a href="{getUrl('message_srl', '')}" class="bn white">{$lang->cmd_list}</a></span> <span class="fl"><a href="{getUrl('message_srl', '')}" class="bn white">{$lang->cmd_list}</a></span>

2
modules/communication/m.skins/default/send_message.html
View file

@ -35,7 +35,7 @@
<input type="text" name="title" id="message_title" value="{$source_message->title}"/> <input type="text" name="title" id="message_title" value="{$source_message->title}"/>
</li> </li>
<li class="xe_content"> <li class="xe_content">
{$source_message->content} {$source_message->content|noescape}
</li> </li>
<li> <li>
<label for="message_content">{$lang->content}</label> <label for="message_content">{$lang->content}</label>

2
modules/communication/m.skins/rx_prn/new_message.html
View file

@ -7,7 +7,7 @@
<a href="popup_menu_area" class="member_{$message->member_srl}">{$message->nick_name}</a> / {zdate($message->regdate, "Y-m-d H:i")} <a href="popup_menu_area" class="member_{$message->member_srl}">{$message->nick_name}</a> / {zdate($message->regdate, "Y-m-d H:i")}
</div> </div>
<div class="xe_content"> <div class="xe_content">
{$message->content} {$message->content|noescape}
</div> </div>
<div class="prn-anchor-buttons"> <div class="prn-anchor-buttons">
<a cond="$message->message_type != 'S' && $message->member_srl != $logged_info->member_srl" href="#" onclick="doSendMessage('{$message->sender_srl}','{$message->message_srl}');">{$lang->cmd_reply_message}</a> <a cond="$message->message_type != 'S' && $message->member_srl != $logged_info->member_srl" href="#" onclick="doSendMessage('{$message->sender_srl}','{$message->message_srl}');">{$lang->cmd_reply_message}</a>

2
modules/communication/m.skins/rx_prn/send_message.html
View file

@ -30,7 +30,7 @@
<label for="message_send_mail"><input type="checkbox" value="Y" name="send_mail" id="message_send_mail" /> {$lang->cmd_send_mail}</label> <label for="message_send_mail"><input type="checkbox" value="Y" name="send_mail" id="message_send_mail" /> {$lang->cmd_send_mail}</label>
<div class="rx_prn-notice info">{$lang->msg_send_mail_privacy}</div> <div class="rx_prn-notice info">{$lang->msg_send_mail_privacy}</div>
</div> </div>
{$editor} {$editor|noescape}
<div class="control-group"> <div class="control-group">
<input type="submit" value="{$lang->cmd_send_message}" /> <input type="submit" value="{$lang->cmd_send_message}" />
</div> </div>

2
modules/communication/skins/default/messages.html
View file

@ -29,7 +29,7 @@
</tr> </tr>
<tr> <tr>
<td class="xe_content"> <td class="xe_content">
{$message->content} {$message->content|noescape}
</td> </td>
</tr> </tr>
</table> </table>

2
modules/communication/skins/default/new_message.html
View file

@ -14,7 +14,7 @@
<td>{htmlspecialchars($message->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</td> <td>{htmlspecialchars($message->title, ENT_COMPAT | ENT_HTML401, 'UTF-8', false)}</td>
</tr> </tr>
<tr> <tr>
<td colspan="2" class="xe_content">{$message->content}</td> <td colspan="2" class="xe_content">{$message->content|noescape}</td>
</tr> </tr>
</table> </table>
<div class="btnArea"> <div class="btnArea">

2
modules/communication/skins/default/send_message.html
View file

@ -35,7 +35,7 @@
<td><input type="checkbox" value="Y" name="send_mail" /> {$lang->cmd_send_mail} <span class="explanation">{$lang->msg_send_mail_privacy}</span></td> <td><input type="checkbox" value="Y" name="send_mail" /> {$lang->cmd_send_mail} <span class="explanation">{$lang->msg_send_mail_privacy}</span></td>
</tr> </tr>
</table> </table>
{$editor} {$editor|noescape}
<div class="btnArea"> <div class="btnArea">
<input type="submit" value="{$lang->cmd_send_message}" class="btn btn-inverse" /> <input type="submit" value="{$lang->cmd_send_message}" class="btn btn-inverse" />
</div> </div>

2
modules/communication/skins/simple_world/new_message.html
View file

@ -6,7 +6,7 @@
<a href="popup_menu_area" class="member_{$message->member_srl}">{$message->nick_name}</a> / {zdate($message->regdate, "Y-m-d H:i")} <a href="popup_menu_area" class="member_{$message->member_srl}">{$message->nick_name}</a> / {zdate($message->regdate, "Y-m-d H:i")}
</div> </div>
<div class="xe_content"> <div class="xe_content">
{$message->content} {$message->content|noescape}
</div> </div>
<div class="sw-footer sw-anchor-buttons"> <div class="sw-footer sw-anchor-buttons">
<a cond="$message->message_type != 'S' && $message->member_srl != $logged_info->member_srl" href="#" onclick="doSendMessage('{$message->sender_srl}','{$message->message_srl}');">{$lang->cmd_reply_message}</a> <a cond="$message->message_type != 'S' && $message->member_srl != $logged_info->member_srl" href="#" onclick="doSendMessage('{$message->sender_srl}','{$message->message_srl}');">{$lang->cmd_reply_message}</a>

2
modules/communication/skins/simple_world/send_message.html
View file

@ -29,7 +29,7 @@
<br>{$lang->msg_allow_message_please} <br>{$lang->msg_allow_message_please}
</div> </div>
</div> </div>
{$editor} {$editor|noescape}
<div class="control-group"> <div class="control-group">
<input type="submit" value="{$lang->cmd_send_message}" /> <input type="submit" value="{$lang->cmd_send_message}" />
</div> </div>

2
modules/editor/tpl/config_preview.html
View file

@ -1,5 +1,5 @@
<form onSubmit="return false"> <form onSubmit="return false">
<input type="hidden" name="dummy_content" /> <input type="hidden" name="dummy_content" />
<input type="hidden" name="dummy_key" value="1" /> <input type="hidden" name="dummy_key" value="1" />
<p>{$editor}</p> <p>{$editor|noescape}</p>
</form> </form>

2
modules/editor/tpl/editor_frame.html
View file

@ -14,5 +14,5 @@
<form> <form>
<input type="hidden" name="primary_key" id="primary_key" value="" /> <input type="hidden" name="primary_key" id="primary_key" value="" />
<input type="hidden" name="content" id="content" value="" /> <input type="hidden" name="content" id="content" value="" />
{$editor} {$editor|noescape}
</form> </form>

2
modules/editor/tpl/popup.html
View file

@ -1,3 +1,3 @@
<div> <div>
{$popup_content} {$popup_content|noescape}
</div> </div>

2
modules/editor/tpl/preview.html
View file

@ -1,4 +1,4 @@
<script> <script>
top.xAddEventListener(window, 'load', function() { top.showPreviewContent({$editor_sequence}); } ); top.xAddEventListener(window, 'load', function() { top.showPreviewContent({$editor_sequence}); } );
</script> </script>
{$content} {$content|noescape}

2
modules/layout/tpl/layout_modify.html
View file

@ -1,3 +1,3 @@
<load target="js/layout_modify.js" /> <load target="js/layout_modify.js" />
<include target="header.html" /> <include target="header.html" />
{$content} {$content|noescape}

2
modules/widget/tpl/add_content_widget.html
View file

@ -15,7 +15,7 @@
</div> </div>
<div class="x_modal-body"> <div class="x_modal-body">
<div class="pageAddContent"></div> <div class="pageAddContent"></div>
<div class="editor">{$editor}</div> <div class="editor">{$editor|noescape}</div>
<script>xAddEventListener(window, 'load', doSyncPageContent);</script> <script>xAddEventListener(window, 'load', doSyncPageContent);</script>
</div> </div>
<div class="x_modal-footer"> <div class="x_modal-footer">