harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

check that every invocation of htmlspecialchars has the right arg list

Browse Source
This commit is contained in:
friendica 2013-12-12 02:01:42 -08:00
parent b3fe221b7f
commit 941f81eb30
8 changed files with 10 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
mod/editblock.php
View File

@ -132,7 +132,7 @@ function editblock_content(&$a) {
'$pvisit' => 'none',
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title']),
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
'$placeholdertitle' => t('Set title'),
'$category' => '',
'$placeholdercategory' => t('Categories (comma-separated list)'),

2
mod/editlayout.php
View File

@ -117,7 +117,7 @@ function editlayout_content(&$a) {
'$pvisit' => 'none',
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title']),
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
'$placeholdertitle' => t('Set title'),
'$category' => '',
'$placeholdercategory' => t('Categories (comma-separated list)'),

2
mod/editpost.php
View File

@ -114,7 +114,7 @@ function editpost_content(&$a) {
'$pvisit' => 'none',
'$public' => t('Public post'),
'$jotnets' => $jotnets,
'$title' => htmlspecialchars($itm[0]['title']),
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
'$placeholdertitle' => t('Set title'),
'$category' => $category,
'$placeholdercategory' => t('Categories (comma-separated list)'),

2
mod/editwebpage.php
View File

@ -164,7 +164,7 @@ function editwebpage_content(&$a) {
'$jotnets' => $jotnets,
'$mimeselect' => $mimeselect,
'$layoutselect' => $layoutselect,
'$title' => htmlspecialchars($itm[0]['title']),
'$title' => htmlspecialchars($itm[0]['title'],ENT_COMPAT,'UTF-8'),
'$placeholdertitle' => t('Set title'),
'$category' => '',
'$placeholdercategory' => t('Categories (comma-separated list)'),

2
mod/message.php
View File

@ -321,7 +321,7 @@ function message_content(&$a) {
'$preid' => $preid,
'$subject' => t('Subject:'),
'$subjtxt' => ((x($_REQUEST,'subject')) ? strip_tags($_REQUEST['subject']) : ''),
'$text' => ((x($_REQUEST,'body')) ? escape_tags(htmlspecialchars($_REQUEST['body'])) : ''),
'$text' => ((x($_REQUEST,'body')) ? htmlspecialchars($_REQUEST['body'], ENT_COMPAT, 'UTF-8') : ''),
'$readonly' => '',
'$yourmessage' => t('Your message:'),
'$select' => $select,

2
mod/network.php
View File

@ -115,7 +115,7 @@ function network_content(&$a, $update = 0, $load = false) {
// search terms header
if($search)
$o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search) . '</h2>';
$o .= '<h2>' . t('Search Results For:') . ' ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>';
nav_set_selected('network');

6
mod/search.php
View File

@ -17,7 +17,7 @@ function search_saved_searches() {
$o .= '<h3>' . t('Saved Searches') . '</h3>' . "\r\n";
$o .= '<ul id="saved-search-ul">' . "\r\n";
foreach($r as $rr) {
$o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term']) . '</a></li>' . "\r\n";
$o .= '<li class="saved-search-li clear"><a href="search/?f=&remove=1&search=' . rawurlencode($rr['term']) . '" title="' . t('Remove term') . '" onclick="return confirmDelete();"><i class="icon-remove drop-icons"></i></a> <a href="search/?f=&search=' . $rr['term'] . '" class="savedsearchterm" >' . htmlspecialchars($rr['term'], ENT_COMPAT,'UTF-8') . '</a></li>' . "\r\n";
}
$o .= '</ul><div class="clear"></div></div>' . "\r\n";
}
@ -272,9 +272,9 @@ function search_content(&$a,$update = 0, $load = false) {
if($tag)
$o .= '<h2>Items tagged with: ' . htmlspecialchars($search) . '</h2>';
$o .= '<h2>Items tagged with: ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>';
else
$o .= '<h2>Search results for: ' . htmlspecialchars($search) . '</h2>';
$o .= '<h2>Search results for: ' . htmlspecialchars($search, ENT_COMPAT,'UTF-8') . '</h2>';
$o .= conversation($a,$items,'search',$update,'client');

2
version.inc
View File

@ -1 +1 @@
2013-12-11.524
2013-12-12.525