diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2013-02-27 22:55:39 +0100 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2013-02-27 22:55:39 +0100 |
| commit | 229c907a57a4a64730e7b58f59cb8f7f627bfaf3 (patch) | |
| tree | 560c7cdae8b7a43898832b0989b7fb3b780501a8 /core | |
| parent | 40e51d13d2fd028fa13902b12814532d1de15f5a (diff) | |
| download | nextcloud-server-229c907a57a4a64730e7b58f59cb8f7f627bfaf3.tar.gz nextcloud-server-229c907a57a4a64730e7b58f59cb8f7f627bfaf3.zip | |
[core] From echo to p
Diffstat (limited to 'core')
| -rw-r--r-- | core/templates/403.php | 4 | ||||
| -rw-r--r-- | core/templates/404.php | 4 | ||||
| -rw-r--r-- | core/templates/edit_categories_dialog.php | 6 | ||||
| -rw-r--r-- | core/templates/error.php | 4 | ||||
| -rw-r--r-- | core/templates/installation.php | 82 | ||||
| -rw-r--r-- | core/templates/layout.base.php | 16 | ||||
| -rw-r--r-- | core/templates/layout.guest.php | 20 | ||||
| -rw-r--r-- | core/templates/layout.user.php | 52 | ||||
| -rw-r--r-- | core/templates/login.php | 32 | ||||
| -rw-r--r-- | core/templates/part.pagenavi.php | 8 | ||||
| -rw-r--r-- | core/templates/update.php | 4 |
11 files changed, 116 insertions, 116 deletions
diff --git a/core/templates/403.php b/core/templates/403.php index fbf0e64fdb6..6e910fd2e82 100644 --- a/core/templates/403.php +++ b/core/templates/403.php @@ -9,7 +9,7 @@ if(!isset($_)) {//also provide standalone error page ?> <ul> <li class='error'> - <?php echo $l->t( 'Access forbidden' ); ?><br/> - <p class='hint'><?php if(isset($_['file'])) echo $_['file']?></p> + <?php p($l->t( 'Access forbidden' )); ?><br/> + <p class='hint'><?php if(isset($_['file'])) p($_['file'])?></p> </li> </ul> diff --git a/core/templates/404.php b/core/templates/404.php index c111fd70fa9..ee17f0de8e1 100644 --- a/core/templates/404.php +++ b/core/templates/404.php @@ -9,7 +9,7 @@ if(!isset($_)) {//also provide standalone error page ?> <ul> <li class='error'> - <?php echo $l->t( 'Cloud not found' ); ?><br/> - <p class='hint'><?php if(isset($_['file'])) echo $_['file']?></p> + <?php p($l->t( 'Cloud not found' )); ?><br/> + <p class='hint'><?php if(isset($_['file'])) p($_['file'])?></p> </li> </ul> diff --git a/core/templates/edit_categories_dialog.php b/core/templates/edit_categories_dialog.php index d0b7b5ee62a..ea155bdf0ba 100644 --- a/core/templates/edit_categories_dialog.php +++ b/core/templates/edit_categories_dialog.php @@ -1,19 +1,19 @@ <?php $categories = isset($_['categories'])?$_['categories']:array(); ?> -<div id="edit_categories_dialog" title="<?php echo $l->t('Edit categories'); ?>"> +<div id="edit_categories_dialog" title="<?php p($l->t('Edit categories')); ?>"> <!-- ?php print_r($types); ? --> <form method="post" id="categoryform"> <div class="scrollarea"> <ul id="categorylist"> <?php foreach($categories as $category): ?> - <li><input type="checkbox" name="categories[]" value="<?php echo $category; ?>" /><?php echo $category; ?></li> + <li><input type="checkbox" name="categories[]" value="<?php p($category); ?>" /><?php p($category); ?></li> <?php endforeach; ?> </ul> </div> <div class="bottombuttons"> <input type="text" id="category_addinput" name="category" /> - <button id="category_addbutton" disabled="disabled"><?php echo $l->t('Add'); ?></button> + <button id="category_addbutton" disabled="disabled"><?php p($l->t('Add')); ?></button> </div> </form> </div> diff --git a/core/templates/error.php b/core/templates/error.php index 4f05e008f99..3305f3fba9c 100644 --- a/core/templates/error.php +++ b/core/templates/error.php @@ -1,8 +1,8 @@ <ul> <?php foreach($_["errors"] as $error):?> <li class='error'> - <?php echo $error['error'] ?><br/> - <p class='hint'><?php if(isset($error['hint']))echo $error['hint'] ?></p> + <?php p($error['error']) ?><br/> + <p class='hint'><?php if(isset($error['hint']))p($error['hint']) ?></p> </li> <?php endforeach ?> </ul> diff --git a/core/templates/installation.php b/core/templates/installation.php index aca9648d0bf..f8c91e37eb4 100644 --- a/core/templates/installation.php +++ b/core/templates/installation.php @@ -1,8 +1,8 @@ -<input type='hidden' id='hasMySQL' value='<?php echo $_['hasMySQL'] ?>'> -<input type='hidden' id='hasSQLite' value='<?php echo $_['hasSQLite'] ?>'> -<input type='hidden' id='hasPostgreSQL' value='<?php echo $_['hasPostgreSQL'] ?>'> -<input type='hidden' id='hasOracle' value='<?php echo $_['hasOracle'] ?>'> -<input type='hidden' id='hasMSSQL' value='<?php echo $_['hasMSSQL'] ?>'> +<input type='hidden' id='hasMySQL' value='<?php p($_['hasMySQL']) ?>'> +<input type='hidden' id='hasSQLite' value='<?php p($_['hasSQLite']) ?>'> +<input type='hidden' id='hasPostgreSQL' value='<?php p($_['hasPostgreSQL']) ?>'> +<input type='hidden' id='hasOracle' value='<?php p($_['hasOracle']) ?>'> +<input type='hidden' id='hasMSSQL' value='<?php p($_['hasMSSQL']) ?>'> <form action="index.php" method="post"> <input type="hidden" name="install" value="true" /> <?php if(count($_['errors']) > 0): ?> @@ -10,10 +10,10 @@ <?php foreach($_['errors'] as $err): ?> <li> <?php if(is_array($err)):?> - <?php print $err['error']; ?> - <p class='hint'><?php print $err['hint']; ?></p> + <?php print_unescaped($err['error']); ?> + <p class='hint'><?php print_unescaped($err['hint']); ?></p> <?php else: ?> - <?php print $err; ?> + <?php print_unescaped($err); ?> <?php endif; ?> </li> <?php endforeach; ?> @@ -21,54 +21,54 @@ <?php endif; ?> <?php if(!$_['secureRNG']): ?> <fieldset class="warning"> - <legend><strong><?php echo $l->t('Security Warning');?></strong></legend> - <p><?php echo $l->t('No secure random number generator is available, please enable the PHP OpenSSL extension.');?><br/> - <?php echo $l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.');?></p> + <legend><strong><?php p($l->t('Security Warning'));?></strong></legend> + <p><?php p($l->t('No secure random number generator is available, please enable the PHP OpenSSL extension.'));?><br/> + <?php p($l->t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.'));?></p> </fieldset> <?php endif; ?> <?php if(!$_['htaccessWorking']): ?> <fieldset class="warning"> - <legend><strong><?php echo $l->t('Security Warning');?></strong></legend> - <p><?php echo $l->t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.');?><br> - <?php echo $l->t('For information how to properly configure your server, please see the <a href="http://doc.owncloud.org/server/5.0/admin_manual/installation.html" target="_blank">documentation</a>.');?></p> + <legend><strong><?php p($l->t('Security Warning'));?></strong></legend> + <p><?php p($l->t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.'));?><br> + <?php print_unescaped($l->t('For information how to properly configure your server, please see the <a href="http://doc.owncloud.org/server/5.0/admin_manual/installation.html" target="_blank">documentation</a>.'));?></p> </fieldset> <?php endif; ?> <fieldset id="adminaccount"> - <legend><?php echo $l->t( 'Create an <strong>admin account</strong>' ); ?></legend> + <legend><?php print_unescaped($l->t( 'Create an <strong>admin account</strong>' )); ?></legend> <p class="infield grouptop"> <input type="text" name="adminlogin" id="adminlogin" - value="<?php print OC_Helper::init_var('adminlogin'); ?>" autocomplete="off" autofocus required /> - <label for="adminlogin" class="infield"><?php echo $l->t( 'Username' ); ?></label> - <img class="svg" src="<?php echo image_path('', 'actions/user.svg'); ?>" alt="" /> + value="<?php p(OC_Helper::init_var('adminlogin')); ?>" autocomplete="off" autofocus required /> + <label for="adminlogin" class="infield"><?php p($l->t( 'Username' )); ?></label> + <img class="svg" src="<?php p(image_path('', 'actions/user.svg')); ?>" alt="" /> </p> <p class="infield groupbottom"> <input type="password" name="adminpass" data-typetoggle="#show" id="adminpass" - value="<?php print OC_Helper::init_var('adminpass'); ?>" /> - <label for="adminpass" class="infield"><?php echo $l->t( 'Password' ); ?></label> - <img class="svg" id="adminpass-icon" src="<?php echo image_path('', 'actions/password.svg'); ?>" alt="" /> + value="<?php p(OC_Helper::init_var('adminpass')); ?>" /> + <label for="adminpass" class="infield"><?php p($l->t( 'Password' )); ?></label> + <img class="svg" id="adminpass-icon" src="<?php print_unescaped(image_path('', 'actions/password.svg')); ?>" alt="" /> <input type="checkbox" id="show" name="show" /> <label for="show"></label> </p> </fieldset> <fieldset id="datadirField"> - <legend><a id="showAdvanced"><?php echo $l->t( 'Advanced' ); ?> <img class="svg" src="<?php echo image_path('', 'actions/caret-dark.svg'); ?>" /></a></legend> + <legend><a id="showAdvanced"><?php p($l->t( 'Advanced' )); ?> <img class="svg" src="<?php print_unescaped(image_path('', 'actions/caret-dark.svg')); ?>" /></a></legend> <div id="datadirContent"> - <label for="directory"><?php echo $l->t( 'Data folder' ); ?></label> + <label for="directory"><?php p($l->t( 'Data folder' )); ?></label> <input type="text" name="directory" id="directory" - value="<?php print OC_Helper::init_var('directory', $_['directory']); ?>" /> + value="<?php p(OC_Helper::init_var('directory', $_['directory'])); ?>" /> </div> </fieldset> <fieldset id='databaseField'> <?php if($_['hasMySQL'] or $_['hasPostgreSQL'] or $_['hasOracle'] or $_['hasMSSQL']) $hasOtherDB = true; else $hasOtherDB =false; //other than SQLite ?> - <legend><?php echo $l->t( 'Configure the database' ); ?></legend> + <legend><?php p($l->t( 'Configure the database' ); ?></legend> <div id="selectDbType"> <?php if($_['hasSQLite']): ?> <input type='hidden' id='hasSQLite' value="true" /> <?php if(!$hasOtherDB): ?> - <p>SQLite <?php echo $l->t( 'will be used' ); ?>.</p> + <p>SQLite <?php p($l->t( 'will be used' )); ?>.</p> <input type="hidden" id="dbtype" name="dbtype" value="sqlite" /> <?php else: ?> <input type="radio" name="dbtype" value="sqlite" id="sqlite" @@ -80,7 +80,7 @@ <?php if($_['hasMySQL']): ?> <input type='hidden' id='hasMySQL' value='true'/> <?php if(!$_['hasSQLite'] and !$_['hasPostgreSQL'] and !$_['hasOracle'] and !$_['hasMSSQL']): ?> - <p>MySQL <?php echo $l->t( 'will be used' ); ?>.</p> + <p>MySQL <?php p($l->t( 'will be used' )); ?>.</p> <input type="hidden" id="dbtype" name="dbtype" value="mysql" /> <?php else: ?> <input type="radio" name="dbtype" value="mysql" id="mysql" @@ -91,7 +91,7 @@ <?php if($_['hasPostgreSQL']): ?> <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasOracle'] and !$_['hasMSSQL']): ?> - <p>PostgreSQL <?php echo $l->t( 'will be used' ); ?>.</p> + <p>PostgreSQL <?php p($l->t( 'will be used' )); ?>.</p> <input type="hidden" id="dbtype" name="dbtype" value="pgsql" /> <?php else: ?> <label class="pgsql" for="pgsql">PostgreSQL</label> @@ -102,7 +102,7 @@ <?php if($_['hasOracle']): ?> <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasPostgreSQL'] and !$_['hasMSSQL']): ?> - <p>Oracle <?php echo $l->t( 'will be used' ); ?>.</p> + <p>Oracle <?php p($l->t( 'will be used' )); ?>.</p> <input type="hidden" id="dbtype" name="dbtype" value="oci" /> <?php else: ?> <label class="oci" for="oci">Oracle</label> @@ -114,7 +114,7 @@ <?php if($_['hasMSSQL']): ?> <input type='hidden' id='hasMSSQL' value='true'/> <?php if(!$_['hasSQLite'] and !$_['hasMySQL'] and !$_['hasPostgreSQL'] and !$_['hasOracle']): ?> - <p>MS SQL <?php echo $l->t( 'will be used' ); ?>.</p> + <p>MS SQL <?php p($l->t( 'will be used' )); ?>.</p> <input type="hidden" id="dbtype" name="dbtype" value="mssql" /> <?php else: ?> <label class="mssql" for="mssql">MS SQL</label> @@ -126,19 +126,19 @@ <?php if($hasOtherDB): ?> <div id="use_other_db"> <p class="infield grouptop"> - <label for="dbuser" class="infield"><?php echo $l->t( 'Database user' ); ?></label> + <label for="dbuser" class="infield"><?php p($l->t( 'Database user' )); ?></label> <input type="text" name="dbuser" id="dbuser" - value="<?php print OC_Helper::init_var('dbuser'); ?>" autocomplete="off" /> + value="<?php p(OC_Helper::init_var('dbuser')); ?>" autocomplete="off" /> </p> <p class="infield groupmiddle"> - <label for="dbpass" class="infield"><?php echo $l->t( 'Database password' ); ?></label> + <label for="dbpass" class="infield"><?php p($l->t( 'Database password' )); ?></label> <input type="password" name="dbpass" id="dbpass" - value="<?php print OC_Helper::init_var('dbpass'); ?>" /> + value="<?php p(OC_Helper::init_var('dbpass')); ?>" /> </p> <p class="infield groupmiddle"> - <label for="dbname" class="infield"><?php echo $l->t( 'Database name' ); ?></label> + <label for="dbname" class="infield"><?php p($l->t( 'Database name' )); ?></label> <input type="text" name="dbname" id="dbname" - value="<?php print OC_Helper::init_var('dbname'); ?>" + value="<?php p(OC_Helper::init_var('dbname')); ?>" autocomplete="off" pattern="[0-9a-zA-Z$_-]+" /> </p> </div> @@ -146,18 +146,18 @@ <?php if($_['hasOracle']): ?> <div id="use_oracle_db"> <p class="infield groupmiddle"> - <label for="dbtablespace" class="infield"><?php echo $l->t( 'Database tablespace' ); ?></label> + <label for="dbtablespace" class="infield"><?php p($l->t( 'Database tablespace' )); ?></label> <input type="text" name="dbtablespace" id="dbtablespace" - value="<?php print OC_Helper::init_var('dbtablespace'); ?>" autocomplete="off" /> + value="<?php p(OC_Helper::init_var('dbtablespace')); ?>" autocomplete="off" /> </p> </div> <?php endif; ?> <p class="infield groupbottom"> - <label for="dbhost" class="infield" id="dbhostlabel"><?php echo $l->t( 'Database host' ); ?></label> + <label for="dbhost" class="infield" id="dbhostlabel"><?php p($l->t( 'Database host' )); ?></label> <input type="text" name="dbhost" id="dbhost" - value="<?php print OC_Helper::init_var('dbhost', 'localhost'); ?>" /> + value="<?php p(OC_Helper::init_var('dbhost', 'localhost')); ?>" /> </p> </fieldset> - <div class="buttons"><input type="submit" class="primary" value="<?php echo $l->t( 'Finish setup' ); ?>" /></div> + <div class="buttons"><input type="submit" class="primary" value="<?php p($l->t( 'Finish setup' )); ?>" /></div> </form> diff --git a/core/templates/layout.base.php b/core/templates/layout.base.php index 47d552069a0..0ada957478e 100644 --- a/core/templates/layout.base.php +++ b/core/templates/layout.base.php @@ -3,26 +3,26 @@ <head> <title>ownCloud</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> - <link rel="shortcut icon" href="<?php echo image_path('', 'favicon.png'); ?>" /> - <link rel="apple-touch-icon-precomposed" href="<?php echo image_path('', 'favicon-touch.png'); ?>" /> + <link rel="shortcut icon" href="<?php print_unescaped(image_path('', 'favicon.png')); ?>" /> + <link rel="apple-touch-icon-precomposed" href="<?php print_unescaped(image_path('', 'favicon-touch.png')); ?>" /> <?php foreach ($_['cssfiles'] as $cssfile): ?> - <link rel="stylesheet" href="<?php echo $cssfile; ?>" type="text/css" media="screen" /> + <link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" type="text/css" media="screen" /> <?php endforeach; ?> <?php foreach ($_['jsfiles'] as $jsfile): ?> - <script type="text/javascript" src="<?php echo $jsfile; ?>"></script> + <script type="text/javascript" src="<?php print_unescaped($jsfile); ?>"></script> <?php endforeach; ?> <?php foreach ($_['headers'] as $header): ?> <?php - echo '<'.$header['tag'].' '; + print_unescaped('<'.$header['tag'].' '); foreach ($header['attributes'] as $name => $value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>)'; ?> <?php endforeach; ?> </head> <body> - <?php echo $_['content']; ?> + <?php print_unescaped($_['content']); ?> </body> </html> diff --git a/core/templates/layout.guest.php b/core/templates/layout.guest.php index a84e2b8cef7..03d58c9eae1 100644 --- a/core/templates/layout.guest.php +++ b/core/templates/layout.guest.php @@ -4,22 +4,22 @@ <title>ownCloud</title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="apple-itunes-app" content="app-id=543672169"> - <link rel="shortcut icon" href="<?php echo image_path('', 'favicon.png'); ?>" /> - <link rel="apple-touch-icon-precomposed" href="<?php echo image_path('', 'favicon-touch.png'); ?>" /> + <link rel="shortcut icon" href="<?php print_unescaped(image_path('', 'favicon.png')); ?>" /> + <link rel="apple-touch-icon-precomposed" href="<?php print_unescaped(image_path('', 'favicon-touch.png')); ?>" /> <?php foreach($_['cssfiles'] as $cssfile): ?> - <link rel="stylesheet" href="<?php echo $cssfile; ?>" type="text/css" media="screen" /> + <link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" type="text/css" media="screen" /> <?php endforeach; ?> <?php foreach($_['jsfiles'] as $jsfile): ?> - <script type="text/javascript" src="<?php echo $jsfile; ?>"></script> + <script type="text/javascript" src="<?php print_unescaped($jsfile); ?>"></script> <?php endforeach; ?> <?php foreach($_['headers'] as $header): ?> <?php - echo '<'.$header['tag'].' '; + print_unescaped('<'.$header['tag'].' '); foreach($header['attributes'] as $name=>$value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>'); ?> <?php endforeach; ?> </head> @@ -27,11 +27,11 @@ <body id="body-login"> <div id="login"> <header><div id="header"> - <img src="<?php echo image_path('', 'logo.svg'); ?>" class="svg" alt="ownCloud" /> + <img src="<?php print_unescaped(image_path('', 'logo.svg')); ?>" class="svg" alt="ownCloud" /> </div></header> - <?php echo $_['content']; ?> + <?php print_unescaped($_['content']); ?> </div> <footer><p class="info"><a href="http://owncloud.org/">ownCloud</a> – - <?php echo $l->t( 'web services under your control' ); ?></p></footer> + <?php p($l->t( 'web services under your control' )); ?></p></footer> </body> </html> diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php index 10540cfe362..2b53cc0ae5d 100644 --- a/core/templates/layout.user.php +++ b/core/templates/layout.user.php @@ -1,56 +1,56 @@ <!DOCTYPE html> <html class="ng-csp"> <head> - <title><?php echo !empty($_['application'])?$_['application'].' | ':'' ?>ownCloud - <?php echo !empty($_['user_displayname'])?' ('.$_['user_displayname'].') ':'' ?></title> + <title><?php p(!empty($_['application'])?$_['application'].' | ':'') ?>ownCloud + <?php p(!empty($_['user_displayname'])?' ('.$_['user_displayname'].') ':'') ?></title> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="apple-itunes-app" content="app-id=543672169"> - <link rel="shortcut icon" href="<?php echo image_path('', 'favicon.png'); ?>" /> - <link rel="apple-touch-icon-precomposed" href="<?php echo image_path('', 'favicon-touch.png'); ?>" /> + <link rel="shortcut icon" href="<?php print_unescaped(image_path('', 'favicon.png')); ?>" /> + <link rel="apple-touch-icon-precomposed" href="<?php print_unescaped(image_path('', 'favicon-touch.png')); ?>" /> <?php foreach($_['cssfiles'] as $cssfile): ?> - <link rel="stylesheet" href="<?php echo $cssfile; ?>" type="text/css" media="screen" /> + <link rel="stylesheet" href="<?php print_unescaped($cssfile); ?>" type="text/css" media="screen" /> <?php endforeach; ?> <?php foreach($_['jsfiles'] as $jsfile): ?> - <script type="text/javascript" src="<?php echo $jsfile; ?>"></script> + <script type="text/javascript" src="<?php print_unescaped($jsfile); ?>"></script> <?php endforeach; ?> <?php foreach($_['headers'] as $header): ?> <?php - echo '<'.$header['tag'].' '; + print_unescaped('<'.$header['tag'].' '); foreach($header['attributes'] as $name=>$value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>'); ?> <?php endforeach; ?> </head> - <body id="<?php echo $_['bodyid'];?>"> + <body id="<?php p($_['bodyid']);?>"> <div id="notification-container"> <div id="notification"></div> </div> <header><div id="header"> - <a href="<?php echo link_to('', 'index.php'); ?>" title="" id="owncloud"><img class="svg" - src="<?php echo image_path('', 'logo-wide.svg'); ?>" alt="ownCloud" /></a> + <a href="<?php print_unescaped(link_to('', 'index.php')); ?>" title="" id="owncloud"><img class="svg" + src="<?php print_unescaped(image_path('', 'logo-wide.svg')); ?>" alt="ownCloud" /></a> <ul id="settings" class="svg"> <span id="expand"> - <span id="expandDisplayName"><?php echo $_['user_displayname'] ?></span> - <img class="svg" src="<?php echo image_path('', 'actions/caret.svg'); ?>" /> + <span id="expandDisplayName"><?php p($_['user_displayname']) ?></span> + <img class="svg" src="<?php print_unescaped(image_path('', 'actions/caret.svg')); ?>" /> </span> <div id="expanddiv"> <?php foreach($_['settingsnavigation'] as $entry):?> <li> - <a href="<?php echo $entry['href']; ?>" title="" + <a href="<?php print_unescaped($entry['href']); ?>" title="" <?php if( $entry["active"] ): ?> class="active"<?php endif; ?>> - <img class="svg" alt="" src="<?php echo $entry['icon']; ?>"> - <?php echo $entry['name'] ?> + <img class="svg" alt="" src="<?php print_unescaped($entry['icon']); ?>"> + <?php p($entry['name']) ?> </a> </li> <?php endforeach; ?> <li> - <a id="logout" href="<?php echo link_to('', 'index.php'); ?>?logout=true"> - <img class="svg" alt="" src="<?php echo image_path('', 'actions/logout.svg'); ?>" /> - <?php echo $l->t('Log out');?> + <a id="logout" href="<?php print_unescaped(link_to('', 'index.php')); ?>?logout=true"> + <img class="svg" alt="" src="<?php print_unescaped(image_path('', 'actions/logout.svg')); ?>" /> + <?php p($l->t('Log out'));?> </a> </li> </div> @@ -58,7 +58,7 @@ <form class="searchbox" action="#" method="post"> <input id="searchbox" class="svg" type="search" name="query" - value="<?php if(isset($_POST['query'])) {echo OC_Util::sanitizeHTML($_POST['query']);};?>" + value="<?php if(isset($_POST['query'])) {p($_POST['query']);};?>" autocomplete="off" x-webkit-speech /> </form> </div></header> @@ -66,11 +66,11 @@ <nav><div id="navigation"> <ul id="apps" class="svg"> <?php foreach($_['navigation'] as $entry): ?> - <li data-id="<?php echo $entry['id']; ?>"> - <a href="<?php echo $entry['href']; ?>" title="" + <li data-id="<?php p($entry['id']); ?>"> + <a href="<?php print_unescaped($entry['href']); ?>" title="" <?php if( $entry['active'] ): ?> class="active"<?php endif; ?>> - <img class="icon svg" src="<?php echo $entry['icon']; ?>"/> - <?php echo $entry['name']; ?> + <img class="icon svg" src="<?php print_unescaped($entry['icon']); ?>"/> + <?php p($entry['name']); ?> </a> </li> <?php endforeach; ?> @@ -79,7 +79,7 @@ <div id="content-wrapper"> <div id="content"> - <?php echo $_['content']; ?> + <?php print_unescaped($_['content']); ?> </div> </div> </body> diff --git a/core/templates/login.php b/core/templates/login.php index 3be2b039b03..463b951c80f 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -2,54 +2,54 @@ <form method="post"> <fieldset> <?php if (!empty($_['redirect_url'])) { - echo '<input type="hidden" name="redirect_url" value="' . $_['redirect_url'] . '" />'; + print_unescaped('<input type="hidden" name="redirect_url" value="' . OC_Util::sanitizeHTML($_['redirect_url']) . '" />'); } ?> <ul> <?php if (isset($_['invalidcookie']) && ($_['invalidcookie'])): ?> <li class="errors"> - <?php echo $l->t('Automatic logon rejected!'); ?><br> - <small><?php echo $l->t('If you did not change your password recently, your account may be compromised!'); ?></small> + <?php p($l->t('Automatic logon rejected!')); ?><br> + <small><?php p($l->t('If you did not change your password recently, your account may be compromised!')); ?></small> <br> - <small><?php echo $l->t('Please change your password to secure your account again.'); ?></small> + <small><?php p($l->t('Please change your password to secure your account again.')); ?></small> </li> <?php endif; ?> <?php if (isset($_['invalidpassword']) && ($_['invalidpassword'])): ?> - <a href="<?php echo OC_Helper::linkToRoute('core_lostpassword_index') ?>"> + <a href="<?php print_unescaped(OC_Helper::linkToRoute('core_lostpassword_index')) ?>"> <li class="errors"> - <?php echo $l->t('Lost your password?'); ?> + <?php p($l->t('Lost your password?')); ?> </li> </a> <?php endif; ?> </ul> <p class="infield grouptop"> <input type="text" name="user" id="user" - value="<?php echo $_['username']; ?>"<?php echo $_['user_autofocus'] ? ' autofocus' : ''; ?> + value="<?php p($_['username']); ?>"<?php p($_['user_autofocus'] ? ' autofocus' : ''); ?> autocomplete="on" required/> - <label for="user" class="infield"><?php echo $l->t('Username'); ?></label> - <img class="svg" src="<?php echo image_path('', 'actions/user.svg'); ?>" alt=""/> + <label for="user" class="infield"><?php p($l->t('Username')); ?></label> + <img class="svg" src="<?php print_unescaped(image_path('', 'actions/user.svg')); ?>" alt=""/> </p> <p class="infield groupbottom"> <input type="password" name="password" id="password" value="" data-typetoggle="#show" - required<?php echo $_['user_autofocus'] ? '' : ' autofocus'; ?> /> - <label for="password" class="infield"><?php echo $l->t('Password'); ?></label> - <img class="svg" id="password-icon" src="<?php echo image_path('', 'actions/password.svg'); ?>" alt=""/> + required<?php p($_['user_autofocus'] ? '' : ' autofocus'); ?> /> + <label for="password" class="infield"><?php p($l->t('Password')); ?></label> + <img class="svg" id="password-icon" src="<?php print_unescaped(image_path('', 'actions/password.svg')); ?>" alt=""/> <input type="checkbox" id="show" name="show" /> <label for="show"></label> </p> <input type="checkbox" name="remember_login" value="1" id="remember_login"/><label - for="remember_login"><?php echo $l->t('remember'); ?></label> + for="remember_login"><?php p($l->t('remember')); ?></label> <input type="hidden" name="timezone-offset" id="timezone-offset"/> - <input type="submit" id="submit" class="login primary" value="<?php echo $l->t('Log in'); ?>"/> + <input type="submit" id="submit" class="login primary" value="<?php p($l->t('Log in')); ?>"/> </fieldset> </form> <?php if (!empty($_['alt_login'])) { ?> <form id="alternative-logins"> <fieldset> - <legend><?php echo $l->t('Alternative Logins') ?></legend> + <legend><?php p($l->t('Alternative Logins')) ?></legend> <ul> <?php foreach($_['alt_login'] as $login): ?> - <li><a class="button" href="<?php echo $login['href']; ?>" ><?php echo $login['name']; ?></a></li> + <li><a class="button" href="<?php print_unescaped($login['href']); ?>" ><?php p($login['name']); ?></a></li> <?php endforeach; ?> </ul> </fieldset> diff --git a/core/templates/part.pagenavi.php b/core/templates/part.pagenavi.php index d43023a7822..2f5c2183765 100644 --- a/core/templates/part.pagenavi.php +++ b/core/templates/part.pagenavi.php @@ -1,15 +1,15 @@ <ol class="pager"> <?php if($_['page']>0):?> - <li class="pagerbutton1"><a href="<?php echo $_['url'].($_['page']-1);?>"><?php echo $l->t( 'prev' ); ?></a></li> + <li class="pagerbutton1"><a href="<?php print_unescaped($_['url'].($_['page']-1));?>"><?php p($l->t( 'prev' )); ?></a></li> <?php endif; ?> <?php if ($_['pagestart']>0):?> … <?php endif;?> <?php for ($i=$_['pagestart']; $i < $_['pagestop'];$i++):?> <?php if ($_['page']!=$i):?> - <li><a href="<?php echo $_['url'].$i;?>"><?php echo $i+1;?></a></li> + <li><a href="<?php print_unescaped($_['url'].$i);?>"><?php p($i+1);?></a></li> <?php else:?> - <li><?php echo $i+1;?></li> + <li><?php p($i+1);?></li> <?php endif?> <?php endfor;?> <?php if ($_['pagestop']<$_['pagecount']):?> @@ -17,6 +17,6 @@ <?php endif;?> <?php if(($_['page']+1)<$_['pagecount']):?> - <li class="pagerbutton2"><a href="<?php echo $_['url'].($_['page']+1);?>"><?php echo $l->t( 'next' ); ?></a></li> + <li class="pagerbutton2"><a href="<?php print_unescaped($_['url'].($_['page']+1));?>"><?php p($l->t( 'next' )); ?></a></li> <?php endif; ?> </ol> diff --git a/core/templates/update.php b/core/templates/update.php index 685a5536d06..a652d5f195a 100644 --- a/core/templates/update.php +++ b/core/templates/update.php @@ -1,6 +1,6 @@ <ul> <li class='update'> - <?php echo $l->t('Updating ownCloud to version %s, this may take a while.', - array($_['version'])); ?><br /><br /> + <?php p($l->t('Updating ownCloud to version %s, this may take a while.', + array($_['version']))); ?><br /><br /> </li> </ul> |