diff options
| -rw-r--r-- | apps/files_sharing/templates/public.php | 2 | ||||
| -rw-r--r-- | apps/theming/lib/ThemingDefaults.php | 9 |
2 files changed, 6 insertions, 5 deletions
diff --git a/apps/files_sharing/templates/public.php b/apps/files_sharing/templates/public.php index dd2ea855b0b..123a5cb4f53 100644 --- a/apps/files_sharing/templates/public.php +++ b/apps/files_sharing/templates/public.php @@ -120,7 +120,7 @@ $maxUploadFilesize = min($upload_max_filesize, $post_max_size); <input type="hidden" name="dir" id="dir" value="" /> <div class="hiddenuploadfield"> <input type="file" id="file_upload_start" class="hiddenuploadfield" name="files[]" - data-url="<?php print_unescaped(OCP\Util::linkTo('files', 'ajax/upload.php')); ?>" /> + data-url="<?php p(OCP\Util::linkTo('files', 'ajax/upload.php')); ?>" /> </div> <?php endif; ?> <footer> diff --git a/apps/theming/lib/ThemingDefaults.php b/apps/theming/lib/ThemingDefaults.php index 36f19157637..20625116213 100644 --- a/apps/theming/lib/ThemingDefaults.php +++ b/apps/theming/lib/ThemingDefaults.php @@ -28,6 +28,7 @@ use OCP\IConfig; use OCP\IL10N; use OCP\IURLGenerator; use OCP\Files\IRootFolder; +use OCP\Util; class ThemingDefaults extends \OC_Defaults { @@ -81,7 +82,7 @@ class ThemingDefaults extends \OC_Defaults { } public function getName() { - return $this->config->getAppValue('theming', 'name', $this->name); + return strip_tags($this->config->getAppValue('theming', 'name', $this->name)); } public function getHTMLName() { @@ -89,11 +90,11 @@ class ThemingDefaults extends \OC_Defaults { } public function getTitle() { - return $this->config->getAppValue('theming', 'name', $this->name); + return $this->getName(); } public function getEntity() { - return $this->config->getAppValue('theming', 'name', $this->name); + return $this->getName(); } public function getBaseUrl() { @@ -101,7 +102,7 @@ class ThemingDefaults extends \OC_Defaults { } public function getSlogan() { - return $this->config->getAppValue('theming', 'slogan', $this->slogan); + return Util::sanitizeHTML($this->config->getAppValue('theming', 'slogan', $this->slogan)); } public function getShortFooter() { |