summaryrefslogtreecommitdiffstats
path: root/apps
diff options
context:
space:
mode:
Diffstat (limited to 'apps')
-rw-r--r--apps/calendar/index.php4
-rw-r--r--apps/calendar/lib/app.php4
-rw-r--r--apps/calendar/templates/part.choosecalendar.rowfields.php4
-rw-r--r--apps/calendar/templates/part.choosecalendar.rowfields.shared.php2
-rw-r--r--apps/calendar/templates/part.eventform.php8
-rw-r--r--apps/calendar/templates/part.import.php2
-rw-r--r--apps/calendar/templates/part.showevent.php6
-rw-r--r--apps/contacts/templates/part.contacts.php2
-rw-r--r--apps/files/ajax/list.php2
-rw-r--r--apps/files/index.php14
-rw-r--r--apps/files/templates/index.php2
-rw-r--r--apps/files_external/templates/settings.php2
-rw-r--r--apps/gallery/lib/tiles.php4
-rw-r--r--apps/tasks/templates/part.taskform.php2
-rw-r--r--apps/user_ldap/settings.php2
-rw-r--r--apps/user_openid/settings.php2
16 files changed, 31 insertions, 31 deletions
diff --git a/apps/calendar/index.php b/apps/calendar/index.php
index cf03a7a3cd3..05a808a5ae0 100644
--- a/apps/calendar/index.php
+++ b/apps/calendar/index.php
@@ -54,9 +54,9 @@ OCP\Util::addscript('contacts','jquery.multi-autocomplete');
OCP\Util::addscript('','oc-vcategories');
OCP\App::setActiveNavigationEntry('calendar_index');
$tmpl = new OCP\Template('calendar', 'calendar', 'user');
-$tmpl->assign('eventSources', $eventSources);
+$tmpl->assign('eventSources', $eventSources,false);
$tmpl->assign('categories', $categories);
if(array_key_exists('showevent', $_GET)){
- $tmpl->assign('showevent', $_GET['showevent']);
+ $tmpl->assign('showevent', $_GET['showevent'], false);
}
$tmpl->printPage();
diff --git a/apps/calendar/lib/app.php b/apps/calendar/lib/app.php
index 2cd28c0f782..ff7ad1cb937 100644
--- a/apps/calendar/lib/app.php
+++ b/apps/calendar/lib/app.php
@@ -377,8 +377,8 @@ class OC_Calendar_App{
$lastmodified = ($last_modified)?$last_modified->getDateTime()->format('U'):0;
$output = array('id'=>(int)$event['id'],
- 'title' => htmlspecialchars(($event['summary']!=NULL || $event['summary'] != '')?$event['summary']: self::$l10n->t('unnamed')),
- 'description' => isset($vevent->DESCRIPTION)?htmlspecialchars($vevent->DESCRIPTION->value):'',
+ 'title' => ($event['summary']!=NULL || $event['summary'] != '')?$event['summary']: self::$l10n->t('unnamed'),
+ 'description' => isset($vevent->DESCRIPTION)?$vevent->DESCRIPTION->value:'',
'lastmodified'=>$lastmodified);
$dtstart = $vevent->DTSTART;
diff --git a/apps/calendar/templates/part.choosecalendar.rowfields.php b/apps/calendar/templates/part.choosecalendar.rowfields.php
index 268c3356011..965523f847a 100644
--- a/apps/calendar/templates/part.choosecalendar.rowfields.php
+++ b/apps/calendar/templates/part.choosecalendar.rowfields.php
@@ -1,8 +1,8 @@
<?php
echo '<td width="20px"><input id="active_' . $_['calendar']['id'] . '" type="checkbox" onClick="Calendar.UI.Calendar.activation(this,' . $_['calendar']['id'] . ')"' . ($_['calendar']['active'] ? ' checked="checked"' : '') . '></td>';
-echo '<td id="' . OCP\USER::getUser() . '_' . $_['calendar']['id'] . '"><label for="active_' . $_['calendar']['id'] . '">' . htmlspecialchars($_['calendar']['displayname']) . '</label></td>';
+echo '<td id="' . OCP\USER::getUser() . '_' . $_['calendar']['id'] . '"><label for="active_' . $_['calendar']['id'] . '">' . $_['calendar']['displayname'] . '</label></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.Share.dropdown(\'' . OCP\USER::getUser() . '\', \'' . $_['calendar']['id'] . '\');" title="' . $l->t("Share Calendar") . '" class="action"><img class="svg action" src="' . ((!$_['shared']) ? OCP\Util::imagePath('core', 'actions/share.svg') : OCP\Util::imagePath('core', 'actions/shared.svg')) . '"></a></td>';
-echo '<td width="20px"><a href="#" onclick="Calendar.UI.showCalDAVUrl(\'' . OCP\USER::getUser() . '\', \'' . htmlentities($_['calendar']['uri']) . '\');" title="' . $l->t("CalDav Link") . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/public.svg').'"></a></td>';
+echo '<td width="20px"><a href="#" onclick="Calendar.UI.showCalDAVUrl(\'' . OCP\USER::getUser() . '\', \'' . $_['calendar']['uri'] . '\');" title="' . $l->t("CalDav Link") . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/public.svg').'"></a></td>';
echo '<td width="20px"><a href="?app=calendar&getfile=export.php?calid=' . $_['calendar']['id'] . '" title="' . $l->t('Download') . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/download.svg').'"></a></td>';
echo '<td width="20px"><a href="#" title="' . $l->t('Edit') . '" class="action" onclick="Calendar.UI.Calendar.edit(this, ' . $_['calendar']['id'] . ');"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/rename.svg').'"></a></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.Calendar.deleteCalendar(\'' . $_['calendar']['id'] . '\');" title="' . $l->t('Delete') . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/delete.svg').'"></a></td>';
diff --git a/apps/calendar/templates/part.choosecalendar.rowfields.shared.php b/apps/calendar/templates/part.choosecalendar.rowfields.shared.php
index 6a212858a21..a23266da0c3 100644
--- a/apps/calendar/templates/part.choosecalendar.rowfields.shared.php
+++ b/apps/calendar/templates/part.choosecalendar.rowfields.shared.php
@@ -1,4 +1,4 @@
<?php
echo '<td width="20px"><input id="active_' . $_['share']['owner'] . '_' . $_['share']['calendar']['id'] . '" type="checkbox" onClick="Calendar.UI.Share.activation(this,\'' . $_['share']['owner'] . '\',' . $_['share']['calendar']['id'] . ')"' . ($_['share']['active'] ? ' checked="checked"' : '') . '></td>';
-echo '<td><label for="active_' . $_['share']['owner'] . '_' . $_['share']['calendar']['id'] . '">' . htmlspecialchars($_['share']['calendar']['displayname']) . '</label></td>';
+echo '<td><label for="active_' . $_['share']['owner'] . '_' . $_['share']['calendar']['id'] . '">' . $_['share']['calendar']['displayname'] . '</label></td>';
echo '<td style="font-style: italic;">' . $l->t('shared with you by') . ' ' . $_['share']['owner'] . '</td>'; \ No newline at end of file
diff --git a/apps/calendar/templates/part.eventform.php b/apps/calendar/templates/part.eventform.php
index 2d86ce4d318..95eecf26223 100644
--- a/apps/calendar/templates/part.eventform.php
+++ b/apps/calendar/templates/part.eventform.php
@@ -18,7 +18,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
<tr>
<th width="75px"><?php echo $l->t("Title");?>:</th>
<td>
- <input type="text" style="width:350px;" size="100" placeholder="<?php echo $l->t("Title of the Event");?>" value="<?php echo isset($_['title']) ? htmlspecialchars($_['title']) : '' ?>" maxlength="100" name="title"/>
+ <input type="text" style="width:350px;" size="100" placeholder="<?php echo $l->t("Title of the Event");?>" value="<?php echo isset($_['title']) ? $_['title'] : '' ?>" maxlength="100" name="title"/>
</td>
</tr>
</table>
@@ -26,7 +26,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
<tr>
<th width="75px"><?php echo $l->t("Category");?>:</th>
<td>
- <input id="category" name="categories" type="text" placeholder="<?php echo $l->t('Separate categories with commas'); ?>" value="<?php echo isset($_['categories']) ? htmlspecialchars($_['categories']) : '' ?>">
+ <input id="category" name="categories" type="text" placeholder="<?php echo $l->t('Separate categories with commas'); ?>" value="<?php echo isset($_['categories']) ? $_['categories'] : '' ?>">
<a class="action edit" onclick="$(this).tipsy('hide');OCCategories.edit();" title="<?php echo $l->t('Edit categories'); ?>"><img alt="<?php echo $l->t('Edit categories'); ?>" src="<?php echo OCP\image_path('core','actions/rename.svg')?>" class="svg action" style="width: 16px; height: 16px;"></a>
</td>
<?php if(count($_['calendar_options']) > 1) { ?>
@@ -80,7 +80,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
<tr>
<th width="85px"><?php echo $l->t("Location");?>:</th>
<td>
- <input type="text" style="width:350px;" size="100" placeholder="<?php echo $l->t("Location of the Event");?>" value="<?php echo isset($_['location']) ? htmlspecialchars($_['location']) : '' ?>" maxlength="100" name="location" />
+ <input type="text" style="width:350px;" size="100" placeholder="<?php echo $l->t("Location of the Event");?>" value="<?php echo isset($_['location']) ? $_['location'] : '' ?>" maxlength="100" name="location" />
</td>
</tr>
</table>
@@ -88,7 +88,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
<tr>
<th width="85px" style="vertical-align: top;"><?php echo $l->t("Description");?>:</th>
<td>
- <textarea style="width:350px;height: 150px;" placeholder="<?php echo $l->t("Description of the Event");?>" name="description"><?php echo isset($_['description']) ? htmlspecialchars($_['description']) : '' ?></textarea>
+ <textarea style="width:350px;height: 150px;" placeholder="<?php echo $l->t("Description of the Event");?>" name="description"><?php echo isset($_['description']) ? $_['description'] : '' ?></textarea>
</td>
</tr>
</table>
diff --git a/apps/calendar/templates/part.import.php b/apps/calendar/templates/part.import.php
index b966100cc11..70ff9612157 100644
--- a/apps/calendar/templates/part.import.php
+++ b/apps/calendar/templates/part.import.php
@@ -9,7 +9,7 @@
$calendar_options = OC_Calendar_Calendar::allCalendars(OCP\USER::getUser());
$calendar_options[] = array('id'=>'newcal', 'displayname'=>$l->t('create a new calendar'));
for($i = 0;$i<count($calendar_options);$i++){
- $calendar_options[$i]['displayname'] = htmlspecialchars($calendar_options[$i]['displayname']);
+ $calendar_options[$i]['displayname'] = $calendar_options[$i]['displayname'];
}
echo OCP\html_select_options($calendar_options, $calendar_options[0]['id'], array('value'=>'id', 'label'=>'displayname'));
?>
diff --git a/apps/calendar/templates/part.showevent.php b/apps/calendar/templates/part.showevent.php
index 3646baf5bb7..a5bbfd5b8f5 100644
--- a/apps/calendar/templates/part.showevent.php
+++ b/apps/calendar/templates/part.showevent.php
@@ -10,7 +10,7 @@
<tr>
<th width="75px"><?php echo $l->t("Title");?>:</th>
<td>
- <?php echo isset($_['title']) ? htmlspecialchars($_['title']) : '' ?>
+ <?php echo isset($_['title']) ? $_['title'] : '' ?>
</td>
</tr>
</table>
@@ -79,7 +79,7 @@
<tr>
<th width="85px"><?php echo $l->t("Location");?>:</th>
<td>
- <?php echo isset($_['location']) ? htmlspecialchars($_['location']) : '' ?>
+ <?php echo isset($_['location']) ? $_['location'] : '' ?>
</td>
</tr>
</table>
@@ -87,7 +87,7 @@
<tr>
<th width="85px" style="vertical-align: top;"><?php echo $l->t("Description");?>:</th>
<td>
- <?php echo isset($_['description']) ? htmlspecialchars($_['description']) : '' ?></textarea>
+ <?php echo isset($_['description']) ? $_['description'] : '' ?></textarea>
</tr>
</table>
</div>
diff --git a/apps/contacts/templates/part.contacts.php b/apps/contacts/templates/part.contacts.php
index 57517505405..00a61f72fdd 100644
--- a/apps/contacts/templates/part.contacts.php
+++ b/apps/contacts/templates/part.contacts.php
@@ -8,5 +8,5 @@
}
}
?>
- <li role="button" book-id="<?php echo $contact['addressbookid']; ?>" data-id="<?php echo $contact['id']; ?>"><a href="index.php?id=<?php echo $contact['id']; ?>"><?php echo htmlspecialchars($display); ?></a></li>
+ <li role="button" book-id="<?php echo $contact['addressbookid']; ?>" data-id="<?php echo $contact['id']; ?>"><a href="index.php?id=<?php echo $contact['id']; ?>"><?php echo $display; ?></a></li>
<?php endforeach; ?>
diff --git a/apps/files/ajax/list.php b/apps/files/ajax/list.php
index ceb8d158580..f0600a179d0 100644
--- a/apps/files/ajax/list.php
+++ b/apps/files/ajax/list.php
@@ -38,7 +38,7 @@ foreach( OC_Files::getdirectorycontent( $dir ) as $i ){
}
$list = new OCP\Template( "files", "part.list", "" );
-$list->assign( "files", $files );
+$list->assign( "files", $files, false );
$data = array('files' => $list->fetchPage());
OCP\JSON::success(array('data' => $data));
diff --git a/apps/files/index.php b/apps/files/index.php
index 60a3836cb59..ed36c5edab0 100644
--- a/apps/files/index.php
+++ b/apps/files/index.php
@@ -73,12 +73,12 @@ foreach( explode( '/', $dir ) as $i ){
// make breadcrumb und filelist markup
$list = new OCP\Template( 'files', 'part.list', '' );
-$list->assign( 'files', $files );
-$list->assign( 'baseURL', OCP\Util::linkTo('files', 'index.php').'&dir=');
-$list->assign( 'downloadURL', OCP\Util::linkTo('files', 'download.php').'?file=');
+$list->assign( 'files', $files, false );
+$list->assign( 'baseURL', OCP\Util::linkTo('files', 'index.php').'&dir=', false);
+$list->assign( 'downloadURL', OCP\Util::linkTo('files', 'download.php').'?file=', false);
$breadcrumbNav = new OCP\Template( 'files', 'part.breadcrumb', '' );
-$breadcrumbNav->assign( 'breadcrumb', $breadcrumb );
-$breadcrumbNav->assign( 'baseURL', OCP\Util::linkTo('files', 'index.php').'&dir=');
+$breadcrumbNav->assign( 'breadcrumb', $breadcrumb, false );
+$breadcrumbNav->assign( 'baseURL', OCP\Util::linkTo('files', 'index.php').'&dir=', false);
$upload_max_filesize = OCP\Util::computerFileSize(ini_get('upload_max_filesize'));
$post_max_size = OCP\Util::computerFileSize(ini_get('post_max_size'));
@@ -89,8 +89,8 @@ $freeSpace=max($freeSpace,0);
$maxUploadFilesize = min($maxUploadFilesize ,$freeSpace);
$tmpl = new OCP\Template( 'files', 'index', 'user' );
-$tmpl->assign( 'fileList', $list->fetchPage() );
-$tmpl->assign( 'breadcrumb', $breadcrumbNav->fetchPage() );
+$tmpl->assign( 'fileList', $list->fetchPage(), false );
+$tmpl->assign( 'breadcrumb', $breadcrumbNav->fetchPage(), false );
$tmpl->assign( 'dir', $dir);
$tmpl->assign( 'readonly', !OC_Filesystem::is_writable($dir.'/'));
$tmpl->assign( 'files', $files );
diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php
index 3bd5a1ceef4..44000171a17 100644
--- a/apps/files/templates/index.php
+++ b/apps/files/templates/index.php
@@ -15,7 +15,7 @@
<form data-upload-id='1' class="file_upload_form" action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target_1">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
- <input type="hidden" name="dir" value="<?php echo htmlentities($_['dir'],ENT_COMPAT,'utf-8') ?>" id="dir">
+ <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
<button class="file_upload_filename">&nbsp;<img class='svg action' alt="Upload" src="<?php echo OCP\image_path("core", "actions/upload-white.svg"); ?>" /></button>
<input class="file_upload_start" type="file" name='files[]'/>
<a href="#" class="file_upload_button_wrapper" onclick="return false;" title="<?php echo $l->t('Upload'); echo ' max. '.$_['uploadMaxHumanFilesize'] ?>"></a>
diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php
index a995ee34194..6c37df8001e 100644
--- a/apps/files_external/templates/settings.php
+++ b/apps/files_external/templates/settings.php
@@ -16,7 +16,7 @@
<?php $_['mounts'] = array_merge($_['mounts'], array('' => array())); ?>
<?php foreach ($_['mounts'] as $mountPoint => $mount): ?>
<tr <?php if ($mountPoint == '') echo 'id="addMountPoint"'; ?>>
- <td class="mountPoint"><input type="text" name="mountPoint" value="<?php echo htmlentities($mountPoint); ?>" placeholder="<?php echo $l->t('Mount point'); ?>" /></td>
+ <td class="mountPoint"><input type="text" name="mountPoint" value="<?php echo $mountPoint; ?>" placeholder="<?php echo $l->t('Mount point'); ?>" /></td>
<?php if ($mountPoint == ''): ?>
<td class="backend">
<select id="selectBackend" data-configurations='<?php echo json_encode($_['backends']); ?>'>
diff --git a/apps/gallery/lib/tiles.php b/apps/gallery/lib/tiles.php
index 5837c752ef6..e43c99bb76a 100644
--- a/apps/gallery/lib/tiles.php
+++ b/apps/gallery/lib/tiles.php
@@ -141,7 +141,7 @@ class TileStack extends TileBase {
}
public function get() {
- $r = '<div class="title gallery_div">'.htmlentities($this->stack_name).'</div>';
+ $r = '<div class="title gallery_div">'.$this->stack_name.'</div>';
for ($i = 0; $i < count($this->tiles_array); $i++) {
$top = rand(-5, 5);
$left = rand(-5, 5);
@@ -168,7 +168,7 @@ class TileStack extends TileBase {
}
public function getOnClickAction() {
- return 'javascript:openNewGal(\''.htmlentities($this->stack_name).'\');';
+ return 'javascript:openNewGal(\''.$this->stack_name.'\');';
}
private $tiles_array;
diff --git a/apps/tasks/templates/part.taskform.php b/apps/tasks/templates/part.taskform.php
index c00560903b0..0a25ed33c91 100644
--- a/apps/tasks/templates/part.taskform.php
+++ b/apps/tasks/templates/part.taskform.php
@@ -5,7 +5,7 @@
<input type="text" id="location" name="location" placeholder="<?php echo $l->t('Location of the task');?>" value="<?php echo isset($_['details']->LOCATION) ? $_['details']->LOCATION[0]->value : '' ?>">
<br>
<label for="categories"><?php echo $l->t('Categories'); ?></label>
- <input id="categories" name="categories" type="text" placeholder="<?php echo $l->t('Separate categories with commas'); ?>" value="<?php echo isset($_['categories']) ? htmlspecialchars($_['categories']) : '' ?>">
+ <input id="categories" name="categories" type="text" placeholder="<?php echo $l->t('Separate categories with commas'); ?>" value="<?php echo isset($_['categories']) ? $_['categories'] : '' ?>">
<a class="action edit" onclick="$(this).tipsy('hide');OCCategories.edit();" title="<?php echo $l->t('Edit categories'); ?>"><img alt="<?php echo $l->t('Edit categories'); ?>" src="<?php echo OCP\image_path('core','actions/rename.svg')?>" class="svg action" style="width: 16px; height: 16px;"></a>
<br>
<label for="due"><?php echo $l->t('Due'); ?></label>
diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php
index 0c29e70b5ab..42084855e85 100644
--- a/apps/user_ldap/settings.php
+++ b/apps/user_ldap/settings.php
@@ -47,7 +47,7 @@ if ($_POST) {
// fill template
$tmpl = new OCP\Template( 'user_ldap', 'settings');
foreach($params as $param){
- $value = htmlentities(OCP\Config::getAppValue('user_ldap', $param,''));
+ $value = OCP\Config::getAppValue('user_ldap', $param,'');
$tmpl->assign($param, $value);
}
diff --git a/apps/user_openid/settings.php b/apps/user_openid/settings.php
index 062322f6fe4..921fa371dde 100644
--- a/apps/user_openid/settings.php
+++ b/apps/user_openid/settings.php
@@ -2,7 +2,7 @@
$tmpl = new OCP\Template( 'user_openid', 'settings');
$identity=OCP\Config::getUserValue(OCP\USER::getUser(),'user_openid','identity','');
-$tmpl->assign('identity',htmlentities($identity));
+$tmpl->assign('identity',$identity);
OCP\Util::addscript('user_openid','settings');
generated by cgit v1.2.3 (git 2.39.1) at 2025-03-10 03:12:06 +0000