Jingga/oms-Kanban
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-Kanban.git synced 2026-02-15 19:58:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add html escaping

Browse Source
This commit is contained in:
Dennis Eichhorn 2017-07-24 20:48:22 +02:00
parent 6a55d4b766
commit 6a4967f4da
3 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
Theme/Backend/kanban-board.tpl.php
View File

@ -5,16 +5,16 @@ $columns = $board->getColumns();
?> ?>
<div class="row"> <div class="row">
<?php $i = 0; foreach($columns as $column) : $i++; $cards = $column->getCards(); ?> <?php $i = 0; foreach($columns as $column) : $i++; $cards = $column->getCards(); ?>
<div id="kanban-column-<?= $i; ?>" class="col-xs-12 col-sm-3" draggable="true"> <div id="kanban-column-<?= htmlspecialchars($i, ENT_COMPAT, 'utf-8'); ?>" class="col-xs-12 col-sm-3" draggable="true">
<header><?= $column->getName(); ?></header> <header><?= htmlspecialchars($column->getName(), ENT_COMPAT, 'utf-8'); ?></header>
<?php $j = 0; foreach($cards as $card) : $j++; $labels = $card->getLabels(); ?> <?php $j = 0; foreach($cards as $card) : $j++; $labels = $card->getLabels(); ?>
<a href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/kanban/card?{?}&id=' . $card->getId()) ?>"> <a href="<?= htmlspecialchars(\phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/kanban/card?{?}&id=' . $card->getId()) , ENT_COMPAT, 'utf-8'); ?>">
<section id="kanban-card-<?= $i . '-' . $j; ?>" class="box wf-100" draggable="true"> <section id="kanban-card-<?= htmlspecialchars($i . '-' . $j, ENT_COMPAT, 'utf-8'); ?>" class="box wf-100" draggable="true">
<header><h1><?= $card->getName(); ?></h1></header> <header><h1><?= htmlspecialchars($card->getName(), ENT_COMPAT, 'utf-8'); ?></h1></header>
<div class="inner"> <div class="inner">
<?= $card->getDescription(); ?> <?= htmlspecialchars($card->getDescription(), ENT_COMPAT, 'utf-8'); ?>
<?php foreach($labels as $label) : ?> <?php foreach($labels as $label) : ?>
<span class="tag" style="background: #<?= dechex($label->getColor()); ?>"><?= $label->getName(); ?></span> <span class="tag" style="background: #<?= htmlspecialchars(dechex($label->getColor()), ENT_COMPAT, 'utf-8'); ?>"><?= htmlspecialchars($label->getName(), ENT_COMPAT, 'utf-8'); ?></span>
<?php endforeach; ?> <?php endforeach; ?>
</div> </div>
</section> </section>

6
Theme/Backend/kanban-card.tpl.php
View File

@ -6,9 +6,9 @@ $comments = $card->getComments();
<div class="row"> <div class="row">
<div class="col-xs-12"> <div class="col-xs-12">
<section class="box wf-100"> <section class="box wf-100">
<header><h1><?= $card->getName(); ?></h1></header> <header><h1><?= htmlspecialchars($card->getName(), ENT_COMPAT, 'utf-8'); ?></h1></header>
<div class="inner"> <div class="inner">
<?= $card->getDescription(); ?> <?= htmlspecialchars($card->getDescription(), ENT_COMPAT, 'utf-8'); ?>
</div> </div>
</section> </section>
</div> </div>
@ -19,7 +19,7 @@ $comments = $card->getComments();
<div class="col-xs-12"> <div class="col-xs-12">
<section class="box wf-100"> <section class="box wf-100">
<div class="inner"> <div class="inner">
<?= $comment->getDescription(); ?> <?= htmlspecialchars($comment->getDescription(), ENT_COMPAT, 'utf-8'); ?>
</div> </div>
</section> </section>
</div> </div>

6
Theme/Backend/kanban-dashboard.tpl.php
View File

@ -6,11 +6,11 @@ echo $this->getData('nav')->render(); ?>
<div class="row"> <div class="row">
<?php foreach($boards as $board) : ?> <?php foreach($boards as $board) : ?>
<div class="col-xs-12 col-sm-6 col-lg-3"> <div class="col-xs-12 col-sm-6 col-lg-3">
<a href="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/kanban/board?{?}&id=' . $board->getId()) ?>"> <a href="<?= htmlspecialchars(\phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/kanban/board?{?}&id=' . $board->getId()) , ENT_COMPAT, 'utf-8'); ?>">
<section class="box wf-100"> <section class="box wf-100">
<header><h1><?= $board->getName(); ?></h1></header> <header><h1><?= htmlspecialchars($board->getName(), ENT_COMPAT, 'utf-8'); ?></h1></header>
<div class="inner"> <div class="inner">
<?= $board->getDescription(); ?> <?= htmlspecialchars($board->getDescription(), ENT_COMPAT, 'utf-8'); ?>
</div> </div>
</section> </section>
</a> </a>