Jingga/oms-News
1
0
Fork 0
mirror of https://github.com/Karaka-Management/oms-News.git synced 2026-02-17 08:58:42 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add html escaping

Browse Source
This commit is contained in:
Dennis Eichhorn 2017-07-24 20:48:22 +02:00
parent 31f1ec4ddf
commit 523a12aee2
5 changed files with 43 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Theme/Backend/dashboard-news.tpl.php
View File

@ -21,12 +21,12 @@ $newsList = $this->getData('news');
<div id="news-dashboard" class="col-xs-12 col-md-6" draggable="true"> <div id="news-dashboard" class="col-xs-12 col-md-6" draggable="true">
<div class="box wf-100"> <div class="box wf-100">
<table class="table blue"> <table class="table blue">
<caption><?= $this->getText('News', 'News') ?></caption> <caption><?= $this->getHtml('News', 'News'); ?></caption>
<thead> <thead>
<tr> <tr>
<td> <td>
<td><?= $this->getText('Type', 'News'); ?> <td><?= $this->getHtml('Type', 'News') ?>
<td class="wf-100"><?= $this->getText('Title', 'News'); ?> <td class="wf-100"><?= $this->getHtml('Title', 'News') ?>
<tbody> <tbody>
<?php $count = 0; foreach($newsList as $key => $news) : $count++; <?php $count = 0; foreach($newsList as $key => $news) : $count++;
$url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId()); $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId());
@ -37,11 +37,11 @@ $newsList = $this->getData('news');
?> ?>
<tr data-href="<?= $url; ?>"> <tr data-href="<?= $url; ?>">
<td data-label=""><a href="<?= $url; ?>"><?= $news->isFeatured() ? '<i class="fa fa-star favorite"></i>' : ''; ?></a> <td data-label=""><a href="<?= $url; ?>"><?= $news->isFeatured() ? '<i class="fa fa-star favorite"></i>' : ''; ?></a>
<td data-label="<?= $this->getText('Type', 'News'); ?>"><a href="<?= $url; ?>"><span class="tag <?= $color; ?>"><?= $this->getText('TYPE' . $news->getType(), 'News'); ?></span></a> <td data-label="<?= $this->getHtml('Type', 'News') ?>"><a href="<?= $url; ?>"><span class="tag <?= htmlspecialchars($color, ENT_COMPAT, 'utf-8'); ?>"><?= $this->getHtml('TYPE' . $news->getType(), 'News') ?></span></a>
<td data-label="<?= $this->getText('Title', 'News'); ?>"><a href="<?= $url; ?>"><?= $news->getTitle(); ?></a> <td data-label="<?= $this->getHtml('Title', 'News') ?>"><a href="<?= $url; ?>"><?= htmlspecialchars($news->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
<?php endforeach; ?> <?php endforeach; ?>
<?php if($count === 0) : ?> <?php if($count === 0) : ?>
<tr><td colspan="5" class="empty"><?= $this->getText('Empty', 0, 0); ?> <tr><td colspan="5" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
<?php endif; ?> <?php endif; ?>
</table> </table>
</div> </div>

22
Theme/Backend/news-archive.tpl.php
View File

@ -29,16 +29,16 @@ echo $this->getData('nav')->render(); ?>
<div class="col-xs-12"> <div class="col-xs-12">
<div class="box wf-100"> <div class="box wf-100">
<table class="table red"> <table class="table red">
<caption><?= $this->getText('Archive') ?></caption> <caption><?= $this->getHtml('Archive'); ?></caption>
<thead> <thead>
<tr> <tr>
<td><?= $this->getText('Type'); ?> <td><?= $this->getHtml('Type') ?>
<td class="wf-100"><?= $this->getText('Title'); ?> <td class="wf-100"><?= $this->getHtml('Title') ?>
<td><?= $this->getText('Author'); ?> <td><?= $this->getHtml('Author') ?>
<td><?= $this->getText('Date'); ?> <td><?= $this->getHtml('Date') ?>
<tfoot> <tfoot>
<tr> <tr>
<td colspan="4"><?= $footerView->render(); ?> <td colspan="4"><?= htmlspecialchars($footerView->render(), ENT_COMPAT, 'utf-8'); ?>
<tbody> <tbody>
<?php $count = 0; foreach($articles as $key => $news) : $count++; $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId()); <?php $count = 0; foreach($articles as $key => $news) : $count++; $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId());
$color = 'darkred'; $color = 'darkred';
@ -47,13 +47,13 @@ echo $this->getData('nav')->render(); ?>
elseif($news->getType() === \Modules\News\Models\NewsType::LINK) { $color = 'yellow'; } elseif($news->getType() === \Modules\News\Models\NewsType::LINK) { $color = 'yellow'; }
?> ?>
<tr> <tr>
<td><span class="tag <?= $color; ?>"><?= $this->getText('TYPE' . $news->getType()); ?></span></a> <td><span class="tag <?= htmlspecialchars($color, ENT_COMPAT, 'utf-8'); ?>"><?= $this->getHtml('TYPE' . $news->getType()) ?></span></a>
<td><a href="<?= $url; ?>"><?= $news->getTitle(); ?></a> <td><a href="<?= $url; ?>"><?= htmlspecialchars($news->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
<td><a href="<?= $url; ?>"><?= $news->getCreatedBy()->getName1(); ?></a> <td><a href="<?= $url; ?>"><?= htmlspecialchars($news->getCreatedBy()->getName1(), ENT_COMPAT, 'utf-8'); ?></a>
<td><a href="<?= $url; ?>"><?= $news->getPublish()->format('Y-m-d'); ?></a> <td><a href="<?= $url; ?>"><?= htmlspecialchars($news->getPublish()->format('Y-m-d'), ENT_COMPAT, 'utf-8'); ?></a>
<?php endforeach; ?> <?php endforeach; ?>
<?php if($count === 0) : ?> <?php if($count === 0) : ?>
<tr><td colspan="4" class="empty"><?= $this->getText('Empty', 0, 0); ?> <tr><td colspan="4" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
<?php endif; ?> <?php endif; ?>
</table> </table>
</div> </div>

28
Theme/Backend/news-create.tpl.php
View File

@ -27,13 +27,13 @@ echo $this->getData('nav')->render(); ?>
<div class="inner"> <div class="inner">
<form id="docForm" method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/news?{?}&csrf={$CSRF}'); ?>"> <form id="docForm" method="POST" action="<?= \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/api/news?{?}&csrf={$CSRF}'); ?>">
<table class="layout wf-100"> <table class="layout wf-100">
<tr><td colspan="2"><label for="publish"><?= $this->getText('Status') ?></label> <tr><td colspan="2"><label for="publish"><?= $this->getHtml('Status'); ?></label>
<tr><td colspan="2"><select name="status"> <tr><td colspan="2"><select name="status">
<option value="<?= Modules\News\Models\NewsStatus::DRAFT; ?>" selected><?= $this->getText('Draft') ?> <option value="<?= htmlspecialchars(Modules\News\Models\NewsStatus::DRAFT, ENT_COMPAT, 'utf-8'); ?>" selected><?= $this->getHtml('Draft'); ?>
<option value="<?= Modules\News\Models\NewsStatus::VISIBLE; ?>"><?= $this->getText('Visible') ?> <option value="<?= htmlspecialchars(Modules\News\Models\NewsStatus::VISIBLE, ENT_COMPAT, 'utf-8'); ?>"><?= $this->getHtml('Visible'); ?>
<tr><td colspan="2"><label for="publish"><?= $this->getText('Publish') ?></label> <tr><td colspan="2"><label for="publish"><?= $this->getHtml('Publish'); ?></label>
<tr><td colspan="2"><input type="datetime-local" id="publish" value="<?= (new \DateTime('NOW'))->format('Y-m-d\TH:i:s') ?>"> <tr><td colspan="2"><input type="datetime-local" id="publish" value="<?= htmlspecialchars((new \DateTime('NOW'))->format('Y-m-d\TH:i:s') , ENT_COMPAT, 'utf-8'); ?>">
<tr><td><input type="submit" value="<?= $this->getText('Delete', 0) ?>"><td class="rightText"><input type="submit" value="<?= $this->getText('Save', 0) ?>"> <input type="submit" value="<?= $this->getText('Publish') ?>"> <tr><td><input type="submit" value="<?= $this->getHtml('Delete', 0); ?>"><td class="rightText"><input type="submit" value="<?= $this->getHtml('Save', 0); ?>"> <input type="submit" value="<?= $this->getHtml('Publish'); ?>">
</table> </table>
</form> </form>
</div> </div>
@ -41,28 +41,28 @@ echo $this->getData('nav')->render(); ?>
<section class="box wf-100"> <section class="box wf-100">
<div class="inner"> <div class="inner">
<table class="layout wf-100"> <table class="layout wf-100">
<tr><td colspan="2"><label><?= $this->getText('Type') ?></label> <tr><td colspan="2"><label><?= $this->getHtml('Type'); ?></label>
<tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= Modules\News\Models\NewsType::ARTICLE; ?>" id="news" checked><label for="news"><?= $this->getText('News') ?></label></span> <tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= htmlspecialchars(Modules\News\Models\NewsType::ARTICLE, ENT_COMPAT, 'utf-8'); ?>" id="news" checked><label for="news"><?= $this->getHtml('News'); ?></label></span>
<tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= Modules\News\Models\NewsType::HEADLINE; ?>" id="headline"><label for="headline"><?= $this->getText('Headline') ?></label></span> <tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= htmlspecialchars(Modules\News\Models\NewsType::HEADLINE, ENT_COMPAT, 'utf-8'); ?>" id="headline"><label for="headline"><?= $this->getHtml('Headline'); ?></label></span>
<tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= Modules\News\Models\NewsType::LINK; ?>" id="link"><label for="link"><?= $this->getText('Link') ?></label></span> <tr><td colspan="2"><span class="radio"><input type="radio" name="type" form="docForm" value="<?= htmlspecialchars(Modules\News\Models\NewsType::LINK, ENT_COMPAT, 'utf-8'); ?>" id="link"><label for="link"><?= $this->getHtml('Link'); ?></label></span>
</table> </table>
</div> </div>
</section> </section>
<section class="box wf-100"> <section class="box wf-100">
<div class="inner"> <div class="inner">
<table class="layout wf-100"> <table class="layout wf-100">
<tr><td><label for="permission"><?= $this->getText('Permissions') ?></label> <tr><td><label for="permission"><?= $this->getHtml('Permissions'); ?></label>
<tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="permission"><input type="hidden" form="docForm" name="permission"></span> <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="permission"><input type="hidden" form="docForm" name="permission"></span>
<tr><td><button><?= $this->getText('Add', 0, 0) ?></button> <tr><td><button><?= $this->getHtml('Add', 0, 0); ?></button>
</table> </table>
</div> </div>
</section> </section>
<section class="box wf-100"> <section class="box wf-100">
<div class="inner"> <div class="inner">
<table class="layout wf-100"> <table class="layout wf-100">
<tr><td colspan="2"><label for="groups"><?= $this->getText('Groups') ?></label> <tr><td colspan="2"><label for="groups"><?= $this->getHtml('Groups'); ?></label>
<tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="groups"><input type="hidden" form="docForm" name="groups"></span> <tr><td><span class="input"><button type="button" formaction=""><i class="fa fa-book"></i></button><input type="text" id="groups"><input type="hidden" form="docForm" name="groups"></span>
<tr><td><button><?= $this->getText('Add', 0, 0) ?></button> <tr><td><button><?= $this->getHtml('Add', 0, 0); ?></button>
</table> </table>
</div> </div>
</section> </section>

20
Theme/Backend/news-dashboard.tpl.php
View File

@ -24,14 +24,14 @@ echo $this->getData('nav')->render(); ?>
<div class="col-xs-12"> <div class="col-xs-12">
<div class="box wf-100"> <div class="box wf-100">
<table class="table red"> <table class="table red">
<caption><?= $this->getText('News') ?></caption> <caption><?= $this->getHtml('News'); ?></caption>
<thead> <thead>
<tr> <tr>
<td> <td>
<td><?= $this->getText('Type'); ?> <td><?= $this->getHtml('Type') ?>
<td class="wf-100"><?= $this->getText('Title'); ?> <td class="wf-100"><?= $this->getHtml('Title') ?>
<td><?= $this->getText('Author'); ?> <td><?= $this->getHtml('Author') ?>
<td><?= $this->getText('Date'); ?> <td><?= $this->getHtml('Date') ?>
<tbody> <tbody>
<?php $count = 0; foreach($newsList as $key => $news) : $count++; <?php $count = 0; foreach($newsList as $key => $news) : $count++;
$url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId()); $url = \phpOMS\Uri\UriFactory::build('{/base}/{/lang}/backend/news/article?{?}&id=' . $news->getId());
@ -42,13 +42,13 @@ echo $this->getData('nav')->render(); ?>
?> ?>
<tr data-href="<?= $url; ?>"> <tr data-href="<?= $url; ?>">
<td data-label=""><a href="<?= $url; ?>"><?= $news->isFeatured() ? '<i class="fa fa-star favorite"></i>' : ''; ?></a> <td data-label=""><a href="<?= $url; ?>"><?= $news->isFeatured() ? '<i class="fa fa-star favorite"></i>' : ''; ?></a>
<td data-label="<?= $this->getText('Type'); ?>"><a href="<?= $url; ?>"><span class="tag <?= $color; ?>"><?= $this->getText('TYPE' . $news->getType()); ?></span></a> <td data-label="<?= $this->getHtml('Type') ?>"><a href="<?= $url; ?>"><span class="tag <?= htmlspecialchars($color, ENT_COMPAT, 'utf-8'); ?>"><?= $this->getHtml('TYPE' . $news->getType()) ?></span></a>
<td data-label="<?= $this->getText('Title'); ?>"><a href="<?= $url; ?>"><?= $news->getTitle(); ?></a> <td data-label="<?= $this->getHtml('Title') ?>"><a href="<?= $url; ?>"><?= htmlspecialchars($news->getTitle(), ENT_COMPAT, 'utf-8'); ?></a>
<td data-label="<?= $this->getText('Author'); ?>"><a href="<?= $url; ?>"><?= $news->getCreatedBy()->getName1(); ?></a> <td data-label="<?= $this->getHtml('Author') ?>"><a href="<?= $url; ?>"><?= htmlspecialchars($news->getCreatedBy()->getName1(), ENT_COMPAT, 'utf-8'); ?></a>
<td data-label="<?= $this->getText('Date'); ?>"><a href="<?= $url; ?>"><?= $news->getPublish()->format('Y-m-d'); ?></a> <td data-label="<?= $this->getHtml('Date') ?>"><a href="<?= $url; ?>"><?= htmlspecialchars($news->getPublish()->format('Y-m-d'), ENT_COMPAT, 'utf-8'); ?></a>
<?php endforeach; ?> <?php endforeach; ?>
<?php if($count === 0) : ?> <?php if($count === 0) : ?>
<tr><td colspan="5" class="empty"><?= $this->getText('Empty', 0, 0); ?> <tr><td colspan="5" class="empty"><?= $this->getHtml('Empty', 0, 0); ?>
<?php endif; ?> <?php endif; ?>
</table> </table>
</div> </div>

4
Theme/Backend/news-single.tpl.php
View File

@ -22,10 +22,10 @@ echo $this->getData('nav')->render(); ?>
<div class="row"> <div class="row">
<div class="col-xs-12"> <div class="col-xs-12">
<section class="box wf-100"> <section class="box wf-100">
<header><h1><?= $news->getTitle(); ?></h1></header> <header><h1><?= htmlspecialchars($news->getTitle(), ENT_COMPAT, 'utf-8'); ?></h1></header>
<div class="inner"> <div class="inner">
<article> <article>
<?= $news->getContent(); ?> <?= htmlspecialchars($news->getContent(), ENT_COMPAT, 'utf-8'); ?>
</article> </article>
</div> </div>
</section> </section>