Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
mahara
mahara
Commits
1a07d3b2
Commit
1a07d3b2
authored
May 14, 2010
by
Richard Mansfield
Browse files
Turn on auto_escape in remaining admin templates
Signed-off-by:
Richard Mansfield
<
richardm@catalyst.net.nz
>
parent
d55436b4
Changes
9
Hide whitespace changes
Inline
Side-by-side
htdocs/theme/raw/templates/admin/extensions/filters.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
'header.tpl'
}
<p>
{
str
tag
=
htmlfiltersdescription
section
=
admin
}
</p>
...
...
@@ -15,7 +14,7 @@
{/
if
}
<p>
{
$newfiltersdescription
}
</p>
<div>
{
$reloadform
}
</div>
<div>
{
$reloadform
|
safe
}
</div>
{
include
file
=
'footer.tpl'
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/extensions/pluginconfig.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
'header.tpl'
}
{
$form
}
{
$form
|
safe
}
{
include
file
=
'footer.tpl'
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/extensions/plugins.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
'header.tpl'
}
<div
id=
"adminplugin"
>
...
...
@@ -52,4 +51,3 @@
</div>
{
include
file
=
'footer.tpl'
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/users/institutionadmins.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
"header.tpl"
}
<p>
{
str
tag
=
"institutionadminuserspagedescription"
section
=
"admin"
}
</p>
{
$institutionselector
}
{
$institutionselector
|
safe
}
<div
class=
"userlistform"
>
{
$adminusersform
}
{
$adminusersform
|
safe
}
</div>
{
include
file
=
"footer.tpl"
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/users/institutions.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
"header.tpl"
}
{
if
$delete_form
}
<h3>
{
str
tag
=
"deleteinstitution"
section
=
"admin"
}
</h3>
<p>
{
str
tag
=
"deleteinstitutionconfirm"
section
=
"admin"
}
</p>
{
$delete_form
}
{
else
}
{
if
$institution_form
}
{
if
$suspended
}
<div
class=
"message"
>
<h4>
{
$suspended
|
escape
}
</h4>
<div
id=
"suspendedhelp"
>
{
if
$USER
->
get
(
'admin'
)
}
<p
class=
"description"
>
{
str
tag
=
"unsuspendinstitutiondescription_top"
section
=
"admin"
}
</p>
{
else
}
<p
class=
"description"
>
{
str
tag
=
"unsuspendinstitutiondescription_top_instadmin"
section
=
"admin"
}
</p>
{/
if
}
</div>
<div
class=
"center"
>
{
$suspendform_top
}
</div>
</div>
{/
if
}
{
if
$add
}
<h3>
{
str
tag
=
"addinstitution"
section
=
"admin"
}
</h3>
{/
if
}
{
$institution_form
}
{
if
$suspendform
}
<div
id=
"suspendinstitution"
>
<h3
id=
"suspend"
>
{
str
tag
=
"suspendinstitution"
section
=
admin
}
</h3>
<div
class=
"suspendform"
>
{
$suspendform
}
</div>
</div>
{/
if
}
{
else
}
<table
id=
"adminstitutionslist"
class=
"fullwidth"
>
<thead>
<tr>
<th>
{
str
tag
=
"institution"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Members"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Maximum"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Staff"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Admins"
section
=
"admin"
}
</th>
<th></th>
<th></th>
</tr>
</thead>
<tfoot>
<tr>
<td>
{
if
$siteadmin
}
<form
action=
""
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"add"
value=
"
{
str
tag
=
"addinstitution"
section
=
"admin"
}
"
id=
"admininstitution_add"
>
</form>
{/
if
}
</td>
<td
colspan=
"5"
class=
"institutionedituserbuttons right"
>
{
if
count
(
$institutions
)
>
1
}
<form
action=
"
{
$WWWROOT
}
admin/users/institutionusers.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editmembers"
value=
"
{
str
tag
=
"editmembers"
section
=
"admin"
}
"
>
</form>
<form
action=
"
{
$WWWROOT
}
admin/users/institutionstaff.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editstaff"
value=
"
{
str
tag
=
"editstaff"
section
=
"admin"
}
"
>
</form>
<form
action=
"
{
$WWWROOT
}
admin/users/institutionadmins.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editadmins"
value=
"
{
str
tag
=
"editadmins"
section
=
"admin"
}
"
>
</form>
{/
if
}
</td>
<td></td>
</tr>
</tfoot>
<tbody>
{
foreach
from
=
$institutions
item
=
institution
}
<tr
class=
"
{
cycle
values
=
'r0,r1'
}
"
>
<td>
{
$institution
->
displayname
|
escape
}
</td>
<td
class=
"center"
>
{
if
$institution
->
name
!=
'mahara'
}
<a
href=
"
{
$WWWROOT
}
admin/users/institutionusers.php?usertype=members&institution=
{
$institution
->
name
}
"
>
{
$institution
->
members
}
</a>
{
else
}
<a
href=
"
{
$WWWROOT
}
admin/users/search.php?institution=mahara"
>
{
$institution
->
members
}
</a>
{/
if
}
</td>
<td
class=
"center"
>
{
$institution
->
maxuseraccounts
}
</td>
<td
class=
"center"
><a
href=
"
{
$WWWROOT
}
admin/users/institutionstaff.php?institution=
{
$institution
->
name
}
"
>
{
$institution
->
staff
}
</a></td>
<td
class=
"center"
><a
href=
"
{
$WWWROOT
}
admin/users/institutionadmins.php?institution=
{
$institution
->
name
}
"
>
{
$institution
->
admins
}
</a></td>
<td
class=
"admininstitutionbtns right"
>
<form
action=
""
method=
"post"
>
<input
type=
"hidden"
name=
"i"
value=
"
{
$institution
->
name
}
"
>
<input
type=
"submit"
class=
"submit btn-edit s"
name=
"edit"
value=
"
{
str
tag
=
"edit"
}
"
>
{
if
$siteadmin
&&
!
$institution
->
members
&&
$institution
->
name
!=
'mahara'
}
<input
type=
"submit"
class=
"submit btn-del s"
name=
"delete"
value=
"
{
str
tag
=
"delete"
}
"
>
{/
if
}
</form>
</td>
<td
class=
"center"
>
{
if
$institution
->
suspended
}
<span
class=
"suspended"
>
{
str
tag
=
"suspendedinstitution"
section
=
admin
}
</span>
{/
if
}
</td>
</tr>
{/
foreach
}
</tbody>
</table>
{
if
$delete_form
}
{/
if
}
{/
if
}
<h3>
{
str
tag
=
"deleteinstitution"
section
=
"admin"
}
</h3>
<p>
{
str
tag
=
"deleteinstitutionconfirm"
section
=
"admin"
}
</p>
{
$delete_form
|
safe
}
{
elseif
$institution_form
}
{
if
$suspended
}
<div
class=
"message"
>
<h4>
{
$suspended
}
</h4>
<div
id=
"suspendedhelp"
>
{
if
$USER
->
get
(
'admin'
)
}
<p
class=
"description"
>
{
str
tag
=
"unsuspendinstitutiondescription_top"
section
=
"admin"
}
</p>
{
else
}
<p
class=
"description"
>
{
str
tag
=
"unsuspendinstitutiondescription_top_instadmin"
section
=
"admin"
}
</p>
{/
if
}
</div>
<div
class=
"center"
>
{
$suspendform_top
|
safe
}
</div>
</div>
{/
if
}
{
if
$add
}
<h3>
{
str
tag
=
"addinstitution"
section
=
"admin"
}
</h3>
{/
if
}
{
$institution_form
|
safe
}
{
if
$suspendform
}
<div
id=
"suspendinstitution"
>
<h3
id=
"suspend"
>
{
str
tag
=
"suspendinstitution"
section
=
admin
}
</h3>
<div
class=
"suspendform"
>
{
$suspendform
|
safe
}
</div>
</div>
{/
if
}
{
else
}
<table
id=
"adminstitutionslist"
class=
"fullwidth"
>
<thead>
<tr>
<th>
{
str
tag
=
"institution"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Members"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Maximum"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Staff"
section
=
"admin"
}
</th>
<th
class=
"center"
>
{
str
tag
=
"Admins"
section
=
"admin"
}
</th>
<th></th>
<th></th>
</tr>
</thead>
<tfoot>
<tr>
<td>
{
if
$siteadmin
}
<form
action=
""
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"add"
value=
"
{
str
tag
=
"addinstitution"
section
=
"admin"
}
"
id=
"admininstitution_add"
>
</form>
{/
if
}
</td>
<td
colspan=
"5"
class=
"institutionedituserbuttons right"
>
{
if
count
(
$institutions
)
>
1
}
<form
action=
"
{
$WWWROOT
}
admin/users/institutionusers.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editmembers"
value=
"
{
str
tag
=
"editmembers"
section
=
"admin"
}
"
>
</form>
<form
action=
"
{
$WWWROOT
}
admin/users/institutionstaff.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editstaff"
value=
"
{
str
tag
=
"editstaff"
section
=
"admin"
}
"
>
</form>
<form
action=
"
{
$WWWROOT
}
admin/users/institutionadmins.php"
method=
"post"
>
<input
type=
"submit"
class=
"submit"
name=
"editadmins"
value=
"
{
str
tag
=
"editadmins"
section
=
"admin"
}
"
>
</form>
{/
if
}
</td>
<td></td>
</tr>
</tfoot>
<tbody>
{
foreach
from
=
$institutions
item
=
institution
}
<tr
class=
"
{
cycle
values
=
'r0,r1'
}
"
>
<td>
{
$institution
->
displayname
}
</td>
<td
class=
"center"
>
{
if
$institution
->
name
!=
'mahara'
}
<a
href=
"
{
$WWWROOT
}
admin/users/institutionusers.php?usertype=members&institution=
{
$institution
->
name
}
"
>
{
$institution
->
members
}
</a>
{
else
}
<a
href=
"
{
$WWWROOT
}
admin/users/search.php?institution=mahara"
>
{
$institution
->
members
}
</a>
{/
if
}
</td>
<td
class=
"center"
>
{
$institution
->
maxuseraccounts
}
</td>
<td
class=
"center"
><a
href=
"
{
$WWWROOT
}
admin/users/institutionstaff.php?institution=
{
$institution
->
name
}
"
>
{
$institution
->
staff
}
</a></td>
<td
class=
"center"
><a
href=
"
{
$WWWROOT
}
admin/users/institutionadmins.php?institution=
{
$institution
->
name
}
"
>
{
$institution
->
admins
}
</a></td>
<td
class=
"admininstitutionbtns right"
>
<form
action=
""
method=
"post"
>
<input
type=
"hidden"
name=
"i"
value=
"
{
$institution
->
name
}
"
>
<input
type=
"submit"
class=
"submit btn-edit s"
name=
"edit"
value=
"
{
str
tag
=
"edit"
}
"
>
{
if
$siteadmin
&&
!
$institution
->
members
&&
$institution
->
name
!=
'mahara'
}
<input
type=
"submit"
class=
"submit btn-del s"
name=
"delete"
value=
"
{
str
tag
=
"delete"
}
"
>
{/
if
}
</form>
</td>
<td
class=
"center"
>
{
if
$institution
->
suspended
}
<span
class=
"suspended"
>
{
str
tag
=
"suspendedinstitution"
section
=
admin
}
</span>
{/
if
}
</td>
</tr>
{/
foreach
}
</tbody>
</table>
{/
if
}
{
include
file
=
"footer.tpl"
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/users/institutionstaff.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
"header.tpl"
}
<p>
{
str
tag
=
"institutionstaffuserspagedescription"
section
=
"admin"
}
</p>
{
$institutionselector
}
{
$institutionselector
|
safe
}
<div
class=
"userlistform"
>
{
$staffusersform
}
{
$staffusersform
|
safe
}
</div>
{
include
file
=
"footer.tpl"
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/users/institutionusers.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
"header.tpl"
}
<p>
{
str
tag
=
"institutionmemberspagedescription"
section
=
"admin"
}
</p>
<p>
{
$instructions
}
</p>
{
$usertypeselector
}
{
$usertypeselector
|
safe
}
<div
class=
"userlistform"
>
{
$institutionusersform
}
{
$institutionusersform
|
safe
}
</div>
{
include
file
=
"footer.tpl"
}
{/
auto_escape
}
htdocs/theme/raw/templates/admin/users/noinstitutions.tpl
View file @
1a07d3b2
{
auto_escape
off
}
{
include
file
=
"header.tpl"
}
<h1>
{
str
tag
=
"noinstitutions"
section
=
"admin"
}
</h1>
...
...
@@ -11,4 +10,3 @@
</div>
{
include
file
=
"footer.tpl"
}
{/
auto_escape
}
htdocs/theme/raw/templates/form/authlist.tpl
View file @
1a07d3b2
{{
auto_escape
off
}}
<script
type=
"text/javascript"
>
function
move_up
(
id
)
{
...
...
@@ -77,13 +76,13 @@
inuseArray
=
arrayIze
(
'
institution_inuse
'
);
if
(
instanceArray
.
length
==
1
)
{
alert
({
{
$cannotremove
}
});
alert
({
{
$cannotremove
|
safe
}
});
return
false
;
}
for
(
i
=
0
;
i
<
inuseArray
.
length
;
i
++
)
{
if
(
id
==
inuseArray
[
i
])
{
alert
({
{
$cannotremoveinuse
}
});
alert
({
{
$cannotremoveinuse
|
safe
}
});
return
false
;
}
}
...
...
@@ -120,7 +119,7 @@
var
selectedPlugin
=
document
.
getElementById
(
'
dummySelect
'
).
value
;
var
institution
=
'
{
{
$institution
}
}
'
;
if
(
institution
.
length
==
0
)
{
alert
({
{
$saveinstitutiondetailsfirst
}
});
alert
({
{
$saveinstitutiondetailsfirst
|
safe
}
});
return
false
;
}
...
...
@@ -144,7 +143,7 @@
if
(
requiresConfig
(
plugin
))
{
window
.
open
(
'
addauthority.php?id=
'
+
id
+
'
&edit=1&i={
{
$institution
}
}&p=
'
+
plugin
,
'
editinstance
'
,
'
height=520,width=550,screenx=250,screenY=200,scrollbars=1
'
);
}
else
{
alert
({
{
$noauthpluginconfigoptions
}
});
alert
({
{
$noauthpluginconfigoptions
|
safe
}
});
}
}
...
...
@@ -188,10 +187,9 @@ IMPORTANT: do not introduce any new whitespace into the instanceList div.
</div>
<select
name=
"dummy"
id=
"dummySelect"
>
{
{
foreach
$authtypes
authtype
}
}
<option
value=
"{
{
$authtype
->
name
|
escape
}
}"
{
{
if
!
$authtype
->
is_usable
}
}
disabled=
"disabled"
{
{/
if
}
}
>
{
{
$authtype
->
title
|
escape
}
} - {
{
$authtype
->
description
|
escape
}
}
</option>
<option
value=
"{
{
$authtype
->
name
}
}"
{
{
if
!
$authtype
->
is_usable
}
}
disabled=
"disabled"
{
{/
if
}
}
>
{
{
$authtype
->
title
}
} - {
{
$authtype
->
description
}
}
</option>
{
{/
foreach
}
}
</select>
<button
type=
"button"
onclick=
"addinstance(); return false;"
name=
"button"
value=
"foo"
>
{
{
str
tag
=
Add
section
=
admin
}
}
</button>
<input
type=
"hidden"
id=
"instancePriority"
name=
"instancePriority"
value=
"{
{
$instancestring
}
}"
/>
<input
type=
"hidden"
id=
"deleteList"
name=
"deleteList"
value=
""
/>
{
{/
auto_escape
}
}
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment