Skip to content

GitLab

Commit 272cc88f authored by Richard Mansfield's avatar Richard Mansfield
Browse files
Options

Enable auto_escape in group templates 

Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent f71bac79
Hide whitespace changes
Inline Side-by-side
Showing with 55 additions and 101 deletions
htdocs/group/create.php
View file @ 272cc88f
......@@ -88,9 +88,9 @@ $creategroup = pieform(array(
));
$smarty = smarty();
$smarty->assign('creategroup', $creategroup);
$smarty->assign('form', $creategroup);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->display('group/create.tpl');
$smarty->display('form.tpl');
function creategroup_validate(Pieform $form, $values) {
......
htdocs/group/delete.php
View file @ 272cc88f
......@@ -67,7 +67,7 @@ $form = pieform(array(
));
$smarty = smarty();
$smarty->assign('subheading', hsc(TITLE));
$smarty->assign('subheading', TITLE);
$smarty->assign('message', $views ? get_string('groupconfirmdeletehasviews', 'group') : get_string('groupconfirmdelete', 'group'));
$smarty->assign('form', $form);
$smarty->display('group/delete.tpl');
......
htdocs/group/interactions.php
View file @ 272cc88f
......@@ -71,7 +71,7 @@ $smarty = smarty();
$smarty->assign('group', $group);
$smarty->assign('data', $interactiontypes);
$smarty->assign('pluginnames', $names);
$smarty->assign('subheading', hsc(TITLE));
$smarty->assign('subheading', TITLE);
$smarty->display('group/interactions.tpl');
?>
htdocs/group/invite.php
View file @ 272cc88f
......@@ -85,7 +85,7 @@ $form = pieform(array(
));
$smarty = smarty();
$smarty->assign('subheading', hsc(TITLE));
$smarty->assign('subheading', TITLE);
$smarty->assign('form', $form);
$smarty->display('group/invite.tpl');
......
htdocs/lib/group.php
View file @ 272cc88f
......@@ -821,7 +821,6 @@ function group_prepare_usergroups_for_display($groups, $returnto='mygroups') {
$group->admins[] = $admin->member;
}
}
$group->description = str_shorten_html($group->description, 100, true);
if ($group->membershiptype == 'member') {
$group->canleave = group_user_can_leave($group->id);
}
......
htdocs/theme/raw/templates/group/changerole.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
{include file="sidebar.tpl"}
<h2>{$subheading|escape}</h2>
{$changeform}
<h2>{$subheading}</h2>
{$changeform|safe}
{include file="footer.tpl"}
{/auto_escape}
{include file="footer.tpl"}
\ No newline at end of file
htdocs/theme/raw/templates/group/create.tpl deleted 100644 → 0
View file @ f71bac79
{auto_escape off}
{include file="header.tpl"}
{$creategroup}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/delete.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<div class="message">
<h3>{$subheading|escape}</h3>
<h3>{$subheading}</h3>
<p>{$message}</p>
{$form}
{$form|safe}
</div>
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/edit.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<h2>{str tag=editgroup section=group}</h2>
{$editgroup}
{$editgroup|safe}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/find.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
{$form}
{$form|safe}
{if $groups}
{foreach from=$groups item=group}
<div class="{cycle values='r0,r1'} listing">
......@@ -12,9 +11,8 @@
</div>
</div>
{/foreach}
{$pagination}
{$pagination|safe}
{else}
<div class="message">{str tag="nogroupsfound" section="group"}</div>
{/if}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/group.tpl
View file @ 272cc88f
{auto_escape off}
<h3><a href="{$WWWROOT}group/view.php?id={$group->id|escape}">{$group->name|escape}</a></h3>
<h6>{foreach name=admins from=$group->admins item=id}<a href="{$WWWROOT}user/view.php?id={$id|escape}">{$id|display_name|escape}</a>{if !$.foreach.admins.last}, {/if}{/foreach}</h6>
<h3><a href="{$WWWROOT}group/view.php?id={$group->id}">{$group->name}</a></h3>
<h6>{foreach name=admins from=$group->admins item=id}<a href="{$WWWROOT}user/view.php?id={$id}">{$id|display_name|escape}</a>{if !$.foreach.admins.last}, {/if}{/foreach}</h6>
<div>{$group->settingsdescription}</div>
{$group->description}
{$group->description|str_shorten_html:100:true|safe}
<div>{str tag="memberslist" section="group"}
{foreach name=members from=$group->members item=member}
<a href="{$WWWROOT}user/view.php?id={$member->id|escape}">{$member->name|escape}</a>{if !$.foreach.members.last}, {/if}
<a href="{$WWWROOT}user/view.php?id={$member->id}">{$member->name}</a>{if !$.foreach.members.last}, {/if}
{/foreach}
{if $group->membercount > 3}<a href="{$WWWROOT}group/members.php?id={$group->id|escape}">...</a>{/if}
{if $group->membercount > 3}<a href="{$WWWROOT}group/members.php?id={$group->id}">...</a>{/if}
</div>
{/auto_escape}
htdocs/theme/raw/templates/group/groupuserstatus.tpl
View file @ 272cc88f
{auto_escape off}
<ul class="groupuserstatus">
{if $group->membershiptype == 'member'}
<li class="member">
{str tag="youaregroup$group->role" section="group"}
</li>
{if $group->canleave}
<li><a href = "{$WWWROOT}group/leave.php?id={$group->id|escape}&amp;returnto={$returnto}" class="btn-leavegroup">{str tag="leavegroup" section="group"}</a></li>
<li><a href = "{$WWWROOT}group/leave.php?id={$group->id}&amp;returnto={$returnto}" class="btn-leavegroup">{str tag="leavegroup" section="group"}</a></li>
{/if}
{elseif $group->membershiptype == 'admin'}
<li><a href="{$WWWROOT}group/edit.php?id={$group->id|escape}" class="btn-edit">{str tag="edit"}</a></li>
<li><a href="{$WWWROOT}group/delete.php?id={$group->id|escape}" class="btn-del">{str tag="delete"}</a></li>
<li><a href="{$WWWROOT}group/edit.php?id={$group->id}" class="btn-edit">{str tag="edit"}</a></li>
<li><a href="{$WWWROOT}group/delete.php?id={$group->id}" class="btn-del">{str tag="delete"}</a></li>
{if $group->jointype == 'request' && $group->requests}
<li>
<a href="{$WWWROOT}group/members.php?id={$group->id|escape}&amp;membershiptype=request" class="btn-pending">{str tag="membershiprequests" section="group"} ({$group->requests})</a>
<a href="{$WWWROOT}group/members.php?id={$group->id}&amp;membershiptype=request" class="btn-pending">{str tag="membershiprequests" section="group"} ({$group->requests})</a>
</li>
{/if}
......@@ -26,18 +25,17 @@
{else}
{str tag="grouphaveinvite" section="group"}
{/if}
{$group->invite}
{$group->invite|safe}
</li>
{elseif $group->membershiptype == 'request'}
<li>{str tag="requestedtojoin" section="group"}</li>
{elseif $group->jointype == 'open'}
{$group->groupjoin}
{$group->groupjoin|safe}
{elseif $group->jointype == 'request'}
<li><a href="{$WWWROOT}group/requestjoin.php?id={$group->id|escape}&amp;returnto={$returnto}" class="btn-req">{str tag="requestjoingroup" section="group"}</a></li>
<li><a href="{$WWWROOT}group/requestjoin.php?id={$group->id}&amp;returnto={$returnto}" class="btn-req">{str tag="requestjoingroup" section="group"}</a></li>
{/if}
</ul>
{/auto_escape}
htdocs/theme/raw/templates/group/info.tpl
View file @ 272cc88f
{auto_escape off}
<ul>
<li><label>{str tag=groupadmins section=group}:</label> {foreach name=admins from=$group->admins item=id}
<img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=20&amp;id={$id|escape}" alt="">
<a href="{$WWWROOT}user/view.php?id={$id|escape}">{$id|display_name|escape}</a>{if !$.foreach.admins.last}, {/if}
<img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=20&amp;id={$id}" alt="">
<a href="{$WWWROOT}user/view.php?id={$id}">{$id|display_name|escape}</a>{if !$.foreach.admins.last}, {/if}
{/foreach}</li>
<li>{$group->settingsdescription}</li>
<li><label>{str tag=Created section=group}:</label> {$group->ctime}</li>
......@@ -11,4 +10,3 @@
<span><label>{str tag=Files section=artefact.file}:</label> {$filecount}&nbsp;</span>
<span><label>{str tag=Folders section=artefact.file}:</label> {$foldercount}</span></li>
</ul>
{/auto_escape}
htdocs/theme/raw/templates/group/interactions.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
{include file="sidebar.tpl"}
<h2>{$subheading|escape}</h2>
<h2>{$subheading}</h2>
<ul>
{foreach from=$data item=interactions key=plugin}
......@@ -11,7 +10,7 @@
<ul>
{foreach from=$interactions item=interaction}
<li>
<a href="{$WWWROOT}interaction/{$interaction->plugin|escape}/view.php?id={$interaction->id|escape}">{$interaction->title|escape}</a> [
<a href="{$WWWROOT}interaction/{$interaction->plugin}/view.php?id={$interaction->id}">{$interaction->title}</a> [
<a href="{$WWWROOT}interaction/edit.php?id={$interaction->id}">{str tag='edit'}</a> |
<a href="{$WWWROOT}interaction/delete.php?id={$interaction->id}">{str tag='delete'}</a> ]
</li>
......@@ -23,5 +22,3 @@
</ul>
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/invite.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading}</h2>
{include file="group/simplegroup.tpl" group=$GROUP}
{$form}
{$form|safe}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/leave.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading|escape}</h2>
<h2>{$subheading}</h2>
<div class="message">
<p>{$message}</p>
{$form}
{$form|safe}
</div>
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/members.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
{$form}
{$form|safe}
<p>{$instructions}</p>
{if $membershiptype}<h3>{str tag=pendingmembers section=group}</h3>{/if}
<div id="results">
<table id="membersearchresults" class="tablerenderer fullwidth listing twocolumn">
<tbody>
{$results}
{$results|safe}
</tbody>
</table>
</div>
{$pagination}
{$pagination|safe}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/membersearchresults.tpl
View file @ 272cc88f
{auto_escape off}
{if $results.data}
{foreach from=$results.cdata item=row}
<tr class="{cycle values='r0,r1'}">
{foreach from=$row item=r}
<td>
<div class="fl"><img src="{profile_icon_url user=$r maxwidth=40 maxheight=40}" alt=""></div>
<h3><a href="{$WWWROOT}user/view.php?id={$r.id|escape}">{$r.name|escape}</a></h3>
<h3><a href="{$WWWROOT}user/view.php?id={$r.id}">{$r.name}</a></h3>
{if $r.role}
<div class="rel">
<strong>{$results.roles[$r.role]->display}</strong>
{if $caneditroles && $r.canchangerole} (<a href="{$WWWROOT}group/changerole.php?group={$group}&amp;user={$r.id}">{str tag=changerole section=group}</a>){/if}
<div class="rbuttons btn-del">{$r.removeform}</div>
<div>{$r.introduction|str_shorten_html:80:true}</div>
<div class="rbuttons btn-del">{$r.removeform|safe}</div>
<div>{$r.introduction|str_shorten_html:80:true|safe}</div>
<label>{str tag="Joined" section="group"}:</label> {$r.jointime}
</div>
{elseif $membershiptype == 'request'}
<div>{str tag=hasrequestedmembership section=group}.{if $r.reason}
<label>{str tag=reason}:</label> {$r.reason|format_whitespace}{/if}
<label>{str tag=reason}:</label> {$r.reason|format_whitespace|safe}{/if}
</div>
<div class="right btn-add">{$r.addform}</div>
<div class="right btn-add">{$r.denyform}</div>
<div class="right btn-add">{$r.addform|safe}</div>
<div class="right btn-add">{$r.denyform|safe}</div>
{elseif $membershiptype == 'invite'}
<div>{str tag=hasbeeninvitedtojoin section=group}</div>
{/if}
......@@ -31,4 +30,3 @@
{else}
<div>{str tag="noresultsfound"}</div>
{/if}
{/auto_escape}
htdocs/theme/raw/templates/group/mygroups.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
{if $cancreate}
<div class="rbuttons">
<a href="{$WWWROOT}group/create.php" class="btn">{str tag="creategroup" section="group"}</a>
</div>
{/if}
{$form}
{$form|safe}
{if $groups}
{foreach from=$groups item=group}
<div class="{cycle values='r0,r1'} listing">
......@@ -17,9 +16,8 @@
</div>
</div>
{/foreach}
{$pagination}
{$pagination|safe}
{else}
<div class="message">{str tag="trysearchingforgroups" section="group" args=$searchingforgroups}</div>
{/if}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/requestjoin.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<h3>{$subheading|escape}</h3>
{$form}
<h3>{$subheading}</h3>
{$form|safe}
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/group/simplegroup.tpl
View file @ 272cc88f
{auto_escape off}
<div>
<h3>
<a href="{$WWWROOT}group/view.php?id={$group->id}">
{$group->name|escape}
{$group->name}
</a>
</h3>
{if $group->description}
<p>
{$group->description}
{$group->description|clean_html|safe}
</p>
{/if}
</div>
{/auto_escape}
htdocs/theme/raw/templates/user/find.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<div id="friendslistcontainer">
{$form}
{$form|safe}
<table id="friendslist" class="fullwidth listing">
<tbody>
{$results.tablerows}
{$results.tablerows|safe}
</tbody>
</table>
</div>
{$results.pagination}
{$results.pagination|safe}
</div>
{include file="footer.tpl"}
{/auto_escape}
htdocs/theme/raw/templates/user/myfriends.tpl
View file @ 272cc88f
{auto_escape off}
{include file="header.tpl"}
<div id="friendslistcontainer">
{$form}
{$form|safe}
{if $results}
<table id="friendslist" class="fullwidth listing">
<tbody>
{$results.tablerows}
{$results.tablerows|safe}
</tbody>
</table>
{$results.pagination}
{$results.pagination|safe}
{/if}
{if $message}
<div class="message">{$message}</div>
<div class="message">{$message|safe}</div>
{/if}
</div>
{include file="footer.tpl"}
{/auto_escape}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment