Commit 3769fe88 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Enable auto_escape in header & footer and fix PAGEHEADING var to avoid double escaping


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 566360c2
......@@ -189,7 +189,7 @@ $smarty = smarty(array('paginator'));
$smarty->assign('options', $options);
$smarty->assign('type', $type);
$smarty->assign('INLINEJAVASCRIPT', $javascript);
$smarty->assign('PAGEHEADING', hsc(get_string('inbox')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('deleteall', $deleteall);
$smarty->assign('activitylist', $activitylist);
$smarty->display('account/activity/index.tpl');
......
......@@ -100,7 +100,7 @@ $prefsform = pieform(array(
$smarty = smarty();
$smarty->assign('pagedescription', get_string('prefsdescr', 'activity'));
$smarty->assign('form', $prefsform);
$smarty->assign('PAGEHEADING', hsc(get_string('notifications')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('form.tpl');
function activityprefs_submit(Pieform $form, $values) {
......
......@@ -318,7 +318,7 @@ function clearPasswords(form, data) {
}
}
");
$smarty->assign('PAGEHEADING', hsc(get_string('account')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('account/index.tpl');
......
......@@ -247,7 +247,7 @@ $smarty->assign('memberform', $memberform);
$smarty->assign('requestedform', $requestedform);
$smarty->assign('invitedform', $invitedform);
$smarty->assign('joinform', $joinform);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('account/institutions.tpl');
?>
......@@ -66,7 +66,7 @@ $smarty = smarty();
$smarty->assign('reloadform', $reloadform);
$smarty->assign('newfiltersdescription', get_string('newfiltersdescription', 'admin', get_config('libroot') . 'htmlpurifiercustom'));
$smarty->assign('filters', $filters);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/extensions/filters.tpl');
?>
......@@ -122,7 +122,7 @@ $heading = get_string('pluginadmin', 'admin') . ': ' . $plugintype . ': ' . $plu
if ($type) {
$heading .= ': ' . $type;
}
$smarty->assign('PAGEHEADING', hsc($heading));
$smarty->assign('PAGEHEADING', $heading);
$smarty->display('admin/extensions/pluginconfig.tpl');
......
......@@ -194,7 +194,7 @@ $smarty = smarty();
$smarty->assign('INLINEJAVASCRIPT', $javascript);
$smarty->assign('plugins', $plugins);
$smarty->assign('installlink', 'installplugin');
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/extensions/plugins.tpl');
?>
......@@ -79,7 +79,7 @@ if (empty($upgrades)) {
}
$smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(get_string('administration', 'admin')));
$smarty->assign('PAGEHEADING', get_string('administration', 'admin'));
// normal admin page starts here
$smarty->assign('upgrades', $upgrades);
......
......@@ -316,7 +316,7 @@ $smarty = smarty();
$smarty->assign('INLINEJAVASCRIPT', $ijs);
$smarty->assign('MENUS', $menulist);
$smarty->assign('descriptionstrargs', array('<a href="' . get_config('wwwroot') . 'artefact/file/sitefiles.php">', '</a>'));
$smarty->assign('PAGEHEADING', hsc(get_string('linksandresourcesmenu', 'admin')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('footerform', $footerform);
$smarty->display('admin/site/menu.tpl');
......
......@@ -213,7 +213,7 @@ function networkingform_submit(Pieform $form, $values) {
$smarty = smarty();
$smarty->assign('networkingform', $networkingform);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/networking.tpl');
?>
......@@ -462,7 +462,7 @@ function siteoptions_submit(Pieform $form, $values) {
$thispage = json_encode(get_config('wwwroot') . 'admin/site/options.php');
$smarty = smarty(array('adminsiteoptions'));
$smarty->assign('siteoptionform', $siteoptionform);
$smarty->assign('PAGEHEADING', hsc(get_string('siteoptions', 'admin')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/options.tpl');
?>
......@@ -96,7 +96,7 @@ function editsitepage_submit(Pieform $form, $values) {
$smarty = smarty(array('adminsitepages'), array(), array('admin' => array('discardpageedits')));
$smarty->assign('pageeditform', $form);
$smarty->assign('PAGEHEADING', hsc(get_string('editsitepages', 'admin')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/pages.tpl');
?>
......@@ -45,7 +45,7 @@ define('TITLE', $title);
$createviewform = pieform(create_view_form(null, 'mahara'));
$smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$data = View::get_myviews_data($limit, $offset, null, 'mahara');
......
......@@ -64,7 +64,7 @@ addLoadEvent(function () {
EOF;
$smarty = smarty(array('paginator'));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('sitedata', $sitedata);
......
......@@ -327,7 +327,7 @@ function adduser_submit(Pieform $form, $values) {
$smarty = smarty(array('adminadduser'));
$smarty->assign('form', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/add.tpl');
?>
......@@ -86,7 +86,7 @@ function adminusers_submit(Pieform $form, $values) {
$smarty = smarty();
$smarty->assign('adminusersform', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/admin.tpl');
?>
......@@ -104,5 +104,5 @@ $form = pieform($form);
$smarty = smarty();
$smarty->assign('bulkexportform', $form);
$smarty->assign('bulkexportdescription', get_string('bulkexportdescription', 'admin'));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/bulkexport.tpl');
......@@ -386,5 +386,5 @@ $form = pieform($form);
$smarty = smarty();
$smarty->assign('form', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/bulkimport.tpl');
......@@ -516,7 +516,7 @@ if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
$loginas = null;
}
$smarty->assign('loginas', $loginas);
$smarty->assign('PAGEHEADING', hsc(TITLE . ': ' . display_name($user)));
$smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
$smarty->display('admin/users/edit.tpl');
?>
......@@ -106,7 +106,7 @@ function adminusers_submit(Pieform $form, $values) {
$smarty->assign('institutionselector', $s['institutionselector']);
$smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs']);
$smarty->assign('adminusersform', pieform($form));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/institutionadmins.tpl');
?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment