Commit 3769fe88 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Enable auto_escape in header & footer and fix PAGEHEADING var to avoid double escaping


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 566360c2
......@@ -578,7 +578,7 @@ if ($institution && $institution != 'mahara') {
}
}
$smarty->assign('PAGEHEADING', hsc(get_string('admininstitutions', 'admin')));
$smarty->assign('PAGEHEADING', get_string('admininstitutions', 'admin'));
$smarty->display('admin/users/institutions.tpl');
function theme_sort($a, $b) {
......
......@@ -104,7 +104,7 @@ function staffusers_submit(Pieform $form, $values) {
$smarty->assign('institutionselector', $s['institutionselector']);
$smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs']);
$smarty->assign('staffusersform', pieform($form));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/institutionstaff.tpl');
?>
......@@ -233,7 +233,7 @@ $smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('usertypeselector', $usertypeselector);
$smarty->assign('instructions', get_string('institutionusersinstructions'.$usertype, 'admin'));
$smarty->assign('institutionusersform', $userlistform);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/institutionusers.tpl');
?>
......@@ -88,7 +88,7 @@ if ($userinstitutions) {
$smarty = smarty();
$smarty->assign('users', $users);
$smarty->assign('types', $types);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/notifications.tpl');
......
......@@ -59,7 +59,7 @@ $smarty->assign('search', $search);
$smarty->assign('alphabet', explode(',', get_string('alphabet')));
$smarty->assign('institutions', $institutions);
$smarty->assign('results', build_admin_user_search_results($search, $offset, $limit, $sortby, $sortdir));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/search.tpl');
?>
......@@ -83,7 +83,7 @@ function staffusers_submit(Pieform $form, $values) {
$smarty = smarty();
$smarty->assign('staffusersform', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/staff.tpl');
?>
......@@ -79,7 +79,7 @@ $form = new Pieform(array(
));
$smarty->assign('buttonformopen', $form->get_form_tag());
$smarty->assign('buttonform', $form->build(false));
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/suspended.tpl');
function buttons_submit_unsuspend(Pieform $form, $values) {
......
......@@ -365,7 +365,7 @@ $form = pieform($form);
$smarty = smarty();
$smarty->assign('uploadcsvpagedescription', $uploadcsvpagedescription);
$smarty->assign('uploadcsvform', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/uploadcsv.tpl');
?>
......@@ -56,7 +56,7 @@ ArtefactTypeBlog::build_blog_list_html($blogs);
$smarty = smarty(array('paginator'));
$smarty->assign_by_ref('blogs', $blogs);
$smarty->assign('PAGEHEADING', hsc(get_string("myblogs", "artefact.blog")));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('INLINEJAVASCRIPT', 'addLoadEvent(function() {' . $blogs->pagination_js . '});');
$smarty->display('artefact:blog:index.tpl');
......
......@@ -79,7 +79,7 @@ $form = pieform(array(
$smarty =& smarty();
$smarty->assign_by_ref('form', $form);
$smarty->assign_by_ref('PAGEHEADING', hsc(TITLE));
$smarty->assign_by_ref('PAGEHEADING', TITLE);
$smarty->display('form.tpl');
exit;
......
......@@ -338,7 +338,7 @@ $smarty = smarty(array(), array(), array(), array(
));
$smarty->assign('INLINEJAVASCRIPT', $javascript);
$smarty->assign_by_ref('form', $form);
$smarty->assign('PAGEHEADING', hsc($pagetitle));
$smarty->assign('PAGEHEADING', $pagetitle);
$smarty->display('artefact:blog:editpost.tpl');
......
......@@ -91,7 +91,7 @@ $form = pieform(array(
$smarty = smarty();
$smarty->assign_by_ref('editform', $form);
$smarty->assign_by_ref('blog', $blog);
$smarty->assign_by_ref('PAGEHEADING', hsc(TITLE));
$smarty->assign_by_ref('PAGEHEADING', TITLE);
$smarty->display('artefact:blog:settings.tpl');
exit;
......
......@@ -62,7 +62,7 @@ if ($blog->count_children()) {
$smarty = smarty(array('tablerenderer'));
$smarty->assign_by_ref('blog', $blog);
$smarty->assign_by_ref('INLINEJAVASCRIPT', $js);
$smarty->assign('PAGEHEADING', hsc($blog->get('title')));
$smarty->assign('PAGEHEADING', $blog->get('title'));
$smarty->assign('strnopostsaddone',
get_string('nopostsaddone', 'artefact.blog',
'<a href="' . get_config('wwwroot') . 'artefact/blog/post.php?blog=' . $blog->get('id') . '">', '</a>'));
......
......@@ -112,7 +112,7 @@ function edit_comment_submit(Pieform $form, $values) {
}
$smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('strdescription', get_string('editcommentdescription', 'artefact.comment', $maxage));
$smarty->assign('form', $form);
$smarty->display('artefact:comment:edit.tpl');
......
......@@ -107,7 +107,7 @@ if ($fileid) {
$smarty->assign('zipinfo', $zipinfo);
$smarty->assign('message', $message);
$smarty->assign('form', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('artefact:file:extract.tpl');
}
......
......@@ -53,7 +53,7 @@ $smarty = smarty(
)
);
$smarty->assign('PAGEHEADING', hsc(get_string('myfiles', 'artefact.file')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('form', $form);
$smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->display('artefact:file:files.tpl');
......
......@@ -64,7 +64,7 @@ $smarty->assign('institution', $institution);
$smarty->assign('institutionselector', $s['institutionselector']);
$smarty->assign('form', $form);
$smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs'] . $js);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('artefact:file:files.tpl');
?>
......@@ -305,7 +305,7 @@ $smarty->assign('uploadform', $uploadform);
// the buttons need to be inside the tablerenderer.
$smarty->assign('settingsformtag', $settingsform->get_form_tag());
$smarty->assign('imagemaxdimensions', array(get_config('imagemaxwidth'), get_config('imagemaxheight')));
$smarty->assign('PAGEHEADING', hsc(get_string('profileicons', 'artefact.file')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('artefact:file:profileicons.tpl');
?>
......@@ -41,7 +41,7 @@ $js = ArtefactTypeFileBase::files_js();
$smarty = smarty();
$smarty->assign('descriptionstrargs', array('<a href="' . get_config('wwwroot') . 'admin/site/menu.php">', '</a>'));
$smarty->assign('PAGEHEADING', hsc(get_string('sitefiles', 'admin')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('institution', 'mahara');
$smarty->assign('form', $form);
$smarty->assign('INLINEJAVASCRIPT', $js);
......
......@@ -440,7 +440,7 @@ $smarty = smarty(array('artefact/internal/js/profile.js'), array(), array(
$smarty->assign('profileform', $profileform);
$smarty->assign('PAGEHEADING', hsc(get_string('editprofile', 'artefact.internal')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('artefact:internal:index.tpl');
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment