Commit 3769fe88 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Enable auto_escape in header & footer and fix PAGEHEADING var to avoid double escaping


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 566360c2
......@@ -60,8 +60,6 @@ else {
define('TITLE', $view->get('title') . ': ' . get_string('edittitleanddescription', 'view'));
}
$heading = TITLE; // for the smarty template
require_once('pieforms/pieform.php');
$formatstring = '%s (%s)';
......@@ -181,7 +179,7 @@ function editview_submit(Pieform $form, $values) {
}
$smarty = smarty(array(), array(), array(), array('sidebars' => false));
$smarty->assign('PAGEHEADING', hsc($heading));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('editview', $editview);
$smarty->display('view/edit.tpl');
......
......@@ -76,7 +76,7 @@ $createviewform = pieform(create_view_form());
$smarty = smarty();
$smarty->assign('views', $data->data);
$smarty->assign('pagination', $pagination['html']);
$smarty->assign('PAGEHEADING', hsc(get_string('myviews')));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('createviewform', $createviewform);
$smarty->display('view/index.tpl');
......
......@@ -71,7 +71,7 @@ $pagination = build_pagination(array(
));
$smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('institutionselector', $s['institutionselector']);
$smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs']);
$smarty->assign('views', $data->data);
......
......@@ -87,7 +87,7 @@ $smarty->assign('form', $layoutform);
$smarty->assign('form_start_tag', $layoutform->get_form_tag());
$smarty->assign('options', $options);
$smarty->assign('back', $back);
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->display('view/layout.tpl');
function viewlayout_submit(Pieform $form, $values) {
......
......@@ -68,7 +68,7 @@ $form = pieform(array(
));
$smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(TITLE));
$smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('message', get_string('submitviewconfirm', 'view', $view->title, $group->name));
$smarty->assign('form', $form);
$smarty->display('view/submit.tpl');
......
......@@ -237,7 +237,6 @@ if (get_config('viewmicroheaders')) {
}
if ($USER->is_logged_in()) {
$smarty->assign('userdisplayname', display_name($USER, null, true));
if (!empty($_SERVER['HTTP_REFERER'])) {
$page = get_config('wwwroot') . 'view/view.php?id=' . $viewid . ($new ? '&new=1' : '');
if ($_SERVER['HTTP_REFERER'] != $page) {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment