Commit 3769fe88 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Enable auto_escape in header & footer and fix PAGEHEADING var to avoid double escaping


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 566360c2
...@@ -189,7 +189,7 @@ $smarty = smarty(array('paginator')); ...@@ -189,7 +189,7 @@ $smarty = smarty(array('paginator'));
$smarty->assign('options', $options); $smarty->assign('options', $options);
$smarty->assign('type', $type); $smarty->assign('type', $type);
$smarty->assign('INLINEJAVASCRIPT', $javascript); $smarty->assign('INLINEJAVASCRIPT', $javascript);
$smarty->assign('PAGEHEADING', hsc(get_string('inbox'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('deleteall', $deleteall); $smarty->assign('deleteall', $deleteall);
$smarty->assign('activitylist', $activitylist); $smarty->assign('activitylist', $activitylist);
$smarty->display('account/activity/index.tpl'); $smarty->display('account/activity/index.tpl');
......
...@@ -100,7 +100,7 @@ $prefsform = pieform(array( ...@@ -100,7 +100,7 @@ $prefsform = pieform(array(
$smarty = smarty(); $smarty = smarty();
$smarty->assign('pagedescription', get_string('prefsdescr', 'activity')); $smarty->assign('pagedescription', get_string('prefsdescr', 'activity'));
$smarty->assign('form', $prefsform); $smarty->assign('form', $prefsform);
$smarty->assign('PAGEHEADING', hsc(get_string('notifications'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('form.tpl'); $smarty->display('form.tpl');
function activityprefs_submit(Pieform $form, $values) { function activityprefs_submit(Pieform $form, $values) {
......
...@@ -318,7 +318,7 @@ function clearPasswords(form, data) { ...@@ -318,7 +318,7 @@ function clearPasswords(form, data) {
} }
} }
"); ");
$smarty->assign('PAGEHEADING', hsc(get_string('account'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('account/index.tpl'); $smarty->display('account/index.tpl');
......
...@@ -247,7 +247,7 @@ $smarty->assign('memberform', $memberform); ...@@ -247,7 +247,7 @@ $smarty->assign('memberform', $memberform);
$smarty->assign('requestedform', $requestedform); $smarty->assign('requestedform', $requestedform);
$smarty->assign('invitedform', $invitedform); $smarty->assign('invitedform', $invitedform);
$smarty->assign('joinform', $joinform); $smarty->assign('joinform', $joinform);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('account/institutions.tpl'); $smarty->display('account/institutions.tpl');
?> ?>
...@@ -66,7 +66,7 @@ $smarty = smarty(); ...@@ -66,7 +66,7 @@ $smarty = smarty();
$smarty->assign('reloadform', $reloadform); $smarty->assign('reloadform', $reloadform);
$smarty->assign('newfiltersdescription', get_string('newfiltersdescription', 'admin', get_config('libroot') . 'htmlpurifiercustom')); $smarty->assign('newfiltersdescription', get_string('newfiltersdescription', 'admin', get_config('libroot') . 'htmlpurifiercustom'));
$smarty->assign('filters', $filters); $smarty->assign('filters', $filters);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/extensions/filters.tpl'); $smarty->display('admin/extensions/filters.tpl');
?> ?>
...@@ -122,7 +122,7 @@ $heading = get_string('pluginadmin', 'admin') . ': ' . $plugintype . ': ' . $plu ...@@ -122,7 +122,7 @@ $heading = get_string('pluginadmin', 'admin') . ': ' . $plugintype . ': ' . $plu
if ($type) { if ($type) {
$heading .= ': ' . $type; $heading .= ': ' . $type;
} }
$smarty->assign('PAGEHEADING', hsc($heading)); $smarty->assign('PAGEHEADING', $heading);
$smarty->display('admin/extensions/pluginconfig.tpl'); $smarty->display('admin/extensions/pluginconfig.tpl');
......
...@@ -194,7 +194,7 @@ $smarty = smarty(); ...@@ -194,7 +194,7 @@ $smarty = smarty();
$smarty->assign('INLINEJAVASCRIPT', $javascript); $smarty->assign('INLINEJAVASCRIPT', $javascript);
$smarty->assign('plugins', $plugins); $smarty->assign('plugins', $plugins);
$smarty->assign('installlink', 'installplugin'); $smarty->assign('installlink', 'installplugin');
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/extensions/plugins.tpl'); $smarty->display('admin/extensions/plugins.tpl');
?> ?>
...@@ -79,7 +79,7 @@ if (empty($upgrades)) { ...@@ -79,7 +79,7 @@ if (empty($upgrades)) {
} }
$smarty = smarty(); $smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(get_string('administration', 'admin'))); $smarty->assign('PAGEHEADING', get_string('administration', 'admin'));
// normal admin page starts here // normal admin page starts here
$smarty->assign('upgrades', $upgrades); $smarty->assign('upgrades', $upgrades);
......
...@@ -316,7 +316,7 @@ $smarty = smarty(); ...@@ -316,7 +316,7 @@ $smarty = smarty();
$smarty->assign('INLINEJAVASCRIPT', $ijs); $smarty->assign('INLINEJAVASCRIPT', $ijs);
$smarty->assign('MENUS', $menulist); $smarty->assign('MENUS', $menulist);
$smarty->assign('descriptionstrargs', array('<a href="' . get_config('wwwroot') . 'artefact/file/sitefiles.php">', '</a>')); $smarty->assign('descriptionstrargs', array('<a href="' . get_config('wwwroot') . 'artefact/file/sitefiles.php">', '</a>'));
$smarty->assign('PAGEHEADING', hsc(get_string('linksandresourcesmenu', 'admin'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('footerform', $footerform); $smarty->assign('footerform', $footerform);
$smarty->display('admin/site/menu.tpl'); $smarty->display('admin/site/menu.tpl');
......
...@@ -213,7 +213,7 @@ function networkingform_submit(Pieform $form, $values) { ...@@ -213,7 +213,7 @@ function networkingform_submit(Pieform $form, $values) {
$smarty = smarty(); $smarty = smarty();
$smarty->assign('networkingform', $networkingform); $smarty->assign('networkingform', $networkingform);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/networking.tpl'); $smarty->display('admin/site/networking.tpl');
?> ?>
...@@ -462,7 +462,7 @@ function siteoptions_submit(Pieform $form, $values) { ...@@ -462,7 +462,7 @@ function siteoptions_submit(Pieform $form, $values) {
$thispage = json_encode(get_config('wwwroot') . 'admin/site/options.php'); $thispage = json_encode(get_config('wwwroot') . 'admin/site/options.php');
$smarty = smarty(array('adminsiteoptions')); $smarty = smarty(array('adminsiteoptions'));
$smarty->assign('siteoptionform', $siteoptionform); $smarty->assign('siteoptionform', $siteoptionform);
$smarty->assign('PAGEHEADING', hsc(get_string('siteoptions', 'admin'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/options.tpl'); $smarty->display('admin/site/options.tpl');
?> ?>
...@@ -96,7 +96,7 @@ function editsitepage_submit(Pieform $form, $values) { ...@@ -96,7 +96,7 @@ function editsitepage_submit(Pieform $form, $values) {
$smarty = smarty(array('adminsitepages'), array(), array('admin' => array('discardpageedits'))); $smarty = smarty(array('adminsitepages'), array(), array('admin' => array('discardpageedits')));
$smarty->assign('pageeditform', $form); $smarty->assign('pageeditform', $form);
$smarty->assign('PAGEHEADING', hsc(get_string('editsitepages', 'admin'))); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/site/pages.tpl'); $smarty->display('admin/site/pages.tpl');
?> ?>
...@@ -45,7 +45,7 @@ define('TITLE', $title); ...@@ -45,7 +45,7 @@ define('TITLE', $title);
$createviewform = pieform(create_view_form(null, 'mahara')); $createviewform = pieform(create_view_form(null, 'mahara'));
$smarty = smarty(); $smarty = smarty();
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$data = View::get_myviews_data($limit, $offset, null, 'mahara'); $data = View::get_myviews_data($limit, $offset, null, 'mahara');
......
...@@ -64,7 +64,7 @@ addLoadEvent(function () { ...@@ -64,7 +64,7 @@ addLoadEvent(function () {
EOF; EOF;
$smarty = smarty(array('paginator')); $smarty = smarty(array('paginator'));
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->assign('INLINEJAVASCRIPT', $js); $smarty->assign('INLINEJAVASCRIPT', $js);
$smarty->assign('sitedata', $sitedata); $smarty->assign('sitedata', $sitedata);
......
...@@ -327,7 +327,7 @@ function adduser_submit(Pieform $form, $values) { ...@@ -327,7 +327,7 @@ function adduser_submit(Pieform $form, $values) {
$smarty = smarty(array('adminadduser')); $smarty = smarty(array('adminadduser'));
$smarty->assign('form', $form); $smarty->assign('form', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/add.tpl'); $smarty->display('admin/users/add.tpl');
?> ?>
...@@ -86,7 +86,7 @@ function adminusers_submit(Pieform $form, $values) { ...@@ -86,7 +86,7 @@ function adminusers_submit(Pieform $form, $values) {
$smarty = smarty(); $smarty = smarty();
$smarty->assign('adminusersform', $form); $smarty->assign('adminusersform', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/admin.tpl'); $smarty->display('admin/users/admin.tpl');
?> ?>
...@@ -104,5 +104,5 @@ $form = pieform($form); ...@@ -104,5 +104,5 @@ $form = pieform($form);
$smarty = smarty(); $smarty = smarty();
$smarty->assign('bulkexportform', $form); $smarty->assign('bulkexportform', $form);
$smarty->assign('bulkexportdescription', get_string('bulkexportdescription', 'admin')); $smarty->assign('bulkexportdescription', get_string('bulkexportdescription', 'admin'));
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/bulkexport.tpl'); $smarty->display('admin/users/bulkexport.tpl');
...@@ -386,5 +386,5 @@ $form = pieform($form); ...@@ -386,5 +386,5 @@ $form = pieform($form);
$smarty = smarty(); $smarty = smarty();
$smarty->assign('form', $form); $smarty->assign('form', $form);
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/bulkimport.tpl'); $smarty->display('admin/users/bulkimport.tpl');
...@@ -516,7 +516,7 @@ if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) { ...@@ -516,7 +516,7 @@ if ($id != $USER->get('id') && is_null($USER->get('parentuser'))) {
$loginas = null; $loginas = null;
} }
$smarty->assign('loginas', $loginas); $smarty->assign('loginas', $loginas);
$smarty->assign('PAGEHEADING', hsc(TITLE . ': ' . display_name($user))); $smarty->assign('PAGEHEADING', TITLE . ': ' . display_name($user));
$smarty->display('admin/users/edit.tpl'); $smarty->display('admin/users/edit.tpl');
?> ?>
...@@ -106,7 +106,7 @@ function adminusers_submit(Pieform $form, $values) { ...@@ -106,7 +106,7 @@ function adminusers_submit(Pieform $form, $values) {
$smarty->assign('institutionselector', $s['institutionselector']); $smarty->assign('institutionselector', $s['institutionselector']);
$smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs']); $smarty->assign('INLINEJAVASCRIPT', $s['institutionselectorjs']);
$smarty->assign('adminusersform', pieform($form)); $smarty->assign('adminusersform', pieform($form));
$smarty->assign('PAGEHEADING', hsc(TITLE)); $smarty->assign('PAGEHEADING', TITLE);
$smarty->display('admin/users/institutionadmins.tpl'); $smarty->display('admin/users/institutionadmins.tpl');
?> ?>
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment