Commit 4325e9e6 authored by Richard Mansfield's avatar Richard Mansfield

Enable auto_escape in remaining blog & file templates

Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 9aadab78
{auto_escape off}
<?xml version="1.0"?>
<feed xmlns="http://www.w3.org/2005/Atom">
<title>{$feed.title}</title>
<id>{$feed.id}</id>
<link href="{$feed.link|escape}" />
<link rel="self" type="application/atom+xml" href="{$feed.selflink|escape}" />
<subtitle type="html"><![CDATA[ {$feed.description} ]]></subtitle>
<logo>{$feed.logo|escape}</logo>
<icon>{$feed.icon|escape}</icon>
<generator uri="{$feed.generator.uri|escape}" version="{$feed.generator.version}">
<link href="{$feed.link}" />
<link rel="self" type="application/atom+xml" href="{$feed.selflink}" />
<subtitle type="html"><![CDATA[ {$feed.description|clean_html|safe} ]]></subtitle>
<logo>{$feed.logo}</logo>
<icon>{$feed.icon}</icon>
<generator uri="{$feed.generator.uri}" version="{$feed.generator.version}">
{$feed.generator.text}
</generator>
<author>
<name>{$feed.author.name}</name>
{if $feed.author.uri}
<uri>{$feed.author.uri|escape}</uri>
<uri>{$feed.author.uri}</uri>
{/if}
</author>
<updated>{$feed.updated}</updated>
......@@ -23,17 +22,16 @@
<entry>
<title>{$post.title}</title>
<id>{$post.id}</id>
<link href="{$post.link|escape}" />
<content type="html"><![CDATA[ {$post.description} ]]></content>
<link href="{$post.link}" />
<content type="html"><![CDATA[ {$post.description|clean_html|safe} ]]></content>
<author>
<name>{$feed.author.name}</name>
</author>
<updated>{$post.mtime}</updated>
<rights type="html"><![CDATA[ {$feed.rights} ]]></rights>
{foreach from=$post.attachments item=attachlink}
<link rel="enclosure" title="{$attachlink.title}" href="{$attachlink.link|escape}" />
<link rel="enclosure" title="{$attachlink.title}" href="{$attachlink.link}" />
{/foreach}
</entry>
{/foreach}
</feed>
{/auto_escape}
{auto_escape off}
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>{str tag=insertimage section=artefact.blog}</title>
......@@ -78,4 +77,3 @@
</form>
</body>
</html>
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<div class="rbuttons">
<a class="btn btn-add" href="{$WWWROOT}artefact/blog/new/">{str section="artefact.blog" tag="addblog"}</a>
......@@ -12,11 +11,10 @@
<tr><th></th><th></th></tr>
</thead>
<tbody>
{$blogs->tablerows}
{$blogs->tablerows|safe}
</tbody>
</table>
{$blogs->pagination}
{$blogs->pagination|safe}
{/if}
</div>
{include file="footer.tpl"}
{/auto_escape}
......@@ -2,7 +2,7 @@
<div title="{$file.title}">
<div class="fl"><a href="{$WWWROOT}{$file.downloadurl}" target="_blank"><img src="{$file.iconsrc}" alt=""></a></div>
<div style="margin-left: 30px;">
<h4><a href="{$file.downloadurl}" target="_blank">{$file.title|str_shorten_text:20|safe}</a></h4>
<h4><a href="{$file.downloadurl}" target="_blank">{$file.title|str_shorten_text:20}</a></h4>
{if $file.description}<p style="margin: 0;"><strong>{$file.description}</strong></p>{/if}
{$file.size|display_size} | {$file.ctime|format_date:'strftimedaydate'}
| <a href="{$WWWROOT}view/artefact.php?artefact={$file.id}&view={$viewid}">{str tag=Details section=artefact.file}</a>
......
{auto_escape off}
<tr title="{$artefact->hovertitle|escape}">
<td style="width: 20px;">
{$formcontrols}
......@@ -6,4 +5,3 @@
<td style="width: 22px;"><label for="{$elementname}_{$artefact->id}"><img src="{$artefact->icon|escape}" alt="*"></label></td>
<th><label for="{$elementname}_{$artefact->id}">{if $artefact->description}{$artefact->description|escape}{else}{$artefact->title|escape}{/if}{if $artefact->artefacttype == 'profileicon'} ({str tag=profileicon section=artefact.file}){/if}</label></th>
</tr>
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
{if $file}
<h5>{$file->get('title')|escape}</h5>
<h5>{$file->get('title')}</h5>
{if $zipinfo}
<p>
<span><label>{str tag=Files section=artefact.file}:</label> {$zipinfo->files}&nbsp;</span>
......@@ -10,17 +9,16 @@
<span><label>{str tag=spacerequired section=artefact.file}:</label> {$zipinfo->displaysize}</span>
</p>
{/if}
<p>{$message|escape}</p>
<p>{$message}</p>
{if $zipinfo}
{$form}
{$form|safe}
<p>
<div><label>{str tag=Contents section=artefact.file}:</label></div>
{foreach from=$zipinfo->names item=name}
<div>{$name|escape}</div>
<div>{$name}</div>
{/foreach}
</p>
{/if}
{/if}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
<div>
<div class="fl filedata-icon"><a href="{$downloadpath|escape}"><img src="{$iconpath|escape}" alt="{$description|escape}"></a></div>
<h4><a href="{$downloadpath|escape}">{$title|escape}</a></h4>
<div class="fl filedata-icon"><a href="{$downloadpath}"><img src="{$iconpath}" alt="{$description}"></a></div>
<h4><a href="{$downloadpath}">{$title}</a></h4>
</div>
<table class="filedata">
<tr><th>{str tag=Type section=artefact.file}:</th><td>{$filetype}</td></tr>
<tr><th>{str tag=Description section=artefact.file}:</th><td>{$description|escape}</td></tr>
<tr><th>{str tag=Description section=artefact.file}:</th><td>{$description}</td></tr>
<tr><th>{str tag=tags}:</th><td>{list_tags owner=$owner tags=$tags}</td></tr>
<tr><th>{str tag=Owner section=artefact.file}:</th><td>{$ownername|escape}</td></tr>
<tr><th>{str tag=Owner section=artefact.file}:</th><td>{$ownername}</td></tr>
<tr><th>{str tag=Created section=artefact.file}:</th><td>{$created}</td></tr>
<tr><th>{str tag=lastmodified section=artefact.file}:</th><td>{$modified}</td></tr>
<tr><th>{str tag=Size section=artefact.file}:</th><td>{$size|escape}</td></tr>
<tr><th>{str tag=Download section=artefact.file}:</th><td><a href="{$downloadpath|escape}">{str tag=Download section=artefact.file}</a></td></tr>
<tr><th>{str tag=Size section=artefact.file}:</th><td>{$size}</td></tr>
<tr><th>{str tag=Download section=artefact.file}:</th><td><a href="{$downloadpath}">{str tag=Download section=artefact.file}</a></td></tr>
</table>
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
{if $institution}
{$institutionselector}
{$institutionselector|safe}
{/if}
{if $institution && $institution == 'mahara'}
......@@ -9,6 +8,6 @@
{else}
<p>{str tag='fileinstructions' section='artefact.file'}</p>
{/if}
<div>{$form}</div>
<div>{$form|safe}</div>
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
<tr id="{$prefix}_edit_row"{if !$fileinfo} class="hidden"{/if}>
<td colspan=6>
<table>
......@@ -63,4 +62,3 @@
</table>
</td>
</tr>
{/auto_escape}
{auto_escape off}
{if $config.select}
{include file="artefact:file:form/selectedlist.tpl" selectedlist=$selectedlist prefix=$prefix highlight=$highlight}
{/if}
<script type="text/javascript">
{$initjs}
{$initjs|safe}
</script>
<input type="hidden" name="folder" id="{$prefix}_folder" value="{$folder}" />
......@@ -109,4 +108,4 @@
</div>
{/if}
</div>{/auto_escape}
</div>
{auto_escape off}
{if !$filelist}
<p>{str tag=nofilesfound section=artefact.file}</p>
{else}
......@@ -35,7 +34,7 @@
{/if}
</td>
<td class="filename">
{assign var=displaytitle value=$file->title|str_shorten_text:34|escape}
{assign var=displaytitle value=$file->title|str_shorten_text:34|safe}
{if $file->artefacttype == 'folder'}
<a href="{$querybase}folder={$file->id}{if $owner}&owner={$owner}{if $ownerid}&ownerid={$ownerid}{/if}{/if}" class="changefolder" title="{str tag=gotofolder section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
{elseif !$publishable}
......@@ -44,7 +43,7 @@
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
{/if}
</td>
<td>{$file->description|escape}</td>
<td>{$file->description}</td>
{if !$showtags && !$editmeta}
<td>{tif $file->size ?: ''}</td>
<td>{tif $file->mtime ?: ''}</td>
......@@ -77,4 +76,3 @@
</tbody>
</table>
{/if}
{/auto_escape}
{auto_escape off}
{foreach from=$path item=f name=path}
{if !$.foreach.path.first}/ {/if}<a href="{$querybase}folder={$f->id}{if $owner}&owner={$owner}{if $ownerid}&ownerid={$ownerid}{/if}{/if}" class="changefolder">{$f->title|str_shorten_text:34|escape}</a>
{if !$.foreach.path.first}/ {/if}<a href="{$querybase}folder={$f->id}{if $owner}&owner={$owner}{if $ownerid}&ownerid={$ownerid}{/if}{/if}" class="changefolder">{$f->title|str_shorten_text:34}</a>
{/foreach}
{/auto_escape}
{auto_escape off}
{if $tabs.subtabs}
<ul class="artefactchooser-subtabs">
{foreach from=$tabs.subtabs item=displayname key=ownerid}
......@@ -6,4 +5,3 @@
{/foreach}
</ul>
{/if}
{/auto_escape}
{auto_escape off}
<ul class="artefactchooser-tabs files">
{foreach from=$tabs.tabs item=displayname key=name}
<li{if $tabs.owner == $name} class="current"{/if}><a class="changeowner" href="{$querybase}owner={$name}">{$displayname}</a></li>
{/foreach}
</ul>
{/auto_escape}
{auto_escape off}
<p id="{$prefix}_empty_selectlist"{if !$selectedlist} class="hidden"{/if}>{str tag=nofilesfound section=artefact.file}</p>
<table id="{$prefix}_selectlist" class="attachments fullwidth{if !$selectedlist} hidden{/if}">
<thead>
......@@ -11,7 +10,7 @@
</thead>
<tbody>
{foreach from=$selectedlist item=file}
{assign var=displaytitle value=$file->title|str_shorten_text:34|escape}
{assign var=displaytitle value=$file->title|str_shorten_text:34|safe}
<tr class="{cycle values='r0,r1'}{if $highlight && $highlight == $file->id} highlight-file{/if}">
<td>
<img src="{if $file->artefacttype == 'image'}{$WWWROOT}artefact/file/download.php?file={$file->id}&size=20x20{else}{theme_url filename=images/`$file->artefacttype`.gif}{/if}">
......@@ -19,7 +18,7 @@
<td>
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
</td>
<td>{$file->description|escape}</td>
<td>{$file->description}</td>
<td>
<input type="submit" class="button small unselect" name="{$prefix}_unselect[{$file->id}]" value="{str tag=remove}" />
<input type="hidden" name="{$prefix}_selected[{$file->id}]" value="{$file->id}">
......@@ -28,5 +27,3 @@
{/foreach}
</tbody>
</table>
{/auto_escape}
{auto_escape off}
<div>
<a href="{$downloadpath|escape}"><img src="{$downloadpath|escape}&maxwidth=1000&maxheight=750" alt="{$title|escape}"></a>
<p>{$description|escape}</p>
<div><a href="{$metadataurl|escape}">{str tag=Details section=artefact.file}</a></div>
<a href="{$downloadpath}"><img src="{$downloadpath}&maxwidth=1000&maxheight=750" alt="{$title}"></a>
<p>{$description}</p>
<div><a href="{$metadataurl}">{str tag=Details section=artefact.file}</a></div>
</div>
{/auto_escape}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment