added escaping for group and view names

added logout link

added escaping for group and view names
added logout link
880f8273 · Clare Lenihan · Clare Lenihan · 002ecd87 · 880f8273 · 880f8273
Commit 880f8273 authored Jan 10, 2008 by Clare Lenihan Committed by Clare Lenihan Jan 10, 2008
--- a/htdocs/lang/en.utf8/mahara.php
+++ b/htdocs/lang/en.utf8/mahara.php
@@ -87,6 +87,7 @@ $string['strftimenotspecified']  = 'Not specified';
 // profile sideblock strings
 $string['invitedgroup'] = '1 group invited to';
 $string['invitedgroups'] = '%s groups invited to';
+$string['logout'] = 'Logout';
 $string['pendingfriend'] = '1 pending friend';
 $string['pendingfriends'] = '%s pending friends';


--- a/htdocs/theme/default/templates/sideblocks/profile.tpl
+++ b/htdocs/theme/default/templates/sideblocks/profile.tpl
-    <h3><a href="{$WWWROOT}user/view.php?id={$data.id}">{$data.id|display_name|escape}</a></h3>
-    <img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=50&amp;id={$data.id}" alt="">
+    <h3><a style="color:white" href="{$WWWROOT}user/view.php?id={$data.id}">{$data.id|display_name|escape}</a></h3>
+    <a href="{$WWWROOT}user/view.php?id={$data.id}"><img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=50&amp;id={$data.id}" alt=""></a>
+    <a href="{$WWWROOT}?logout">{str tag="logout"}</a>
    <ul style="color:black">
        {if $data.unreadnotifications}<li><a href="{$WWWROOT}account/activity/">{$data.unreadnotifications}</a></li>{/if}
        {if $data.invitedgroups}<li><a href="{$WWWROOT}group/mygroups.php?filter=invited">{$data.invitedgroups}</a></li>{/if}
        {if $data.pendingfriends}<li><a href="{$WWWROOT}user/?filter=2">{$data.pendingfriends}</a></li>{/if}
        {if $data.groups}
        <li>
-            <a href="{$WWWROOT}/group/mygroups.php?filter=owned">{str tag="groupsiown"}:</a>
+            <a href="{$WWWROOT}group/mygroups.php?filter=owned">{str tag="groupsiown"}:</a>
            <ul>
            {foreach from=$data.groups item=group}
-                <li><a href="{$WWWROOT}group/view.php?id={$group->id}">{$group->name}</a></li>
+                <li><a href="{$WWWROOT}group/view.php?id={$group->id}">{$group->name|escape}</a></li>
            {/foreach}
            </ul>
        </li>
@@ -19,7 +20,7 @@
            <a href="{$WWWROOT}view/">{str tag="myviews"}:</a>
            <ul>
            {foreach from=$data.views item=view}
-                <li><a href="{$WWWROOT}view/view.php?id={$view->id}">{$view->title}</a></li>
+                <li><a href="{$WWWROOT}view/view.php?id={$view->id}">{$view->title|escape}</a></li>
            {/foreach}
            </ul>
        </li>