Commit 9aadab78 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

Enable auto_escape in forum templates


Signed-off-by: default avatarRichard Mansfield <richardm@catalyst.net.nz>
parent 272cc88f
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading|escape}</h2>
<h2>{$subheading}</h2>
<div class="message delete">{$deleteform}</div>
<div class="message delete">{$deleteform|safe}</div>
{include file="interaction:forum:simplepost.tpl" post=$post groupadmins=$groupadmins}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading|escape}</h2>
<div class="message delete">{$deleteform}</div>
<h2>{$subheading}</h2>
<div class="message delete">{$deleteform|safe}</div>
{include file="interaction:forum:simplepost.tpl" post=$topic groupadmins=$groupadmins}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h2><a href="{$WWWROOT}interaction/forum/topic.php?id={$parent->topic}">{$parent->topicsubject|escape}</a> - {$action|escape}</h2>
<h2><a href="{$WWWROOT}interaction/forum/topic.php?id={$parent->topic}">{$parent->topicsubject}</a> - {$action}</h2>
{$editform}
{$editform|safe}
<h4>{str tag="replyto" section="interaction.forum"}</h4>
{include file="interaction:forum:simplepost.tpl" post=$parent groupadmins=$groupadmins}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading|escape}</h2>
{$editform}
<h2>{$subheading}</h2>
{$editform|safe}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h2>{str tag="nameplural" section=interaction.forum}</h2>
{if $admin}
<div id="forumbtns" class="rbuttons">
<a href="{$WWWROOT}interaction/edit.php?group={$groupid|escape}&amp;plugin=forum" class="btn btn-add">{str tag="newforum" section=interaction.forum}</a>
<a href="{$WWWROOT}interaction/edit.php?group={$groupid}&amp;plugin=forum" class="btn btn-add">{str tag="newforum" section=interaction.forum}</a>
</div>
{/if}
{if $forums}
......@@ -19,14 +18,14 @@
<td>
{if $admin}
<div class="fr btn-spacer s">
<a href="{$WWWROOT}interaction/edit.php?id={$forum->id|escape}&amp;returnto=index" class="btn-edit">{str tag=edit}</a>
<a href="{$WWWROOT}interaction/delete.php?id={$forum->id|escape}&amp;returnto=index" class="btn-del">{str tag=delete}</a>
<a href="{$WWWROOT}interaction/edit.php?id={$forum->id}&amp;returnto=index" class="btn-edit">{str tag=edit}</a>
<a href="{$WWWROOT}interaction/delete.php?id={$forum->id}&amp;returnto=index" class="btn-del">{str tag=delete}</a>
</div>
{/if}
<div class="nowrap">
<strong><a href="{$WWWROOT}interaction/forum/view.php?id={$forum->id|escape}">{$forum->title|escape}</a></strong>
<strong><a href="{$WWWROOT}interaction/forum/view.php?id={$forum->id}">{$forum->title}</a></strong>
</div>
<div class="s">{$forum->description|str_shorten_html:1000:true}</div>
<div class="s">{$forum->description|str_shorten_html:1000:true|safe}</div>
{if $forum->moderators}
<div class="inlinelist">
<span>{str tag="Moderators" section="interaction.forum"}:</span>
......@@ -38,7 +37,7 @@
{/if}
</td>
<td class="center" width="15%">{$forum->topiccount}</td>
<td class="nowrap s subscribetd">{if $forum->subscribe}{$forum->subscribe}{/if}</td>
<td class="nowrap s subscribetd">{if $forum->subscribe}{$forum->subscribe|safe}{/if}</td>
</tr>
{/foreach}
</table>
......@@ -54,4 +53,3 @@
{/foreach}
</div>
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{if $post->deleted}
{assign var=poster value=$post->poster|display_name|escape}
<h4 class="deletedpost">{str tag="postbyuserwasdeleted" section="interaction.forum" args=$poster}</h4>
......@@ -9,17 +8,16 @@
{include file="interaction:forum:simplepost.tpl" post=$post groupadmins=$groupadmins nosubject=true}
{/if}
<div class="postbtns">
{if $moderator || ($membership && !$closed)}<a href="{$WWWROOT}interaction/forum/editpost.php?parent={$post->id|escape}" class="btn-reply">{str tag="Reply" section=interaction.forum}</a>{/if}
{if $moderator || ($membership && !$closed)}<a href="{$WWWROOT}interaction/forum/editpost.php?parent={$post->id}" class="btn-reply">{str tag="Reply" section=interaction.forum}</a>{/if}
{if ($moderator || !$closed) && $post->canedit} | {/if}
{if $post->canedit}<a href="{$WWWROOT}interaction/forum/editpost.php?id={$post->id|escape}" class="btn-edit"> {str tag="edit"}</a>{/if}
{if $moderator && $post->parent} | <a href="{$WWWROOT}interaction/forum/deletepost.php?id={$post->id|escape}" class="btn-del"> {str tag="delete"}</a>{/if}
{if $post->canedit}<a href="{$WWWROOT}interaction/forum/editpost.php?id={$post->id}" class="btn-edit"> {str tag="edit"}</a>{/if}
{if $moderator && $post->parent} | <a href="{$WWWROOT}interaction/forum/deletepost.php?id={$post->id}" class="btn-del"> {str tag="delete"}</a>{/if}
</div>
{/if}
{if $children}
<div class="postreply">
{foreach from=$children item=child}
{$child}
{$child|safe}
{/foreach}
</div>
{/if}
{/auto_escape}
{auto_escape off}
{if $post->id}<a name="post{$post->id}"></a>{/if}
<table class="forumpost fullwidth">
{if $post->subject && !$nosubject}
<tr>
<td colspan="2" class="forumsubject"><h6>{$post->subject|escape}</h6></td>
<td colspan="2" class="forumsubject"><h6>{$post->subject}</h6></td>
</tr>
{/if}
<tr>
......@@ -17,7 +16,7 @@
{if $post->postcount}<p class="postcount">{$post->postcount}</p>{/if}
</div>
</td>
<td class="postedits">{$post->body|clean_html}
<td class="postedits">{$post->body|clean_html|safe}
{if $post->edit}
<h5>{str tag="editstothispost" section="interaction.forum"}</h5>
<ul>
......@@ -31,7 +30,7 @@
<img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=20&amp;id={$edit.editor}" alt="">
{$edit.editor|display_name|escape}
</a>
{$edit.edittime|escape}
{$edit.edittime}
</li>
{/foreach}
</ul>
......@@ -39,4 +38,3 @@
</td>
</tr>
</table>
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h3><a href="{$WWWROOT}interaction/forum/view.php?id={$topic->forumid}">{$topic->forumtitle|escape}</a></h3>
<h4>{$topic->subject|escape}</h4>
<h3><a href="{$WWWROOT}interaction/forum/view.php?id={$topic->forumid}">{$topic->forumtitle}</a></h3>
<h4>{$topic->subject}</h4>
{if $membership}
<div id="forumbtns" class="rbuttons">
{if $topic->canedit}
<a href="{$WWWROOT}interaction/forum/edittopic.php?id={$topic->id|escape}" class="btn btn-edittopic s">{str tag=edittopic section=interaction.forum}</a>
<a href="{$WWWROOT}interaction/forum/edittopic.php?id={$topic->id}" class="btn btn-edittopic s">{str tag=edittopic section=interaction.forum}</a>
{if $moderator}
<a href="{$WWWROOT}interaction/forum/deletetopic.php?id={$topic->id|escape}" class="btn btn-deletetopic s">{str tag=deletetopic section=interaction.forum}</a>
<a href="{$WWWROOT}interaction/forum/deletetopic.php?id={$topic->id}" class="btn btn-deletetopic s">{str tag=deletetopic section=interaction.forum}</a>
{/if}
{/if}
{if !$topic->forumsubscribed}
{$topic->subscribe}
{$topic->subscribe|safe}
{/if}
</div>
{/if}
......@@ -20,7 +19,7 @@
{if $topic->closed}
<div class="message closed">{str tag=topicisclosed section=interaction.forum}</div>
{/if}
{$posts}
{$posts|safe}
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{foreach from=$topics item=topic}
{if $sticky}
<tr class="stickytopic">
......@@ -6,29 +5,29 @@
<tr class="{cycle values='r0,r1'}">
{/if}
<td>
{if $topic->closed}<img src="{$closedicon|escape}" alt="{str tag="Closed" section="interaction.forum"}">{/if}
{if $topic->subscribed}<img src="{$subscribedicon|escape}" alt="{str tag="Subscribed" section="interaction.forum"}">{/if}
{if $topic->closed}<img src="{$closedicon}" alt="{str tag="Closed" section="interaction.forum"}">{/if}
{if $topic->subscribed}<img src="{$subscribedicon}" alt="{str tag="Subscribed" section="interaction.forum"}">{/if}
</td>
<td class="narrow">
{if $membership && (!$forum->subscribed || $moderator)}
<input type="checkbox" name="checked[{$topic->id|escape}]" class="topic-checkbox">
<input type="checkbox" name="checked[{$topic->id}]" class="topic-checkbox">
{/if}
</td>
<td>
{if $moderator}
<div class="s btn-spacer fr">
<a href="{$WWWROOT}interaction/forum/edittopic.php?id={$topic->id|escape}&amp;returnto=view" class="btn-edit">{str tag="edit"}</a>
<a href="{$WWWROOT}interaction/forum/deletetopic.php?id={$topic->id|escape}&amp;returnto=view" class="btn-del">{str tag="delete"}</a>
<a href="{$WWWROOT}interaction/forum/edittopic.php?id={$topic->id}&amp;returnto=view" class="btn-edit">{str tag="edit"}</a>
<a href="{$WWWROOT}interaction/forum/deletetopic.php?id={$topic->id}&amp;returnto=view" class="btn-del">{str tag="delete"}</a>
</div>
{/if}
<div><a href="{$WWWROOT}interaction/forum/topic.php?id={$topic->id|escape}">{$topic->subject|escape}</a></div>
<div class="s">{$topic->body}</div>
<div><a href="{$WWWROOT}interaction/forum/topic.php?id={$topic->id}">{$topic->subject}</a></div>
<div class="s">{$topic->body|str_shorten_html:50:true:false|safe}</div>
</td>
<td class="s">
<a href="{$WWWROOT}user/view.php?id={$topic->poster}"><img src="{$WWWROOT}thumb.php?type=profileicon&amp;maxsize=20&amp;id={$topic->poster}" alt=""></a>
<a href="{$WWWROOT}user/view.php?id={$topic->poster}" class="forumuser{if in_array($topic->poster, $groupadmins)} groupadmin{elseif $topic->moderator} moderator{/if}">{$topic->poster|display_name:null:true|escape}</a>
</td>
<td class="center">{$topic->postcount|escape}</td>
<td class="center">{$topic->postcount}</td>
<td class="s">
{if !$topic->lastpostdeleted}
<a href="{$WWWROOT}interaction/forum/topic.php?id={$topic->id}#post{$topic->lastpost}">{$topic->lastposttime}</a> {str tag=by section=view}
......@@ -37,4 +36,3 @@
</td>
</tr>
{/foreach}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h3>{$subheading|escape}</h3>
<h3>{$subheading}</h3>
<div id="forumbtns" class="rbuttons">
{if $admin}
<a href="{$WWWROOT}interaction/edit.php?id={$forum->id|escape}" class="btn btn-editforum">{str tag="edittitle" section="interaction.forum"}</a>
<a href="{$WWWROOT}interaction/delete.php?id={$forum->id|escape}" class="btn btn-deleteforum">{str tag="deleteforum" section="interaction.forum"}</a>
<a href="{$WWWROOT}interaction/edit.php?id={$forum->id}" class="btn btn-editforum">{str tag="edittitle" section="interaction.forum"}</a>
<a href="{$WWWROOT}interaction/delete.php?id={$forum->id}" class="btn btn-deleteforum">{str tag="deleteforum" section="interaction.forum"}</a>
{/if}
{if $membership}{$forum->subscribe}{/if}
{if $membership}{$forum->subscribe|safe}{/if}
</div>
<div id="forumdescription">{$forum->description}</div>
<div id="forumdescription">{$forum->description|clean_html|safe}</div>
<div id="viewforum" class="rel">
<h3>{str tag=Topics section="interaction.forum"}</h3>
{if $membership && ($moderator || $forum->newtopicusers != 'moderators') }
<div class="rbuttons">
<a href="{$WWWROOT}interaction/forum/edittopic.php?forum={$forum->id|escape}" class="btn btn-add s">{str tag="newtopic" section="interaction.forum"}</a>
<a href="{$WWWROOT}interaction/forum/edittopic.php?forum={$forum->id}" class="btn btn-add s">{str tag="newtopic" section="interaction.forum"}</a>
</div>
{/if}
{if $stickytopics || $regulartopics}
......@@ -36,7 +35,7 @@
{/if}
</table>
{if $regulartopics}
<div class="right">{$pagination}</div>
<div class="right">{$pagination|safe}</div>
{/if}
{if $membership && (!$forum->subscribed || $moderator)}
<div class="forumselectwrap"><select name="type">
......@@ -88,4 +87,3 @@
{/if}
{include file="footer.tpl"}
{/auto_escape}
......@@ -267,7 +267,6 @@ $smarty->display('interaction:forum:view.tpl');
function setup_topics(&$topics) {
if ($topics) {
foreach ($topics as $topic) {
$topic->body = str_shorten_html($topic->body, 50, true, false);
$topic->lastposttime = relative_date(get_string('strftimerecentrelative', 'interaction.forum'), get_string('strftimerecent'), $topic->lastposttime);
}
}
......
{auto_escape off}
{include file="header.tpl"}
<div class="message">
<h3>{$subheading|escape}</h3>
<h3>{$subheading}</h3>
<p>{$message}</p>
{$form}
{$form|safe}
</div>
{include file="footer.tpl"}
{/auto_escape}
{auto_escape off}
{include file="header.tpl"}
<h2>{$subheading|escape}</h2>
{$form}
<h2>{$subheading}</h2>
{$form|safe}
{include file="footer.tpl"}
{/auto_escape}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment