Commit aa2b9b45 authored by Richard Mansfield's avatar Richard Mansfield
Browse files

html escape file title/description; shorten long names in title attribute

parent 06142736
......@@ -25,13 +25,14 @@
{/if}
</td>
<td class="filename">
{assign var=displaytitle value=$file->title|escape|str_shorten:34}
{if $file->artefacttype == 'folder'}
<a href="{$querybase}folder={$file->id}" class="changefolder" title="{str tag=gotofolder section=artefact.file arg1=$file->title}">{$file->title|str_shorten:34}</a>
<a href="{$querybase}folder={$file->id}" class="changefolder" title="{str tag=gotofolder section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
{else}
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$file->title}">{$file->title|str_shorten:34}</a>
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
{/if}
</td>
<td>{$file->description}</td>
<td>{$file->description|escape}</td>
<td>{$file->size}</td>
<td>{$file->mtime}</td>
<td>
......
......@@ -10,14 +10,15 @@
</thead>
<tbody>
{foreach from=$selectedlist item=file}
{assign var=displaytitle value=$file->title|escape|str_shorten:34}
<tr class="r{cycle values=0,1}{if !empty($highlight) && $highlight == $file->id} highlight-file{/if}">
<td>
<img src="{if $file->artefacttype == 'image'}{$WWWROOT}artefact/file/download.php?file={$file->id}&size=20x20{else}{$THEMEURL}images/{$file->artefacttype}.gif{/if}">
</td>
<td>
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$file->title}">{$file->title|str_shorten:34}</a>
<a href="{$WWWROOT}artefact/file/download.php?file={$file->id}" target="_blank" title="{str tag=downloadfile section=artefact.file arg1=$displaytitle}">{$displaytitle}</a>
</td>
<td>{$file->description}</td>
<td>{$file->description|escape}</td>
<td>
<noscript><button type="submit" class="button small unselect" name="{$prefix}_unselect[{$file->id}]" value="{$file->id}">{str tag=remove}</button></noscript>
<button type="button" class="button small unselect hidden" name="{$prefix}_unselect[{$file->id}]" value="{$file->id}">{str tag=remove}</button>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment