mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Removed some unessecary sanitizations

This commit is contained in:
Lukas Reschke 2012-06-11 19:20:48 +02:00
parent 2b22c538c8
commit 6defbc7f4d
5 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
apps/calendar/templates/part.choosecalendar.rowfields.php
View File

@ -2,7 +2,7 @@
echo '<td width="20px"><input id="active_' . $_['calendar']['id'] . '" type="checkbox" onClick="Calendar.UI.Calendar.activation(this,' . $_['calendar']['id'] . ')"' . ($_['calendar']['active'] ? ' checked="checked"' : '') . '></td>';
echo '<td id="' . OCP\USER::getUser() . '_' . $_['calendar']['id'] . '"><label for="active_' . $_['calendar']['id'] . '">' . htmlspecialchars($_['calendar']['displayname']) . '</label></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.Share.dropdown(\'' . OCP\USER::getUser() . '\', \'' . $_['calendar']['id'] . '\');" title="' . $l->t("Share Calendar") . '" class="action"><img class="svg action" src="' . ((!$_['shared']) ? OCP\Util::imagePath('core', 'actions/share.svg') : OCP\Util::imagePath('core', 'actions/shared.svg')) . '"></a></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.showCalDAVUrl(\'' . OCP\USER::getUser() . '\', \'' . htmlentities($_['calendar']['uri']) . '\');" title="' . $l->t("CalDav Link") . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/public.svg').'"></a></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.showCalDAVUrl(\'' . OCP\USER::getUser() . '\', \'' . $_['calendar']['uri'] . '\');" title="' . $l->t("CalDav Link") . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/public.svg').'"></a></td>';
echo '<td width="20px"><a href="?app=calendar&getfile=export.php?calid=' . $_['calendar']['id'] . '" title="' . $l->t('Download') . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/download.svg').'"></a></td>';
echo '<td width="20px"><a href="#" title="' . $l->t('Edit') . '" class="action" onclick="Calendar.UI.Calendar.edit(this, ' . $_['calendar']['id'] . ');"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/rename.svg').'"></a></td>';
echo '<td width="20px"><a href="#" onclick="Calendar.UI.Calendar.deleteCalendar(\'' . $_['calendar']['id'] . '\');" title="' . $l->t('Delete') . '" class="action"><img class="svg action" src="'.OCP\Util::imagePath('core', 'actions/delete.svg').'"></a></td>';

2
apps/files/templates/index.php
View File

@ -15,7 +15,7 @@
<form data-upload-id='1' class="file_upload_form" action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target_1">
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
<input type="hidden" name="dir" value="<?php echo htmlentities($_['dir'],ENT_COMPAT,'utf-8') ?>" id="dir">
<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
<button class="file_upload_filename">&nbsp;<img class='svg action' alt="Upload" src="<?php echo OCP\image_path("core", "actions/upload-white.svg"); ?>" /></button>
<input class="file_upload_start" type="file" name='files[]'/>
<a href="#" class="file_upload_button_wrapper" onclick="return false;" title="<?php echo $l->t('Upload'); echo ' max. '.$_['uploadMaxHumanFilesize'] ?>"></a>

8
apps/files_external/templates/settings.php
View File

@ -16,7 +16,7 @@
<?php $_['mounts'] = array_merge($_['mounts'], array('' => array())); ?>
<?php foreach ($_['mounts'] as $mountPoint => $mount): ?>
<tr <?php if ($mountPoint == '') echo 'id="addMountPoint"'; ?>>
<td class="mountPoint"><input type="text" name="mountPoint" value="<?php echo htmlentities($mountPoint); ?>" placeholder="<?php echo $l->t('Mount point'); ?>" /></td>
<td class="mountPoint"><input type="text" name="mountPoint" value="<?php echo $mountPoint; ?>" placeholder="<?php echo $l->t('Mount point'); ?>" /></td>
<?php if ($mountPoint == ''): ?>
<td class="backend">
<select id="selectBackend" data-configurations='<?php echo json_encode($_['backends']); ?>'>
@ -35,13 +35,13 @@
<?php if (isset($_['backends'][$mount['class']]['configuration'][$parameter])): ?>
<?php $placeholder = $_['backends'][$mount['class']]['configuration'][$parameter]; ?>
<?php if (strpos($placeholder, '*') !== false): ?>
<input type="password" data-parameter="<?php echo $parameter; ?>" value="<?php echo htmlentities($value); ?>" placeholder="<?php echo substr($placeholder, 1); ?>" />
<input type="password" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo substr($placeholder, 1); ?>" />
<?php elseif(strpos($placeholder, '!') !== false): ?>
<label><input type="checkbox" data-parameter="<?php echo $parameter; ?>" <?php if ($value == 'true') echo ' checked="checked"'; ?> /><?php echo substr($placeholder, 1); ?></label>
<?php elseif (strpos($placeholder, '&') !== false): ?>
<input type="text" class="optional" data-parameter="<?php echo $parameter; ?>" value="<?php echo htmlentities($value); ?>" placeholder="<?php echo substr($placeholder, 1); ?>" />
<input type="text" class="optional" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo substr($placeholder, 1); ?>" />
<?php else: ?>
<input type="text" data-parameter="<?php echo $parameter; ?>" value="<?php echo htmlentities($value); ?>" placeholder="<?php echo $placeholder; ?>" />
<input type="text" data-parameter="<?php echo $parameter; ?>" value="<?php echo $value; ?>" placeholder="<?php echo $placeholder; ?>" />
<?php endif; ?>
<?php endif; ?>
<?php endforeach; ?>

2
apps/user_openid/settings.php
View File

@ -2,7 +2,7 @@
$tmpl = new OCP\Template( 'user_openid', 'settings');
$identity=OCP\Config::getUserValue(OCP\USER::getUser(),'user_openid','identity','');
$tmpl->assign('identity',htmlentities($identity));
$tmpl->assign('identity',$identity);
OCP\Util::addscript('user_openid','settings');

2
core/templates/404.php
View File

@ -10,6 +10,6 @@ if(!isset($_)){//also provide standalone error page
<ul>
<li class='error'>
<?php echo $l->t( 'Cloud not found' ); ?><br/>
<p class='hint'><?php if(isset($_['file'])) echo htmlentities($_['file'])?></p>
<p class='hint'><?php if(isset($_['file'])) echo $_['file']?></p>
</li>
</ul>