From c6688477ab60019de50c7347df9a8d5ce4368256 Mon Sep 17 00:00:00 2001
From: Benjamin Renard <brenard@easter-eggs.com>
Date: Fri, 15 Jun 2018 15:25:25 +0200
Subject: [PATCH] Fix some escaping problems

---
 public_html/templates/default/LSform.tpl      | 28 +++++++++----------
 .../default/LSformElement_boolean_field.tpl   |  2 +-
 .../default/LSformElement_date_field.tpl      |  2 +-
 .../templates/default/LSformElement_field.tpl |  2 +-
 ...rmElement_jsonCompositeAttribute_field.tpl | 20 ++++++-------
 .../LSformElement_labeledValue_field.tpl      |  4 +--
 .../default/LSformElement_mailQuota_field.tpl |  4 +--
 .../default/LSformElement_maildir_field.tpl   |  4 +--
 .../default/LSformElement_password_field.tpl  |  4 +--
 .../default/LSformElement_quota_field.tpl     |  4 +--
 .../default/LSformElement_select.tpl          |  8 +++---
 .../default/LSformElement_select_box.tpl      |  6 ++--
 .../LSformElement_select_object_field.tpl     |  4 +--
 .../default/LSformElement_ssh_key_field.tpl   |  2 +-
 ...Element_supannCompositeAttribute_field.tpl |  6 ++--
 ...LSformElement_supannLabeledValue_field.tpl |  2 +-
 .../default/LSformElement_text_field.tpl      |  4 +--
 .../default/LSformElement_uri_field.tpl       |  6 ++--
 .../LSformElement_valueWithUnit_field.tpl     |  6 ++--
 public_html/templates/default/LSform_view.tpl | 14 +++++-----
 public_html/templates/default/LSmail.tpl      | 10 +++----
 public_html/templates/default/LSrelations.tpl |  2 +-
 public_html/templates/default/login.tpl       |  2 +-
 public_html/templates/default/modify.tpl      |  2 +-
 public_html/templates/default/question.tpl    |  4 +--
 .../templates/default/recoverpassword.tpl     |  4 +--
 public_html/templates/default/redirect.tpl    |  2 +-
 public_html/templates/default/select.tpl      |  8 +++---
 .../templates/default/select_table.tpl        |  6 ++--
 public_html/templates/default/top.tpl         |  2 +-
 public_html/templates/default/view.tpl        |  2 +-
 public_html/templates/default/viewSearch.tpl  | 16 +++++------
 32 files changed, 96 insertions(+), 96 deletions(-)

diff --git a/public_html/templates/default/LSform.tpl b/public_html/templates/default/LSform.tpl
index ae6d2b4d..1bb3d835 100644
--- a/public_html/templates/default/LSform.tpl
+++ b/public_html/templates/default/LSform.tpl
@@ -1,37 +1,37 @@
-<form action='{$LSform_action|escape:"quotes"}' method='post' enctype="multipart/form-data" class='LSform'>
+<form action='{$LSform_action}' method='post' enctype="multipart/form-data" class='LSform'>
 {$LSform_header}
 {if $LSform_layout}
   <!-- Tabs - Start Title -->
   <ul class='LSform_layout'>
   {foreach from=$LSform_layout item=tab key=tab_key}
-    <li class='LSform_layout' id='LSform_layout_btn_{$tab_key|escape:"quotes"}'><a href='#{$tab_key|escape:"quotes"}'>{tr msg=$tab.label}</a></li>
+    <li class='LSform_layout' id='LSform_layout_btn_{$tab_key|escape:"htmlall"}'><a href='#{$tab_key|escape:"htmlall"}'>{tr msg=$tab.label}</a></li>
   {/foreach}
   </ul>
   <!-- Tabs - End Title -->
 
   <!-- Tabs - Start Content -->
   {foreach from=$LSform_layout item=tab key=tab_key}
-    <a name='{$tab_key|escape:'quotes'}'></a>
+    <a name='{$tab_key|escape:'htmlall'}'></a>
     <h2 class='LSform_layout'>{tr msg=$tab.label}</h2>
-    <div class='LSform LSform_layout' id='LSform_layout_div_{$tab_key|escape:'quotes'}'>
+    <div class='LSform LSform_layout' id='LSform_layout_div_{$tab_key|escape:'htmlall'}'>
       {if $LSformElement_image!='' && $tab.img==1}
       <div class='LSformElement_image{if $LSformElement_image_errors} LSformElement_image_errors{/if}'>
         {if $LSformElement_image_actions!='' && !$LSformElement_image_errors}
         <ul class='LSformElement_image_actions'>
-            <li><img src='{img name="zoom"}' class='LSformElement_image_actions LSformElement_image_action_zoom' id='LSformElement_image_action_zoom_{$LSformElement_image.id|escape:'quotes'}' /></li>
+            <li><img src='{img name="zoom"}' class='LSformElement_image_actions LSformElement_image_action_zoom' id='LSformElement_image_action_zoom_{$LSformElement_image.id|escape:'htmlall'}' /></li>
           {foreach from=$LSformElement_image_actions item=item}
-            <li><img src='{img name=$item}' class='LSformElement_image_actions LSformElement_image_action_{$item|escape:'quotes'}' id='LSformElement_image_action_{$item|escape:'quotes'}_{$LSformElement_image.id|escape:'quotes'}' /></li>
+            <li><img src='{img name=$item}' class='LSformElement_image_actions LSformElement_image_action_{$item|escape:'htmlall'}' id='LSformElement_image_action_{$item|escape:'htmlall'}_{$LSformElement_image.id|escape:'htmlall'}' /></li>
           {/foreach}
         </ul>
         {/if}
-        <img src='{$LSformElement_image.img|escape:'quotes'}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:'quotes'}' />
+        <img src='{$LSformElement_image.img}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:'htmlall'}' />
       </div>
       {/if}
       
       <dl class='LSform'>
         {foreach from=$tab.args item=arg}
           {if $LSform_fields[$arg]}
-            <dt class='LSform{if $LSform_fields[$arg].errors != ''} LSform-errors{/if}'>{$LSform_fields[$arg].label}{if $LSform_fields[$arg].required} *{/if}{if $LSform_fields[$arg].help_info!=""} <img class='LStips' src="{img name='help'}" alt='?' title='{$LSform_fields[$arg].help_info|escape:'quotes'}'/>{/if}</dt>
+            <dt class='LSform{if $LSform_fields[$arg].errors != ''} LSform-errors{/if}'>{$LSform_fields[$arg].label}{if $LSform_fields[$arg].required} *{/if}{if $LSform_fields[$arg].help_info!=""} <img class='LStips' src="{img name='help'}" alt='?' title='{$LSform_fields[$arg].help_info|escape:'htmlall'}'/>{/if}</dt>
             <dd class='LSform'>{$LSform_fields[$arg].html}{if $LSform_fields[$arg].add != ''} <span class='LSform-addfield'>+ Ajouter un champ</span>{/if}</dd>
             {if $LSform_fields[$arg].errors != ''}
               {foreach from=$LSform_fields[$arg].errors item=error}
@@ -40,7 +40,7 @@
             {/if}
           {/if}
         {/foreach}
-        <dd class='LSform'><input type='submit' value='{$LSform_submittxt|escape:'quotes'}' class='LSform' /></dd>
+        <dd class='LSform'><input type='submit' value='{$LSform_submittxt|escape:'htmlall'}' class='LSform' /></dd>
       </dl>
       
     </div>
@@ -51,20 +51,20 @@
     <div class='LSformElement_image{if $LSformElement_image_errors} LSformElement_image_errors{/if}'>
       {if $LSformElement_image_actions!='' && !$LSformElement_image_errors}
       <ul class='LSformElement_image_actions'>
-          <li><img src='{img name='zoom'}' class='LSformElement_image_actions LSformElement_image_action_zoom' id='LSformElement_image_action_zoom_{$LSformElement_image.id|escape:'quotes'}' /></li>
+          <li><img src='{img name='zoom'}' class='LSformElement_image_actions LSformElement_image_action_zoom' id='LSformElement_image_action_zoom_{$LSformElement_image.id|escape:'htmlall'}' /></li>
         {foreach from=$LSformElement_image_actions item=item}
-          <li><img src='{img name=$item}' class='LSformElement_image_actions LSformElement_image_action_{$item|escape:'quotes'}' id='LSformElement_image_action_{$item|escape:'quotes'}_{$LSformElement_image.id|escape:'quotes'}' /></li>
+          <li><img src='{img name=$item}' class='LSformElement_image_actions LSformElement_image_action_{$item|escape:'htmlall'}' id='LSformElement_image_action_{$item|escape:'htmlall'}_{$LSformElement_image.id|escape:'htmlall'}' /></li>
         {/foreach}
       </ul>
       {/if}
-      <img src='{$LSformElement_image.img|escape:'quotes'}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:'quotes'}' />
+      <img src='{$LSformElement_image.img}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:'htmlall'}' />
     </div>
   {/if}
   
   <div class='LSform'>
     <dl class='LSform'>
       {foreach from=$LSform_fields item=field}
-      <dt class='LSform{if $field.errors != ''} LSform-errors{/if}'>{$field.label}{if $field.required} *{/if}{if $field.help_info!=""} <img class='LStips' src="{img name='help'}" alt='?' title='{$field.help_info|escape:'quotes'}'/>{/if}</dt>
+      <dt class='LSform{if $field.errors != ''} LSform-errors{/if}'>{$field.label}{if $field.required} *{/if}{if $field.help_info!=""} <img class='LStips' src="{img name='help'}" alt='?' title='{$field.help_info|escape:'htmlall'}'/>{/if}</dt>
       <dd class='LSform'>{$field.html}{if $field.add != ''} <span class='LSform-addfield'>+ Ajouter un champ</span>{/if}</dd>
       {if $field.errors != ''}
         {foreach from=$field.errors item=error}
@@ -72,7 +72,7 @@
         {/foreach}
       {/if}
       {/foreach}
-      <dd class='LSform'><input type='submit' value='{$LSform_submittxt|escape:"quotes"}' class='LSform' /></dd>
+      <dd class='LSform'><input type='submit' value='{$LSform_submittxt|escape:"htmlall"}' class='LSform' /></dd>
     </dl>
   </div>
   
diff --git a/public_html/templates/default/LSformElement_boolean_field.tpl b/public_html/templates/default/LSformElement_boolean_field.tpl
index 30bc1678..5b1ef98c 100644
--- a/public_html/templates/default/LSformElement_boolean_field.tpl
+++ b/public_html/templates/default/LSformElement_boolean_field.tpl
@@ -1,5 +1,5 @@
 {if $freeze}
 {if $value=='yes'}{$yesTxt|escape:"htmlall"}{elseif $value=='no'}{$noTxt|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}
 {else}
-<input type='radio' value='yes' name='{$attr_name|escape:"quotes"}[0]' {if $value=='yes'}checked="true"{/if} />{$yesTxt|escape:"htmlall"} <input type='radio' value='no' name='{$attr_name|escape:"quotes"}[0]' {if $value=='no'}checked="true"{/if} /> {$noTxt|escape:"htmlall"}
+<input type='radio' value='yes' name='{$attr_name|escape:"htmlall"}[0]' {if $value=='yes'}checked="true"{/if} />{$yesTxt|escape:"htmlall"} <input type='radio' value='no' name='{$attr_name|escape:"htmlall"}[0]' {if $value=='no'}checked="true"{/if} /> {$noTxt|escape:"htmlall"}
 {/if}
diff --git a/public_html/templates/default/LSformElement_date_field.tpl b/public_html/templates/default/LSformElement_date_field.tpl
index 018138bd..f66b8bbb 100644
--- a/public_html/templates/default/LSformElement_date_field.tpl
+++ b/public_html/templates/default/LSformElement_date_field.tpl
@@ -1,5 +1,5 @@
 {if $freeze}
   {if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}
 {else}
-  <input type='text' name='{$attr_name|escape:"quotes"}[]' value='{$value|escape:'quotes'}' class='LSformElement_date' autocomplete="off">
+  <input type='text' name='{$attr_name|escape:"htmlall"}[]' value='{$value|escape:'htmlall'}' class='LSformElement_date' autocomplete="off">
 {/if}
diff --git a/public_html/templates/default/LSformElement_field.tpl b/public_html/templates/default/LSformElement_field.tpl
index 219c552d..8099039e 100644
--- a/public_html/templates/default/LSformElement_field.tpl
+++ b/public_html/templates/default/LSformElement_field.tpl
@@ -1,5 +1,5 @@
 {if $freeze}
 {if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}
 {else}
-<input type='text' name='{$attr_name|escape:"quotes"}[]' value='{$value|escape:"quotes"}' autocomplete="off"/>
+<input type='text' name='{$attr_name|escape:"htmlall"}[]' value='{$value|escape:"htmlall"}' autocomplete="off"/>
 {/if}
diff --git a/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl b/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl
index 0c8d92e7..421de90c 100644
--- a/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl
+++ b/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl
@@ -7,7 +7,7 @@
 		<ul>
 		{if $cconf.multiple && is_array($parseValue[$c])}
 			{foreach from=$parseValue[$c] item=cval}
-				<li><span title='{$cval.value|escape:"quotes"}'>{$cval.translated|escape:"htmlall"}</span></li>
+				<li><span title='{$cval.value|escape:"htmlall"}'>{$cval.translated|escape:"htmlall"}</span></li>
 			{/foreach}
 		{else}
 			<li><span title='{$parseValue[$c].value|escape:"htmlall"}'>{$parseValue[$c].translated|escape:"htmlall"}</span></li>
@@ -20,20 +20,20 @@
   {/if}
 {else}
   {uniqid var="uuid"}
-  <input type='hidden' name='{$attr_name|escape:"quotes"}__values_uuid[]' value='{$uuid|escape:"quotes"}' />
+  <input type='hidden' name='{$attr_name|escape:"htmlall"}__values_uuid[]' value='{$uuid|escape:"htmlall"}' />
   {foreach from=$components key=c item=cconf name=components}
-    <div data-component='{$c|escape:"quotes"}' data-uuid='{$uuid|escape:"quotes"}'>
+    <div data-component='{$c|escape:"htmlall"}' data-uuid='{$uuid|escape:"htmlall"}'>
 		<label>
 			{tr msg=$cconf.label}{if $cconf.required}*{/if}
-			{if $cconf.help_info}<img class='LStips' src="{img name='help'}" alt='?' title='{$cconf.help_info|escape:"quotes"}'/>{/if}
+			{if $cconf.help_info}<img class='LStips' src="{img name='help'}" alt='?' title='{$cconf.help_info|escape:"htmlall"}'/>{/if}
 			:
 		</label>
 		{if $cconf.type=='select_list'}
-			<select name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}__{$uuid|escape:"quotes"}[]' {if $cconf.multiple}multiple{/if}>
+			<select name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}__{$uuid|escape:"htmlall"}[]' {if $cconf.multiple}multiple{/if}>
 				{foreach from=$cconf.possible_values key=key item=label}
 					{if is_array($label)}
 						{if count($label.possible_values)>0}
-						<optgroup label='{$label.label|escape:"quotes"}'>
+						<optgroup label='{$label.label|escape:"htmlall"}'>
 							{if $cconf.multiple && is_array($parseValue[$c])}
 								{html_options options=$label.possible_values selected=$parseValue[$c]}
 							{else}
@@ -52,7 +52,7 @@
 								{assign var="selected" value=1}
 							{/if}
 						{/if}
-						<option value='{$key|escape:"quotes"}' {if $selected == 1}selected{/if}>{$label|escape:"htmlall"}</option>
+						<option value='{$key|escape:"htmlall"}' {if $selected == 1}selected{/if}>{$label|escape:"htmlall"}</option>
 					{/if}
 				{/foreach}
 			</select>
@@ -60,12 +60,12 @@
 			<ul>
 			{if $cconf.multiple && is_array($parseValue[$c])}
 				{foreach from=$parseValue[$c] item=cval}
-				<li><input type='text' name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}__{$uuid|escape:"quotes"}[]' value='{$cval.value|escape:"quotes"}'/></li>
+				<li><input type='text' name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}__{$uuid|escape:"htmlall"}[]' value='{$cval.value|escape:"htmlall"}'/></li>
 				{foreachelse}
-				<li><input type='text' name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}__{$uuid|escape:"quotes"}[]' value=''/></li>
+				<li><input type='text' name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}__{$uuid|escape:"htmlall"}[]' value=''/></li>
 				{/foreach}
 			{else}
-				<li><input type='text' name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}__{$uuid|escape:"quotes"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"quotes"}{/if}'/></li>
+				<li><input type='text' name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}__{$uuid|escape:"htmlall"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"htmlall"}{/if}'/></li>
 			{/if}
 			</ul>
 		{/if}
diff --git a/public_html/templates/default/LSformElement_labeledValue_field.tpl b/public_html/templates/default/LSformElement_labeledValue_field.tpl
index 3c210fec..dc6337ed 100644
--- a/public_html/templates/default/LSformElement_labeledValue_field.tpl
+++ b/public_html/templates/default/LSformElement_labeledValue_field.tpl
@@ -14,8 +14,8 @@
     {$noValueTxt|escape:"htmlall"}
   {/if}
 {else}
-  <select name='{$attr_name|escape:"quotes"}_labels[]' class='LSformElement_labeledValue'>
+  <select name='{$attr_name|escape:"htmlall"}_labels[]' class='LSformElement_labeledValue'>
     {html_options options=$labels selected=$parseValue.label}
   </select>
-  <input type="text" name='{$attr_name|escape:"quotes"}_values[]' class='LSformElement_labeledValue' value='{if $parseValue.value}{$parseValue.value|escape:'quotes'}{else}{$parseValue.raw_value|escape:'quotes'}{/if}'/>
+  <input type="text" name='{$attr_name|escape:"htmlall"}_values[]' class='LSformElement_labeledValue' value='{if $parseValue.value}{$parseValue.value|escape:'htmlall'}{else}{$parseValue.raw_value|escape:'htmlall'}{/if}'/>
 {/if}
diff --git a/public_html/templates/default/LSformElement_mailQuota_field.tpl b/public_html/templates/default/LSformElement_mailQuota_field.tpl
index fa54fa8d..098a7e3b 100644
--- a/public_html/templates/default/LSformElement_mailQuota_field.tpl
+++ b/public_html/templates/default/LSformElement_mailQuota_field.tpl
@@ -9,8 +9,8 @@
     {$noValueTxt|escape:"htmlall"}
   {/if}
 {else}
-  <input name='{$attr_name|escape:"quotes"}_size[]' type=text class='LSformElement_mailQuota' value='{$quotas[$value].valueSize|escape:"quotes"}'/>
-  <select name='{$attr_name|escape:"quotes"}_sizeFact[]' class='LSform LSformElement_mailQuota'>
+  <input name='{$attr_name|escape:"htmlall"}_size[]' type=text class='LSformElement_mailQuota' value='{$quotas[$value].valueSize|escape:"htmlall"}'/>
+  <select name='{$attr_name|escape:"htmlall"}_sizeFact[]' class='LSform LSformElement_mailQuota'>
     {html_options options=$sizeFacts selected=$quotas[$value].valueSizeFact}
   </select>
   {if $quotas[$value].unknown}
diff --git a/public_html/templates/default/LSformElement_maildir_field.tpl b/public_html/templates/default/LSformElement_maildir_field.tpl
index f02bd244..bf02e7a8 100644
--- a/public_html/templates/default/LSformElement_maildir_field.tpl
+++ b/public_html/templates/default/LSformElement_maildir_field.tpl
@@ -1,5 +1,5 @@
 {if $freeze}
-<span class='LSformElement_text LSformElement_maildir'>{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}</span><input type='hidden' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text LSformElement_maildir' value='{$value|escape:"quotes"}'/>
+<span class='LSformElement_text LSformElement_maildir'>{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}</span><input type='hidden' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text LSformElement_maildir' value='{$value|escape:"htmlall"}'/>
 {else}
-<input type='text' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text LSformElement_maildir' value='{$value|escape:"quotes"}' autocomplete="off"/>
+<input type='text' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text LSformElement_maildir' value='{$value|escape:"htmlall"}' autocomplete="off"/>
 {/if}
diff --git a/public_html/templates/default/LSformElement_password_field.tpl b/public_html/templates/default/LSformElement_password_field.tpl
index cc140d86..92db745f 100644
--- a/public_html/templates/default/LSformElement_password_field.tpl
+++ b/public_html/templates/default/LSformElement_password_field.tpl
@@ -6,8 +6,8 @@
 {/if}
 {else}
 {if $clearEdit}
-<input type='text' name='{$attr_name|escape:"quotes"}[]' value='{$pwd|escape:"quotes"}' class='LSformElement_password' autocomplete="off"/>
+<input type='text' name='{$attr_name|escape:"htmlall"}[]' value='{$pwd|escape:"htmlall"}' class='LSformElement_password' autocomplete="off"/>
 {else}
-<input type='password' name='{$attr_name|escape:"quotes"}[]' value='{$pwd|escape:"quotes"}' class='LSformElement_password' autocomplete="off"/>
+<input type='password' name='{$attr_name|escape:"htmlall"}[]' value='{$pwd|escape:"htmlall"}' class='LSformElement_password' autocomplete="off"/>
 {/if}
 {/if}
diff --git a/public_html/templates/default/LSformElement_quota_field.tpl b/public_html/templates/default/LSformElement_quota_field.tpl
index 4da4f767..7dcd07ff 100644
--- a/public_html/templates/default/LSformElement_quota_field.tpl
+++ b/public_html/templates/default/LSformElement_quota_field.tpl
@@ -9,8 +9,8 @@
     {$noValueTxt|escape:"htmlall"}
   {/if}
 {else}
-  <input name='{$attr_name|escape:"quotes"}_size[]' type=text class='LSformElement_quota' value='{$quotas[$value].valueSize|escape:"quotes"}'/>
-  <select name='{$attr_name|escape:"quotes"}_sizeFact[]' class='LSform LSformElement_quota'>
+  <input name='{$attr_name|escape:"htmlall"}_size[]' type=text class='LSformElement_quota' value='{$quotas[$value].valueSize|escape:"htmlall"}'/>
+  <select name='{$attr_name|escape:"htmlall"}_sizeFact[]' class='LSform LSformElement_quota'>
     {html_options options=$sizeFacts selected=$quotas[$value].valueSizeFact}
   </select>
   {if $quotas[$value].unknown}
diff --git a/public_html/templates/default/LSformElement_select.tpl b/public_html/templates/default/LSformElement_select.tpl
index a303215a..7782fb2e 100644
--- a/public_html/templates/default/LSformElement_select.tpl
+++ b/public_html/templates/default/LSformElement_select.tpl
@@ -1,4 +1,4 @@
-<ul class='LSform' id='{$attr_name|escape:"quotes"}'>
+<ul class='LSform' id='{$attr_name|escape:"htmlall"}'>
 {if $freeze}
   {foreach from=$values item=value}
     {LSformElement_select_checkIsValidValue value=$value possible_values=$possible_values}
@@ -12,16 +12,16 @@
   {/foreach}
 {else}
   <li>
-    <select name='{$attr_name|escape:"quotes"}[]' {if $multiple}multiple{/if} class='LSformElement_select'>
+    <select name='{$attr_name|escape:"htmlall"}[]' {if $multiple}multiple{/if} class='LSformElement_select'>
       {foreach from=$possible_values key=key item=label}
         {if is_array($label)}
           {if count($label.possible_values)>0}
-          <optgroup label='{$label.label|escape:"quotes"}'>
+          <optgroup label='{$label.label|escape:"htmlall"}'>
             {html_options options=$label.possible_values selected=$values}
           </optgroup>
           {/if}
         {else}
-          <option value='{$key|escape:"quotes"}' {if in_array($key,$values)}selected{/if}>{$label|escape:"htmlall"}</option>
+          <option value='{$key|escape:"htmlall"}' {if in_array($key,$values)}selected{/if}>{$label|escape:"htmlall"}</option>
         {/if}
       {/foreach}
     </select>
diff --git a/public_html/templates/default/LSformElement_select_box.tpl b/public_html/templates/default/LSformElement_select_box.tpl
index 250a70cd..f98acf99 100644
--- a/public_html/templates/default/LSformElement_select_box.tpl
+++ b/public_html/templates/default/LSformElement_select_box.tpl
@@ -1,4 +1,4 @@
-<ul class='LSform' id='{$attr_name|escape:"quotes"}'>
+<ul class='LSform' id='{$attr_name|escape:"htmlall"}'>
 {if $freeze}
   {foreach from=$values item=value}
     {LSformElement_select_checkIsValidValue value=$value possible_values=$possible_values}
@@ -19,7 +19,7 @@
           <ul class='LSformElement_selectbox_sub_values'>
             {foreach from=$label.possible_values item=l key=v name=LSformElement_selectbox_sub_values}
               <li>
-                <input type='{if $multiple}checkbox{else}radio{/if}' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_selectbox' id='LSformElement_selectbox_{$attr_name|escape:"quotes"}_{$smarty.foreach.LSformElement_selectbox.index}_{$smarty.foreach.LSformElement_selectbox_sub_values.index}' value='{$v|escape:"quotes"}' {if in_array($v,$values)}checked{/if}/> <label for='LSformElement_selectbox_{$attr_name|escape:"quotes"}_{$smarty.foreach.LSformElement_selectbox.index}_{$smarty.foreach.LSformElement_selectbox_sub_values.index}'>{tr msg=$l}</label>
+                <input type='{if $multiple}checkbox{else}radio{/if}' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_selectbox' id='LSformElement_selectbox_{$attr_name|escape:"htmlall"}_{$smarty.foreach.LSformElement_selectbox.index}_{$smarty.foreach.LSformElement_selectbox_sub_values.index}' value='{$v|escape:"htmlall"}' {if in_array($v,$values)}checked{/if}/> <label for='LSformElement_selectbox_{$attr_name|escape:"htmlall"}_{$smarty.foreach.LSformElement_selectbox.index}_{$smarty.foreach.LSformElement_selectbox_sub_values.index}'>{tr msg=$l}</label>
               </li>
             {/foreach}
           </ul>
@@ -27,7 +27,7 @@
         {/if}
       {else}
         <li>
-          <input type='{if $multiple}checkbox{else}radio{/if}' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_selectbox' id='LSformElement_selectbox_{$attr_name|escape:"quotes"}_{$smarty.foreach.LSformElement_selectbox.index}' value='{$value|escape:"quotes"}' {if in_array($value,$values)}checked{/if}/> <label for='LSformElement_selectbox_{$attr_name|escape:"quotes"}_{$smarty.foreach.LSformElement_selectbox.index}'>{tr msg=$label}</label>
+          <input type='{if $multiple}checkbox{else}radio{/if}' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_selectbox' id='LSformElement_selectbox_{$attr_name|escape:"htmlall"}_{$smarty.foreach.LSformElement_selectbox.index}' value='{$value|escape:"htmlall"}' {if in_array($value,$values)}checked{/if}/> <label for='LSformElement_selectbox_{$attr_name|escape:"htmlall"}_{$smarty.foreach.LSformElement_selectbox.index}'>{tr msg=$label}</label>
         </li>
       {/if}
     {/foreach}
diff --git a/public_html/templates/default/LSformElement_select_object_field.tpl b/public_html/templates/default/LSformElement_select_object_field.tpl
index 2970e440..e66bdc85 100644
--- a/public_html/templates/default/LSformElement_select_object_field.tpl
+++ b/public_html/templates/default/LSformElement_select_object_field.tpl
@@ -1,6 +1,6 @@
 {if $dn}
-  <a href='view.php?LSobject={$selectableObject|escape:"url"}&amp;dn={$dn|escape:'url'}' class='LSformElement_select_object'>{$txt|escape:"htmlall"}</a>
-  {if !$freeze}<input type='hidden' class='LSformElement_select_object' name='{$attr_name|escape:"quotes"}[]' value='{$dn|escape:"quotes"}' />{/if}
+  <a href='view.php?LSobject={$selectableObject|escape:"url"}&dn={$dn|escape:'url'}' class='LSformElement_select_object'>{$txt|escape:"htmlall"}</a>
+  {if !$freeze}<input type='hidden' class='LSformElement_select_object' name='{$attr_name|escape:"htmlall"}[]' value='{$dn|escape:"htmlall"}' />{/if}
 {else}
   {$noValueTxt|escape:"htmlall"}
 {/if}
diff --git a/public_html/templates/default/LSformElement_ssh_key_field.tpl b/public_html/templates/default/LSformElement_ssh_key_field.tpl
index 9f702bcc..13ab79fc 100644
--- a/public_html/templates/default/LSformElement_ssh_key_field.tpl
+++ b/public_html/templates/default/LSformElement_ssh_key_field.tpl
@@ -1,6 +1,6 @@
 {if $freeze}
   {if $value.type}
-    <span class='LSformElement_ssh_key_short_display' title='{$span_title|escape:"htmlall"}'>{$value.shortTxt|escape:"htmlall"}...</span> (Type : {$value.type|escape:"htmlall"}) <a href='mailto:{$value.mail|escape:"quotes"}'>{$value.mail|escape:"htmlall"}</a><p class='LSformElement_ssh_key_value'>{$value.value|escape:"htmlall"}</p>
+    <span class='LSformElement_ssh_key_short_display' title='{$span_title|escape:"htmlall"}'>{$value.shortTxt|escape:"htmlall"}...</span> (Type : {$value.type|escape:"htmlall"}) <a href='mailto:{$value.mail|escape:"hex"}'>{$value.mail|escape:"mail"}</a><p class='LSformElement_ssh_key_value'>{$value.value|escape:"htmlall"}</p>
   {elseif $value.shortTxt}
     <span class='LSformElement_ssh_key_short_display'>{$value.shortTxt|escape:"htmlall"}...</span> ({$unknowTypeTxt|escape:"htmlall"})<p class='LSformElement_ssh_key_value'>{$value.value|escape:"htmlall"}</p>
   {else}
diff --git a/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl b/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl
index 98ced4e9..23dda863 100644
--- a/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl
+++ b/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl
@@ -16,10 +16,10 @@
   {/if}
 {else}
   {foreach $components as $c => $cconf}
-    <p data-component='{$c|escape:"quotes"}'>
+    <p data-component='{$c|escape:"htmlall"}'>
 		<label>{tr msg=$cconf.label}{if $cconf.required}*{/if}  :</label>
 		{if $cconf.type=='table' or $cconf.type=='codeEntite'}
-			<input type='hidden' name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"quotes"}{/if}'/>
+			<input type='hidden' name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"htmlall"}{/if}'/>
 			{if $parseValue and !empty($parseValue[$c].label) and $parseValue[$c].label!='no'}
 				{assign var=clabel value=$parseValue[$c].label}
 				<img src='{img name="supann_label_$clabel"}' alt='[{$clabel|escape:"htmlall"}]' title='{$clabel|escape:"htmlall"}'/>
@@ -30,7 +30,7 @@
 				<span>{$noValueTxt|escape:"htmlall"}</span>
 			{/if}
 		{else}
-			<input type='text' name='{$attr_name|escape:"quotes"}__{$c|escape:"quotes"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"htmlall"}{/if}'/>
+			<input type='text' name='{$attr_name|escape:"htmlall"}__{$c|escape:"htmlall"}[]' value='{if $parseValue and $parseValue[$c]}{$parseValue[$c].value|escape:"htmlall"}{/if}'/>
 		{/if}
     </p>
   {/foreach}
diff --git a/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl b/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl
index 754e0698..6cc019ec 100644
--- a/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl
+++ b/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl
@@ -9,7 +9,7 @@
     {$noValueTxt|escape:"htmlall"}
   {/if}
 {else}
-  <input type='hidden' name='{$attr_name|escape:"quotes"}[]' value='{if $parseValue}{$parseValue.value|escape:"quotes"}{/if}'/>
+  <input type='hidden' name='{$attr_name|escape:"htmlall"}[]' value='{if $parseValue}{$parseValue.value|escape:"htmlall"}{/if}'/>
   {if $parseValue and !empty($parseValue.label) and $parseValue.label!='no'}
     {assign var=clabel value=$parseValue.label}
     <img class='LSformElement_supannLabeledValue_label' src='{img name="supann_label_$clabel"}' alt='[{$clabel|escape:"htmlall"}]' title='{$clabel|escape:"htmlall"}'/>
diff --git a/public_html/templates/default/LSformElement_text_field.tpl b/public_html/templates/default/LSformElement_text_field.tpl
index 3b2dfc96..45d81400 100644
--- a/public_html/templates/default/LSformElement_text_field.tpl
+++ b/public_html/templates/default/LSformElement_text_field.tpl
@@ -1,5 +1,5 @@
 {if $freeze}
-<span class='LSformElement_text'>{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}</span><input type='hidden' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text' value='{$value|escape:"quotes"}'/>
+<span class='LSformElement_text'>{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if}</span><input type='hidden' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text' value='{$value|escape:"htmlall"}'/>
 {else}
-<input type='text' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text' value='{$value|escape:"quotes"}' autocomplete="off"/>
+<input type='text' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text' value='{$value|escape:"htmlall"}' autocomplete="off"/>
 {/if}
diff --git a/public_html/templates/default/LSformElement_uri_field.tpl b/public_html/templates/default/LSformElement_uri_field.tpl
index 93855c7d..17262653 100644
--- a/public_html/templates/default/LSformElement_uri_field.tpl
+++ b/public_html/templates/default/LSformElement_uri_field.tpl
@@ -1,12 +1,12 @@
 {if $freeze}
   <span class='LSformElement_text'>
   {if $value}
-    <a class='{$uriClass|escape:"quotes"}' href='{$uriPrefix|escape:"quotes"}{$value|escape:"quotes"}'{if $uriLinkTitle} title='{$uriLinkTitle|escape:"htmlall"}'{/if}{if $uriTarget} target='{$uriTarget|escape:"quotes"}'{/if}>{$value|escape:"htmlall"}</a>
+    <a class='{$uriClass|escape:"htmlall"}' href='{$uriPrefix|escape:"htmlall"}{$value|escape:"htmlall"}'{if $uriLinkTitle} title='{$uriLinkTitle|escape:"htmlall"}'{/if}{if $uriTarget} target='{$uriTarget|escape:"htmlall"}'{/if}>{$value|escape:"htmlall"}</a>
   {else}
     {$noValueTxt|escape:"htmlall"}
   {/if}
   </span>
-  <input type='hidden' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text' value='{$value|escape:"quotes"}'/>
+  <input type='hidden' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text' value='{$value|escape:"htmlall"}'/>
 {else}
-  <input type='text' name='{$attr_name|escape:"quotes"}[]' class='LSformElement_text {$uriClass|escape:"quotes"}' value='{$value|escape:"quotes"}' autocomplete="off"/>
+  <input type='text' name='{$attr_name|escape:"htmlall"}[]' class='LSformElement_text {$uriClass|escape:"htmlall"}' value='{$value|escape:"htmlall"}' autocomplete="off"/>
 {/if}
diff --git a/public_html/templates/default/LSformElement_valueWithUnit_field.tpl b/public_html/templates/default/LSformElement_valueWithUnit_field.tpl
index f871fd7d..87f26c17 100644
--- a/public_html/templates/default/LSformElement_valueWithUnit_field.tpl
+++ b/public_html/templates/default/LSformElement_valueWithUnit_field.tpl
@@ -14,12 +14,12 @@
   {/if}
 {else}
   {if $values_and_units[$value].valueWithUnit || !$values_and_units[$value]}
-    <input name='{$attr_name|escape:"quotes"}_valueWithUnit[]' type=text class='LSformElement_valueWithUnit' value='{$values_and_units[$value].valueWithUnit|escape:"quotes"}'/>
-    <select name='{$attr_name|escape:"quotes"}_unitFact[]' class='LSform LSformElement_valueWithUnit'>
+    <input name='{$attr_name|escape:"htmlall"}_valueWithUnit[]' type=text class='LSformElement_valueWithUnit' value='{$values_and_units[$value].valueWithUnit|escape:"htmlall"}'/>
+    <select name='{$attr_name|escape:"htmlall"}_unitFact[]' class='LSform LSformElement_valueWithUnit'>
       {html_options options=$units selected=$values_and_units[$value].unitSill}
     </select>
   {else}
-    <input name='{$attr_name|escape:"quotes"}_value[]' type=text class='LSformElement_valueWithUnit' value='{$values_and_units[$value].value|escape:"quotes"}' autocomplete="off"/>
+    <input name='{$attr_name|escape:"htmlall"}_value[]' type=text class='LSformElement_valueWithUnit' value='{$values_and_units[$value].value|escape:"htmlall"}' autocomplete="off"/>
   {/if}
   {if $values_and_units[$value].unknown}
     <span class='LSformElement_valueWithUnit_unknown'>{$values_and_units[$value].unknown|escape:"htmlall"}</span>
diff --git a/public_html/templates/default/LSform_view.tpl b/public_html/templates/default/LSform_view.tpl
index 7b1f0c42..08c807c7 100644
--- a/public_html/templates/default/LSform_view.tpl
+++ b/public_html/templates/default/LSform_view.tpl
@@ -1,23 +1,23 @@
-<input type='hidden' name='LSform_objecttype' id='LSform_objecttype'  value='{$LSform_object.type|escape:"quotes"}'/>
-<input type='hidden' name='LSform_objectdn' id='LSform_objectdn'  value='{$LSform_object.dn|escape:"quotes"}'/>
+<input type='hidden' name='LSform_objecttype' id='LSform_objecttype'  value='{$LSform_object.type|escape:"htmlall"}'/>
+<input type='hidden' name='LSform_objectdn' id='LSform_objectdn'  value='{$LSform_object.dn|escape:"htmlall"}'/>
 {if $LSform_layout}
   <!-- Tabs - Start Title -->
   <ul class='LSform_layout'>
   {foreach from=$LSform_layout item=tab key=tab_key}
-    <li class='LSform_layout' id='LSform_layout_btn_{$tab_key|escape:"quotes"}'><a href='#{$tab_key|escape:"quotes"}'>{tr msg=$tab.label}</a></li>
+    <li class='LSform_layout' id='LSform_layout_btn_{$tab_key|escape:"htmlall"}'><a href='#{$tab_key|escape:"htmlall"}'>{tr msg=$tab.label}</a></li>
   {/foreach}
   </ul>
   <!-- Tabs - End Title -->
 
   <!-- Tabs - Start Content -->
   {foreach from=$LSform_layout item=tab key=tab_key}
-    <a name='{$tab_key|escape:"quotes"}'></a>
+    <a name='{$tab_key|escape:"htmlall"}'></a>
     <h2 class='LSform_layout'>{$tab.label|escape:"htmlall"}</h2>
-    <div class='LSform LSform_layout' id='LSform_layout_div_{$tab_key|escape:"quotes"}'>
+    <div class='LSform LSform_layout' id='LSform_layout_div_{$tab_key|escape:"htmlall"}'>
     
       {if $LSformElement_image!='' && $tab.img==1}
         <div class='LSformElement_image'>
-          <a href='{$LSformElement_image.img|escape:"quotes"}' rel='rien ici' title='comment' class='mb'><img src='{$LSformElement_image.img|escape:"quotes"}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:"quotes"}' /></a>
+          <a href='{$LSformElement_image.img|escape:"htmlall"}' rel='rien ici' title='comment' class='mb'><img src='{$LSformElement_image.img|escape:"htmlall"}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:"htmlall"}' /></a>
         </div>
       {/if}
       
@@ -42,7 +42,7 @@
 
   {if $LSformElement_image!=''}
   <div class='LSformElement_image'>
-    <a href='{$LSformElement_image.img|escape:"quotes"}' rel='rien ici' title='comment' class='mb'><img src='{$LSformElement_image.img|escape:"quotes"}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:"quotes"}' /></a>
+    <a href='{$LSformElement_image.img|escape:"htmlall"}' rel='rien ici' title='comment' class='mb'><img src='{$LSformElement_image.img|escape:"htmlall"}' class='LSformElement_image LSsmoothbox' id='LSformElement_image_{$LSformElement_image.id|escape:"htmlall"}' /></a>
   </div>
   {/if}
 
diff --git a/public_html/templates/default/LSmail.tpl b/public_html/templates/default/LSmail.tpl
index 81c235ba..ae5e3978 100644
--- a/public_html/templates/default/LSmail.tpl
+++ b/public_html/templates/default/LSmail.tpl
@@ -1,10 +1,10 @@
-<dl class='LSform{if $LSmail_options.class} {$LSmail_options.class|escape:"quotes"}{/if}'>
+<dl class='LSform{if $LSmail_options.class} {$LSmail_options.class|escape:"htmlall"}{/if}'>
   {if $LSmail_options.display_mail_field}
   <dt class='LSform'>{$LSmail_mail_label|escape:"htmlall"}</dt>
   <dd class='LSform'>
     {if $LSmail_mails != ""}
       {if $LSmail_mails|@count==1}
-      <input type='text' name='LSmail_mail' id='LSmail_mail' value='{$LSmail_mails[0]|escape:"quotes"}'/>
+      <input type='text' name='LSmail_mail' id='LSmail_mail' value='{$LSmail_mails[0]|escape:"htmlall"}'/>
       {else}
       <select name='LSmail_mail' id='LSmail_mail'>
         {html_options values=$LSmail_mails output=$LSmail_mails}
@@ -15,15 +15,15 @@
     {/if}
   </dd>
   {else}
-    <input type='hidden' name='LSmail_mail' id='LSmail_mail' value='{$LSmail_mails[0]|escape:"quotes"}'/>
+    <input type='hidden' name='LSmail_mail' id='LSmail_mail' value='{$LSmail_mails[0]|escape:"htmlall"}'/>
   {/if}
   {if $LSmail_options.display_subject_field}
   <dt class='LSform'>{$LSmail_subject_label|escape:"htmlall"}</dt>
   <dd class='LSform'>
-    <input type='text' name='LSmail_subject' id='LSmail_subject' value='{$LSmail_subject|escape:"quotes"}'/>
+    <input type='text' name='LSmail_subject' id='LSmail_subject' value='{$LSmail_subject|escape:"htmlall"}'/>
   </dd>
   {else}
-    <input type='hidden' name='LSmail_subject' id='LSmail_subject' value='{$LSmail_subject|escape:"quotes"}'/>
+    <input type='hidden' name='LSmail_subject' id='LSmail_subject' value='{$LSmail_subject|escape:"htmlall"}'/>
   {/if}
   <dt class='LSform'>{$LSmail_msg_label|escape:"htmlall"}</dt>
   <dd class='LSform'>
diff --git a/public_html/templates/default/LSrelations.tpl b/public_html/templates/default/LSrelations.tpl
index 548eca2a..db3acb71 100644
--- a/public_html/templates/default/LSrelations.tpl
+++ b/public_html/templates/default/LSrelations.tpl
@@ -2,7 +2,7 @@
 {if $item.actions!=''}
   <ul class='LSview-actions'>
   {foreach from=$item.actions item=action}
-    <li class='LSview-actions'><a href='{$action.url|escape:"quotes"}' class='LSview-actions LSrelation_modify' id='{$item.id|escape:"quotes"}'><img src='{img name=$action.action}' alt='{$action.label|escape:"htmlall"}' title='{$action.label|escape:"htmlall"}' /> {$action.label|escape:"htmlall"}</a></li>
+    <li class='LSview-actions'><a href='{$action.url}' class='LSview-actions LSrelation_modify' id='{$item.id|escape:"quotes"}'><img src='{img name=$action.action}' alt='{$action.label|escape:"htmlall"}' title='{$action.label|escape:"htmlall"}' /> {$action.label|escape:"htmlall"}</a></li>
   {/foreach}
   </ul>
 {/if}
diff --git a/public_html/templates/default/login.tpl b/public_html/templates/default/login.tpl
index 1e1c60e9..60fdde57 100644
--- a/public_html/templates/default/login.tpl
+++ b/public_html/templates/default/login.tpl
@@ -36,7 +36,7 @@
   {/foreach}
   </select>
   </dd>
-  <dd><input type='submit' value='{$loginform_label_submit|escape:"quotes"}' /></dd>
+  <dd><input type='submit' value='{$loginform_label_submit|escape:"htmlall"}' /></dd>
 </dl>
 </form>
 <span>{$lang_label} : <img id='LSlang' src='{img name=$LSlang}' alt='{$LSlang|escape:"htmlall"}' title='{$LSlang|escape:"htmlall"}'/></span>
diff --git a/public_html/templates/default/modify.tpl b/public_html/templates/default/modify.tpl
index 0c0f3740..e1b43208 100644
--- a/public_html/templates/default/modify.tpl
+++ b/public_html/templates/default/modify.tpl
@@ -3,7 +3,7 @@
     {if $LSview_actions != ''}
     <ul class='LSview-actions'>
       {foreach from=$LSview_actions item=item}
-        <li class='LSview-actions'><a href='{$item.url|escape:"quotes"}' class='LSview-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' /> {$item.label|escape:"htmlall"}</a></li>
+        <li class='LSview-actions'><a href='{$item.url}' class='LSview-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' /> {$item.label|escape:"htmlall"}</a></li>
       {/foreach}
     </ul>
     {/if}
diff --git a/public_html/templates/default/question.tpl b/public_html/templates/default/question.tpl
index 8519a6e7..8368da05 100644
--- a/public_html/templates/default/question.tpl
+++ b/public_html/templates/default/question.tpl
@@ -3,11 +3,11 @@
     {if $LSview_actions != ''}
     <p class='LSview-actions'>
       {foreach from=$LSview_actions item=item}
-        <a href='{$item.url|escape:"quotes"}' class='LSview-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' /></a>
+        <a href='{$item.url}' class='LSview-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' /></a>
       {/foreach}
     </p>
     {/if}
     
     <p class='question'>{$question|escape:"htmlall"}</p>
-    <a href='{$validation_url|escape:"quotes"}' class='question'>{$validation_label|escape:"htmlall"}</a>
+    <a href='{$validation_url}' class='question'>{$validation_label|escape:"htmlall"}</a>
 {include file='ls:bottom.tpl'}
diff --git a/public_html/templates/default/recoverpassword.tpl b/public_html/templates/default/recoverpassword.tpl
index e1bc9bdc..76ff38bb 100644
--- a/public_html/templates/default/recoverpassword.tpl
+++ b/public_html/templates/default/recoverpassword.tpl
@@ -15,7 +15,7 @@
 <div class='recoverpasswordform'>
 <img src='{img name='logo'}' alt='Logo' id='recoverpasswordform_logo' />
 <div id='loading_zone'></div>
-<form action='{$recoverpasswordform_action|escape:"quotes"}' method='post'>
+<form action='{$recoverpasswordform_action}' method='post'>
 <dl class='recoverpasswordform'>
   <dt {$recoverpasswordform_ldapserver_style}>{$recoverpasswordform_label_ldapserver|escape:"htmlall"}</dt>
   <dd {$recoverpasswordform_ldapserver_style}>
@@ -23,7 +23,7 @@
   </dd>
   <dt>{$recoverpasswordform_label_user|escape:"htmlall"}</dt>
   <dd><input type='text' name='LSsession_user' /></dd>
-  <dd><input type='submit' value='{$recoverpasswordform_label_submit|escape:"quotes"}' /></dd>
+  <dd><input type='submit' value='{$recoverpasswordform_label_submit|escape:"htmlall"}' /></dd>
 </dl>
 </form>
 
diff --git a/public_html/templates/default/redirect.tpl b/public_html/templates/default/redirect.tpl
index 8992afeb..3b85d889 100644
--- a/public_html/templates/default/redirect.tpl
+++ b/public_html/templates/default/redirect.tpl
@@ -3,7 +3,7 @@
 <html>
   <head>
     <meta http-equiv="content-type" content="text/html; charset=UTF-8">
-    <META http-equiv="refresh" content='0; URL={$url|escape:"quotes"}'>
+    <META http-equiv="refresh" content='0; URL={$url}'>
     <title>LdapSaisie - Redirection</title>
   </head>
 <body>
diff --git a/public_html/templates/default/select.tpl b/public_html/templates/default/select.tpl
index 72551798..36c1c0ff 100644
--- a/public_html/templates/default/select.tpl
+++ b/public_html/templates/default/select.tpl
@@ -3,9 +3,9 @@
     {$pagetitle|escape:"htmlall"}
   </h1>
 
-  <form action='{$searchForm.action|escape:"quotes"}' method='post' class='LSview_search LSselect_search btn' id='LSselect_search_form'>
+  <form action='{$searchForm.action}' method='post' class='LSview_search LSselect_search btn' id='LSselect_search_form'>
     {foreach from=$searchForm.hiddenFields item=field_value key=field_name}
-      <input type='hidden' name='{$field_name|escape:"quotes"}' value='{$field_value|escape:"quotes"}' />
+      <input type='hidden' name='{$field_name|escape:"htmlall"}' value='{$field_value|escape:"htmlall"}' />
     {/foreach}
     
     {if $LSsession_subDn!=""}
@@ -16,8 +16,8 @@
       </label>
     {/if}
     <div class='LSselect_search'>
-      <input type='text' name='pattern' class='LSview_search' value='{$searchForm.values.pattern|escape:"quotes"}'/>
-      <input type='submit' value='{$searchForm.labels.submit|escape:"quotes"}' name='{$searchForm.names.submit|escape:"quotes"}' class='LSview_search' />
+      <input type='text' name='pattern' class='LSview_search' value='{$searchForm.values.pattern|escape:"htmlall"}'/>
+      <input type='submit' value='{$searchForm.labels.submit|escape:"htmlall"}' name='{$searchForm.names.submit|escape:"htmlall"}' class='LSview_search' />
       <img src='{img name='refresh'}' alt='{$searchForm.labels.refresh|escape:"htmlall"}' title='{$searchForm.labels.refresh|escape:"htmlall"}' id='LSselect_refresh_btn' />
       <p id='LSview_search_param'>
         <label class='LSview_search'>{$searchForm.labels.approx|escape:"htmlall"} : <input type='checkbox' name='approx' class='LSview_search' {if $searchForm.values.approx!=''}checked="true"{/if} /></label>
diff --git a/public_html/templates/default/select_table.tpl b/public_html/templates/default/select_table.tpl
index b3b1addc..58fb1e05 100644
--- a/public_html/templates/default/select_table.tpl
+++ b/public_html/templates/default/select_table.tpl
@@ -1,4 +1,4 @@
-<table class='LSobject-list' id='LSselect-object' caption='{$LSsearch->LSobject|escape:"quotes"}'>
+<table class='LSobject-list' id='LSselect-object' caption='{$LSsearch->LSobject|escape:"htmlall"}'>
   <tr class='LSobject-list'>
     <th class='LSobject-list LSobject-select-check'></th>
     <th class='LSobject-list{if $LSsearch->sort} sortBy_displayName{/if}'>
@@ -14,7 +14,7 @@
         {if $LSsearch->sort}
           {if $LSsearch->sortBy == 'subDn'}
             <strong>{$LSsearch->label_level|escape:"htmlall"}</strong>
-            <img src='{img name=$LSsearch->sortDirection}' class='LSobject-list-ordersense' alt='{$LSsearch->sortDirection|escape:"quotes"}'/>
+            <img src='{img name=$LSsearch->sortDirection}' class='LSobject-list-ordersense' alt='{$LSsearch->sortDirection|escape:"htmlall"}'/>
           {else}
             {$LSsearch->label_level|escape:"htmlall"}
           {/if}
@@ -26,7 +26,7 @@
   </tr>
 {foreach from=$page.list item=object}
     <tr class='{cycle values="LSobject-list,LSobject-list LSobject-list-bis"}'>
-        <td class='LSobject-list LSobject-select-check'><input type='{if $searchForm.multiple}checkbox{else}radio{/if}' name='LSobjects_selected[]' value='{$object->dn|escape:"quotes"}' {if $object->LSselect}checked="true"{/if}{if $searchForm.selectablly}{if !$object->selectablly} disabled="disabled"{/if}{/if} class='LSobject-select' /></td>
+        <td class='LSobject-list LSobject-select-check'><input type='{if $searchForm.multiple}checkbox{else}radio{/if}' name='LSobjects_selected[]' value='{$object->dn|escape:"htmlall"}' {if $object->LSselect}checked="true"{/if}{if $searchForm.selectablly}{if !$object->selectablly} disabled="disabled"{/if}{/if} class='LSobject-select' /></td>
         <td class='LSobject-list LSobject-select-names'>{$object->displayName|escape:"htmlall"}</td>
         {if $LSsearch->displaySubDn}
           <td class='LSobject-list LSobject-select-level'>{$object->subDn|escape:"htmlall"}</td>
diff --git a/public_html/templates/default/top.tpl b/public_html/templates/default/top.tpl
index d514989d..2ca5bc01 100644
--- a/public_html/templates/default/top.tpl
+++ b/public_html/templates/default/top.tpl
@@ -44,7 +44,7 @@
     <form action='' methode='post' style='display: none' class='LSlang_hidden'>
       <select name='lang'>
       {foreach from=$LSlanguages item=lang}
-        <option value='{$lang|escape:"quotes"}'>{$lang|escape:"htmlall"}</option>
+        <option value='{$lang|escape:"htmlall"}'>{$lang|escape:"htmlall"}</option>
       {/foreach}
       </select>
       <input type='submit' value='->'/>
diff --git a/public_html/templates/default/view.tpl b/public_html/templates/default/view.tpl
index 66dde4b4..b8a3107c 100644
--- a/public_html/templates/default/view.tpl
+++ b/public_html/templates/default/view.tpl
@@ -4,7 +4,7 @@
     <ul class='LSview-actions'>
       {foreach from=$LSview_actions item=item}
         {if is_array($item)}
-        <li class='LSview-actions'><a href='{$item.url|escape:"quotes"}' class='LSview-actions{if $item.class} {$item.class|escape:"quotes"}{/if}{if $item.helpInfo || ($item.hideLabel && $item.label)} LStips{/if}' {if $item.helpInfo || ($item.hideLabel && $item.label)}title='{if $item.helpInfo}{$item.helpInfo|escape:"htmlall"}{else}{$item.label|escape:"htmlall"}{/if}'{/if}><img src="{img name=$item.action}" alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' />{if !isset($item.hideLabel) || !$item.hideLabel} {$item.label}{/if}</a></li>
+        <li class='LSview-actions'><a href='{$item.url}' class='LSview-actions{if $item.class} {$item.class|escape:"quotes"}{/if}{if $item.helpInfo || ($item.hideLabel && $item.label)} LStips{/if}' {if $item.helpInfo || ($item.hideLabel && $item.label)}title='{if $item.helpInfo}{$item.helpInfo|escape:"htmlall"}{else}{$item.label|escape:"htmlall"}{/if}'{/if}><img src="{img name=$item.action}" alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}' />{if !isset($item.hideLabel) || !$item.hideLabel} {$item.label}{/if}</a></li>
         {/if}
       {/foreach}
     </ul>
diff --git a/public_html/templates/default/viewSearch.tpl b/public_html/templates/default/viewSearch.tpl
index 6403c5ec..5c268da2 100644
--- a/public_html/templates/default/viewSearch.tpl
+++ b/public_html/templates/default/viewSearch.tpl
@@ -1,13 +1,13 @@
 {include file='ls:top.tpl'}
-<form action='{$searchForm.action|escape:"quotes"}' method='post' class='LSview_search' id='LSsearch_form'>
+<form action='{$searchForm.action}' method='post' class='LSview_search' id='LSsearch_form'>
 
 <div class='LSview_search'>
   {foreach from=$searchForm.hiddenFields item=value key=name}
-    <input type='hidden' name='{$name|escape:"quotes"}' value='{$value|escape:"quotes"}' />
+    <input type='hidden' name='{$name|escape:"htmlall"}' value='{$value|escape:"htmlall"}' />
   {/foreach}
   
-  <input type='text' name='pattern' class='LSview_search' value='{$searchForm.values.pattern|escape:"quotes"}'/>
-  <input type='submit' value='{$searchForm.labels.submit|escape:"quotes"}' name='{$searchForm.names.submit|escape:"quotes"}' class='LSview_search' />
+  <input type='text' name='pattern' class='LSview_search' value='{$searchForm.values.pattern|escape:"htmlall"}'/>
+  <input type='submit' value='{$searchForm.labels.submit|escape:"htmlall"}' name='{$searchForm.names.submit|escape:"htmlall"}' class='LSview_search' />
   <p id='LSview_search_param'>
     <label class='LSview_search'>{$searchForm.labels.approx|escape:"htmlall"} : <input type='checkbox' name='approx' class='LSview_search' {if $searchForm.values.approx!=''}checked="true"{/if} /></label>
     {if $searchForm.recursive}<label class='LSview_search'>{$searchForm.labels.recursive|escape:"htmlall"} : <input type='checkbox' name='recursive' class='LSview_search' {if $searchForm.values.recursive!=''}checked="true"{/if}/></label>{/if}
@@ -22,7 +22,7 @@
 <ul class='LSview-actions'>
   {foreach from=$LSview_actions item=item}
     {if is_array($item)}
-      <li class='LSview-actions'><a href='{$item.url|escape:"quotes"}' class='LSview-actions'><img src='{img name=$item.action}' alt='{tr msg=$label}' title='{tr msg=$label}' /> {tr msg=$item.label}</a></li>
+      <li class='LSview-actions'><a href='{$item.url}' class='LSview-actions'><img src='{img name=$item.action}' alt='{tr msg=$label}' title='{tr msg=$label}' /> {tr msg=$item.label}</a></li>
     {/if}
   {/foreach}
 </ul>
@@ -72,7 +72,7 @@
       {/if}
       {if $LSsearch->extraDisplayedColumns}
         {foreach from=$LSsearch->visibleExtraDisplayedColumns item=conf key=cid}
-        <th class='LSobject-list'{if $conf.cssStyle} style='{$conf.cssStyle|escape:"quotes"}'{/if}>
+        <th class='LSobject-list'{if $conf.cssStyle} style='{$conf.cssStyle|escape:"htmlall"}'{/if}>
         {if $LSsearch->sort}
           <a href='view.php?LSobject={$LSsearch->LSobject|escape:"url"}&amp;sortBy={$cid|escape:"url"}&amp;nocache={$smarty.now}'>
           {if $LSsearch->sortBy == $cid}
@@ -96,12 +96,12 @@
         {if $LSsearch->displaySubDn}<td class='LSobject-list'>{$object->subDn|escape:"htmlall"}</td>{/if}
         {if $LSsearch->extraDisplayedColumns}
           {foreach from=$LSsearch->visibleExtraDisplayedColumns item=conf key=cid}
-          <td class='LSobject-list'{if $conf.cssStyle} style='{$conf.cssStyle|escape:"quotes"}'{/if}>{$object->$cid|escape:"htmlall"}</td>
+          <td class='LSobject-list'{if $conf.cssStyle} style='{$conf.cssStyle|escape:"htmlall"}'{/if}>{$object->$cid|escape:"htmlall"}</td>
           {/foreach}
         {/if}
         <td class='LSobject-list LSobject-list-actions'>
         {foreach from=$object->actions item=item}
-          <a href='{$item.url|escape:"quotes"}'  class='LSobject-list-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"quotes"}' title='{$item.label|escape:"quotes"}'/></a>
+          <a href='{$item.url}'  class='LSobject-list-actions'><img src='{img name=$item.action}' alt='{$item.label|escape:"htmlall"}' title='{$item.label|escape:"htmlall"}'/></a>
         {/foreach}
         </td>
     </tr>