From c6688477ab60019de50c7347df9a8d5ce4368256 Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Fri, 15 Jun 2018 15:25:25 +0200 Subject: [PATCH] Fix some escaping problems --- public_html/templates/default/LSform.tpl | 28 +++++++++---------- .../default/LSformElement_boolean_field.tpl | 2 +- .../default/LSformElement_date_field.tpl | 2 +- .../templates/default/LSformElement_field.tpl | 2 +- ...rmElement_jsonCompositeAttribute_field.tpl | 20 ++++++------- .../LSformElement_labeledValue_field.tpl | 4 +-- .../default/LSformElement_mailQuota_field.tpl | 4 +-- .../default/LSformElement_maildir_field.tpl | 4 +-- .../default/LSformElement_password_field.tpl | 4 +-- .../default/LSformElement_quota_field.tpl | 4 +-- .../default/LSformElement_select.tpl | 8 +++--- .../default/LSformElement_select_box.tpl | 6 ++-- .../LSformElement_select_object_field.tpl | 4 +-- .../default/LSformElement_ssh_key_field.tpl | 2 +- ...Element_supannCompositeAttribute_field.tpl | 6 ++-- ...LSformElement_supannLabeledValue_field.tpl | 2 +- .../default/LSformElement_text_field.tpl | 4 +-- .../default/LSformElement_uri_field.tpl | 6 ++-- .../LSformElement_valueWithUnit_field.tpl | 6 ++-- public_html/templates/default/LSform_view.tpl | 14 +++++----- public_html/templates/default/LSmail.tpl | 10 +++---- public_html/templates/default/LSrelations.tpl | 2 +- public_html/templates/default/login.tpl | 2 +- public_html/templates/default/modify.tpl | 2 +- public_html/templates/default/question.tpl | 4 +-- .../templates/default/recoverpassword.tpl | 4 +-- public_html/templates/default/redirect.tpl | 2 +- public_html/templates/default/select.tpl | 8 +++--- .../templates/default/select_table.tpl | 6 ++-- public_html/templates/default/top.tpl | 2 +- public_html/templates/default/view.tpl | 2 +- public_html/templates/default/viewSearch.tpl | 16 +++++------ 32 files changed, 96 insertions(+), 96 deletions(-) diff --git a/public_html/templates/default/LSform.tpl b/public_html/templates/default/LSform.tpl index ae6d2b4d..1bb3d835 100644 --- a/public_html/templates/default/LSform.tpl +++ b/public_html/templates/default/LSform.tpl @@ -1,37 +1,37 @@ -
+ {$LSform_header} {if $LSform_layout} {foreach from=$LSform_layout item=tab key=tab_key} - +

{tr msg=$tab.label}

-
+
{if $LSformElement_image!='' && $tab.img==1}
{if $LSformElement_image_actions!='' && !$LSformElement_image_errors}
    -
  • +
  • {foreach from=$LSformElement_image_actions item=item} -
  • +
  • {/foreach}
{/if} - +
{/if}
{foreach from=$tab.args item=arg} {if $LSform_fields[$arg]} -
{$LSform_fields[$arg].label}{if $LSform_fields[$arg].required} *{/if}{if $LSform_fields[$arg].help_info!=""} ?{/if}
+
{$LSform_fields[$arg].label}{if $LSform_fields[$arg].required} *{/if}{if $LSform_fields[$arg].help_info!=""} ?{/if}
{$LSform_fields[$arg].html}{if $LSform_fields[$arg].add != ''} + Ajouter un champ{/if}
{if $LSform_fields[$arg].errors != ''} {foreach from=$LSform_fields[$arg].errors item=error} @@ -40,7 +40,7 @@ {/if} {/if} {/foreach} -
+
@@ -51,20 +51,20 @@
{if $LSformElement_image_actions!='' && !$LSformElement_image_errors}
    -
  • +
  • {foreach from=$LSformElement_image_actions item=item} -
  • +
  • {/foreach}
{/if} - +
{/if}
{foreach from=$LSform_fields item=field} -
{$field.label}{if $field.required} *{/if}{if $field.help_info!=""} ?{/if}
+
{$field.label}{if $field.required} *{/if}{if $field.help_info!=""} ?{/if}
{$field.html}{if $field.add != ''} + Ajouter un champ{/if}
{if $field.errors != ''} {foreach from=$field.errors item=error} @@ -72,7 +72,7 @@ {/foreach} {/if} {/foreach} -
+
diff --git a/public_html/templates/default/LSformElement_boolean_field.tpl b/public_html/templates/default/LSformElement_boolean_field.tpl index 30bc1678..5b1ef98c 100644 --- a/public_html/templates/default/LSformElement_boolean_field.tpl +++ b/public_html/templates/default/LSformElement_boolean_field.tpl @@ -1,5 +1,5 @@ {if $freeze} {if $value=='yes'}{$yesTxt|escape:"htmlall"}{elseif $value=='no'}{$noTxt|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} {else} -{$yesTxt|escape:"htmlall"} {$noTxt|escape:"htmlall"} +{$yesTxt|escape:"htmlall"} {$noTxt|escape:"htmlall"} {/if} diff --git a/public_html/templates/default/LSformElement_date_field.tpl b/public_html/templates/default/LSformElement_date_field.tpl index 018138bd..f66b8bbb 100644 --- a/public_html/templates/default/LSformElement_date_field.tpl +++ b/public_html/templates/default/LSformElement_date_field.tpl @@ -1,5 +1,5 @@ {if $freeze} {if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} {else} - + {/if} diff --git a/public_html/templates/default/LSformElement_field.tpl b/public_html/templates/default/LSformElement_field.tpl index 219c552d..8099039e 100644 --- a/public_html/templates/default/LSformElement_field.tpl +++ b/public_html/templates/default/LSformElement_field.tpl @@ -1,5 +1,5 @@ {if $freeze} {if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} {else} - + {/if} diff --git a/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl b/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl index 0c8d92e7..421de90c 100644 --- a/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl +++ b/public_html/templates/default/LSformElement_jsonCompositeAttribute_field.tpl @@ -7,7 +7,7 @@
    {if $cconf.multiple && is_array($parseValue[$c])} {foreach from=$parseValue[$c] item=cval} -
  • {$cval.translated|escape:"htmlall"}
  • +
  • {$cval.translated|escape:"htmlall"}
  • {/foreach} {else}
  • {$parseValue[$c].translated|escape:"htmlall"}
  • @@ -20,20 +20,20 @@ {/if} {else} {uniqid var="uuid"} - + {foreach from=$components key=c item=cconf name=components} -
    +
    {if $cconf.type=='select_list'} - {foreach from=$cconf.possible_values key=key item=label} {if is_array($label)} {if count($label.possible_values)>0} - + {if $cconf.multiple && is_array($parseValue[$c])} {html_options options=$label.possible_values selected=$parseValue[$c]} {else} @@ -52,7 +52,7 @@ {assign var="selected" value=1} {/if} {/if} - + {/if} {/foreach} @@ -60,12 +60,12 @@
      {if $cconf.multiple && is_array($parseValue[$c])} {foreach from=$parseValue[$c] item=cval} -
    • +
    • {foreachelse} -
    • +
    • {/foreach} {else} -
    • +
    • {/if}
    {/if} diff --git a/public_html/templates/default/LSformElement_labeledValue_field.tpl b/public_html/templates/default/LSformElement_labeledValue_field.tpl index 3c210fec..dc6337ed 100644 --- a/public_html/templates/default/LSformElement_labeledValue_field.tpl +++ b/public_html/templates/default/LSformElement_labeledValue_field.tpl @@ -14,8 +14,8 @@ {$noValueTxt|escape:"htmlall"} {/if} {else} - {html_options options=$labels selected=$parseValue.label} - + {/if} diff --git a/public_html/templates/default/LSformElement_mailQuota_field.tpl b/public_html/templates/default/LSformElement_mailQuota_field.tpl index fa54fa8d..098a7e3b 100644 --- a/public_html/templates/default/LSformElement_mailQuota_field.tpl +++ b/public_html/templates/default/LSformElement_mailQuota_field.tpl @@ -9,8 +9,8 @@ {$noValueTxt|escape:"htmlall"} {/if} {else} - - + {if $quotas[$value].unknown} diff --git a/public_html/templates/default/LSformElement_maildir_field.tpl b/public_html/templates/default/LSformElement_maildir_field.tpl index f02bd244..bf02e7a8 100644 --- a/public_html/templates/default/LSformElement_maildir_field.tpl +++ b/public_html/templates/default/LSformElement_maildir_field.tpl @@ -1,5 +1,5 @@ {if $freeze} -{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} +{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} {else} - + {/if} diff --git a/public_html/templates/default/LSformElement_password_field.tpl b/public_html/templates/default/LSformElement_password_field.tpl index cc140d86..92db745f 100644 --- a/public_html/templates/default/LSformElement_password_field.tpl +++ b/public_html/templates/default/LSformElement_password_field.tpl @@ -6,8 +6,8 @@ {/if} {else} {if $clearEdit} - + {else} - + {/if} {/if} diff --git a/public_html/templates/default/LSformElement_quota_field.tpl b/public_html/templates/default/LSformElement_quota_field.tpl index 4da4f767..7dcd07ff 100644 --- a/public_html/templates/default/LSformElement_quota_field.tpl +++ b/public_html/templates/default/LSformElement_quota_field.tpl @@ -9,8 +9,8 @@ {$noValueTxt|escape:"htmlall"} {/if} {else} - - + {if $quotas[$value].unknown} diff --git a/public_html/templates/default/LSformElement_select.tpl b/public_html/templates/default/LSformElement_select.tpl index a303215a..7782fb2e 100644 --- a/public_html/templates/default/LSformElement_select.tpl +++ b/public_html/templates/default/LSformElement_select.tpl @@ -1,4 +1,4 @@ -
      +
        {if $freeze} {foreach from=$values item=value} {LSformElement_select_checkIsValidValue value=$value possible_values=$possible_values} @@ -12,16 +12,16 @@ {/foreach} {else}
      • - {foreach from=$possible_values key=key item=label} {if is_array($label)} {if count($label.possible_values)>0} - + {html_options options=$label.possible_values selected=$values} {/if} {else} - + {/if} {/foreach} diff --git a/public_html/templates/default/LSformElement_select_box.tpl b/public_html/templates/default/LSformElement_select_box.tpl index 250a70cd..f98acf99 100644 --- a/public_html/templates/default/LSformElement_select_box.tpl +++ b/public_html/templates/default/LSformElement_select_box.tpl @@ -1,4 +1,4 @@ -
          +
            {if $freeze} {foreach from=$values item=value} {LSformElement_select_checkIsValidValue value=$value possible_values=$possible_values} @@ -19,7 +19,7 @@
              {foreach from=$label.possible_values item=l key=v name=LSformElement_selectbox_sub_values}
            • - +
            • {/foreach}
            @@ -27,7 +27,7 @@ {/if} {else}
          • - +
          • {/if} {/foreach} diff --git a/public_html/templates/default/LSformElement_select_object_field.tpl b/public_html/templates/default/LSformElement_select_object_field.tpl index 2970e440..e66bdc85 100644 --- a/public_html/templates/default/LSformElement_select_object_field.tpl +++ b/public_html/templates/default/LSformElement_select_object_field.tpl @@ -1,6 +1,6 @@ {if $dn} - {$txt|escape:"htmlall"} - {if !$freeze}{/if} + {$txt|escape:"htmlall"} + {if !$freeze}{/if} {else} {$noValueTxt|escape:"htmlall"} {/if} diff --git a/public_html/templates/default/LSformElement_ssh_key_field.tpl b/public_html/templates/default/LSformElement_ssh_key_field.tpl index 9f702bcc..13ab79fc 100644 --- a/public_html/templates/default/LSformElement_ssh_key_field.tpl +++ b/public_html/templates/default/LSformElement_ssh_key_field.tpl @@ -1,6 +1,6 @@ {if $freeze} {if $value.type} - {$value.shortTxt|escape:"htmlall"}... (Type : {$value.type|escape:"htmlall"}) {$value.mail|escape:"htmlall"}

            {$value.value|escape:"htmlall"}

            + {$value.shortTxt|escape:"htmlall"}... (Type : {$value.type|escape:"htmlall"}) {$value.mail|escape:"mail"}

            {$value.value|escape:"htmlall"}

            {elseif $value.shortTxt} {$value.shortTxt|escape:"htmlall"}... ({$unknowTypeTxt|escape:"htmlall"})

            {$value.value|escape:"htmlall"}

            {else} diff --git a/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl b/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl index 98ced4e9..23dda863 100644 --- a/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl +++ b/public_html/templates/default/LSformElement_supannCompositeAttribute_field.tpl @@ -16,10 +16,10 @@ {/if} {else} {foreach $components as $c => $cconf} -

            +

            {if $cconf.type=='table' or $cconf.type=='codeEntite'} - + {if $parseValue and !empty($parseValue[$c].label) and $parseValue[$c].label!='no'} {assign var=clabel value=$parseValue[$c].label} [{$clabel|escape:"htmlall"}] @@ -30,7 +30,7 @@ {$noValueTxt|escape:"htmlall"} {/if} {else} - + {/if}

            {/foreach} diff --git a/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl b/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl index 754e0698..6cc019ec 100644 --- a/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl +++ b/public_html/templates/default/LSformElement_supannLabeledValue_field.tpl @@ -9,7 +9,7 @@ {$noValueTxt|escape:"htmlall"} {/if} {else} - + {if $parseValue and !empty($parseValue.label) and $parseValue.label!='no'} {assign var=clabel value=$parseValue.label} [{$clabel|escape:"htmlall"}] diff --git a/public_html/templates/default/LSformElement_text_field.tpl b/public_html/templates/default/LSformElement_text_field.tpl index 3b2dfc96..45d81400 100644 --- a/public_html/templates/default/LSformElement_text_field.tpl +++ b/public_html/templates/default/LSformElement_text_field.tpl @@ -1,5 +1,5 @@ {if $freeze} -{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} +{if $value}{$value|escape:"htmlall"}{else}{$noValueTxt|escape:"htmlall"}{/if} {else} - + {/if} diff --git a/public_html/templates/default/LSformElement_uri_field.tpl b/public_html/templates/default/LSformElement_uri_field.tpl index 93855c7d..17262653 100644 --- a/public_html/templates/default/LSformElement_uri_field.tpl +++ b/public_html/templates/default/LSformElement_uri_field.tpl @@ -1,12 +1,12 @@ {if $freeze} {if $value} - {$value|escape:"htmlall"} + {$value|escape:"htmlall"} {else} {$noValueTxt|escape:"htmlall"} {/if} - + {else} - + {/if} diff --git a/public_html/templates/default/LSformElement_valueWithUnit_field.tpl b/public_html/templates/default/LSformElement_valueWithUnit_field.tpl index f871fd7d..87f26c17 100644 --- a/public_html/templates/default/LSformElement_valueWithUnit_field.tpl +++ b/public_html/templates/default/LSformElement_valueWithUnit_field.tpl @@ -14,12 +14,12 @@ {/if} {else} {if $values_and_units[$value].valueWithUnit || !$values_and_units[$value]} - - + {else} - + {/if} {if $values_and_units[$value].unknown} {$values_and_units[$value].unknown|escape:"htmlall"} diff --git a/public_html/templates/default/LSform_view.tpl b/public_html/templates/default/LSform_view.tpl index 7b1f0c42..08c807c7 100644 --- a/public_html/templates/default/LSform_view.tpl +++ b/public_html/templates/default/LSform_view.tpl @@ -1,23 +1,23 @@ - - + + {if $LSform_layout} {foreach from=$LSform_layout item=tab key=tab_key} - +

            {$tab.label|escape:"htmlall"}

            -
            +
            {if $LSformElement_image!='' && $tab.img==1}
            - +
            {/if} @@ -42,7 +42,7 @@ {if $LSformElement_image!=''}
            - +
            {/if} diff --git a/public_html/templates/default/LSmail.tpl b/public_html/templates/default/LSmail.tpl index 81c235ba..ae5e3978 100644 --- a/public_html/templates/default/LSmail.tpl +++ b/public_html/templates/default/LSmail.tpl @@ -1,10 +1,10 @@ -
            +
            {if $LSmail_options.display_mail_field}
            {$LSmail_mail_label|escape:"htmlall"}
            {if $LSmail_mails != ""} {if $LSmail_mails|@count==1} - + {else} + {/if} {if $LSmail_options.display_subject_field}
            {$LSmail_subject_label|escape:"htmlall"}
            - +
            {else} - + {/if}
            {$LSmail_msg_label|escape:"htmlall"}
            diff --git a/public_html/templates/default/LSrelations.tpl b/public_html/templates/default/LSrelations.tpl index 548eca2a..db3acb71 100644 --- a/public_html/templates/default/LSrelations.tpl +++ b/public_html/templates/default/LSrelations.tpl @@ -2,7 +2,7 @@ {if $item.actions!=''} {/if} diff --git a/public_html/templates/default/login.tpl b/public_html/templates/default/login.tpl index 1e1c60e9..60fdde57 100644 --- a/public_html/templates/default/login.tpl +++ b/public_html/templates/default/login.tpl @@ -36,7 +36,7 @@ {/foreach}
            -
            +
            {$lang_label} : {$LSlang|escape:"htmlall"} diff --git a/public_html/templates/default/modify.tpl b/public_html/templates/default/modify.tpl index 0c0f3740..e1b43208 100644 --- a/public_html/templates/default/modify.tpl +++ b/public_html/templates/default/modify.tpl @@ -3,7 +3,7 @@ {if $LSview_actions != ''} {/if} diff --git a/public_html/templates/default/question.tpl b/public_html/templates/default/question.tpl index 8519a6e7..8368da05 100644 --- a/public_html/templates/default/question.tpl +++ b/public_html/templates/default/question.tpl @@ -3,11 +3,11 @@ {if $LSview_actions != ''}

            {foreach from=$LSview_actions item=item} - {$item.label|escape:"htmlall"} + {$item.label|escape:"htmlall"} {/foreach}

            {/if}

            {$question|escape:"htmlall"}

            - {$validation_label|escape:"htmlall"} + {$validation_label|escape:"htmlall"} {include file='ls:bottom.tpl'} diff --git a/public_html/templates/default/recoverpassword.tpl b/public_html/templates/default/recoverpassword.tpl index e1bc9bdc..76ff38bb 100644 --- a/public_html/templates/default/recoverpassword.tpl +++ b/public_html/templates/default/recoverpassword.tpl @@ -15,7 +15,7 @@
            -
            +
            {$recoverpasswordform_label_ldapserver|escape:"htmlall"}
            @@ -23,7 +23,7 @@
            {$recoverpasswordform_label_user|escape:"htmlall"}
            -
            +
            diff --git a/public_html/templates/default/redirect.tpl b/public_html/templates/default/redirect.tpl index 8992afeb..3b85d889 100644 --- a/public_html/templates/default/redirect.tpl +++ b/public_html/templates/default/redirect.tpl @@ -3,7 +3,7 @@ - + LdapSaisie - Redirection diff --git a/public_html/templates/default/select.tpl b/public_html/templates/default/select.tpl index 72551798..36c1c0ff 100644 --- a/public_html/templates/default/select.tpl +++ b/public_html/templates/default/select.tpl @@ -3,9 +3,9 @@ {$pagetitle|escape:"htmlall"} -