From 8b45ba9e75a5d911906e95c3980e214eff9e61b0 Mon Sep 17 00:00:00 2001 From: cweiske Date: Sun, 26 Sep 2010 22:06:31 +0000 Subject: [PATCH] escape the installation name; html code was broken when one had quotes in the name git-svn-id: https://semanticscuttle.svn.sourceforge.net/svnroot/semanticscuttle/trunk@750 b3834d28-1941-0410-a4f8-b48e95affb8f --- data/templates/bookmarks.tpl.php | 5 +++- data/templates/sidebar.block.search.php | 37 ++++++++++++++++++------- data/templates/top.inc.php | 9 ++++-- 3 files changed, 37 insertions(+), 14 deletions(-) diff --git a/data/templates/bookmarks.tpl.php b/data/templates/bookmarks.tpl.php index 2eed9c3..e32d3c9 100644 --- a/data/templates/bookmarks.tpl.php +++ b/data/templates/bookmarks.tpl.php @@ -215,7 +215,10 @@ if ($currenttag!= '') { $brss = ''; $size = count($rsschannels); for ($i = 0; $i < $size; $i++) { - $brss = ''. $rsschannels[$i][0] .''; + $brss = '' + . '' . htmlspecialchars($rsschannels[$i][0]) .'' + . ''; } $pagesBanner = '

'. $bfirst .' / '. $bprev .' / '. $bnext .' / '. $blast .' / '. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ."

\n"; diff --git a/data/templates/sidebar.block.search.php b/data/templates/sidebar.block.search.php index 64cb8ac..660ce00 100644 --- a/data/templates/sidebar.block.search.php +++ b/data/templates/sidebar.block.search.php @@ -1,13 +1,26 @@ + * @author Christian Weiske + * @author Eric Dane + * @license GPL http://www.gnu.org/licenses/gpl.html + * @link http://sourceforge.net/projects/semanticscuttle + */ /* Service creation: only useful services are created */ -$searchhistoryservice =SemanticScuttle_Service_Factory::get('SearchHistory'); +$searchhistoryservice = SemanticScuttle_Service_Factory::get('SearchHistory'); -$logged_on_userid = $userservice->getCurrentUserId(); -if ($logged_on_userid === false) { - $logged_on_userid = NULL; -} - -$lastSearches = $searchhistoryservice->getAllSearches('all', NULL, 3, NULL, true, false); +$lastSearches = $searchhistoryservice->getAllSearches( + 'all', NULL, 3, NULL, true, false +); if ($lastSearches && count($lastSearches) > 0) { ?> @@ -18,11 +31,15 @@ if ($lastSearches && count($lastSearches) > 0) { '; - echo ''; + echo ''; echo $row['shTerms']; echo ''; - echo ' ('.$row['shNbResults'].')'; - echo ''; + echo ' (' . $row['shNbResults'] . ')'; + echo '' . "\n"; } //echo '...'; ?> diff --git a/data/templates/top.inc.php b/data/templates/top.inc.php index 830da65..b1ffa14 100644 --- a/data/templates/top.inc.php +++ b/data/templates/top.inc.php @@ -5,15 +5,18 @@ <?php echo filter($GLOBALS['sitename'] .(isset($pagetitle) ? ' ยป ' . $pagetitle : '')); ?> - + '; + echo ' '; } } ?> +