summaryrefslogtreecommitdiff
path: root/modules/gallery/tests
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/tests')
-rw-r--r--modules/gallery/tests/xss_data.txt187
1 files changed, 92 insertions, 95 deletions
diff --git a/modules/gallery/tests/xss_data.txt b/modules/gallery/tests/xss_data.txt
index 38042f85..2bfacb47 100644
--- a/modules/gallery/tests/xss_data.txt
+++ b/modules/gallery/tests/xss_data.txt
@@ -134,52 +134,51 @@ modules/gallery/views/admin_themes_buttonset.html.php 26 DIRTY_JS $info[
modules/gallery/views/admin_themes_buttonset.html.php 39 DIRTY_JS $info['discuss_url']
modules/gallery/views/admin_themes_preview.html.php 8 DIRTY_ATTR $url
modules/gallery/views/error_404.html.php 14 DIRTY $login_form
-modules/gallery/views/error_admin.html.php 178 DIRTY @gallery_block::get("platform_info")
-modules/gallery/views/error_admin.html.php 179 DIRTY @gallery_block::get("stats")
-modules/gallery/views/error_admin.html.php 184 DIRTY $type
-modules/gallery/views/error_admin.html.php 184 DIRTY $code
-modules/gallery/views/error_admin.html.php 187 DIRTY $message
-modules/gallery/views/error_admin.html.php 190 DIRTY_ATTR $error_id
-modules/gallery/views/error_admin.html.php 195 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 195 DIRTY $line
-modules/gallery/views/error_admin.html.php 200 DIRTY_ATTR ($num==$line)?"highlight":""
-modules/gallery/views/error_admin.html.php 200 DIRTY $num
-modules/gallery/views/error_admin.html.php 200 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
-modules/gallery/views/error_admin.html.php 212 DIRTY_ATTR $source_id
-modules/gallery/views/error_admin.html.php 212 DIRTY_JS $source_id
-modules/gallery/views/error_admin.html.php 212 DIRTY Kohana_Exception::debug_path($step["file"])
-modules/gallery/views/error_admin.html.php 212 DIRTY $step["line"]
-modules/gallery/views/error_admin.html.php 214 DIRTY Kohana_Exception::debug_path($step["file"])
-modules/gallery/views/error_admin.html.php 214 DIRTY $step["line"]
-modules/gallery/views/error_admin.html.php 221 DIRTY $step["function"]
-modules/gallery/views/error_admin.html.php 222 DIRTY_ATTR $args_id
-modules/gallery/views/error_admin.html.php 222 DIRTY_JS $args_id
-modules/gallery/views/error_admin.html.php 226 DIRTY_ATTR $args_id
-modules/gallery/views/error_admin.html.php 231 DIRTY $name
-modules/gallery/views/error_admin.html.php 234 DIRTY Kohana_Exception::safe_dump($arg,$name)
-modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR $source_id
-modules/gallery/views/error_admin.html.php 242 DIRTY_ATTR ($num==$step["line"])?"highlight":""
-modules/gallery/views/error_admin.html.php 242 DIRTY $num
-modules/gallery/views/error_admin.html.php 242 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
-modules/gallery/views/error_admin.html.php 252 DIRTY_ATTR $env_id=$error_id."environment"
-modules/gallery/views/error_admin.html.php 252 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 254 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 256 DIRTY_ATTR $env_id=$error_id."environment_included"
-modules/gallery/views/error_admin.html.php 256 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 256 DIRTY count($included)
-modules/gallery/views/error_admin.html.php 257 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 262 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 269 DIRTY_ATTR $env_id=$error_id."environment_loaded"
-modules/gallery/views/error_admin.html.php 269 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 269 DIRTY count($included)
-modules/gallery/views/error_admin.html.php 270 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 275 DIRTY Kohana_Exception::debug_path($file)
-modules/gallery/views/error_admin.html.php 283 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var)
-modules/gallery/views/error_admin.html.php 284 DIRTY_JS $env_id
-modules/gallery/views/error_admin.html.php 284 DIRTY $var
-modules/gallery/views/error_admin.html.php 285 DIRTY_ATTR $env_id
-modules/gallery/views/error_admin.html.php 291 DIRTY $key
-modules/gallery/views/error_admin.html.php 295 DIRTY Kohana_Exception::safe_dump($value,$key)
+modules/gallery/views/error_admin.html.php 179 DIRTY @gallery_block::get("platform_info")
+modules/gallery/views/error_admin.html.php 180 DIRTY @gallery_block::get("stats")
+modules/gallery/views/error_admin.html.php 185 DIRTY $type
+modules/gallery/views/error_admin.html.php 185 DIRTY $code
+modules/gallery/views/error_admin.html.php 191 DIRTY_ATTR $error_id
+modules/gallery/views/error_admin.html.php 196 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 196 DIRTY $line
+modules/gallery/views/error_admin.html.php 201 DIRTY_ATTR ($num==$line)?"highlight":""
+modules/gallery/views/error_admin.html.php 201 DIRTY $num
+modules/gallery/views/error_admin.html.php 201 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
+modules/gallery/views/error_admin.html.php 213 DIRTY_ATTR $source_id
+modules/gallery/views/error_admin.html.php 213 DIRTY_JS $source_id
+modules/gallery/views/error_admin.html.php 213 DIRTY Kohana_Exception::debug_path($step["file"])
+modules/gallery/views/error_admin.html.php 213 DIRTY $step["line"]
+modules/gallery/views/error_admin.html.php 215 DIRTY Kohana_Exception::debug_path($step["file"])
+modules/gallery/views/error_admin.html.php 215 DIRTY $step["line"]
+modules/gallery/views/error_admin.html.php 222 DIRTY $step["function"]
+modules/gallery/views/error_admin.html.php 223 DIRTY_ATTR $args_id
+modules/gallery/views/error_admin.html.php 223 DIRTY_JS $args_id
+modules/gallery/views/error_admin.html.php 227 DIRTY_ATTR $args_id
+modules/gallery/views/error_admin.html.php 232 DIRTY $name
+modules/gallery/views/error_admin.html.php 235 DIRTY Kohana_Exception::safe_dump($arg,$name)
+modules/gallery/views/error_admin.html.php 243 DIRTY_ATTR $source_id
+modules/gallery/views/error_admin.html.php 243 DIRTY_ATTR ($num==$step["line"])?"highlight":""
+modules/gallery/views/error_admin.html.php 243 DIRTY $num
+modules/gallery/views/error_admin.html.php 243 DIRTY htmlspecialchars($row,ENT_NOQUOTES,Kohana::CHARSET)
+modules/gallery/views/error_admin.html.php 253 DIRTY_ATTR $env_id=$error_id."environment"
+modules/gallery/views/error_admin.html.php 253 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 255 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 257 DIRTY_ATTR $env_id=$error_id."environment_included"
+modules/gallery/views/error_admin.html.php 257 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 257 DIRTY count($included)
+modules/gallery/views/error_admin.html.php 258 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 263 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 270 DIRTY_ATTR $env_id=$error_id."environment_loaded"
+modules/gallery/views/error_admin.html.php 270 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 270 DIRTY count($included)
+modules/gallery/views/error_admin.html.php 271 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 276 DIRTY Kohana_Exception::debug_path($file)
+modules/gallery/views/error_admin.html.php 284 DIRTY_ATTR $env_id="$error_id.environment".strtolower($var)
+modules/gallery/views/error_admin.html.php 285 DIRTY_JS $env_id
+modules/gallery/views/error_admin.html.php 285 DIRTY $var
+modules/gallery/views/error_admin.html.php 286 DIRTY_ATTR $env_id
+modules/gallery/views/error_admin.html.php 292 DIRTY $key
+modules/gallery/views/error_admin.html.php 296 DIRTY Kohana_Exception::safe_dump($value,$key)
modules/gallery/views/form_uploadify.html.php 16 DIRTY_JS url::site("uploader/status/_S/_E")
modules/gallery/views/form_uploadify.html.php 24 DIRTY_JS $flash_minimum_version
modules/gallery/views/form_uploadify.html.php 28 DIRTY_JS url::file("lib/uploadify/uploadify.swf")
@@ -188,7 +187,7 @@ modules/gallery/views/form_uploadify.html.php 31 DIRTY_JS implod
modules/gallery/views/form_uploadify.html.php 33 DIRTY_JS url::file("lib/uploadify/cancel.png")
modules/gallery/views/form_uploadify.html.php 34 DIRTY_JS $simultaneous_upload_limit
modules/gallery/views/form_uploadify.html.php 35 DIRTY_JS $size_limit_bytes
-modules/gallery/views/form_uploadify.html.php 162 DIRTY_ATTR request::protocol()
+modules/gallery/views/form_uploadify.html.php 164 DIRTY_ATTR request::protocol()
modules/gallery/views/in_place_edit.html.php 2 DIRTY form::open($action,array("method"=>"post","id"=>"g-in-place-edit-form","class"=>"g-short-form"))
modules/gallery/views/in_place_edit.html.php 3 DIRTY access::csrf_form_field()
modules/gallery/views/in_place_edit.html.php 6 DIRTY form::input("input",$form["input"]," class=\"textbox\"")
@@ -275,7 +274,6 @@ modules/gallery/views/upgrader.html.php 123 DIRTY_ATTR $don
modules/gallery/views/user_languages_block.html.php 2 DIRTY form::dropdown("g-select-session-locale",$installed_locales,$selected)
modules/gallery/views/user_profile.html.php 34 DIRTY_ATTR $user->avatar_url(40,$theme->url(,true))
modules/gallery/views/user_profile.html.php 43 DIRTY $info->view
-modules/image_block/views/image_block_block.html.php 4 DIRTY_JS $item->url()
modules/image_block/views/image_block_block.html.php 5 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
modules/info/views/info_block.html.php 5 DIRTY $info["label"]
modules/info/views/info_block.html.php 5 DIRTY $info["value"]
@@ -290,7 +288,7 @@ modules/notification/views/item_updated.html.php 20 DIRTY $item-
modules/notification/views/user_profile_notification.html.php 5 DIRTY_ATTR $subscription->id
modules/notification/views/user_profile_notification.html.php 6 DIRTY_JS $subscription->url
modules/organize/views/organize_dialog.html.php 8 DIRTY_JS url::site("items/__ID__")
-modules/organize/views/organize_dialog.html.php 14 DIRTY_JS $album->title
+modules/organize/views/organize_dialog.html.php 14 DIRTY_JS html::clean($album->title)
modules/organize/views/organize_frame.html.php 12 DIRTY_JS url::file("modules/organize/vendor/ext/images/default/s.gif")
modules/organize/views/organize_frame.html.php 56 DIRTY_JS url::site("organize/album_info/__ID__")
modules/organize/views/organize_frame.html.php 94 DIRTY_JS access::csrf_token()
@@ -304,7 +302,7 @@ modules/organize/views/organize_frame.html.php 410 DIRTY_JS url::s
modules/organize/views/organize_frame.html.php 468 DIRTY_JS url::site("organize/reparent")
modules/organize/views/organize_frame.html.php 491 DIRTY_JS access::csrf_token()
modules/organize/views/organize_frame.html.php 507 DIRTY_JS access::can("edit",item::root())
-modules/organize/views/organize_frame.html.php 509 DIRTY_JS item::root()->title
+modules/organize/views/organize_frame.html.php 509 DIRTY_JS html::clean(item::root()->title)
modules/organize/views/organize_frame.html.php 511 DIRTY_JS item::root()->id
modules/organize/views/organize_frame.html.php 519 DIRTY_JS $album->id
modules/organize/views/organize_frame.html.php 520 DIRTY_JS $album->id
@@ -319,7 +317,7 @@ modules/rss/views/feed.mrss.php 16 DIRTY_JS $feed-
modules/rss/views/feed.mrss.php 19 DIRTY_JS $feed->next_page_uri
modules/rss/views/feed.mrss.php 21 DIRTY $pub_date
modules/rss/views/feed.mrss.php 22 DIRTY $pub_date
-modules/rss/views/feed.mrss.php 28 DIRTY date("D, d M Y H:i:s T",$item->created);
+modules/rss/views/feed.mrss.php 28 DIRTY date("D, d M Y H:i:s O",$item->created);
modules/rss/views/feed.mrss.php 35 DIRTY_ATTR $item->resize_url(true)
modules/rss/views/feed.mrss.php 37 DIRTY_ATTR $item->resize_height
modules/rss/views/feed.mrss.php 37 DIRTY_ATTR $item->resize_width
@@ -342,8 +340,9 @@ modules/rss/views/feed.mrss.php 69 DIRTY_ATTR $ite
modules/rss/views/rss_block.html.php 6 DIRTY_JS rss::url($url)
modules/search/views/search.html.php 27 DIRTY_ATTR $item_class
modules/search/views/search.html.php 28 DIRTY_JS $item->url()
-modules/search/views/search.html.php 29 DIRTY $item->thumb_img()
-modules/search/views/search.html.php 40 DIRTY $theme->paginator()
+modules/search/views/search.html.php 29 DIRTY $item->thumb_img(array("class"=>"g-thumbnail"))
+modules/search/views/search.html.php 31 DIRTY_ATTR $item_class
+modules/search/views/search.html.php 41 DIRTY $theme->paginator()
modules/server_add/views/admin_server_add.html.php 8 DIRTY_JS url::site("__ARGS__")
modules/server_add/views/admin_server_add.html.php 19 DIRTY $form
modules/server_add/views/admin_server_add.html.php 30 DIRTY_ATTR $id
@@ -379,22 +378,22 @@ modules/user/views/admin_users_group.html.php 24 DIRTY_JS $group
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $width
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $height
modules/watermark/views/admin_watermarks.html.php 20 DIRTY_ATTR $url
-themes/admin_wind/views/admin.html.php 4 DIRTY $theme->html_attributes()
-themes/admin_wind/views/admin.html.php 34 DIRTY $theme->admin_head()
-themes/admin_wind/views/admin.html.php 46 DIRTY_JS $theme->url()
-themes/admin_wind/views/admin.html.php 51 DIRTY $theme->get_combined("css")
-themes/admin_wind/views/admin.html.php 54 DIRTY $theme->get_combined("script")
-themes/admin_wind/views/admin.html.php 58 DIRTY $theme->admin_page_top()
-themes/admin_wind/views/admin.html.php 66 DIRTY $theme->admin_header_top()
-themes/admin_wind/views/admin.html.php 67 DIRTY_JS item::root()->url()
-themes/admin_wind/views/admin.html.php 70 DIRTY $theme->user_menu()
-themes/admin_wind/views/admin.html.php 73 DIRTY $theme->admin_menu()
-themes/admin_wind/views/admin.html.php 76 DIRTY $theme->admin_header_bottom()
-themes/admin_wind/views/admin.html.php 83 DIRTY $content
-themes/admin_wind/views/admin.html.php 89 DIRTY $sidebar
-themes/admin_wind/views/admin.html.php 94 DIRTY $theme->admin_footer()
-themes/admin_wind/views/admin.html.php 97 DIRTY $theme->admin_credits()
-themes/admin_wind/views/admin.html.php 102 DIRTY $theme->admin_page_bottom()
+themes/admin_wind/views/admin.html.php 5 DIRTY $theme->html_attributes()
+themes/admin_wind/views/admin.html.php 35 DIRTY $theme->admin_head()
+themes/admin_wind/views/admin.html.php 47 DIRTY_JS $theme->url()
+themes/admin_wind/views/admin.html.php 52 DIRTY $theme->get_combined("css")
+themes/admin_wind/views/admin.html.php 55 DIRTY $theme->get_combined("script")
+themes/admin_wind/views/admin.html.php 59 DIRTY $theme->admin_page_top()
+themes/admin_wind/views/admin.html.php 67 DIRTY $theme->admin_header_top()
+themes/admin_wind/views/admin.html.php 68 DIRTY_JS item::root()->url()
+themes/admin_wind/views/admin.html.php 71 DIRTY $theme->user_menu()
+themes/admin_wind/views/admin.html.php 74 DIRTY $theme->admin_menu()
+themes/admin_wind/views/admin.html.php 77 DIRTY $theme->admin_header_bottom()
+themes/admin_wind/views/admin.html.php 84 DIRTY $content
+themes/admin_wind/views/admin.html.php 90 DIRTY $sidebar
+themes/admin_wind/views/admin.html.php 95 DIRTY $theme->admin_footer()
+themes/admin_wind/views/admin.html.php 98 DIRTY $theme->admin_credits()
+themes/admin_wind/views/admin.html.php 103 DIRTY $theme->admin_page_bottom()
themes/admin_wind/views/block.html.php 3 DIRTY_ATTR $anchor
themes/admin_wind/views/block.html.php 5 DIRTY $id
themes/admin_wind/views/block.html.php 5 DIRTY_ATTR $css_id
@@ -404,13 +403,13 @@ themes/admin_wind/views/paginator.html.php 35 DIRTY_JS $first
themes/admin_wind/views/paginator.html.php 44 DIRTY_JS $previous_page_url
themes/admin_wind/views/paginator.html.php 70 DIRTY_JS $next_page_url
themes/admin_wind/views/paginator.html.php 79 DIRTY_JS $last_page_url
-themes/wind/views/album.html.php 16 DIRTY_ATTR $child->id
-themes/wind/views/album.html.php 16 DIRTY_ATTR $item_class
-themes/wind/views/album.html.php 18 DIRTY_JS $child->url()
-themes/wind/views/album.html.php 20 DIRTY $child->thumb_img(array("class"=>"g-thumbnail"))
-themes/wind/views/album.html.php 25 DIRTY_ATTR $item_class
-themes/wind/views/album.html.php 26 DIRTY_JS $child->url()
-themes/wind/views/album.html.php 44 DIRTY $theme->paginator()
+themes/wind/views/album.html.php 19 DIRTY_ATTR $child->id
+themes/wind/views/album.html.php 19 DIRTY_ATTR $item_class
+themes/wind/views/album.html.php 21 DIRTY_JS $child->url()
+themes/wind/views/album.html.php 23 DIRTY $child->thumb_img(array("class"=>"g-thumbnail"))
+themes/wind/views/album.html.php 28 DIRTY_ATTR $item_class
+themes/wind/views/album.html.php 29 DIRTY_JS $child->url()
+themes/wind/views/album.html.php 47 DIRTY $theme->paginator()
themes/wind/views/block.html.php 3 DIRTY_ATTR $anchor
themes/wind/views/block.html.php 5 DIRTY_ATTR $css_id
themes/wind/views/block.html.php 6 DIRTY $title
@@ -424,25 +423,23 @@ themes/wind/views/dynamic.html.php 17 DIRTY_ATTR $chi
themes/wind/views/dynamic.html.php 29 DIRTY $theme->paginator()
themes/wind/views/movie.html.php 5 DIRTY $theme->paginator()
themes/wind/views/movie.html.php 9 DIRTY $item->movie_img(array("class"=>"g-movie","id"=>"g-item-id-{$item->id}"))
-themes/wind/views/page.html.php 4 DIRTY $theme->html_attributes()
-themes/wind/views/page.html.php 10 DIRTY $page_title
-themes/wind/views/page.html.php 13 DIRTY $theme->item()->title
-themes/wind/views/page.html.php 17 DIRTY item::root()->title
-themes/wind/views/page.html.php 32 DIRTY $new_width
-themes/wind/views/page.html.php 33 DIRTY $new_height
-themes/wind/views/page.html.php 34 DIRTY $thumb_proportion
-themes/wind/views/page.html.php 74 DIRTY_JS $theme->url()
-themes/wind/views/page.html.php 79 DIRTY $theme->get_combined("css")
-themes/wind/views/page.html.php 82 DIRTY $theme->get_combined("script")
-themes/wind/views/page.html.php 92 DIRTY $header_text
-themes/wind/views/page.html.php 94 DIRTY_JS item::root()->url()
-themes/wind/views/page.html.php 98 DIRTY $theme->user_menu()
-themes/wind/views/page.html.php 113 DIRTY_ATTR $breadcrumb->last?"g-active":""
-themes/wind/views/page.html.php 114 DIRTY_ATTR $breadcrumb->first?"g-first":""
-themes/wind/views/page.html.php 115 DIRTY_JS $breadcrumb->url
-themes/wind/views/page.html.php 128 DIRTY $content
-themes/wind/views/page.html.php 134 DIRTY newView("sidebar.html")
-themes/wind/views/page.html.php 141 DIRTY $footer_text
+themes/wind/views/page.html.php 5 DIRTY $theme->html_attributes()
+themes/wind/views/page.html.php 11 DIRTY $page_title
+themes/wind/views/page.html.php 33 DIRTY $new_width
+themes/wind/views/page.html.php 34 DIRTY $new_height
+themes/wind/views/page.html.php 35 DIRTY $thumb_proportion
+themes/wind/views/page.html.php 75 DIRTY_JS $theme->url()
+themes/wind/views/page.html.php 80 DIRTY $theme->get_combined("css")
+themes/wind/views/page.html.php 83 DIRTY $theme->get_combined("script")
+themes/wind/views/page.html.php 93 DIRTY $header_text
+themes/wind/views/page.html.php 95 DIRTY_JS item::root()->url()
+themes/wind/views/page.html.php 99 DIRTY $theme->user_menu()
+themes/wind/views/page.html.php 114 DIRTY_ATTR $breadcrumb->last?"g-active":""
+themes/wind/views/page.html.php 115 DIRTY_ATTR $breadcrumb->first?"g-first":""
+themes/wind/views/page.html.php 116 DIRTY_JS $breadcrumb->url
+themes/wind/views/page.html.php 129 DIRTY $content
+themes/wind/views/page.html.php 135 DIRTY newView("sidebar.html")
+themes/wind/views/page.html.php 142 DIRTY $footer_text
themes/wind/views/paginator.html.php 33 DIRTY_JS $first_page_url
themes/wind/views/paginator.html.php 42 DIRTY_JS $previous_page_url
themes/wind/views/paginator.html.php 70 DIRTY_JS $next_page_url
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 04:26:29 +0000