summaryrefslogtreecommitdiff
path: root/modules/gallery/views
diff options
context:
space:
mode:
Diffstat (limited to 'modules/gallery/views')
-rw-r--r--modules/gallery/views/admin_advanced_settings.html.php6
-rw-r--r--modules/gallery/views/admin_block_log_entries.html.php2
-rw-r--r--modules/gallery/views/admin_block_photo_stream.html.php4
-rw-r--r--modules/gallery/views/admin_languages.html.php4
-rw-r--r--modules/gallery/views/admin_maintenance.html.php4
-rw-r--r--modules/gallery/views/admin_maintenance_show_log.html.php2
-rw-r--r--modules/gallery/views/move_tree.html.php8
-rw-r--r--modules/gallery/views/permissions_browse.html.php4
-rw-r--r--modules/gallery/views/permissions_form.html.php2
-rw-r--r--modules/gallery/views/simple_uploader.html.php14
10 files changed, 25 insertions, 25 deletions
diff --git a/modules/gallery/views/admin_advanced_settings.html.php b/modules/gallery/views/admin_advanced_settings.html.php
index adc15b91..4235e8f8 100644
--- a/modules/gallery/views/admin_advanced_settings.html.php
+++ b/modules/gallery/views/admin_advanced_settings.html.php
@@ -20,13 +20,13 @@
<? if ($var->module_name == "gallery" && $var->name == "_cache") continue ?>
<tr class="setting">
<td> <?= $var->module_name ?> </td>
- <td> <?= SafeString::of($var->name) ?> </td>
+ <td> <?= html::clean($var->name) ?> </td>
<td>
- <a href="<?= url::site("admin/advanced_settings/edit/$var->module_name/" . SafeString::of($var->name)) ?>"
+ <a href="<?= url::site("admin/advanced_settings/edit/$var->module_name/" . html::clean($var->name)) ?>"
class="gDialogLink"
title="<?= t("Edit %var (%module_name)", array("var" => $var->name, "module_name" => $var->module_name)) ?>">
<? if ($var->value): ?>
- <?= SafeString::of($var->value) ?>
+ <?= html::clean($var->value) ?>
<? else: ?>
<i> <?= t("empty") ?> </i>
<? endif ?>
diff --git a/modules/gallery/views/admin_block_log_entries.html.php b/modules/gallery/views/admin_block_log_entries.html.php
index b7afb22d..780ff2d0 100644
--- a/modules/gallery/views/admin_block_log_entries.html.php
+++ b/modules/gallery/views/admin_block_log_entries.html.php
@@ -2,7 +2,7 @@
<ul>
<? foreach ($entries as $entry): ?>
<li class="<?= log::severity_class($entry->severity) ?>" style="direction: ltr">
- <a href="<?= url::site("user/$entry->user_id") ?>"><?= SafeString::of($entry->user->name) ?></a>
+ <a href="<?= url::site("user/$entry->user_id") ?>"><?= html::clean($entry->user->name) ?></a>
<?= gallery::date_time($entry->timestamp) ?>
<?= $entry->message ?>
<?= $entry->html ?>
diff --git a/modules/gallery/views/admin_block_photo_stream.html.php b/modules/gallery/views/admin_block_photo_stream.html.php
index 732bdc38..a50836ad 100644
--- a/modules/gallery/views/admin_block_photo_stream.html.php
+++ b/modules/gallery/views/admin_block_photo_stream.html.php
@@ -2,9 +2,9 @@
<ul>
<? foreach ($photos as $photo): ?>
<li class="gItem gPhoto">
- <a href="<?= url::site("photos/$photo->id") ?>" title="<?= SafeString::of($photo->title) ?>">
+ <a href="<?= url::site("photos/$photo->id") ?>" title="<?= html::clean($photo->title) ?>">
<img <?= photo::img_dimensions($photo->width, $photo->height, 72) ?>
- src="<?= $photo->thumb_url() ?>" alt="<?= SafeString::of($photo->title) ?>" />
+ src="<?= $photo->thumb_url() ?>" alt="<?= html::clean($photo->title) ?>" />
</a>
</li>
<? endforeach ?>
diff --git a/modules/gallery/views/admin_languages.html.php b/modules/gallery/views/admin_languages.html.php
index 4bee9bb1..052d749b 100644
--- a/modules/gallery/views/admin_languages.html.php
+++ b/modules/gallery/views/admin_languages.html.php
@@ -40,7 +40,7 @@
</form>
<script type="text/javascript">
- var old_default_locale = "<?= SafeString::of($default_locale)->for_js() ?>";
+ var old_default_locale = "<?= html::escape_for_js($default_locale) ?>";
$("input[name='installed_locales[]']").change(function (event) {
if (this.checked) {
@@ -57,7 +57,7 @@
dataType: "json",
success: function(data) {
if (data.result == "success") {
- el = $('<a href="<?= url::site("admin/maintenance/start/gallery_task::update_l10n?csrf=$csrf")->for_js() ?>"></a>'); // this is a little hack to trigger the update_l10n task in a dialog
+ el = $('<a href="<?= html::escape_for_js(url::site("admin/maintenance/start/gallery_task::update_l10n?csrf=$csrf")) ?>"></a>'); // this is a little hack to trigger the update_l10n task in a dialog
el.gallery_dialog();
el.trigger('click');
}
diff --git a/modules/gallery/views/admin_maintenance.html.php b/modules/gallery/views/admin_maintenance.html.php
index a1f7b126..05bc0923 100644
--- a/modules/gallery/views/admin_maintenance.html.php
+++ b/modules/gallery/views/admin_maintenance.html.php
@@ -93,7 +93,7 @@
<?= $task->status ?>
</td>
<td>
- <?= SafeString::of($task->owner()->name) ?>
+ <?= html::clean($task->owner()->name) ?>
</td>
<td>
<? if ($task->state == "stalled"): ?>
@@ -164,7 +164,7 @@
<?= $task->status ?>
</td>
<td>
- <?= SafeString::of($task->owner()->name) ?>
+ <?= html::clean($task->owner()->name) ?>
</td>
<td>
<? if ($task->done): ?>
diff --git a/modules/gallery/views/admin_maintenance_show_log.html.php b/modules/gallery/views/admin_maintenance_show_log.html.php
index 209aef03..8ea1beb6 100644
--- a/modules/gallery/views/admin_maintenance_show_log.html.php
+++ b/modules/gallery/views/admin_maintenance_show_log.html.php
@@ -12,7 +12,7 @@ appendTo('body').submit().remove();
<div id="gTaskLogDialog">
<h1> <?= $task->name ?> </h1>
<div class="gTaskLog">
- <pre><?= SafeString::purify($task->get_log()) ?></pre>
+ <pre><?= html::purify($task->get_log()) ?></pre>
</div>
<button id="gCloseButton" class="ui-state-default ui-corner-all" onclick="dismiss()"><?= t("Close") ?></button>
<button id="gSaveButton" class="ui-state-default ui-corner-all" onclick="download()"><?= t("Save") ?></button>
diff --git a/modules/gallery/views/move_tree.html.php b/modules/gallery/views/move_tree.html.php
index 7818a42a..623f80ee 100644
--- a/modules/gallery/views/move_tree.html.php
+++ b/modules/gallery/views/move_tree.html.php
@@ -1,18 +1,18 @@
<?php defined("SYSPATH") or die("No direct script access.") ?>
<?= $parent->thumb_img(array(), 25); ?>
<? if (!access::can("edit", $parent) || $source->is_descendant($parent)): ?>
-<a href="javascript:load_tree('<?= $parent->id ?>',1)"> <?= SafeString::of($parent->title) ?> <?= t("(locked)") ?> </a>
+<a href="javascript:load_tree('<?= $parent->id ?>',1)"> <?= html::clean($parent->title) ?> <?= t("(locked)") ?> </a>
<? else: ?>
-<a href="javascript:load_tree('<?= $parent->id ?>',0)"> <?= SafeString::of($parent->title) ?></a>
+<a href="javascript:load_tree('<?= $parent->id ?>',0)"> <?= html::clean($parent->title) ?></a>
<? endif ?>
<ul id="tree_<?= $parent->id ?>">
<? foreach ($children as $child): ?>
<li id="node_<?= $child->id ?>" class="node">
<?= $child->thumb_img(array(), 25); ?>
<? if (!access::can("edit", $child) || $source->is_descendant($child)): ?>
- <a href="javascript:load_tree('<?= $child->id ?>',1)"> <?= SafeString::of($child->title) ?> <?= t("(locked)") ?></a>
+ <a href="javascript:load_tree('<?= $child->id ?>',1)"> <?= html::clean($child->title) ?> <?= t("(locked)") ?></a>
<? else: ?>
- <a href="javascript:load_tree('<?= $child->id ?>',0)"> <?= SafeString::of($child->title) ?> </a>
+ <a href="javascript:load_tree('<?= $child->id ?>',0)"> <?= html::clean($child->title) ?> </a>
<? endif ?>
</li>
<? endforeach ?>
diff --git a/modules/gallery/views/permissions_browse.html.php b/modules/gallery/views/permissions_browse.html.php
index 90970112..d9395b3f 100644
--- a/modules/gallery/views/permissions_browse.html.php
+++ b/modules/gallery/views/permissions_browse.html.php
@@ -39,13 +39,13 @@
<? foreach ($parents as $parent): ?>
<li id="item-<?= $parent->id ?>">
<a href="javascript:show(<?= $parent->id ?>)">
- <?= SafeString::purify($parent->title) ?>
+ <?= html::purify($parent->title) ?>
</a>
</li>
<? endforeach ?>
<li class="active" id="item-<?= $item->id ?>">
<a href="javascript:show(<?= $item->id ?>)">
- <?= SafeString::purify($item->title) ?>
+ <?= html::purify($item->title) ?>
</a>
</li>
</ul>
diff --git a/modules/gallery/views/permissions_form.html.php b/modules/gallery/views/permissions_form.html.php
index adc0496f..e6b217c5 100644
--- a/modules/gallery/views/permissions_form.html.php
+++ b/modules/gallery/views/permissions_form.html.php
@@ -6,7 +6,7 @@
<tr>
<th> </th>
<? foreach ($groups as $group): ?>
- <th> <?= SafeString::of($group->name) ?> </th>
+ <th> <?= html::clean($group->name) ?> </th>
<? endforeach ?>
</tr>
diff --git a/modules/gallery/views/simple_uploader.html.php b/modules/gallery/views/simple_uploader.html.php
index 1f185780..b136972a 100644
--- a/modules/gallery/views/simple_uploader.html.php
+++ b/modules/gallery/views/simple_uploader.html.php
@@ -6,7 +6,7 @@
<!-- hack to set the title for the dialog -->
<form id="gAddPhotosForm" action="<?= url::site("simple_uploader/finish?csrf=$csrf") ?>">
<fieldset>
- <legend> <?= t("Add photos to %album_title", array("album_title" => SafeString::purify($item->title))) ?> </legend>
+ <legend> <?= t("Add photos to %album_title", array("album_title" => html::purify($item->title))) ?> </legend>
</fieldset>
</form>
@@ -26,9 +26,9 @@
</p>
<ul class="gBreadcrumbs">
<? foreach ($item->parents() as $parent): ?>
- <li> <?= SafeString::of($parent->title) ?> </li>
+ <li> <?= html::clean($parent->title) ?> </li>
<? endforeach ?>
- <li class="active"> <?= SafeString::purify($item->title) ?> </li>
+ <li class="active"> <?= html::purify($item->title) ?> </li>
</ul>
<p>
@@ -82,13 +82,13 @@
<script type="text/javascript">
var swfu = new SWFUpload({
- flash_url: "<?= url::file("lib/swfupload/swfupload.swf")->for_js() ?>",
- upload_url: "<?= url::site("simple_uploader/add_photo/$item->id")->for_js() ?>",
+ flash_url: "<?= html::escape_for_js(url::file("lib/swfupload/swfupload.swf")) ?>",
+ upload_url: "<?= html::escape_for_js(url::site("simple_uploader/add_photo/$item->id")) ?>",
post_params: <?= json_encode(array(
"g3sid" => Session::instance()->id(),
"user_agent" => Input::instance()->server("HTTP_USER_AGENT"),
"csrf" => $csrf)) ?>,
- file_size_limit: "<?= SafeString::of(ini_get("upload_max_filesize") ? num::convert_to_bytes(ini_get("upload_max_filesize"))."B" : "100MB")->for_js() ?>",
+ file_size_limit: "<?= html::escape_for_js(ini_get("upload_max_filesize") ? num::convert_to_bytes(ini_get("upload_max_filesize"))."B" : "100MB")) ?>",
file_types: "*.gif;*.jpg;*.jpeg;*.png;*.flv;*.mp4;*.GIF;*.JPG;*.JPEG;*.PNG;*.FLV;*.MP4",
file_types_description: "<?= t("Photos and Movies")->for_js() ?>",
file_upload_limit: 1000,
@@ -97,7 +97,7 @@
debug: false,
// Button settings
- button_image_url: "<?= url::file("themes/default/images/select-photos-backg.png")->for_js() ?>",
+ button_image_url: "<?= html::escape_for_js(url::file("themes/default/images/select-photos-backg.png")) ?>",
button_width: "202",
button_height: "45",
button_placeholder_id: "gChooseFilesButtonPlaceholder",
generated by cgit v1.2.3 (git 2.46.0) at 2025-10-13 08:43:38 +0000