diff options
Diffstat (limited to 'modules/server_add')
5 files changed, 11 insertions, 11 deletions
diff --git a/modules/server_add/controllers/admin_server_add.php b/modules/server_add/controllers/admin_server_add.php index 30109f42..fac2aa44 100644 --- a/modules/server_add/controllers/admin_server_add.php +++ b/modules/server_add/controllers/admin_server_add.php @@ -38,7 +38,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $path = $form->add_path->path->value; $paths[$path] = 1; module::set_var("server_add", "authorized_paths", serialize($paths)); - message::success(t("Added path %path", array("path" => p::clean($path)))); + message::success(t("Added path %path", array("path" => $path))); server_add::check_config($paths); url::redirect("admin/server_add"); } else { @@ -60,7 +60,7 @@ class Admin_Server_Add_Controller extends Admin_Controller { $paths = unserialize(module::get_var("server_add", "authorized_paths")); if (isset($paths[$path])) { unset($paths[$path]); - message::success(t("Removed path %path", array("path" => p::clean($path)))); + message::success(t("Removed path %path", array("path" => $path))); module::set_var("server_add", "authorized_paths", serialize($paths)); server_add::check_config($paths); } diff --git a/modules/server_add/helpers/server_add.php b/modules/server_add/helpers/server_add.php index 74f51ad9..a84e1afd 100644 --- a/modules/server_add/helpers/server_add.php +++ b/modules/server_add/helpers/server_add.php @@ -25,7 +25,7 @@ class server_add_Core { if (empty($paths)) { site_status::warning( t("Server Add needs configuration. <a href=\"%url\">Configure it now!</a>", - array("url" => url::site("admin/server_add"))), + array("url" => html::mark_safe(url::site("admin/server_add")))), "server_add_configuration"); } else { site_status::clear("server_add_configuration"); diff --git a/modules/server_add/views/admin_server_add.html.php b/modules/server_add/views/admin_server_add.html.php index 30ab3536..b48a19da 100644 --- a/modules/server_add/views/admin_server_add.html.php +++ b/modules/server_add/views/admin_server_add.html.php @@ -11,12 +11,12 @@ <ul id="gPathList"> <? foreach ($paths as $id => $path): ?> <li class="ui-icon-left"> - <a href="<?= url::site("admin/server_add/remove_path?path=$path&csrf=$csrf") ?>" + <a href="<?= url::site("admin/server_add/remove_path?path=" . urlencode($path) . "&csrf=$csrf") ?>" id="icon_<?= $id?>" class="gRemoveDir ui-icon ui-icon-trash"> X </a> - <?= $path ?> + <?= html::clean($path) ?> </li> <? endforeach ?> </ul> diff --git a/modules/server_add/views/server_add_tree.html.php b/modules/server_add/views/server_add_tree.html.php index 254a9da0..dbae42c5 100644 --- a/modules/server_add/views/server_add_tree.html.php +++ b/modules/server_add/views/server_add_tree.html.php @@ -10,7 +10,7 @@ <li class="ui-icon-left"> <span class="ui-icon ui-icon-folder-open"></span> <span ondblclick="open_dir('<?= $dir ?>')"> - <?= basename($dir) ?> + <?= html::clean(basename($dir)) ?> </span> <ul> <? endforeach ?> @@ -22,9 +22,9 @@ <? if (is_dir($file)): ?> ondblclick="open_dir($(this).attr('file'))" <? endif ?> - file="<?= $file ?>" + file="<?= strtr($file, array('"' => '\\"')) ?>" > - <?= p::clean(basename($file)) ?> + <?= html::clean(basename($file)) ?> </span> </li> <? endforeach ?> diff --git a/modules/server_add/views/server_add_tree_dialog.html.php b/modules/server_add/views/server_add_tree_dialog.html.php index 431635f8..8eb6e4df 100644 --- a/modules/server_add/views/server_add_tree_dialog.html.php +++ b/modules/server_add/views/server_add_tree_dialog.html.php @@ -5,17 +5,17 @@ </script> <div id="gServerAdd"> - <h1 style="display: none;"><?= t("Add Photos to '%title'", array("title" => p::purify($item->title))) ?></h1> + <h1 style="display: none;"><?= t("Add Photos to '%title'", array("title" => html::purify($item->title))) ?></h1> <p id="gDescription"><?= t("Photos will be added to album:") ?></p> <ul class="gBreadcrumbs"> <? foreach ($item->parents() as $parent): ?> <li> - <?= p::purify($parent->title) ?> + <?= html::purify($parent->title) ?> </li> <? endforeach ?> <li class="active"> - <?= p::purify($item->title) ?> + <?= html::purify($item->title) ?> </li> </ul> |