[pLog-svn] r2461 - in plog/branches/plog-1.0.2/templates: admin
grey grey-sf standard standard-with-plugins
jondaley at devel.plogworld.net
jondaley at devel.plogworld.net
Sun Sep 11 11:04:05 GMT 2005
Author: jondaley
Date: 2005-09-11 11:04:03 +0000 (Sun, 11 Sep 2005)
New Revision: 2461
Modified:
plog/branches/plog-1.0.2/templates/admin/dashboard.template
plog/branches/plog-1.0.2/templates/admin/editcomments.template
plog/branches/plog-1.0.2/templates/admin/editposts.template
plog/branches/plog-1.0.2/templates/grey-sf/postandcomments.template
plog/branches/plog-1.0.2/templates/grey/postandcomments.template
plog/branches/plog-1.0.2/templates/standard-with-plugins/postandcomments.template
plog/branches/plog-1.0.2/templates/standard/postandcomments.template
Log:
remove html tags from comment Topic, in all cases. Remove html from postTopic, in admin interface. This doesn't entirely solve the problem, because if users want to allow <a href=blah>...</a> in their comments (and plog does that by default) then the user is also allowed to have the iframe attribute tag stuff. A fair amount of discussion on the strip_tags section of php.net
Modified: plog/branches/plog-1.0.2/templates/admin/dashboard.template
===================================================================
--- plog/branches/plog-1.0.2/templates/admin/dashboard.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/admin/dashboard.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -29,7 +29,7 @@
{foreach from=$recentposts[$blogId] item=post}
<tr style="background-color: {cycle values="#FFFFFF,#F7F7F7"};">
<td>
- <a target="_blank" href="{$url->postPermalink($post)}">{$post->getTopic()}</a><br/>
+ <a target="_blank" href="{$url->postPermalink($post)}">{$post->getTopic()|strip_tags}</a><br/>
</td>
<td>
<div class="list_action_button">
@@ -59,7 +59,7 @@
{if $comment->getTopic() == ""}
<i>{$locale->tr("no_subject")}</i>
{else}
- {$comment->getTopic()}
+ {$comment->getTopic()|strip_tags}
{/if}
</a>
</td>
@@ -69,7 +69,7 @@
{/if}
</td>
<td>
- <a href="{$url->postPermalink($article)}">{$article->getTopic()}</a>
+ <a href="{$url->postPermalink($article)}">{$article->getTopic()|strip_tags}</a>
</td>
<td>
{assign var=commentDate value=$comment->getDateObject()}
@@ -119,7 +119,7 @@
</a>
</td>
<td>
- <a href="{$url->postPermalink($article)}">{$article->getTopic()}</a>
+ <a href="{$url->postPermalink($article)}">{$article->getTopic()|strip_tags}</a>
</td>
<td>
{assign var=trackbackDate value=$trackback->getDateObject()}
Modified: plog/branches/plog-1.0.2/templates/admin/editcomments.template
===================================================================
--- plog/branches/plog-1.0.2/templates/admin/editcomments.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/admin/editcomments.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -54,7 +54,7 @@
<input class="checkbox" type="checkbox" name="commentIds[{$comment->getId()}]" id="checks_{$comment->getId()}" value="{$comment->getId()}" />
</td>
<td class="col_highlighted">
- {$comment->getTopic()}
+ {$comment->getTopic()|strip_tags}
</td>
<td>
{$comment->getText()}
Modified: plog/branches/plog-1.0.2/templates/admin/editposts.template
===================================================================
--- plog/branches/plog-1.0.2/templates/admin/editposts.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/admin/editposts.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -93,7 +93,7 @@
</td>
<td class="col_highlighted">
<a href="?op=editPost&postId={$post->getId()}">
- {$post->getTopic()}
+ {$post->getTopic()|strip_tags}
</a>
</td>
<td>
Modified: plog/branches/plog-1.0.2/templates/grey/postandcomments.template
===================================================================
--- plog/branches/plog-1.0.2/templates/grey/postandcomments.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/grey/postandcomments.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -17,7 +17,7 @@
{include file="$blogtemplate/post.template"}
{foreach from=$comments item=comment}
<p class="commentheader">
- <img src="{$url->getUrl("/imgs/comment_icon1.gif")}"/> {$comment->getTopic()} <span class="categoryinfo">[<a href="{$url->replyCommentLink($post,$comment)}">{$locale->tr("reply")}</a>]</span>
+ <img src="{$url->getUrl("/imgs/comment_icon1.gif")}"/> {$comment->getTopic()|strip_tags} <span class="categoryinfo">[<a href="{$url->replyCommentLink($post,$comment)}">{$locale->tr("reply")}</a>]</span>
</p>
<p>
{$comment->getText()}
Modified: plog/branches/plog-1.0.2/templates/grey-sf/postandcomments.template
===================================================================
--- plog/branches/plog-1.0.2/templates/grey-sf/postandcomments.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/grey-sf/postandcomments.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -15,7 +15,7 @@
{include file="$blogtemplate/post.template"}
{foreach from=$comments item=comment}
<p class="commentheader">
- <img src="{$url->getUrl("/imgs/comment_icon1.gif")}"/> {$comment->getTopic()} <span class="categoryinfo">[<a href="{$url->replyCommentLink($post,$comment)}">{$locale->tr("reply")}</a>]</span>
+ <img src="{$url->getUrl("/imgs/comment_icon1.gif")}"/> {$comment->getTopic()|strip_tags} <span class="categoryinfo">[<a href="{$url->replyCommentLink($post,$comment)}">{$locale->tr("reply")}</a>]</span>
</p>
<p>
{$comment->getText()}
Modified: plog/branches/plog-1.0.2/templates/standard/postandcomments.template
===================================================================
--- plog/branches/plog-1.0.2/templates/standard/postandcomments.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/standard/postandcomments.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -20,7 +20,7 @@
<h2>{$locale->tr("comments")}</h2>
{foreach from=$comments item=comment}
-<h3 class="commentheader"><img src="{$url->getUrl("/imgs/comment_icon1.gif")}" alt="Comment Icon" /> {$comment->getTopic()}</h3>
+<h3 class="commentheader"><img src="{$url->getUrl("/imgs/comment_icon1.gif")}" alt="Comment Icon" /> {$comment->getTopic()|strip_tags}</h3>
<p class="commentposterinfo">
{assign var="postDate" value=$comment->getTimestamp()}
Modified: plog/branches/plog-1.0.2/templates/standard-with-plugins/postandcomments.template
===================================================================
--- plog/branches/plog-1.0.2/templates/standard-with-plugins/postandcomments.template 2005-09-09 12:30:07 UTC (rev 2460)
+++ plog/branches/plog-1.0.2/templates/standard-with-plugins/postandcomments.template 2005-09-11 11:04:03 UTC (rev 2461)
@@ -19,7 +19,7 @@
<h2>{$locale->tr("comments_for_post")}</h2>
{foreach from=$comments item=comment}
-<a name="{$comment->getId()}"><h3 class="commentheader"><img src="{$url->getUrl("/imgs/comment_icon1.gif")}" alt="Comment Icon" /> {$comment->getTopic()}</h3></a>
+<a name="{$comment->getId()}"><h3 class="commentheader"><img src="{$url->getUrl("/imgs/comment_icon1.gif")}" alt="Comment Icon" /> {$comment->getTopic()|strip_tags}</h3></a>
<p class="commentposterinfo">
{assign var="postDate" value=$comment->getTimestamp()}
More information about the pLog-svn
mailing list