[pLog-svn] r2462 - plog/branches/plog-1.0.2/templates/summary
jondaley at devel.plogworld.net
jondaley at devel.plogworld.net
Sun Sep 11 11:32:08 GMT 2005
Author: jondaley
Date: 2005-09-11 11:32:08 +0000 (Sun, 11 Sep 2005)
New Revision: 2462
Modified:
plog/branches/plog-1.0.2/templates/summary/post.template
plog/branches/plog-1.0.2/templates/summary/summary.template
Log:
remove html tags from comment Topic, in all cases. Remove html from postTopic, in admin interface. This doesn't entirely solve the problem, because if users want to allow <a href=blah>...</a> in their comments (and plog does that by default) then the user is also allowed to have the iframe attribute tag stuff. A fair amount of discussion on the strip_tags section of php.net
Modified: plog/branches/plog-1.0.2/templates/summary/post.template
===================================================================
--- plog/branches/plog-1.0.2/templates/summary/post.template 2005-09-11 11:04:03 UTC (rev 2461)
+++ plog/branches/plog-1.0.2/templates/summary/post.template 2005-09-11 11:32:08 UTC (rev 2462)
@@ -1,6 +1,6 @@
{assign var="blog" value=$post->getBlogInfo()}
{assign var="request" value=$blog->getBlogRequestGenerator()}
- <h5>{$post->getTopic()}</h5>
+ <h5>{$post->getTopic()|strip_tags}</h5>
<div class="subtitle">
{$locale->tr("blog")} <a href="{$request->blogLink()}">{$blog->getBlog()}</a>
</div>
@@ -19,4 +19,4 @@
<img src="imgs/comment.png" width="11" height="10" alt="{$locale->tr("comments")}" />
<a href="{$request->postPermalink($post)}#comments">{if $post->getTotalComments() eq 0}{$locale->tr("comment on this")}{else}{$post->getTotalComments()} {$locale->tr("comments")|capitalize}{/if}</a>
<br style="clear: both;" />
- </div>
\ No newline at end of file
+ </div>
Modified: plog/branches/plog-1.0.2/templates/summary/summary.template
===================================================================
--- plog/branches/plog-1.0.2/templates/summary/summary.template 2005-09-11 11:04:03 UTC (rev 2461)
+++ plog/branches/plog-1.0.2/templates/summary/summary.template 2005-09-11 11:32:08 UTC (rev 2462)
@@ -1,6 +1,6 @@
{include file="summary/header.template"}
{foreach from=$posts item=post}
- <h3>{$post->getTopic()}</h3>
+ <h3>{$post->getTopic()|strip_tags}</h3>
{assign var="postDate" value=$post->getDateObject()}
{assign var="postOwner" value=$post->getUserInfo()}
<span class="date">{$postOwner->getUsername()} | {$locale->formatDate($postDate,"%d %B, %Y %H:%M")}</span>
More information about the pLog-svn
mailing list