projects / platal.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4c19690)
real fix to the escape problem : quoted werent escaped correctly
authorx2000habouzit <x2000habouzit@839d8a87-29fc-0310-9880-83ba4fa771e5>
Sat, 24 Sep 2005 13:59:34 +0000 (13:59 +0000)
committerx2000habouzit <x2000habouzit@839d8a87-29fc-0310-9880-83ba4fa771e5>
Sat, 24 Sep 2005 13:59:34 +0000 (13:59 +0000)
git-svn-id: svn+ssh://murphy/home/svn/platal/trunk@43 839d8a87-29fc-0310-9880-83ba4fa771e5

include/platal/smarty.plugins.inc.php patch | blob | blame | history
templates/emails/send.tpl patch | blob | blame | history
templates/newsletter/submit.tpl patch | blob | blame | history
templates/table-editor.tpl patch | blob | blame | history

diff --git a/include/platal/smarty.plugins.inc.php b/include/platal/smarty.plugins.inc.php
index b5b7d10..4c79fd1 100644 (file)
--- a/include/platal/smarty.plugins.inc.php
+++ b/include/platal/smarty.plugins.inc.php
@@ -32,7 +32,7 @@
 function escape_html($string)
 {
     if(is_string($string)) {
-       $transtbl = Array('<' => '&lt;', '>' => '&gt;', '"' => '&quot;');
+       $transtbl = Array('<' => '&lt;', '>' => '&gt;', '"' => '&quot;', '\'' => '&apos;');
        return preg_replace("/&(?![A-Za-z]{0,4}\w{2,3};|#[0-9]{2,4};)/", "&amp;" , strtr($string, $transtbl));
     } else {
        return $string;
diff --git a/templates/emails/send.tpl b/templates/emails/send.tpl
index 998cb64..810f177 100644 (file)
--- a/templates/emails/send.tpl
+++ b/templates/emails/send.tpl
@@ -61,7 +61,7 @@
         <input type='text' name='from' size='60' value='{if $smarty.request.from}
 {$smarty.request.from}
 {else}
-"{$smarty.session.prenom} {$smarty.session.nom|escape}" &lt;{$smarty.session.bestalias}@{#globals.mail.domain#}&gt;
+"{$smarty.session.prenom} {$smarty.session.nom}" &lt;{$smarty.session.bestalias}@{#globals.mail.domain#}&gt;
 {/if}' />
       </td>
     </tr>
diff --git a/templates/newsletter/submit.tpl b/templates/newsletter/submit.tpl
index 192914a..0a8611c 100644 (file)
--- a/templates/newsletter/submit.tpl
+++ b/templates/newsletter/submit.tpl
@@ -105,7 +105,7 @@ Les contacts, prix, adresses mail utiles, liens web, ...  sont en sus, et sont 
     <tr class="impair">
       <td class='titre'>Sujet</td>
       <td>
-        <input size='60' type='text' value='{$smarty.request.title|escape}' name='title' />
+        <input size='60' type='text' value='{$smarty.request.title}' name='title' />
       </td>
     </tr>
     <tr class="pair">
diff --git a/templates/table-editor.tpl b/templates/table-editor.tpl
index 1991a18..8910d0f 100644 (file)
--- a/templates/table-editor.tpl
+++ b/templates/table-editor.tpl
@@ -155,7 +155,7 @@
         <input type="{$myval.type}" name="{$prefix}{$mykey}" size="40" value="{$myval.value}" />
         {/if}
         {else}
-        {$myval.value|escape}
+        {$myval.value}
         {/if}
       </td>
     </tr>
plat/al