mirror of
https://github.com/nuxsmin/sysPass.git
synced 2026-03-11 10:56:58 +01:00
fix: Prevent XSS on all output variables.
Signed-off-by: Rubén D <nuxsmin@syspass.org>
This commit is contained in:
Rubén D
@@ -36,7 +36,7 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="name" name="name" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Account name'); ?></label>
|
||||
@@ -49,7 +49,7 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="client" name="client" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getClientName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getClientName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="client"><?php echo __('Client'); ?></label>
|
||||
@@ -75,7 +75,7 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="login" name="login" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getLogin(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="login"><?php echo __('User'); ?></label>
|
||||
|
||||
@@ -55,7 +55,7 @@ $accountAcl = $_getvar('accountAcl');
|
||||
required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($accountData->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getName(), ENT_QUOTES); ?>"
|
||||
tabindex="1" readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Account name'); ?></label>
|
||||
@@ -73,7 +73,10 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<?php /** @var SelectItem $client */
|
||||
foreach ($_getvar('clients') as $client): ?>
|
||||
<option
|
||||
value="<?php echo $client->getId(); ?>" <?php echo $client->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($client->getName()); ?></option>
|
||||
value="<?php echo $client->getId(); ?>"
|
||||
<?php echo $client->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlspecialchars($client->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -90,7 +93,10 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<?php /** @var SelectItem $category */
|
||||
foreach ($_getvar('categories') as $category): ?>
|
||||
<option
|
||||
value="<?php echo $category->getId(); ?>" <?php echo $category->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($category->getName()); ?></option>
|
||||
value="<?php echo $category->getId(); ?>"
|
||||
<?php echo $category->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlspecialchars($category->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -116,7 +122,7 @@ $accountAcl = $_getvar('accountAcl');
|
||||
<input id="login" name="login" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50" tabindex="5"
|
||||
value="<?php echo htmlentities($accountData->getLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getLogin(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Access user'); ?></label>
|
||||
@@ -147,7 +153,8 @@ $accountAcl = $_getvar('accountAcl');
|
||||
rows="3" id="notes"
|
||||
name="notes" tabindex="9"
|
||||
maxlength="5000"
|
||||
readonly><?php echo htmlspecialchars($accountData->getNotes()); ?></textarea>
|
||||
readonly><?php echo htmlspecialchars($accountData->getNotes(), ENT_QUOTES); ?>
|
||||
</textarea>
|
||||
<label class="mdl-textfield__label"
|
||||
for="notes"><?php echo __('Notes about the account'); ?></label>
|
||||
</div>
|
||||
@@ -168,7 +175,9 @@ $accountAcl = $_getvar('accountAcl');
|
||||
foreach ($_getvar('historyData') as $history): ?>
|
||||
<option
|
||||
value="<?php echo $history->getId(); ?>"
|
||||
<?php echo $history->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($history->getName()); ?></option>
|
||||
<?php echo $history->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlspecialchars($history->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -177,7 +186,13 @@ $accountAcl = $_getvar('accountAcl');
|
||||
|
||||
<tr>
|
||||
<td class="descField"><?php echo __('Last Modification'); ?></td>
|
||||
<td class="valField"><?php printf('%s (%s)', $accountData->getDateEdit(), htmlentities($accountData->getUserEditName()) ?: htmlentities($accountData->getUserEditLogin())); ?></td>
|
||||
<td class="valField">
|
||||
<?php printf(
|
||||
'%s (%s)',
|
||||
$accountData->getDateEdit(),
|
||||
htmlspecialchars($accountData->getUserEditName(), ENT_QUOTES)
|
||||
?: htmlspecialchars($accountData->getUserEditLogin(), ENT_QUOTES)); ?>
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
|
||||
|
||||
@@ -29,7 +29,7 @@ $accountData = $_getvar('accountData');
|
||||
<input id="name" name="name" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($accountData->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Account name'); ?></label>
|
||||
@@ -42,7 +42,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="client" name="client" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getClientName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getClientName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="client"><?php echo __('Client'); ?></label>
|
||||
@@ -55,7 +55,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="category" name="category" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getCategoryName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getCategoryName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="category"><?php echo __('Category'); ?></label>
|
||||
@@ -68,7 +68,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="url" name="url" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo $accountData->getUrl(); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getUrl(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="url"><?php echo __('URL / IP'); ?></label>
|
||||
@@ -81,7 +81,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="login" name="login" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getLogin(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="login"><?php echo __('User'); ?></label>
|
||||
@@ -97,7 +97,7 @@ $accountData = $_getvar('accountData');
|
||||
rows="3" id="notes"
|
||||
name="notes"
|
||||
maxlength="1000"
|
||||
readonly><?php echo htmlspecialchars($accountData->getNotes()); ?></textarea>
|
||||
readonly><?php echo htmlspecialchars($accountData->getNotes(), ENT_QUOTES); ?></textarea>
|
||||
<label class="mdl-textfield__label"
|
||||
for="notes"><?php echo __('Notes about the account'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -35,7 +35,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php if ($otherUser->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $otherUser->getId(); ?>"
|
||||
<?php echo $otherUser->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($otherUser->getName()); ?></option>
|
||||
<?php echo $otherUser->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($otherUser->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<i class="material-icons select-icon"
|
||||
@@ -48,7 +48,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php /** @var SelectItem $otherUser */
|
||||
foreach ($_getvar('otherUsersView') as $otherUser): ?>
|
||||
<?php if ($otherUser->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($otherUser->getName()); ?></span>
|
||||
<span class="tag"><?php echo htmlspecialchars($otherUser->getName(), ENT_QUOTES); ?></span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -68,7 +68,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php if ($otherUser->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $otherUser->getId(); ?>"
|
||||
<?php echo $otherUser->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($otherUser->getName()); ?></option>
|
||||
<?php echo $otherUser->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($otherUser->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<i class="material-icons select-icon"
|
||||
@@ -81,7 +81,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php /** @var SelectItem $otherUser */
|
||||
foreach ($_getvar('otherUsersEdit') as $otherUser): ?>
|
||||
<?php if ($otherUser->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($otherUser->getName()); ?></span>
|
||||
<span class="tag"><?php echo htmlspecialchars($otherUser->getName(), ENT_QUOTES); ?></span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -107,7 +107,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php if ($otherUserGroup->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $otherUserGroup->getId(); ?>"
|
||||
<?php echo $otherUserGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($otherUserGroup->getName()); ?></option>
|
||||
<?php echo $otherUserGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($otherUserGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<i class="material-icons select-icon"
|
||||
@@ -120,7 +120,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php /** @var SelectItem $otherUserGroup */
|
||||
foreach ($_getvar('otherUserGroupsView') as $otherUserGroup): ?>
|
||||
<?php if ($otherUserGroup->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($otherUserGroup->getName()); ?></span>
|
||||
<span class="tag"><?php echo htmlspecialchars($otherUserGroup->getName(), ENT_QUOTES); ?></span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -140,7 +140,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php if ($otherUserGroup->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $otherUserGroup->getId(); ?>"
|
||||
<?php echo $otherUserGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($otherUserGroup->getName()); ?></option>
|
||||
<?php echo $otherUserGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($otherUserGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<i class="material-icons select-icon"
|
||||
@@ -153,7 +153,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<?php /** @var SelectItem $otherUserGroup */
|
||||
foreach ($_getvar('otherUserGroupsEdit') as $otherUserGroup): ?>
|
||||
<?php if ($otherUserGroup->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($otherUserGroup->getName()); ?></span>
|
||||
<span class="tag"><?php echo htmlspecialchars($otherUserGroup->getName(), ENT_QUOTES); ?></span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -189,7 +189,7 @@ use SP\Services\Account\AccountAcl;
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"
|
||||
<?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
<?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -213,7 +213,7 @@ use SP\Services\Account\AccountAcl;
|
||||
foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -32,7 +32,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="name" name="name" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Account name'); ?></label>
|
||||
@@ -45,7 +45,7 @@ $accountData = $_getvar('accountData');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="client" name="client" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($accountData->getClientName()); ?>"
|
||||
value="<?php echo htmlspecialchars($accountData->getClientName(), ENT_QUOTES); ?>"
|
||||
readonly>
|
||||
<label class="mdl-textfield__label"
|
||||
for="client"><?php echo __('Client'); ?></label>
|
||||
|
||||
@@ -81,7 +81,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="100"
|
||||
value="<?php echo $gotData
|
||||
? htmlentities($accountData->getName())
|
||||
? htmlspecialchars($accountData->getName(), ENT_QUOTES)
|
||||
: ''; ?>"
|
||||
<?php echo $_getvar('readonly'); ?>
|
||||
>
|
||||
@@ -108,7 +108,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
? 'selected'
|
||||
: ''; ?>
|
||||
>
|
||||
<?php echo $client->getName(); ?>
|
||||
<?php echo htmlspecialchars($client->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -140,7 +140,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
? 'selected'
|
||||
: ''; ?>
|
||||
>
|
||||
<?php echo htmlentities($category->getName()); ?>
|
||||
<?php echo htmlspecialchars($category->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -180,7 +180,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo $gotData
|
||||
? htmlentities($accountData->getLogin())
|
||||
? htmlspecialchars($accountData->getLogin(), ENT_QUOTES)
|
||||
: ''; ?>"
|
||||
<?php echo $_getvar('readonly'); ?>
|
||||
>
|
||||
@@ -275,7 +275,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
foreach ($_getvar('tags') as $tag): ?>
|
||||
<option value="<?php echo $tag->getId(); ?>"
|
||||
<?php echo $tag->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($tag->getName()); ?>
|
||||
<?php echo htmlspecialchars($tag->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -301,7 +301,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
<?php /** @var SelectItem $tag */
|
||||
foreach ($_getvar('tags') as $tag): ?>
|
||||
<?php if ($tag->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($tag->getName()); ?></span>
|
||||
<span class="tag"><?php echo htmlspecialchars($tag->getName(), ENT_QUOTES); ?></span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -345,7 +345,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
foreach ($_getvar('historyData') as $history): ?>
|
||||
<option
|
||||
value="<?php echo $history->getId(); ?>">
|
||||
<?php echo htmlentities($history->getName()); ?>
|
||||
<?php echo htmlspecialchars($history->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -360,7 +360,7 @@ $showCustomFields = count($_getvar('customFields', 0)) > 0;
|
||||
<td class="descField"><?php echo __('Last Modification'); ?></td>
|
||||
<td class="valField"><?php printf('%s (%s)',
|
||||
$accountData->getDateEdit(),
|
||||
$accountData->getUserEditName()); ?>
|
||||
htmlspecialchars($accountData->getUserEditName(), ENT_QUOTES)); ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endif; ?>
|
||||
|
||||
@@ -38,7 +38,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<td class="valField">
|
||||
<div class="lowres-title"><?php echo __('Last Modification'); ?></div>
|
||||
|
||||
<?php printf('%s (%s)', $accountData->getDateEdit(), htmlentities($accountData->getUserEditName())); ?>
|
||||
<?php printf('%s (%s)', $accountData->getDateEdit(), htmlspecialchars($accountData->getUserEditName(), ENT_QUOTES)); ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endif; ?>
|
||||
@@ -48,7 +48,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<td class="valField">
|
||||
<div class="lowres-title"><?php echo __('Owner'); ?></div>
|
||||
|
||||
<?php echo htmlentities($accountData->getUserName()) ?: htmlentities($accountData->getUserLogin()); ?>
|
||||
<?php echo htmlspecialchars($accountData->getUserName(), ENT_QUOTES) ?: htmlspecialchars($accountData->getUserLogin(), ENT_QUOTES); ?>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
@@ -56,7 +56,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<td class="valField">
|
||||
<div class="lowres-title"><?php echo __('Main Group'); ?></div>
|
||||
|
||||
<?php echo htmlentities($accountData->getUserGroupName()); ?>
|
||||
<?php echo htmlspecialchars($accountData->getUserGroupName(), ENT_QUOTES); ?>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
@@ -74,7 +74,7 @@ use SP\Services\Account\AccountAcl;
|
||||
<td class="valField">
|
||||
<div class="lowres-title"><?php echo __('Editor'); ?></div>
|
||||
|
||||
<?php echo htmlentities($accountData->getUserEditName()) ?: htmlentities($accountData->getUserEditLogin()); ?>
|
||||
<?php echo htmlspecialchars($accountData->getUserEditName(), ENT_QUOTES) ?: htmlspecialchars($accountData->getUserEditLogin(), ENT_QUOTES); ?>
|
||||
</td>
|
||||
</tr>
|
||||
<?php endif; ?>
|
||||
|
||||
@@ -19,14 +19,14 @@ use SP\Html\Html;
|
||||
?>
|
||||
<li class="mdl-list__item">
|
||||
<span class="mdl-list__item-primary-content"
|
||||
title="<?php echo $file->getName(); ?>">
|
||||
title="<?php echo htmlspecialchars($file->getName(), ENT_QUOTES); ?>">
|
||||
<i class="material-icons mdl-list__item-icon">attachment</i>
|
||||
<span><?php printf('%s (%d KB)', Html::truncate($file->getName(), 50), $file->getSize() / 1024); ?></span>
|
||||
</span>
|
||||
|
||||
<span class="list-actions">
|
||||
<?php if ($file->getThumb() !== 'no_thumb'): ?>
|
||||
<span title="<?php echo $file->getName(); ?>"
|
||||
<span title="<?php echo htmlspecialchars($file->getName(), ENT_QUOTES); ?>"
|
||||
class="btn-action"
|
||||
data-item-id="<?php echo $file->getId(); ?>"
|
||||
data-action-route="<?php echo $_getvar('fileViewRoute'); ?>"
|
||||
|
||||
@@ -16,7 +16,7 @@ use SP\Core\UI\ThemeIcons;
|
||||
<li class="mdl-list__item">
|
||||
<span class="btn-action mdl-list__item-primary-content">
|
||||
<i class="material-icons mdl-list__item-icon">layers</i>
|
||||
<?php printf('%s (%s)', $account->name, $account->clientName); ?>
|
||||
<?php printf('%s (%s)', htmlspecialchars($account->name, ENT_QUOTES), htmlspecialchars($account->clientName, ENT_QUOTES)); ?>
|
||||
</span>
|
||||
<span class="list-actions">
|
||||
<i class="material-icons btn-action mdl-list__item-icon <?php echo $icons->getIconEdit()->getClass(); ?>"
|
||||
|
||||
@@ -43,17 +43,25 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
title="<?php echo __('Search in Wiki'); ?>">
|
||||
<span class="mdl-chip mdl-chip--contact">
|
||||
<span style="background-color: <?php echo $accountSearchItem->getColor(); ?>;"
|
||||
class="mdl-chip__contact mdl-color-text--white"><?php echo htmlentities(mb_ucfirst($accountSearchData->getClientName())); ?></span>
|
||||
class="mdl-chip__contact mdl-color-text--white">
|
||||
<?php echo htmlspecialchars(mb_ucfirst($accountSearchData->getClientName()), ENT_QUOTES); ?>
|
||||
</span>
|
||||
<span class="mdl-chip__text"
|
||||
title="<?php echo htmlentities($accountSearchData->getClientName()); ?>"><?php echo htmlentities($accountSearchItem->getShortClientName()); ?></span>
|
||||
title="<?php echo htmlspecialchars($accountSearchData->getClientName(), ENT_QUOTES); ?>">
|
||||
<?php echo htmlspecialchars($accountSearchItem->getShortClientName(), ENT_QUOTES); ?>
|
||||
</span>
|
||||
</span>
|
||||
</a>
|
||||
<?php else: ?>
|
||||
<span class="mdl-chip mdl-chip--contact">
|
||||
<span style="background-color: <?php echo $accountSearchItem->getColor(); ?>;"
|
||||
class="mdl-chip__contact mdl-color-text--white"><?php echo htmlentities(mb_ucfirst($accountSearchData->getClientName())); ?></span>
|
||||
class="mdl-chip__contact mdl-color-text--white">
|
||||
<?php echo htmlspecialchars(mb_ucfirst($accountSearchData->getClientName()), ENT_QUOTES); ?>
|
||||
</span>
|
||||
<span class="mdl-chip__text"
|
||||
title="<?php echo htmlentities($accountSearchData->getClientName()); ?>"><?php echo htmlentities($accountSearchItem->getShortClientName()); ?></span>
|
||||
title="<?php echo htmlspecialchars($accountSearchData->getClientName(), ENT_QUOTES); ?>">
|
||||
<?php echo htmlspecialchars($accountSearchItem->getShortClientName(), ENT_QUOTES); ?>
|
||||
</span>
|
||||
</span>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
@@ -67,23 +75,27 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
class="btn-action"
|
||||
data-action-route="<?php echo $_getvar('viewAccountRoute'); ?>"
|
||||
data-item-id="<?php echo $accountSearchData->getId(); ?>"
|
||||
data-onclick="account/view"><?php echo $accountSearchData->getName(); ?></a>
|
||||
data-onclick="account/view"><?php echo htmlspecialchars(accountSearchData->getName(), ENT_QUOTES); ?></a>
|
||||
<?php else: ?>
|
||||
<div class="field-text">
|
||||
<?php echo htmlentities($accountSearchData->getName()); ?>
|
||||
<?php echo htmlspecialchars($accountSearchData->getName(), ENT_QUOTES); ?>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</div>
|
||||
|
||||
<div class="field-category field-text label-field">
|
||||
<div class="field-name"><?php echo __('Category'); ?></div>
|
||||
<div class="field-text"><?php echo htmlentities($accountSearchData->getCategoryName()); ?></div>
|
||||
<div class="field-text">
|
||||
<?php echo htmlspecialchars($accountSearchData->getCategoryName(), ENT_QUOTES); ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<?php if ($accountSearchItem->isShow()): ?>
|
||||
<div class="field-user field-text label-field">
|
||||
<div class="field-name"><?php echo __('User'); ?></div>
|
||||
<div class="field-text"><?php echo htmlentities($accountSearchItem->getShortLogin()); ?></div>
|
||||
<div class="field-text">
|
||||
<?php echo htmlspecialchars($accountSearchItem->getShortLogin(), ENT_QUOTES); ?>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="field-url field-text label-field">
|
||||
@@ -91,7 +103,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<?php if ($accountSearchItem->isUrlIslink()): ?>
|
||||
<a href="<?php echo $accountSearchData->getUrl(); ?>"
|
||||
target="_blank"
|
||||
title="<?php printf(__('Open link to: %s'), $accountSearchData->getUrl()); ?>"><?php echo $accountSearchItem->getShortUrl(); ?></a>
|
||||
title="<?php printf(__('Open link to: %s'), $accountSearchData->getUrl()); ?>">
|
||||
<?php echo $accountSearchItem->getShortUrl(); ?>
|
||||
</a>
|
||||
<?php else: ?>
|
||||
<div class="field-text"><?php echo $accountSearchItem->getShortUrl(); ?></div>
|
||||
<?php endif; ?>
|
||||
@@ -105,7 +119,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<div class="tags-box">
|
||||
<?php foreach ($accountSearchItem->getTags() as $tag): ?>
|
||||
<span class="tag"
|
||||
data-tag-id="<?php echo $tag->id; ?>"><?php echo htmlentities($tag->name); ?></span>
|
||||
data-tag-id="<?php echo $tag->id; ?>">
|
||||
<?php echo htmlspecialchars($tag->name, ENT_QUOTES); ?>
|
||||
</span>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
</div>
|
||||
@@ -119,7 +135,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<?php echo $icons->getIconWarning()->getIcon(); ?></i>
|
||||
<span
|
||||
for="icon-expired-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="mdl-tooltip mdl-tooltip--top"><?php echo __('Password Expired'); ?></span>
|
||||
class="mdl-tooltip mdl-tooltip--top">
|
||||
<?php echo __('Password Expired'); ?>
|
||||
</span>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if ($accountSearchData->getIsPrivate() === 1): ?>
|
||||
@@ -127,13 +145,17 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
class="material-icons">lock</i>
|
||||
<span
|
||||
for="icon-private-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="mdl-tooltip mdl-tooltip--top"><?php echo __('Private Account'); ?></span>
|
||||
class="mdl-tooltip mdl-tooltip--top">
|
||||
<?php echo __('Private Account'); ?>
|
||||
</span>
|
||||
<?php elseif ($accountSearchData->getIsPrivateGroup() === 1): ?>
|
||||
<i id="icon-private-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="material-icons">lock_open</i>
|
||||
<span
|
||||
for="icon-private-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="mdl-tooltip mdl-tooltip--top"><?php echo __('Private Account (Group)'); ?></span>
|
||||
class="mdl-tooltip mdl-tooltip--top">
|
||||
<?php echo __('Private Account (Group)'); ?>
|
||||
</span>
|
||||
<?php else: ?>
|
||||
<i id="accesses-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="material-icons">face</i>
|
||||
@@ -158,7 +180,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
data-status="<?php echo 'on'; ?>">star</i>
|
||||
<span
|
||||
for="btn-favorite-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="mdl-tooltip mdl-tooltip--top"><?php echo __('Delete Favorite'); ?></span>
|
||||
class="mdl-tooltip mdl-tooltip--top">
|
||||
<?php echo __('Delete Favorite'); ?>
|
||||
</span>
|
||||
<?php else: ?>
|
||||
<i id="btn-favorite-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="material-icons icon-favorite"
|
||||
@@ -168,7 +192,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
data-status="<?php echo 'off'; ?>">star_border</i>
|
||||
<span
|
||||
for="btn-favorite-<?php echo $accountSearchData->getId(); ?>"
|
||||
class="mdl-tooltip mdl-tooltip--top"><?php echo __('Mark as Favorite'); ?></span>
|
||||
class="mdl-tooltip mdl-tooltip--top">
|
||||
<?php echo __('Mark as Favorite'); ?>
|
||||
</span>
|
||||
<?php endif; ?>
|
||||
|
||||
<?php if ($accountSearchData->getNotes() !== ''): ?>
|
||||
@@ -191,7 +217,11 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<div class="mdl-tooltip mdl-tooltip--top"
|
||||
for="attachments-<?php echo $accountSearchData->getId(); ?>">
|
||||
<div class="tooltip-text">
|
||||
<?php printf('%s: %d', __('Attachments'), $accountSearchItem->getNumFiles()); ?>
|
||||
<?php printf(
|
||||
'%s: %d',
|
||||
__('Attachments'),
|
||||
$accountSearchItem->getNumFiles()
|
||||
); ?>
|
||||
</div>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
@@ -204,9 +234,17 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<div class="tooltip-text">
|
||||
<p class="tooltip-header"><?php echo __('Public Link'); ?></p>
|
||||
<p>
|
||||
<?php printf('%s: %s', __('Expiry Date'), DateUtil::getDateFromUnix($accountSearchData->getPublicLinkDateExpire())); ?>
|
||||
<?php printf(
|
||||
'%s: %s',
|
||||
__('Expiry Date'),
|
||||
DateUtil::getDateFromUnix($accountSearchData->getPublicLinkDateExpire())
|
||||
); ?>
|
||||
<br>
|
||||
<?php printf('%s: %s', __('Visits'), $accountSearchData->getPublicLinkTotalCountViews()); ?>
|
||||
<?php printf(
|
||||
'%s: %s',
|
||||
__('Visits'),
|
||||
$accountSearchData->getPublicLinkTotalCountViews()
|
||||
); ?>
|
||||
</p>
|
||||
</div>
|
||||
</div>
|
||||
@@ -215,7 +253,7 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<?php if ($wikiFilter
|
||||
&& $accountSearchItem->isWikiMatch($wikiFilter)): ?>
|
||||
<?php if (AccountSearchItem::$dokuWikiEnabled): ?>
|
||||
<a href="<?php echo $_getvar('wikiPageUrl'), $accountSearchData->getName(); ?>"
|
||||
<a href="<?php echo $_getvar('wikiPageUrl'), urldecode($accountSearchData->getName()); ?>"
|
||||
target="_blank">
|
||||
<i class="material-icons"
|
||||
title="<?php echo __('Link to Wiki'); ?>">library_books</i>
|
||||
@@ -223,10 +261,10 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<i class="btn-action material-icons fg-green100"
|
||||
title="<?php echo __('View at Wiki'); ?>"
|
||||
data-action-route="<?php echo ActionsInterface::WIKI_VIEW; ?>"
|
||||
data-pagename="<?php echo $accountSearchData->getName(); ?>"
|
||||
data-pagename="<?php echo htmlspecialchars($accountSearchData->getName(), ENT_QUOTES); ?>"
|
||||
data-onclick="wiki/show">library_books</i>
|
||||
<?php else: ?>
|
||||
<a href="<?php echo $_getvar('wikiPageUrl'), $accountSearchData->getName(); ?>"
|
||||
<a href="<?php echo $_getvar('wikiPageUrl'), urlencode($accountSearchData->getName()); ?>"
|
||||
target="_blank">
|
||||
<i class="material-icons"
|
||||
title="<?php echo __('Link to Wiki'); ?>">library_books</i>
|
||||
@@ -247,7 +285,9 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
class="btn-action material-icons <?php echo $action->getClassesAsString(), ' ', $action->getIcon()->getClass(); ?>"
|
||||
data-item-id="<?php echo $accountSearchData->getId(); ?>"
|
||||
data-parent-id="<?php echo $accountSearchData->getParentId(); ?>"
|
||||
<?php foreach ($action->getData() as $dataName => $dataValue): printf('data-%s="%s"', $dataName, $dataValue); endforeach; ?>>
|
||||
<?php foreach ($action->getData() as $dataName => $dataValue):
|
||||
printf('data-%s="%s"', $dataName, $dataValue);
|
||||
endforeach; ?>>
|
||||
<?php echo $action->getIcon()->getIcon(); ?></i>
|
||||
<span
|
||||
for="<?php echo $actionUid; ?>"
|
||||
@@ -270,9 +310,13 @@ $favoriteRouteOff = $_getvar('favoriteRouteOff');
|
||||
<li class="btn-action mdl-menu__item <?php echo $actionMenu->getClassesAsString(); ?>"
|
||||
data-item-id="<?php echo $accountSearchData->getId(); ?>"
|
||||
data-parent-id="<?php echo $accountSearchData->getParentId(); ?>"
|
||||
<?php foreach ($actionMenu->getData() as $dataName => $dataValue): printf('data-%s="%s"', $dataName, $dataValue); endforeach; ?>>
|
||||
<?php foreach ($actionMenu->getData() as $dataName => $dataValue):
|
||||
printf('data-%s="%s"', $dataName, $dataValue);
|
||||
endforeach; ?>>
|
||||
<i class="material-icons <?php echo $actionMenu->getIcon()->getClass(); ?>"
|
||||
title="<?php echo $actionMenu->getTitle(); ?>"><?php echo $actionMenu->getIcon()->getIcon(); ?></i>
|
||||
title="<?php echo $actionMenu->getTitle(); ?>">
|
||||
<?php echo $actionMenu->getIcon()->getIcon(); ?>
|
||||
</i>
|
||||
<?php echo $actionMenu->getName(); ?>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
|
||||
@@ -43,7 +43,7 @@ $pager = $data->getPager();
|
||||
<?php /** @var SelectItem $client */
|
||||
foreach ($_getvar('clients') as $client): ?>
|
||||
<option
|
||||
value="<?php echo $client->getId(); ?>" <?php echo $client->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($client->getName()); ?></option>
|
||||
value="<?php echo $client->getId(); ?>" <?php echo $client->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($client->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -53,7 +53,7 @@ $pager = $data->getPager();
|
||||
<?php /** @var SelectItem $category */
|
||||
foreach ($_getvar('categories') as $category): ?>
|
||||
<option
|
||||
value="<?php echo $category->getId(); ?>" <?php echo $category->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($category->getName()); ?></option>
|
||||
value="<?php echo $category->getId(); ?>" <?php echo $category->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($category->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</div>
|
||||
@@ -134,7 +134,7 @@ $pager = $data->getPager();
|
||||
<?php /** @var SelectItem $tag */
|
||||
foreach ($_getvar('tags') as $tag): ?>
|
||||
<option
|
||||
value="<?php echo $tag->getId(); ?>" <?php echo $tag->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($tag->getName()); ?></option>
|
||||
value="<?php echo $tag->getId(); ?>" <?php echo $tag->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($tag->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</div>
|
||||
|
||||
@@ -15,7 +15,7 @@ $customFields = $_getvar('customFields');
|
||||
foreach ($customFields as $index => $field):?>
|
||||
<tr>
|
||||
<td class="descField">
|
||||
<?php echo $field->definitionName; ?>
|
||||
<?php echo htmlspecialchars($field->definitionName, ENT_QUOTES); ?>
|
||||
<?php if ($field->isEncrypted && $field->isValueEncrypted === true): ?>
|
||||
<i class="icon material-icons mdl-color-text--teal-500"
|
||||
title="<?php echo __('Encrypted'); ?>">
|
||||
@@ -58,7 +58,7 @@ foreach ($customFields as $index => $field):?>
|
||||
maxlength="500"
|
||||
value="<?php echo !$_getvar('showViewCustomPass') && !empty($field->value) ? '***' : htmlspecialchars($field->value, ENT_QUOTES); ?>" <?php echo $field->required ? 'required' : ''; ?> <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="<?php echo $field->formId; ?>"><?php echo $field->definitionName; ?></label>
|
||||
for="<?php echo $field->formId; ?>"><?php echo htmlspecialchars($field->definitionName, ENT_QUOTES); ?></label>
|
||||
</div>
|
||||
<?php elseif ($field->typeName === 'textarea'): ?>
|
||||
<div class="mdl-textfield mdl-js-textfield">
|
||||
@@ -68,7 +68,7 @@ foreach ($customFields as $index => $field):?>
|
||||
name="customfield[<?php echo $field->definitionId; ?>]"
|
||||
id="<?php echo $field->formId; ?>" <?php echo $_getvar('readonly'); ?>><?php echo htmlspecialchars($field->value, ENT_QUOTES); ?></textarea>
|
||||
<label class="mdl-textfield__label"
|
||||
for="<?php echo $field->formId; ?>"><?php echo $field->definitionName; ?></label>
|
||||
for="<?php echo $field->formId; ?>"><?php echo htmlspecialchars($field->definitionName, ENT_QUOTES); ?></label>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
@@ -79,7 +79,7 @@ foreach ($customFields as $index => $field):?>
|
||||
maxlength="500"
|
||||
value="<?php echo htmlspecialchars($field->value, ENT_QUOTES); ?>" <?php echo $field->required ? 'required' : ''; ?> <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="<?php echo $field->formId; ?>"><?php echo $field->definitionName; ?></label>
|
||||
for="<?php echo $field->formId; ?>"><?php echo htmlspecialchars($field->definitionName, ENT_QUOTES); ?></label>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
|
||||
@@ -306,7 +306,7 @@ $disabled = $configData->isMaintenance() ? '' : 'disabled';
|
||||
<?php /** @var SelectItem $userGroup */
|
||||
foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -100,7 +100,7 @@ use SP\Mvc\View\Template;
|
||||
<?php /** @var SelectItem $userGroup */
|
||||
foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>" <?php echo $userGroup->getId() === $configData->getSsoDefaultGroup() ? 'selected' : ''; ?>><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
value="<?php echo $userGroup->getId(); ?>" <?php echo $userGroup->getId() === $configData->getSsoDefaultGroup() ? 'selected' : ''; ?>><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -126,7 +126,7 @@ use SP\Mvc\View\Template;
|
||||
<?php /** @var SelectItem $userProfile */
|
||||
foreach ($_getvar('userProfiles') as $userProfile): ?>
|
||||
<option
|
||||
value="<?php echo $userProfile->getId(); ?>" <?php echo ($userProfile->getId() === $configData->getSsoDefaultProfile()) ? 'selected' : ''; ?>><?php echo htmlentities($userProfile->getName()); ?></option>
|
||||
value="<?php echo $userProfile->getId(); ?>" <?php echo ($userProfile->getId() === $configData->getSsoDefaultProfile()) ? 'selected' : ''; ?>><?php echo htmlspecialchars($userProfile->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -40,7 +40,7 @@ use SP\Mvc\View\Template;
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($user->getName()); ?>
|
||||
<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -68,7 +68,7 @@ use SP\Mvc\View\Template;
|
||||
foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>" <?php echo $userGroup->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($userGroup->getName()); ?>
|
||||
<?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -322,7 +322,7 @@ use SP\Mvc\View\Template;
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"
|
||||
<?php echo $userGroup->getId() === $configData->getLdapDefaultGroup() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($userGroup->getName()); ?>
|
||||
<?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -353,7 +353,7 @@ use SP\Mvc\View\Template;
|
||||
<option
|
||||
value="<?php echo $userProfile->getId(); ?>"
|
||||
<?php echo ($userProfile->getId() === $configData->getLdapDefaultProfile()) ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($userProfile->getName()); ?>
|
||||
<?php echo htmlspecialchars($userProfile->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -461,9 +461,9 @@ use SP\Mvc\View\Template;
|
||||
<?php /** @var SelectItem $userAttribute */
|
||||
foreach ($_getvar('userAttributes') as $userAttribute): ?>
|
||||
<option
|
||||
value="<?php echo htmlentities($userAttribute->getName()); ?>"
|
||||
value="<?php echo $userAttribute->getName(); ?>"
|
||||
<?php echo $userAttribute->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($userAttribute->getName()); ?>
|
||||
<?php echo $userAttribute->getName(); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
@@ -495,9 +495,9 @@ use SP\Mvc\View\Template;
|
||||
<?php /** @var SelectItem $groupAttribute */
|
||||
foreach ($_getvar('groupAttributes') as $groupAttribute): ?>
|
||||
<option
|
||||
value="<?php echo htmlentities($groupAttribute->getName()); ?>"
|
||||
value="<?php echo $groupAttribute->getName(); ?>"
|
||||
<?php echo $groupAttribute->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlentities($groupAttribute->getName()); ?>
|
||||
<?php echo $groupAttribute->getName(); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -180,7 +180,7 @@ use SP\Mvc\View\Template;
|
||||
type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="128"
|
||||
value="<?php echo $configData->getDokuwikiNamespace(); ?>"/>
|
||||
value="<?php echo htmlspecialchars($configData->getDokuwikiNamespace(), ENT_QUOTES); ?>"/>
|
||||
<label class="mdl-textfield__label"
|
||||
for="dokuwiki_namespace"><?php echo __('Namespace'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -50,7 +50,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Client'); ?></option>
|
||||
<?php foreach ($_getvar('clients') as $client): ?>
|
||||
<option
|
||||
value="<?php echo $client->getId(); ?>"><?php echo htmlentities($client->getName()); ?></option>
|
||||
value="<?php echo $client->getId(); ?>"><?php echo htmlspecialchars($client->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -66,7 +66,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Category'); ?></option>
|
||||
<?php foreach ($_getvar('categories') as $category): ?>
|
||||
<option
|
||||
value="<?php echo $category->getId(); ?>"><?php echo htmlentities($category->getName()); ?></option>
|
||||
value="<?php echo $category->getId(); ?>"><?php echo htmlspecialchars($category->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -82,7 +82,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select User'); ?></option>
|
||||
<?php foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlentities($user->getName()); ?></option>
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -98,7 +98,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Group'); ?></option>
|
||||
<?php foreach ($_getvar('userGroups') as $group): ?>
|
||||
<option
|
||||
value="<?php echo $group->getId(); ?>"><?php echo htmlentities($group->getName()); ?></option>
|
||||
value="<?php echo $group->getId(); ?>"><?php echo htmlspecialchars($group->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -111,7 +111,7 @@ use SP\Mvc\View\Template;
|
||||
class="select-box-tags">
|
||||
<option value=""><?php echo __('Select Tags'); ?></option>
|
||||
<?php foreach ($_getvar('tags') as $tag): ?>
|
||||
<option value="<?php echo $tag->getId(); ?>"><?php echo htmlentities($tag->getName()); ?></option>
|
||||
<option value="<?php echo $tag->getId(); ?>"><?php echo htmlspecialchars($tag->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -135,7 +135,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Users'); ?></option>
|
||||
<?php foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlentities($user->getName()); ?></option>
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -160,7 +160,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Users'); ?></option>
|
||||
<?php foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlentities($user->getName()); ?></option>
|
||||
value="<?php echo $user->getId(); ?>"><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -192,7 +192,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Groups'); ?></option>
|
||||
<?php foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -217,7 +217,7 @@ use SP\Mvc\View\Template;
|
||||
<option value=""><?php echo __('Select Groups'); ?></option>
|
||||
<?php foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
value="<?php echo $userGroup->getId(); ?>"><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
|
||||
@@ -34,7 +34,7 @@ $authToken = $_getvar('authToken');
|
||||
<option value=""><?php echo __('Select User'); ?></option>
|
||||
<?php /** @var SelectItem $user */
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php printf('%s (%s)', htmlentities($user->getName()), htmlentities($user->getItemProperty('login'))); ?></option>
|
||||
<option value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php printf('%s (%s)', htmlspecialchars($user->getName(), ENT_QUOTES), htmlspecialchars($user->getItemProperty('login'), ENT_QUOTES)); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -50,7 +50,7 @@ $authToken = $_getvar('authToken');
|
||||
<option value=""><?php echo __('Select Action'); ?></option>
|
||||
<?php /** @var SelectItem $action */
|
||||
foreach ($_getvar('actions') as $action): ?>
|
||||
<option value="<?php echo $action->getId(); ?>" <?php echo $action->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($action->getName()); ?></option>
|
||||
<option value="<?php echo $action->getId(); ?>" <?php echo $action->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($action->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -31,7 +31,7 @@ $category = $_getvar('category');
|
||||
<input id="name" name="name" type="text" required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($category->getName()); ?>">
|
||||
value="<?php echo htmlspecialchars($category->getName(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Category name'); ?></label>
|
||||
</div>
|
||||
@@ -44,7 +44,7 @@ $category = $_getvar('category');
|
||||
<input id="description" name="description" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($category->getDescription()); ?>">
|
||||
value="<?php echo htmlspecialchars($category->getDescription(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="description"><?php echo __('Category description'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -31,7 +31,7 @@ $client = $_getvar('client');
|
||||
<input id="name" name="name" type="text" required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($client->getName()); ?>">
|
||||
value="<?php echo htmlspecialchars($client->getName(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Client name'); ?></label>
|
||||
</div>
|
||||
@@ -45,7 +45,7 @@ $client = $_getvar('client');
|
||||
<input id="description" name="description" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($client->getDescription()); ?>">
|
||||
value="<?php echo htmlspecialchars($client->getDescription(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="description"><?php echo __('Client description'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -33,7 +33,7 @@ $field = $_getvar('field');
|
||||
<input id="name" name="name" type="text" required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($field->getName()); ?>">
|
||||
value="<?php echo htmlspecialchars($field->getName(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Field name'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -17,7 +17,7 @@ $fileData = $_getvar('fileData');
|
||||
<?php if ($_getvar('isImage')): ?>
|
||||
<img src="data:'<?php echo $fileData->getType(); ?>;base64, <?php echo $_getvar('data'); ?>"
|
||||
border="0"/>
|
||||
<div class="title"><?php echo $fileData->getName(); ?></div>
|
||||
<div class="title"><?php echo htmlspecialchars($fileData->getName(), ENT_QUOTES); ?></div>
|
||||
<?php else: ?>
|
||||
<pre><?php echo $_getvar('data'); ?></pre>
|
||||
<?php endif; ?>
|
||||
@@ -65,7 +65,7 @@ $password = $_getvar('password');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<input id="regex" name="regex" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($password->getRegex()); ?>"/>
|
||||
value="<?php echo htmlspecialchars($password->getRegex(), ENT_QUOTES); ?>"/>
|
||||
<label class="mdl-textfield__label"
|
||||
for="regex"><?php echo __('Regular Expression'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -27,7 +27,7 @@ use SP\Mvc\View\Template;
|
||||
<?php if ($user->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"
|
||||
<?php echo $user->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
<?php echo $user->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -45,7 +45,7 @@ use SP\Mvc\View\Template;
|
||||
<?php if ($user->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>"
|
||||
<?php echo $user->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
<?php echo $user->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -70,7 +70,7 @@ use SP\Mvc\View\Template;
|
||||
<?php if ($userGroup->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
@@ -88,7 +88,7 @@ use SP\Mvc\View\Template;
|
||||
<?php if ($userGroup->isSkip()): continue; endif; ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>"
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
<?php echo $userGroup->isSelected() ? 'selected' : '' ?>><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
|
||||
|
||||
@@ -48,7 +48,7 @@ $preset = $_getvar('preset');
|
||||
<?php /** @var SelectItem $user */
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -66,7 +66,7 @@ $preset = $_getvar('preset');
|
||||
<?php /** @var SelectItem $userGroup */
|
||||
foreach ($_getvar('userGroups') as $userGroup): ?>
|
||||
<option
|
||||
value="<?php echo $userGroup->getId(); ?>" <?php echo $userGroup->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($userGroup->getName()); ?></option>
|
||||
value="<?php echo $userGroup->getId(); ?>" <?php echo $userGroup->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($userGroup->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -84,7 +84,7 @@ $preset = $_getvar('preset');
|
||||
<?php /** @var SelectItem $userProfile */
|
||||
foreach ($_getvar('userProfiles') as $userProfile): ?>
|
||||
<option
|
||||
value="<?php echo $userProfile->getId(); ?>" <?php echo $userProfile->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($userProfile->getName()); ?></option>
|
||||
value="<?php echo $userProfile->getId(); ?>" <?php echo $userProfile->isSelected() ? 'selected' : ''; ?>><?php echo htmlspecialchars($userProfile->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -35,7 +35,14 @@ $publicLink = $_getvar('publicLink');
|
||||
<?php /** @var SelectItem $account */
|
||||
foreach ($_getvar('accounts') as $account): ?>
|
||||
<option
|
||||
value="<?php echo $account->getId(); ?>" <?php echo $account->isSelected() ? 'selected' : ''; ?>><?php printf('%s (%s)', htmlentities($account->getName()), htmlentities($account->getItemProperty('clientName'))); ?></option>
|
||||
value="<?php echo $account->getId(); ?>"
|
||||
<?php echo $account->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php printf(
|
||||
'%s (%s)',
|
||||
htmlspecialchars($account->getName(), ENT_QUOTES),
|
||||
htmlspecialchars($account->getItemProperty('clientName'), ENT_QUOTES)
|
||||
); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
|
||||
@@ -30,7 +30,7 @@ $tag = $_getvar('tag');
|
||||
<input id="name" name="name" type="text" required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($tag->getName()); ?>">
|
||||
value="<?php echo htmlspecialchars($tag->getName(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Tag name'); ?></label>
|
||||
</div>
|
||||
|
||||
@@ -48,7 +48,7 @@ $user = $_getvar('user');
|
||||
<input id="name" name="name" type="text"
|
||||
required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>"
|
||||
maxlength="80" <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Full username'); ?></label>
|
||||
@@ -63,7 +63,7 @@ $user = $_getvar('user');
|
||||
<input id="login" name="login" type="text"
|
||||
required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($user->getLogin(), ENT_QUOTES); ?>"
|
||||
maxlength="80" <?php echo $user->isLdap() ? 'readonly' : $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="login"><?php echo __('Session login'); ?></label>
|
||||
@@ -83,7 +83,7 @@ $user = $_getvar('user');
|
||||
<input id="login_sso" name="login_sso"
|
||||
type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getSsoLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($user->getSsoLogin(), ENT_QUOTES); ?>"
|
||||
maxlength="100" <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="login_sso"><?php echo __('Session login with SSO'); ?></label>
|
||||
@@ -99,7 +99,7 @@ $user = $_getvar('user');
|
||||
<input id="email" name="email" type="email"
|
||||
required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getEmail()); ?>"
|
||||
value="<?php echo htmlspecialchars($user->getEmail(), ENT_QUOTES); ?>"
|
||||
maxlength="50" <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="email"><?php echo __('Email address'); ?></label>
|
||||
@@ -153,7 +153,7 @@ $user = $_getvar('user');
|
||||
<?php /** @var SelectItem $profile */
|
||||
foreach ($_getvar('profiles') as $profile): ?>
|
||||
<option
|
||||
value="<?php echo $profile->getId(); ?>" <?php echo ($profile->getId() === $user->getUserProfileId()) ? 'selected' : ''; ?>><?php echo htmlentities($profile->getName()); ?></option>
|
||||
value="<?php echo $profile->getId(); ?>" <?php echo ($profile->getId() === $user->getUserProfileId()) ? 'selected' : ''; ?>><?php echo htmlspecialchars($profile->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -171,7 +171,7 @@ $user = $_getvar('user');
|
||||
<?php /** @var SelectItem $group */
|
||||
foreach ($_getvar('groups') as $group): ?>
|
||||
<option
|
||||
value="<?php echo $group->getId(); ?>" <?php echo ($group->getId() === $user->getUserGroupId()) ? 'selected' : ''; ?>><?php echo htmlentities($group->getName()); ?></option>
|
||||
value="<?php echo $group->getId(); ?>" <?php echo ($group->getId() === $user->getUserGroupId()) ? 'selected' : ''; ?>><?php echo htmlspecialchars($group->getName(), ENT_QUOTES); ?></option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -183,7 +183,9 @@ $user = $_getvar('user');
|
||||
<div class="mdl-textfield mdl-js-textfield mdl-textfield--floating-label">
|
||||
<textarea class="mdl-textfield__input" rows="3"
|
||||
id="notes" name="notes"
|
||||
maxlength="1000" <?php echo $_getvar('readonly'); ?>><?php echo htmlspecialchars($user->getNotes(), ENT_QUOTES); ?></textarea>
|
||||
maxlength="1000" <?php echo $_getvar('readonly'); ?>>
|
||||
<?php echo htmlspecialchars($user->getNotes(), ENT_QUOTES); ?>
|
||||
</textarea>
|
||||
<label class="mdl-textfield__label"
|
||||
for="notes"><?php echo __('Notes'); ?></label>
|
||||
</div>
|
||||
@@ -338,7 +340,11 @@ $user = $_getvar('user');
|
||||
title="<?php echo $item->ref; ?>">
|
||||
<span class="mdl-list__item-primary-content">
|
||||
<i class="material-icons mdl-list__item-icon"><?php echo $item->icon; ?></i>
|
||||
<?php printf('%s: %s', $item->ref, htmlentities($item->name) ?: $item->id); ?>
|
||||
<?php printf(
|
||||
'%s: %s',
|
||||
$item->ref,
|
||||
htmlspecialchars($item->name, ENT_QUOTES) ?: $item->id
|
||||
); ?>
|
||||
</span>
|
||||
</li>
|
||||
<?php endforeach; ?>
|
||||
|
||||
@@ -34,7 +34,7 @@ $group = $_getvar('group');
|
||||
<input id="name" name="name" type="text" required
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlentities($group->getName()); ?>">
|
||||
value="<?php echo htmlspecialchars($group->getName(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="name"><?php echo __('Group name'); ?></label>
|
||||
</div>
|
||||
@@ -48,7 +48,7 @@ $group = $_getvar('group');
|
||||
<input id="description" name="description" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
maxlength="50"
|
||||
value="<?php echo htmlspecialchars($group->getDescription()); ?>">
|
||||
value="<?php echo htmlspecialchars($group->getDescription(), ENT_QUOTES); ?>">
|
||||
<label class="mdl-textfield__label"
|
||||
for="description"><?php echo __('Group description'); ?></label>
|
||||
</div>
|
||||
@@ -68,7 +68,10 @@ $group = $_getvar('group');
|
||||
<?php /** @var SelectItem $user */
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
value="<?php echo $user->getId(); ?>"
|
||||
<?php echo $user->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
<?php else: ?>
|
||||
@@ -78,7 +81,9 @@ $group = $_getvar('group');
|
||||
<?php /** @var SelectItem $user */
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<?php if ($user->isSelected()): ?>
|
||||
<span class="tag"><?php echo htmlentities($user->getName()); ?></span>
|
||||
<span class="tag">
|
||||
<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>
|
||||
</span>
|
||||
<?php endif; ?>
|
||||
<?php endforeach; ?>
|
||||
</div>
|
||||
@@ -106,9 +111,17 @@ $group = $_getvar('group');
|
||||
<i class="material-icons mdl-list__item-icon"
|
||||
title="<?php echo __('User'); ?>">person</i>
|
||||
<?php if ($user->ref === 'UserGroup'): ?>
|
||||
<?php printf('%s (%s)*', htmlentities($user->name), htmlentities($user->login)); ?>
|
||||
<?php printf(
|
||||
'%s (%s)*',
|
||||
htmlspecialchars($user->name, ENT_QUOTES),
|
||||
htmlspecialchars($user->login, ENT_QUOTES)
|
||||
); ?>
|
||||
<?php else: ?>
|
||||
<?php printf('%s (%s)', htmlentities($user->name), htmlentities($user->login)); ?>
|
||||
<?php printf(
|
||||
'%s (%s)',
|
||||
htmlspecialchars($user->name, ENT_QUOTES),
|
||||
htmlspecialchars($user->login, ENT_QUOTES)
|
||||
); ?>
|
||||
<?php endif; ?>
|
||||
</span>
|
||||
</li>
|
||||
|
||||
@@ -29,7 +29,7 @@ $user = $_getvar('user');
|
||||
<div class="mdl-textfield mdl-js-textfield">
|
||||
<input id="name" name="name" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getName()); ?>" readonly
|
||||
value="<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>" readonly
|
||||
disabled/>
|
||||
</div>
|
||||
</td>
|
||||
@@ -41,7 +41,7 @@ $user = $_getvar('user');
|
||||
<div class="mdl-textfield mdl-js-textfield">
|
||||
<input id="login" name="login" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo htmlentities($user->getLogin()); ?>"
|
||||
value="<?php echo htmlspecialchars($user->getLogin(), ENT_QUOTES); ?>"
|
||||
readonly disabled/>
|
||||
</div>
|
||||
</td>
|
||||
|
||||
@@ -578,7 +578,7 @@ $profileData = $_getvar('profileData');
|
||||
<input id="profile_name" name="profile_name" type="text"
|
||||
required
|
||||
class="mdl-textfield__input"
|
||||
value="<?php echo htmlentities($profile->getName()); ?>"
|
||||
value="<?php echo htmlspecialchars($profile->getName(), ENT_QUOTES); ?>"
|
||||
maxlength="50" <?php echo $_getvar('readonly'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="profile_name"><?php echo __('Profile name'); ?></label>
|
||||
|
||||
@@ -1,10 +1,10 @@
|
||||
<?php
|
||||
/**
|
||||
* @var NotificationData $notification
|
||||
* @var ThemeIcons $icons
|
||||
* @var NotificationData $notification
|
||||
* @var ThemeIcons $icons
|
||||
* @var \SP\Config\ConfigDataInterface $configData
|
||||
* @var callable $_getvar
|
||||
* @var Template $this
|
||||
* @var callable $_getvar
|
||||
* @var Template $this
|
||||
*/
|
||||
|
||||
use SP\Core\UI\ThemeIcons;
|
||||
@@ -60,7 +60,8 @@ $notification = $_getvar('notification');
|
||||
<input id="notification_date"
|
||||
name="notification_date" type="text"
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
value="<?php echo DateUtil::getDateFromUnix($notification->getDate()); ?>" <?php echo $_getvar('disabled'); ?>>
|
||||
value="<?php echo DateUtil::getDateFromUnix($notification->getDate()); ?>"
|
||||
<?php echo $_getvar('disabled'); ?>>
|
||||
<label class="mdl-textfield__label"
|
||||
for="notification_date"><?php echo __('Date'); ?></label>
|
||||
</div>
|
||||
@@ -76,13 +77,15 @@ $notification = $_getvar('notification');
|
||||
class="mdl-textfield__input mdl-color-text--indigo-400"
|
||||
type="text" rows="3"
|
||||
id="notification_description"
|
||||
name="notification_description" <?php echo $_getvar('readonly'); ?>><?php echo $notification->getDescription(); ?></textarea>
|
||||
name="notification_description" <?php echo $_getvar('readonly'); ?>>
|
||||
<?php echo htmlspecialchars($notification->getDescription(), ENT_QUOTES); ?>
|
||||
</textarea>
|
||||
<label class="mdl-textfield__label"
|
||||
for="notification_description"><?php echo __('Description'); ?></label>
|
||||
</div>
|
||||
<?php else: ?>
|
||||
<div class="notification-description">
|
||||
<?php echo $notification->getDescription(); ?>
|
||||
<?php echo htmlspecialchars($notification->getDescription(), ENT_QUOTES); ?>
|
||||
</div>
|
||||
<?php endif; ?>
|
||||
</td>
|
||||
@@ -99,8 +102,10 @@ $notification = $_getvar('notification');
|
||||
<option value=""><?php echo __('Select User'); ?></option>
|
||||
<?php /** @var SelectItem $user */
|
||||
foreach ($_getvar('users') as $user): ?>
|
||||
<option
|
||||
value="<?php echo $user->getId(); ?>" <?php echo $user->isSelected() ? 'selected' : ''; ?>><?php echo htmlentities($user->getName()); ?></option>
|
||||
<option value="<?php echo $user->getId(); ?>"
|
||||
<?php echo $user->isSelected() ? 'selected' : ''; ?>>
|
||||
<?php echo htmlspecialchars($user->getName(), ENT_QUOTES); ?>
|
||||
</option>
|
||||
<?php endforeach; ?>
|
||||
</select>
|
||||
</td>
|
||||
@@ -114,7 +119,8 @@ $notification = $_getvar('notification');
|
||||
title="<?php echo __('Global notification'); ?>">
|
||||
<input type="checkbox" id="notification_sticky"
|
||||
class="mdl-switch__input mdl-color-text--indigo-400"
|
||||
name="notification_sticky" <?php echo $notification->isSticky() ? 'checked' : ' '; ?> <?php echo $_getvar('disabled'); ?>/>
|
||||
name="notification_sticky" <?php echo $notification->isSticky() ? 'checked'
|
||||
: ' '; ?> <?php echo $_getvar('disabled'); ?>/>
|
||||
<span class="mdl-switch__label"><?php echo __('Global'); ?></span>
|
||||
</label>
|
||||
|
||||
@@ -123,7 +129,9 @@ $notification = $_getvar('notification');
|
||||
title="<?php echo __('Only for application administrators'); ?>">
|
||||
<input type="checkbox" id="notification_onlyadmin"
|
||||
class="mdl-switch__input mdl-color-text--indigo-400"
|
||||
name="notification_onlyadmin" <?php echo $notification->isOnlyAdmin() ? 'checked' : ' '; ?> <?php echo $_getvar('disabled'); ?>/>
|
||||
name="notification_onlyadmin"
|
||||
<?php echo $notification->isOnlyAdmin() ? 'checked' : ' '; ?>
|
||||
<?php echo $_getvar('disabled'); ?>/>
|
||||
<span class="mdl-switch__label"><?php echo __('Only Admins'); ?></span>
|
||||
</label>
|
||||
|
||||
@@ -132,7 +140,9 @@ $notification = $_getvar('notification');
|
||||
title="<?php echo __('Read'); ?>">
|
||||
<input type="checkbox" id="notification_checkout"
|
||||
class="mdl-switch__input mdl-color-text--indigo-400"
|
||||
name="notification_checkout" <?php echo $notification->isChecked() ? 'checked' : ' '; ?> <?php echo $_getvar('disabled'); ?>/>
|
||||
name="notification_checkout"
|
||||
<?php echo $notification->isChecked() ? 'checked' : ' '; ?>
|
||||
<?php echo $_getvar('disabled'); ?>/>
|
||||
<span class="mdl-switch__label"><?php echo __('Read'); ?></span>
|
||||
</label>
|
||||
</td>
|
||||
@@ -145,7 +155,8 @@ $notification = $_getvar('notification');
|
||||
<?php if (!$_getvar('isView')): ?>
|
||||
<div class="action-in-box">
|
||||
<button
|
||||
class="mdl-button mdl-js-button mdl-button--fab mdl-button--mini-fab mdl-button--colored <?php echo $icons->getIconSave()->getClassButton(); ?>"
|
||||
class="mdl-button mdl-js-button mdl-button--fab mdl-button--mini-fab mdl-button--colored <?php echo $icons->getIconSave(
|
||||
)->getClassButton(); ?>"
|
||||
form="frmNotices"
|
||||
title="<?php echo $icons->getIconSave()->getTitle(); ?>">
|
||||
<i class="material-icons"><?php echo $icons->getIconSave()->getIcon(); ?></i>
|
||||
|
||||
Reference in New Issue
Block a user