Menu
▾
▴
[Tikiwiki-cvs/svn] SF.net SVN: tikiwiki:[24760] trunk
|
From: <ch...@us...> - 2010-01-30 21:26:23
|
Revision: 24760
http://tikiwiki.svn.sourceforge.net/tikiwiki/?rev=24760&view=rev
Author: chealer
Date: 2010-01-30 21:26:06 +0000 (Sat, 30 Jan 2010)
Log Message:
-----------
[FIX] HTML special chars escaping
[FIX] colons inside tr blocks
[FIX] translation: duplicate form value source_page
Modified Paths:
--------------
trunk/templates/tiki-choose_page_language.tpl
trunk/templates/tiki-edit_translation.tpl
trunk/templates/tiki-editpage.tpl
trunk/templates/tiki-rollback.tpl
trunk/templates/wiki_edit_actions.tpl
trunk/tiki-rollback.php
Modified: trunk/templates/tiki-choose_page_language.tpl
===================================================================
--- trunk/templates/tiki-choose_page_language.tpl 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/templates/tiki-choose_page_language.tpl 2010-01-30 21:26:06 UTC (rev 24760)
@@ -1,12 +1,12 @@
<h1>{tr}Please choose the language for this page:{/tr}</h1>
<div class="cbox-data">
<p>
- <strong>Page: "{$page}"</strong>
+ <strong>Page: "{$page|escape}"</strong>
</p>
<form enctype="multipart/form-data" method="get" action="tiki-editpage.php?page={$page|escape:'url'}" id='editpageform' name='editpageform'>
{* Repeat all arguments from the page creation request *}
{foreach from=$_REQUEST key=request_key item=request_val}
- <input type="hidden" name="{$request_key}" value="{$request_val}"/>
+ <input type="hidden" name="{$request_key}" value="{$request_val|escape}"/>
{/foreach}
<input type="hidden" name="need_lang" value="n"/>
Modified: trunk/templates/tiki-edit_translation.tpl
===================================================================
--- trunk/templates/tiki-edit_translation.tpl 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/templates/tiki-edit_translation.tpl 2010-01-30 21:26:06 UTC (rev 24760)
@@ -77,7 +77,6 @@
{/if}
<p>
<input type="submit" value="{tr}Create translation{/tr}"/></p>
- <input type="hidden" name="source_page" value="{$page}"/>
<textarea name="edit" style="display:none">{$translate_message}{$pagedata|escape:'htmlall':'UTF-8'}</textarea>
</form>
Modified: trunk/templates/tiki-editpage.tpl
===================================================================
--- trunk/templates/tiki-editpage.tpl 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/templates/tiki-editpage.tpl 2010-01-30 21:26:06 UTC (rev 24760)
@@ -100,7 +100,7 @@
<div id="diff_outer">
<div style="overflow:auto;height:20ex;" id="diff_history">
{if $translation_mode == 'y'}
- <h2>{tr}Translate from{/tr}: {$source_page}</h2>
+ <h2>{tr}Translate from:{/tr} {$source_page|escape}</h2>
{tr}Changes that need to be translated are highlighted below.{/tr}
{/if}
{include file='pagehistory.tpl' cant=0}
@@ -165,26 +165,26 @@
{tr 0=$page_badchars_display|escape}The page name specified contains characters that may render the page hard to access. You may want to consider removing those: <strong>%0</strong>{/tr}
{/if}
{/remarksbox}
- <p>{tr}Page name{/tr}: <input type="text" name="page" value="{$page|escape}" /></p>
+ <p>{tr}Page name:{/tr} <input type="text" name="page" value="{$page|escape}" /></p>
{else}
- <input type="hidden" name="page" value="{$page}" />
+ <input type="hidden" name="page" value="{$page|escape}" />
{* the above hidden field is needed for auto-save to work *}
{/if}
{tabset name='tabs_editpage'}
{tab name="{tr}Edit page{/tr}"}
{if $translation_mode == 'y'}
<div class="translation_message">
- <h2>{tr}Translate to{/tr}: {$target_page}</h2>
+ <h2>{tr}Translate to:{/tr} {$target_page|escape}</h2>
<p>{tr}Reproduce the changes highlighted on the left using the editor below{/tr}.</p>
</div>
{/if}
{textarea}{$pagedata}{/textarea}
{if $page|lower neq 'sandbox'}
<fieldset>
- <label for="comment">{tr}Describe the change you made{/tr}: {help url='Editing+Wiki+Pages' desc='{tr}Edit comment: Enter some text to describe the changes you are currently making{/tr}'}</label>
+ <label for="comment">{tr}Describe the change you made:{/tr} {help url='Editing+Wiki+Pages' desc='{tr}Edit comment: Enter some text to describe the changes you are currently making{/tr}'}</label>
<input style="width:98%;" class="wikiedit" type="text" id="comment" name="comment" value="{$commentdata|escape}" />
{if $show_watch eq 'y'}
- <label for="watch">{tr}Monitor this page{/tr}:</label>
+ <label for="watch">{tr}Monitor this page:{/tr}</label>
<input type="checkbox" id="watch" name="watch" value="1"{if $watch_checked eq 'y'} checked="checked"{/if} />
{/if}
</fieldset>
@@ -198,7 +198,7 @@
{/if}
{if $wysiwyg neq 'y' and $prefs.feature_wiki_pictures eq 'y' and $tiki_p_upload_picture eq 'y' and $prefs.feature_filegals_manager neq 'y'}
<fieldset>
- <legend>{tr}Upload picture{/tr}:</legend>
+ <legend>{tr}Upload picture:{/tr}</legend>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000000" />
<input type="hidden" name="hasAlreadyInserted" value="" />
<input type="hidden" name="prefix" value="/img/wiki_up/{if $tikidomain}{$tikidomain}/{/if}" />
@@ -233,7 +233,7 @@
{tab name="{tr}Tools{/tr}"}
{if $prefs.feature_wiki_templates eq 'y' and $tiki_p_use_content_templates eq 'y'}
<fieldset>
- <legend>{tr}Apply template{/tr}:</legend>
+ <legend>{tr}Apply template:{/tr}</legend>
<select id="templateId" name="templateId" onchange="javascript:document.getElementById('editpageform').submit();" onclick="needToConfirm = false;">
<option value="0">{tr}none{/tr}</option>
{section name=ix loop=$templates}
@@ -279,9 +279,9 @@
//--><!]]>
</script>
<fieldset>
- <legend>{tr}Regex search {/tr}:</legend>
+ <legend>{tr}Regex search:{/tr}</legend>
<input style="width:100;" class="wikiedit" type="text" id="search"/>
- <label>{tr}Replace with{/tr}:
+ <label>{tr}Replace with:{/tr}
<input style="width:100;" class="wikiedit" type="text" id="replace"/></label>
<label><input type="checkbox" id="caseinsens" />{tr}Case Insensitivity{/tr}</label>
<input type="button" value="{tr}Replace{/tr}" onclick="javascript:searchrep();">
@@ -289,19 +289,19 @@
{/if}
{if $prefs.wiki_spellcheck eq 'y'}
<fieldset>
- <legend>{tr}Spellcheck{/tr}:</legend>
+ <legend>{tr}Spellcheck:{/tr}</legend>
<input type="checkbox" id="spellcheck"name="spellcheck" {if $spellcheck eq 'y'}checked="checked"{/if}/>
</fieldset>
{/if}
{if $prefs.feature_wiki_allowhtml eq 'y' and $tiki_p_use_HTML eq 'y' and $wysiwyg neq 'y'}
<fieldset>
- <legend>{tr}Allow HTML{/tr}:</legend>
+ <legend>{tr}Allow HTML:{/tr}</legend>
<input type="checkbox" id="allowhtml" name="allowhtml" {if $allowhtml eq 'y'}checked="checked"{/if}/>
</fieldset>
{/if}
{if $prefs.feature_wiki_import_html eq 'y'}
<fieldset>
- <legend>{tr}Import HTML{/tr}:</legend>
+ <legend>{tr}Import HTML:{/tr}</legend>
<input class="wikiedit" type="text" id="suck_url" name="suck_url" value="{$suck_url|escape}" />
<input type="submit" class="wikiaction" name="do_suck" value="{tr}Import{/tr}" onclick="needToConfirm=false;" />
<label><input type="checkbox" name="parsehtml" {if $parsehtml eq 'y'}checked="checked"{/if}/>
@@ -311,7 +311,7 @@
{if $tiki_p_admin_wiki eq 'y' && $prefs.feature_wiki_import_page eq 'y'}
<fieldset>
- <legend>{tr}Import page{/tr}:</legend>
+ <legend>{tr}Import page:{/tr}</legend>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000000" />
<input id="userfile1" name="userfile1" type="file" />
{if $prefs.feature_wiki_export eq 'y' and $tiki_p_admin_wiki eq 'y'}
@@ -323,12 +323,12 @@
{if $wysiwyg neq 'y'}
{if $prefs.feature_wiki_attachments == 'y' and ($tiki_p_wiki_attach_files eq 'y' or $tiki_p_wiki_admin_attachments eq 'y')}
<fieldset>
- <legend>{tr}Upload file{/tr}:</legend>
+ <legend>{tr}Upload file:{/tr}</legend>
<input type="hidden" name="MAX_FILE_SIZE" value="1000000000" />
<input type="hidden" name="hasAlreadyInserted2" value="" />
<input type="hidden" id="page2" name="page2" value="{$page}" />
<input name="userfile2" type="file" id="attach-upload" />
- <label>{tr}Comment{/tr}:<input type="text" name="attach_comment" maxlength="250" id="attach-comment" /></label>
+ <label>{tr}Comment:{/tr}<input type="text" name="attach_comment" maxlength="250" id="attach-comment" /></label>
<input type="submit" class="wikiaction" name="attach" value="{tr}Attach{/tr}" onclick="javascript:needToConfirm=false;insertImgFile('editwiki','userfile2','hasAlreadyInserted2','file', 'page2', 'attach_comment'); return true;" />
</fieldset>
{/if}
@@ -341,7 +341,7 @@
{if $page|lower neq 'sandbox'}
{if $prefs.wiki_feature_copyrights eq 'y'}
<fieldset>
- <legend>{tr}Copyright{/tr}:</legend>
+ <legend>{tr}Copyright:{/tr}</legend>
<table border="0">
<tr class="formcolor">
<td><label for="copyrightTitle">{tr}Title:{/tr}</label></td>
@@ -404,10 +404,10 @@
{/if}
{if $prefs.wiki_feature_copyrights eq 'y'}
<fieldset>
- <legend>{tr}License{/tr}:</legend>
+ <legend>{tr}License:{/tr}</legend>
<a href="{$prefs.wikiLicensePage|sefurl}">{tr}{$prefs.wikiLicensePage}{/tr}</a>
{if $prefs.wikiSubmitNotice neq ""}
- {remarksbox type="note" title="{tr}Important{/tr}:"}
+ {remarksbox type="note" title="{tr}Important:{/tr}"}
<strong>{tr}{$prefs.wikiSubmitNotice}{/tr}</strong>
{/remarksbox}
{/if}
@@ -423,9 +423,9 @@
{if $prefs.feature_wiki_description eq 'y' or $prefs.metatag_pagedesc eq 'y'}
<fieldset>
{if $prefs.metatag_pagedesc eq 'y'}
- <legend>{tr}Description (used for metatags){/tr}:</legend>
+ <legend>{tr}Description (used for metatags):{/tr}</legend>
{else}
- <legend>{tr}Description{/tr}:</legend>
+ <legend>{tr}Description:{/tr}</legend>
{/if}
<input style="width:98%;" type="text" id="description" name="description" value="{$description|escape}" />
</fieldset>
@@ -433,14 +433,14 @@
{if $prefs.feature_wiki_footnotes eq 'y'}
{if $user}
<fieldset>
- <legend>{tr}My Footnotes{/tr}:</legend>
+ <legend>{tr}My Footnotes:{/tr}</legend>
<textarea id="footnote" name="footnote" rows="8" cols="42" style="width:98%;" >{$footnote|escape}</textarea>
</fieldset>
{/if}
{/if}
{if $prefs.feature_wiki_ratings eq 'y' and $tiki_p_wiki_admin_ratings eq 'y'}
<fieldset>
- <legend>{tr}Use rating{/tr}:</legend>
+ <legend>{tr}Use rating:{/tr}</legend>
{foreach from=$poll_rated item=rating}
<div>
@@ -479,7 +479,7 @@
{/if}
{if $prefs.feature_multilingual eq 'y'}
<fieldset>
- <legend>{tr}Language{/tr}:</legend>
+ <legend>{tr}Language:{/tr}</legend>
<select name="lang" id="lang">
<option value="">{tr}Unknown{/tr}</option>
{section name=ix loop=$languages}
@@ -492,14 +492,13 @@
</fieldset>
{if $trads|@count > 1 and $urgent_allowed}
<fieldset {if $prefs.feature_urgent_translation neq 'y' or $diff_style} style="display:none;"{/if}>
- <legend>{tr}Translation request{/tr}:</legend>
+ <legend>{tr}Translation request:{/tr}</legend>
<input type="hidden" name="lang" value="{$lang|escape}"/>
<input type="checkbox" id="translation_critical" name="translation_critical" id="translation_critical"{if $translation_critical} checked="checked"{/if}/>
<label for="translation_critical">{tr}Send urgent translation request.{/tr}</label>
{if $diff_style}
<input type="hidden" name="oldver" value="{$diff_oldver|escape}"/>
<input type="hidden" name="newver" value="{$diff_newver|escape}"/>
- <input type="hidden" name="source_page" value="{$source_page|escape}"/>
{/if}
</fieldset>
{/if}
Modified: trunk/templates/tiki-rollback.tpl
===================================================================
--- trunk/templates/tiki-rollback.tpl 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/templates/tiki-rollback.tpl 2010-01-30 21:26:06 UTC (rev 24760)
@@ -1,6 +1,6 @@
-{title}{tr}Rollback page{/tr} {$page} {tr}to version{/tr} {$version}{/title}
+{title}{tr}Rollback page{/tr} {$page|escape} {tr}to version{/tr} {$version}{/title}
-<form action="tiki-rollback.php?page={$page|escape}&version={$version|escape}&rollback=y" method="post">
+<form action="tiki-rollback.php?page={$page|escape:url}&version={$version|escape}&rollback=y" method="post">
<input type="submit" name="rollback" value="{tr}Rollback{/tr}" />
<div class="wikitext">{$preview.data}</div>
<div align="center">
Modified: trunk/templates/wiki_edit_actions.tpl
===================================================================
--- trunk/templates/wiki_edit_actions.tpl 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/templates/wiki_edit_actions.tpl 2010-01-30 21:26:06 UTC (rev 24760)
@@ -4,8 +4,8 @@
{if $page|lower neq 'sandbox' or $tiki_p_admin eq 'y'}
{if ! $page_badchars_display or $prefs.wiki_badchar_prevent neq 'y'}
{if $translation_mode eq 'y'}
- <input type="hidden" name="source_page" value="{$source_page}"/>
- <input type="hidden" name="target_page" value="{$target_page}"/>
+ <input type="hidden" name="source_page" value="{$source_page|escape}"/>
+ <input type="hidden" name="target_page" value="{$target_page|escape}"/>
<input type="submit" class="wikiaction tips" title="{tr}Edit wiki page{/tr}|{tr}Save the page as a partial translation.{/tr}" name="partial_save" value="{tr}Partial Translation{/tr}" onclick="needToConfirm=false"/>
<input type="submit" class="wikiaction tips" title="{tr}Edit wiki page{/tr}|{tr}Save the page as a completed translation.{/tr}" name="save" value="{tr}Complete Translation{/tr}" onclick="needToConfirm=false"/>
{else}
Modified: trunk/tiki-rollback.php
===================================================================
--- trunk/tiki-rollback.php 2010-01-30 19:14:25 UTC (rev 24759)
+++ trunk/tiki-rollback.php 2010-01-30 21:26:06 UTC (rev 24760)
@@ -54,7 +54,7 @@
require_once('lib/diff/difflib.php');
require_once('lib/categories/categlib.php');
rollback_page_to_version($_REQUEST['page'], $_REQUEST['version']);
- header("location: tiki-index.php?page=$page");
+ header("location: tiki-index.php?page=" . urlencode($page));
die;
}
ask_ticket('rollback');
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|