From: <je...@us...> - 2006-09-10 22:29:54
|
Revision: 14502 http://svn.sourceforge.net/gallery/?rev=14502&view=rev Author: jenst Date: 2006-09-10 15:29:43 -0700 (Sun, 10 Sep 2006) Log Message: ----------- 2006-09-11 Jens Tkotz <je...@pe...> 1.5.5-svn-b9 * Fix: Use htmlspecialchars() in <link rel="alternate" ...> to avoid problems with links in album and Gallery title. Modified Paths: -------------- branches/BRANCH_1_5_LEGACY/gallery/ChangeLog branches/BRANCH_1_5_LEGACY/gallery/Version.php branches/BRANCH_1_5_LEGACY/gallery/albums.php branches/BRANCH_1_5_LEGACY/gallery/view_album.php Modified: branches/BRANCH_1_5_LEGACY/gallery/ChangeLog =================================================================== --- branches/BRANCH_1_5_LEGACY/gallery/ChangeLog 2006-09-10 22:15:32 UTC (rev 14501) +++ branches/BRANCH_1_5_LEGACY/gallery/ChangeLog 2006-09-10 22:29:43 UTC (rev 14502) @@ -1,3 +1,8 @@ +2006-09-11 Jens Tkotz <je...@pe...> 1.5.5-svn-b9 + + * Fix: Use htmlspecialchars() in <link rel="alternate" ...> + to avoid problems with links in album and Gallery title. + 2006-09-11 Jens Tkotz <je...@pe...> 1.5.5-svn-b8 * Fix: If magic_quotes are On, stripslashes were called after sanitizing Modified: branches/BRANCH_1_5_LEGACY/gallery/Version.php =================================================================== --- branches/BRANCH_1_5_LEGACY/gallery/Version.php 2006-09-10 22:15:32 UTC (rev 14501) +++ branches/BRANCH_1_5_LEGACY/gallery/Version.php 2006-09-10 22:29:43 UTC (rev 14502) @@ -22,7 +22,7 @@ ?> <?php -$gallery->version = '1.5.5-svn-b8'; +$gallery->version = '1.5.5-svn-b9'; $gallery->config_version = 96; $gallery->album_version = 37; $gallery->user_version = 6; Modified: branches/BRANCH_1_5_LEGACY/gallery/albums.php =================================================================== --- branches/BRANCH_1_5_LEGACY/gallery/albums.php 2006-09-10 22:15:32 UTC (rev 14501) +++ branches/BRANCH_1_5_LEGACY/gallery/albums.php 2006-09-10 22:29:43 UTC (rev 14502) @@ -114,7 +114,10 @@ <?php } if ($gallery->app->rssEnabled == "yes" && !$gallery->session->offline) { - $title = sprintf(gTranslate('core', "%s RSS"), $gallery->app->galleryTitle); + $title = sprintf( + gTranslate('core', "%s RSS"), + htmlspecialchars($gallery->app->galleryTitle) + ); $rssHref = $gallery->app->photoAlbumURL . "/rss.php" ?> <link rel="alternate" title="<?php echo $title?>" href="<?php echo $rssHref ?>" type="application/rss+xml"> Modified: branches/BRANCH_1_5_LEGACY/gallery/view_album.php =================================================================== --- branches/BRANCH_1_5_LEGACY/gallery/view_album.php 2006-09-10 22:15:32 UTC (rev 14501) +++ branches/BRANCH_1_5_LEGACY/gallery/view_album.php 2006-09-10 22:29:43 UTC (rev 14502) @@ -129,7 +129,11 @@ <?php common_header(); /* RSS */ if ($gallery->app->rssEnabled == "yes" && !$gallery->session->offline) { - $title = sprintf(gTranslate('core', "%s RSS"), $gallery->app->galleryTitle . " :: " . $gallery->album->fields["title"]); + $title = sprintf( + gTranslate('core', "%s RSS"), + $gallery->app->galleryTitle . " :: " . htmlspecialchars($gallery->album->fields["title"]) + ); + $rssHref = $gallery->app->photoAlbumURL . "/rss.php?set_albumName=" . $gallery->album->fields["name"]; ?> <link rel="alternate" title="<?php echo $title; ?>" href="<?php echo $rssHref; ?>" type="application/rss+xml"> This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site. |