- Timestamp:
- Feb 24, 2022 10:05:48 PM (2 years ago)
- Location:
- trunk/lib
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/lib/App.inc.php
r762 r763 1335 1335 foreach ($val as $subval) { 1336 1336 if ('' != $key && '' != $subval) { 1337 $out .= sprintf('<input type="hidden" name="%s[]" value="%s" />', $key, $subval);1337 $out .= sprintf('<input type="hidden" name="%s[]" value="%s" />', oTxt($key), oTxt($subval)); 1338 1338 } 1339 1339 } 1340 1340 } else if ('' != $key && '' != $val) { 1341 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', $key, $val);1341 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt($key), oTxt($val)); 1342 1342 } 1343 1343 } … … 1355 1355 && $this->getParam('session_use_trans_sid') 1356 1356 ) { 1357 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', session_name(), session_id());1357 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt(session_name()), oTxt(session_id())); 1358 1358 } 1359 1359 … … 1361 1361 // This token can be validated upon form submission with $app->verifyCSRFToken() or $app->requireValidCSRFToken() 1362 1362 if ($this->getParam('csrf_token_enabled') && $include_csrf_token) { 1363 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', $this->getParam('csrf_token_name'), $this->getCSRFToken());1363 $out .= sprintf('<input type="hidden" name="%s" value="%s" />', oTxt($this->getParam('csrf_token_name')), oTxt($this->getCSRFToken())); 1364 1364 } 1365 1365 … … 1530 1530 } else { 1531 1531 // Fallback: die using meta refresh instead. 1532 printf('<meta http-equiv="refresh" content="0;url=%s" />', $url);1532 printf('<meta http-equiv="refresh" content="0;url=%s" />', oTxt($url)); 1533 1533 $this->logMsg(sprintf('dieURL (refresh): %s; headers already sent (output started in %s : %s)', $url, $h_file, $h_line), LOG_NOTICE, __FILE__, __LINE__); 1534 1534 } -
trunk/lib/HTML.inc.php
r713 r763 78 78 echo '<li><a'; 79 79 foreach (array_diff_key($b, array('value' => null)) as $key => $value) { 80 printf(' %s="%s"', $key, oTxt($value));80 printf(' %s="%s"', oTxt($key), oTxt($value)); 81 81 } 82 82 echo '>' . oTxt($b['value']) . '</a></li>'; … … 88 88 echo '<li><input'; 89 89 foreach ($b as $key => $value) { 90 printf(' %s="%s"', $key, oTxt($value));90 printf(' %s="%s"', oTxt($key), oTxt($value)); 91 91 } 92 92 echo ' /></li>'; … … 247 247 printf('<option value="%s"%s%s%s>%s</option>', 248 248 oTxt($o['value']), 249 (isset($o['class']) && sprintf(' class="%s"', $o['class']) ? : ''),250 (isset($o['selected']) && $o['selected']? ' selected="selected"' : ''),251 (isset($o['disabled']) && $o['disabled']? ' disabled="disabled"' : ''),249 (isset($o['class']) && sprintf(' class="%s"', oTxt($o['class'])) ? : ''), 250 (isset($o['selected']) && oTxt($o['selected']) ? ' selected="selected"' : ''), 251 (isset($o['disabled']) && oTxt($o['disabled']) ? ' disabled="disabled"' : ''), 252 252 oTxt($o['text']) 253 253 ); … … 280 280 foreach ($options as $value => $text) { 281 281 printf('<option value="%s"%s>%s</option>', 282 $value,282 oTxt($value), 283 283 $preselected == $value ? ' selected="selected"' : '', 284 $text284 oTxt($text) 285 285 ); 286 286 } -
trunk/lib/Image.inc.php
r502 r763 152 152 153 153 return sprintf('<img src="%s" %s alt="%s" %s />', 154 $src,154 oTxt($src), 155 155 $image_size, 156 156 oTxt($alt), -
trunk/lib/PayPal.inc.php
r502 r763 4 4 * For details visit the project site: <http://trac.strangecode.com/codebase/> 5 5 * Copyright 2001-2012 Strangecode, LLC 6 * 6 * 7 7 * This file is part of The Strangecode Codebase. 8 8 * … … 11 11 * Free Software Foundation, either version 3 of the License, or (at your option) 12 12 * any later version. 13 * 13 * 14 14 * The Strangecode Codebase is distributed in the hope that it will be useful, but 15 15 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or 16 16 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more 17 17 * details. 18 * 18 * 19 19 * You should have received a copy of the GNU General Public License along with 20 20 * The Strangecode Codebase. If not, see <http://www.gnu.org/licenses/>. … … 212 212 { 213 213 ?> 214 <form action="<?php echo $this->_buttons[$name]['options']['button_url']; ?>" method="post">214 <form action="<?php echo oTxt($this->_buttons[$name]['options']['button_url']); ?>" method="post"> 215 215 <?php 216 216 if (is_array($this->_buttons[$name]['options']) && !empty($this->_buttons[$name]['options'])) { … … 218 218 if (!in_array($key, array('button_url', 'link_url', 'submit_img', 'submit_text'))) { 219 219 ?> 220 <input type="hidden" name="<?php echo $key; ?>" value="<?php echo $val; ?>" />220 <input type="hidden" name="<?php echo oTxt($key); ?>" value="<?php echo oTxt($val); ?>" /> 221 221 <?php 222 222 } … … 224 224 } 225 225 ?> 226 <input type="image" src="<?php echo $this->_buttons[$name]['options']['submit_img']; ?>" border="0" name="submit" alt="<?php echo $this->_buttons[$name]['options']['submit_text']; ?>" />226 <input type="image" src="<?php echo oTxt($this->_buttons[$name]['options']['submit_img']); ?>" border="0" name="submit" alt="<?php echo oTxt($this->_buttons[$name]['options']['submit_text']); ?>" /> 227 227 </form> 228 228 <?php … … 257 257 { 258 258 $app =& App::getInstance(); 259 259 260 260 if (array_key_exists($param, $this->_params)) { 261 261 return $this->_params[$param]; -
trunk/lib/Utilities.inc.php
r759 r763 319 319 // Remove http schemas, and any single trailing / to make the display URL. 320 320 $display_url = preg_replace(['!^https?://!u', '!^([^/]+)/$!u'], ['', '$1'], $url); 321 return sprintf('<a href="%s">%s</a>', oTxt($absolute_url), $display_url);321 return sprintf('<a href="%s">%s</a>', oTxt($absolute_url), oTxt($display_url)); 322 322 } else { 323 323 // Truncated URL. 324 324 // Remove http schemas, and any single trailing / to make the display URL. 325 325 $display_url = preg_replace(['!^https?://!u', '!^([^/]+)/$!u'], ['', '$1'], trim($truncated_url)); 326 return sprintf('<a href="%s">%s%s</a>', oTxt($absolute_url), $display_url, $delim);326 return sprintf('<a href="%s">%s%s</a>', oTxt($absolute_url), oTxt($display_url), $delim); 327 327 } 328 328 }, $text); … … 349 349 if ('' != trim($w)) { 350 350 $search[] = '/\b(' . preg_quote($w) . ')\b/i' . $app->getParam('preg_u'); 351 $replace[] = '<span class="' . $class. '">$1</span>';351 $replace[] = '<span class="' . oTxt($class) . '">$1</span>'; 352 352 } 353 353 }
Note: See TracChangeset
for help on using the changeset viewer.