gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2025-05-13 21:21:27 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

run some urls through htmlentities

Browse Source
This commit is contained in:
Uwe Steinmann 2021-09-27 10:25:39 +02:00
parent 145d4021a9
commit e982737630
2 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
views/bootstrap/class.Bootstrap.php
View File

@ -181,8 +181,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
$tmp['action'] = 'webrootjs'; $tmp['action'] = 'webrootjs';
if(isset($tmp['formtoken'])) if(isset($tmp['formtoken']))
unset($tmp['formtoken']); unset($tmp['formtoken']);
if(isset($tmp['referuri']))
unset($tmp['referuri']);
if(!empty($this->params['class'])) if(!empty($this->params['class']))
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
echo '<script src="'.$this->params['settings']->_httpRoot.'views/'.$this->theme.'/styles/application.js"></script>'."\n"; echo '<script src="'.$this->params['settings']->_httpRoot.'views/'.$this->theme.'/styles/application.js"></script>'."\n";
if($this->params['enablemenutasks'] && isset($this->params['user']) && $this->params['user']) { if($this->params['enablemenutasks'] && isset($this->params['user']) && $this->params['user']) {
$this->addFooterJS('SeedDMSTask.run();'); $this->addFooterJS('SeedDMSTask.run();');
@ -205,12 +207,12 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
} }
$tmp['action'] = 'footerjs'; $tmp['action'] = 'footerjs';
$tmp['hashjs'] = $hashjs; $tmp['hashjs'] = $hashjs;
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
} }
if(method_exists($this, 'js')) { if(method_exists($this, 'js')) {
parse_str($_SERVER['QUERY_STRING'], $tmp); parse_str($_SERVER['QUERY_STRING'], $tmp);
$tmp['action'] = 'js'; $tmp['action'] = 'js';
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
} }
echo "</body>\n</html>\n"; echo "</body>\n</html>\n";
} /* }}} */ } /* }}} */

8
views/bootstrap4/class.Bootstrap4.php
View File

@ -181,8 +181,10 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
$tmp['action'] = 'webrootjs'; $tmp['action'] = 'webrootjs';
if(isset($tmp['formtoken'])) if(isset($tmp['formtoken']))
unset($tmp['formtoken']); unset($tmp['formtoken']);
if(isset($tmp['referuri']))
unset($tmp['referuri']);
if(!empty($this->params['class'])) if(!empty($this->params['class']))
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
echo '<script src="'.$this->params['settings']->_httpRoot.'views/'.$this->theme.'/styles/application.js"></script>'."\n"; echo '<script src="'.$this->params['settings']->_httpRoot.'views/'.$this->theme.'/styles/application.js"></script>'."\n";
if($this->params['enablemenutasks'] && isset($this->params['user']) && $this->params['user']) { if($this->params['enablemenutasks'] && isset($this->params['user']) && $this->params['user']) {
$this->addFooterJS('SeedDMSTask.run();'); $this->addFooterJS('SeedDMSTask.run();');
@ -205,12 +207,12 @@ background-image: linear-gradient(to bottom, #882222, #111111);;
} }
$tmp['action'] = 'footerjs'; $tmp['action'] = 'footerjs';
$tmp['hashjs'] = $hashjs; $tmp['hashjs'] = $hashjs;
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
} }
if(method_exists($this, 'js')) { if(method_exists($this, 'js')) {
parse_str($_SERVER['QUERY_STRING'], $tmp); parse_str($_SERVER['QUERY_STRING'], $tmp);
$tmp['action'] = 'js'; $tmp['action'] = 'js';
echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.http_build_query($tmp).'"></script>'."\n"; echo '<script src="'.$this->params['absbaseprefix'].'out/out.'.$this->params['class'].'.php?'.htmlentities(http_build_query($tmp)).'"></script>'."\n";
} }
echo "</body>\n</html>\n"; echo "</body>\n</html>\n";
} /* }}} */ } /* }}} */