diff options
| author |  Alexandre Alapetite <alexandre@alapetite.fr>
| 2018-06-20 20:49:48 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2018-06-20 20:49:48 +0200 |
| commit | c4903bc8db41c0aed803e1bc183ade3eeb17aa8d (patch) | |
| tree | 3718596d92d47aba5ac393e44cc92f4f698a5910 | |
| parent | 767ac77ee26316b183955c8bfd132df8ff11dfe1 (diff) | |
Fix double encoding for mark as read a search (#1945)
* Fix double encoding for mark as read a search
Fix https://github.com/FreshRSS/FreshRSS/issues/1944
* Fix more search encoding issues
| -rw-r--r-- | app/layout/header.phtml | 3 | ||||
| -rw-r--r-- | app/layout/nav_menu.phtml | 5 | ||||
| -rwxr-xr-x | app/views/helpers/pagination.phtml | 2 |
3 files changed, 6 insertions, 4 deletions
diff --git a/app/layout/header.phtml b/app/layout/header.phtml index e589ed7ef..3eb8b984d 100644 --- a/app/layout/header.phtml +++ b/app/layout/header.phtml @@ -25,7 +25,8 @@ if (FreshRSS_Auth::accessNeedsAction()) { <?php if (FreshRSS_Auth::hasAccess() || FreshRSS_Context::$system_conf->allow_anonymous) { ?> <form action="<?php echo _url('index', 'index'); ?>" method="get"> <div class="stick"> - <input type="search" name="search" id="search" class="extend" value="<?php echo FreshRSS_Context::$search; ?>" placeholder="<?php echo _t('gen.menu.search'); ?>" /> + <input type="search" name="search" id="search" class="extend" value="<?php + echo htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search), ENT_COMPAT, 'UTF-8'); ?>" placeholder="<?php echo _t('gen.menu.search'); ?>" /> <?php $get = Minz_Request::param('get', ''); ?> <?php if ($get != '') { ?> diff --git a/app/layout/nav_menu.phtml b/app/layout/nav_menu.phtml index ab82c723f..f8a2376ec 100644 --- a/app/layout/nav_menu.phtml +++ b/app/layout/nav_menu.phtml @@ -75,7 +75,7 @@ 'get' => $get, 'nextGet' => FreshRSS_Context::$next_get, 'idMax' => FreshRSS_Context::$id_max, - 'search' => FreshRSS_Context::$search, + 'search' => htmlspecialchars_decode(FreshRSS_Context::$search, ENT_QUOTES), 'state' => FreshRSS_Context::$state, ) ); @@ -162,7 +162,8 @@ <div class="item search"> <form action="<?php echo _url('index', 'index'); ?>" method="get"> - <input type="search" name="search" class="extend" value="<?php echo FreshRSS_Context::$search; ?>" placeholder="<?php echo _t('index.menu.search_short'); ?>" /> + <input type="search" name="search" class="extend" value="<?php + echo htmlspecialchars(htmlspecialchars_decode(FreshRSS_Context::$search), ENT_COMPAT, 'UTF-8'); ?>" placeholder="<?php echo _t('index.menu.search_short'); ?>" /> <?php $get = Minz_Request::param('get', ''); ?> <?php if($get != '') { ?> diff --git a/app/views/helpers/pagination.phtml b/app/views/helpers/pagination.phtml index 893451af9..fc37ce3f5 100755 --- a/app/views/helpers/pagination.phtml +++ b/app/views/helpers/pagination.phtml @@ -11,7 +11,7 @@ 'get' => FreshRSS_Context::currentGet(), 'nextGet' => FreshRSS_Context::$next_get, 'idMax' => FreshRSS_Context::$id_max, - 'search' => FreshRSS_Context::$search, + 'search' => htmlspecialchars_decode(FreshRSS_Context::$search, ENT_QUOTES), 'state' => FreshRSS_Context::$state, ) ); |