aboutsummaryrefslogtreecommitdiff
path: root/app/layout
diff options
context:
space:
mode:
authorGravatar Alexandre Alapetite <alexandre@alapetite.fr> 2013-11-07 21:39:39 +0100
committerGravatar Alexandre Alapetite <alexandre@alapetite.fr> 2013-11-07 21:39:39 +0100
commitfa13929db9758b27b0140057e8f6e844dce86361 (patch)
tree789089691d0eb3129433d9996771ce1db071c701 /app/layout
parent2ce0f88d2821f56272427eb68055ead1797c2d13 (diff)
htmlspecialchars manquants
Contribue à https://github.com/marienfressinaud/FreshRSS/issues/195
Diffstat (limited to 'app/layout')
-rw-r--r--app/layout/aside_feed.phtml4
-rw-r--r--app/layout/aside_flux.phtml4
2 files changed, 4 insertions, 4 deletions
diff --git a/app/layout/aside_feed.phtml b/app/layout/aside_feed.phtml
index e03be007e..b00c1816c 100644
--- a/app/layout/aside_feed.phtml
+++ b/app/layout/aside_feed.phtml
@@ -17,7 +17,7 @@
<select name="category" id="category">
<?php foreach ($this->categories as $cat) { ?>
<option value="<?php echo $cat->id (); ?>"<?php echo $cat->id () == '000000' ? ' selected="selected"' : ''; ?>>
- <?php echo $cat->name (); ?>
+ <?php echo htmlspecialchars($cat->name (), ENT_NOQUOTES, 'UTF-8'); ?>
</option>
<?php } ?>
</select>
@@ -48,7 +48,7 @@
<li class="item<?php echo ($this->flux && $this->flux->id () == $feed->id ()) ? ' active' : ''; ?><?php echo $feed->inError () ? ' error' : ''; ?><?php echo $nbEntries == 0 ? ' empty' : ''; ?>">
<a href="<?php echo _url ('configure', 'feed', 'id', $feed->id ()); ?>">
<img class="favicon" src="<?php echo $feed->favicon (); ?>" alt="✇" />
- <?php echo $feed->name (); ?>
+ <?php echo htmlspecialchars($feed->name (), ENT_NOQUOTES, 'UTF-8'); ?>
</a>
</li>
<?php } ?>
diff --git a/app/layout/aside_flux.phtml b/app/layout/aside_flux.phtml
index 16c955a1d..6ebbbc036 100644
--- a/app/layout/aside_flux.phtml
+++ b/app/layout/aside_flux.phtml
@@ -52,7 +52,7 @@
<li>
<?php $c_active = false; if ($this->get_c == $cat->id ()) { $c_active = true; } ?>
<div class="category stick<?php echo $c_active ? ' active' : ''; ?>">
- <a data-unread="<?php echo $cat->nbNotRead (); ?>" class="btn<?php echo $c_active ? ' active' : ''; ?>" href="<?php echo _url ('index', 'index', 'get', 'c_' . $cat->id ()); ?>"><?php echo $cat->name (); ?></a>
+ <a data-unread="<?php echo $cat->nbNotRead (); ?>" class="btn<?php echo $c_active ? ' active' : ''; ?>" href="<?php echo _url ('index', 'index', 'get', 'c_' . $cat->id ()); ?>"><?php echo htmlspecialchars($cat->name (), ENT_NOQUOTES, 'UTF-8'); ?></a>
<a class="btn dropdown-toggle" href="#"><i class="icon <?php echo $c_active ? 'i_up' : 'i_down'; ?>"></i></a>
</div>
@@ -68,7 +68,7 @@
<?php /* feed_config_template */ ?>
</div>
<img class="favicon" src="<?php echo $feed->favicon (); ?>" alt="✇" />
- <a class="feed" data-unread="<?php echo $feed->nbNotRead (); ?>" data-priority="<?php echo $feed->priority (); ?>" href="<?php echo _url ('index', 'index', 'get', 'f_' . $feed_id); ?>"><?php echo $feed->name(); ?></a>
+ <a class="feed" data-unread="<?php echo $feed->nbNotRead (); ?>" data-priority="<?php echo $feed->priority (); ?>" href="<?php echo _url ('index', 'index', 'get', 'f_' . $feed_id); ?>"><?php echo htmlspecialchars($feed->name(), ENT_NOQUOTES, 'UTF-8'); ?></a>
</li>
<?php } ?>
</ul>
generated by cgit v1.2.3 (git 2.39.1) at 2026-04-21 09:48:35 +0000