diff options
| author |  Marien Fressinaud <dev@marienfressinaud.fr>
| 2013-11-08 23:42:50 +0100 |
|---|---|---|
| committer | Marien Fressinaud <dev@marienfressinaud.fr>
| 2013-11-08 23:42:50 +0100 |
| commit | ff37ae8d4996b3147d7469d36b5edce0ed84cd84 (patch) | |
| tree | 88134862c6386f81b7cc3fd1e176492e4404fb06 /app | |
| parent | 9d32d7fe1932504a042fd8b146cdf560be11350b (diff) | |
Encodage html pour certaines parties
ajout de htmlspecialchars(..., ENT_COMPAT, 'UTF-8');
+ autocomplete = off pour les champs http_user et http_pass
Diffstat (limited to 'app')
| -rw-r--r-- | app/layout/layout.phtml | 2 | ||||
| -rw-r--r-- | app/views/configure/feed.phtml | 12 |
2 files changed, 7 insertions, 7 deletions
diff --git a/app/layout/layout.phtml b/app/layout/layout.phtml index 3f427a501..0c09ee42a 100644 --- a/app/layout/layout.phtml +++ b/app/layout/layout.phtml @@ -6,7 +6,7 @@ <link rel="icon" type="image/x-icon" href="<?php echo Url::display ('/favicon.ico'); ?>" /> <link rel="icon" type="image/png" href="<?php echo Url::display ('/favicon.ico'); ?>" /> <?php if (isset ($this->rss_url)) { ?> - <link rel="alternate" type="application/rss+xml" title="<?php echo View::title(); ?>" href="<?php echo Url::display ($this->rss_url); ?>" /> + <link rel="alternate" type="application/rss+xml" title="<?php echo htmlspecialchars(View::title(), ENT_COMPAT, 'UTF-8'); ?>" href="<?php echo Url::display ($this->rss_url); ?>" /> <?php } ?> <?php echo self::headTitle (); ?> <?php echo self::headStyle (); ?> diff --git a/app/views/configure/feed.phtml b/app/views/configure/feed.phtml index 2f88475f1..ab7bb9468 100644 --- a/app/views/configure/feed.phtml +++ b/app/views/configure/feed.phtml @@ -4,8 +4,8 @@ <div class="post"> <a href="<?php echo _url ('index', 'index'); ?>"><?php echo Translate::t ('back_to_rss_feeds'); ?></a> <?php echo Translate::t ('or'); ?> <a href="<?php echo _url ('index', 'index', 'get', 'f_' . $this->flux->id ()); ?>"><?php echo Translate::t ('filter'); ?></a> - <h1><?php echo $this->flux->name (); ?></h1> - <?php echo $this->flux->description (); ?> + <h1><?php echo htmlspecialchars($this->flux->name (), ENT_COMPAT, 'UTF-8'); ?></h1> + <?php echo htmlspecialchars($this->flux->description (), ENT_COMPAT, 'UTF-8'); ?> <?php if ($this->flux->inError ()) { ?> <p class="alert alert-error"><span class="alert-head"><?php echo Translate::t ('damn'); ?></span> <?php echo Translate::t ('feed_in_error'); ?></p> @@ -23,7 +23,7 @@ <label class="group-name"><?php echo Translate::t ('website_url'); ?></label> <div class="group-controls"> <span class="control"> - <?php echo $this->flux->website (); ?> + <?php echo htmlspecialchars($this->flux->website (), ENT_COMPAT, 'UTF-8'); ?> <a target="_blank" href="<?php echo $this->flux->website (); ?>"><i class="icon i_link"></i></a> </span> </div> @@ -32,7 +32,7 @@ <label class="group-name"><?php echo Translate::t ('feed_url'); ?></label> <div class="group-controls"> <span class="control"> - <?php echo $this->flux->url (); ?> + <?php echo htmlspecialchars($this->flux->url (), ENT_COMPAT, 'UTF-8'); ?> <a target="_blank" href="<?php echo $this->flux->url (); ?>"><i class="icon i_link"></i></a> </span> </div> @@ -91,13 +91,13 @@ <div class="form-group"> <label class="group-name" for="http_user"><?php echo Translate::t ('http_username'); ?></label> <div class="group-controls"> - <input type="text" name="http_user" id="http_user" value="<?php echo $auth['username']; ?>" /> + <input type="text" name="http_user" id="http_user" value="<?php echo $auth['username']; ?>" autocomplete="off" /> <i class="icon i_help"></i> <?php echo Translate::t ('access_protected_feeds'); ?> </div> <label class="group-name" for="http_pass"><?php echo Translate::t ('http_password'); ?></label> <div class="group-controls"> - <input type="password" name="http_pass" id="http_pass" value="<?php echo $auth['password']; ?>" /> + <input type="password" name="http_pass" id="http_pass" value="<?php echo $auth['password']; ?>" autocomplete="off" /> </div> </div> |