Chapril/date.chapril.org-framadate
Chapril/date.chapril.org-framadate
24
1
Fork 0
Code Issues Pull Requests Releases Activity

Escape html for all bound variables from .tpl files

Browse Source
This commit is contained in:
Olivier PEREZ 2015-01-11 14:59:25 +01:00
parent 19175d12ce
commit 08a3fe1b69
18 changed files with 160 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
app/inc/init.php
View File

@ -17,7 +17,6 @@
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
*/
use Framadate\FramaDB;
use Framadate\Utils;
// Autoloading of dependencies with Composer
require_once __DIR__ . '/../../vendor/autoload.php';
@ -36,34 +35,8 @@ require_once __DIR__ . '/constants.php';
require_once __DIR__ . '/i18n.php';
// Smarty
require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';
$smarty = new \Smarty();
$smarty->setTemplateDir(ROOT_DIR . '/tpl/');
$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');
$smarty->setCacheDir(ROOT_DIR . '/cache/');
$smarty->caching = false;
$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);
$smarty->assign('SERVER_URL', Utils::get_server_name());
$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);
$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));
$smarty->assign('lang', $lang);
$smarty->assign('langs', $ALLOWED_LANGUAGES);
$smarty->assign('date_format', $date_format);
function smarty_modifier_poll_url($poll_id, $admin = false) {
return Utils::getUrlSondage($poll_id, $admin);
}
function smarty_modifier_markdown($md, $clear = false) {
return Utils::markdown($md, $clear);
}
function smarty_modifier_resource($link) {
return Utils::get_server_name() . $link;
}
// End- Smarty
require_once __DIR__ . '/smarty.php';
// Connection to database
$connect = new FramaDB(DB_CONNECTION_STRING, DB_USER, DB_PASSWORD);
$err = 0;

50
app/inc/smarty.php Normal file
View File

@ -0,0 +1,50 @@
<?php
/**
* This software is governed by the CeCILL-B license. If a copy of this license
* is not distributed with this file, you can obtain one at
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-en.txt
*
* Authors of STUdS (initial project): Guilhem BORGHESI (borghesi@unistra.fr) and Raphaël DROZ
* Authors of Framadate/OpenSondate: Framasoft (https://github.com/framasoft)
*
* =============================
*
* Ce logiciel est régi par la licence CeCILL-B. Si une copie de cette licence
* ne se trouve pas avec ce fichier vous pouvez l'obtenir sur
* http://www.cecill.info/licences/Licence_CeCILL-B_V1-fr.txt
*
* Auteurs de STUdS (projet initial) : Guilhem BORGHESI (borghesi@unistra.fr) et Raphaël DROZ
* Auteurs de Framadate/OpenSondage : Framasoft (https://github.com/framasoft)
*/
use Framadate\Utils;
require_once __DIR__ . '/../../vendor/smarty/smarty/libs/Smarty.class.php';
$smarty = new \Smarty();
$smarty->setTemplateDir(ROOT_DIR . '/tpl/');
$smarty->setCompileDir(ROOT_DIR . '/tpl_c/');
$smarty->setCacheDir(ROOT_DIR . '/cache/');
$smarty->caching = false;
$smarty->assign('APPLICATION_NAME', NOMAPPLICATION);
$smarty->assign('SERVER_URL', Utils::get_server_name());
$smarty->assign('TITLE_IMAGE', IMAGE_TITRE);
$smarty->assign('use_nav_js', file_exists($_SERVER['DOCUMENT_ROOT'] . '/nav/nav.js'));
$smarty->assign('lang', $lang);
$smarty->assign('langs', $ALLOWED_LANGUAGES);
$smarty->assign('date_format', $date_format);
function smarty_modifier_poll_url($poll_id, $admin = false) {
return Utils::getUrlSondage($poll_id, $admin);
}
function smarty_modifier_markdown($md, $clear = false) {
return Utils::markdown($md, $clear);
}
function smarty_modifier_resource($link) {
return Utils::get_server_name() . $link;
}
function smarty_modifier_html($html) {
return htmlentities($html, ENT_HTML5 | ENT_QUOTES);
}

4
locale/en_GB/LC_MESSAGES/Studs.po
View File

@ -211,8 +211,8 @@ msgstr "Email"
msgid "Edit the email adress"
msgstr "Edit the email adress"
msgid "Save the email address "
msgstr "Save the email address "
msgid "Save the email address"
msgstr "Save the email address"
msgid "Cancel the email address edit"
msgstr "Cancel the email address edit"

2
locale/fr_FR/LC_MESSAGES/Studs.po
View File

@ -211,7 +211,7 @@ msgstr "Courriel"
msgid "Edit the email adress"
msgstr "Modifier le courriel"
msgid "Save the email address "
msgid "Save the email address"
msgstr "Enregistrer le courriel"
msgid "Cancel the email address edit"

10
tpl/admin/migration.tpl
View File

@ -4,17 +4,17 @@
<div class="row">
<div class="col-xs-12 col-md-4">
<h2>{_('Summary')}</h2>
{_('Succeeded:')} <span class="label label-warning">{$countSucceeded} / {$countTotal}</span>
{_('Succeeded:')} <span class="label label-warning">{$countSucceeded|html} / {$countTotal|html}</span>
<br/>
{_('Failed:')} <span class="label label-danger">{$countFailed} / {$countTotal}</span>
{_('Failed:')} <span class="label label-danger">{$countFailed|html} / {$countTotal|html}</span>
<br/>
{_('Skipped:')} <span class="label label-info">{$countSkipped} / {$countTotal}</span>
{_('Skipped:')} <span class="label label-info">{$countSkipped|html} / {$countTotal|html}</span>
</div>
<div class="col-xs-12 col-md-4">
<h2>{_('Success')}</h2>
<ul>
{foreach $success as $s}
<li>{$s}</li>
<li>{$s|html}</li>
{foreachelse}
<li>{_('Nothing')}</li>
{/foreach}
@ -25,7 +25,7 @@
<h2>{_('Fail')}</h2>
<ul>
{foreach $fail as $f}
<li>{$f}</li>
<li>{$f|html}</li>
{foreachelse}
<li>{_('Nothing')}</li>
{/foreach}

20
tpl/admin/polls.tpl
View File

@ -5,12 +5,12 @@
<input type="hidden" name="csrf" value="{$crsf}"/>
{if $poll_to_delete}
<div class="alert alert-warning text-center">
<h3>{_("Confirm removal of the poll ")}"{$poll_to_delete->id}"</h3>
<h3>{_("Confirm removal of the poll ")}"{$poll_to_delete->id|html}"</h3>
<p>
<button class="btn btn-default" type="submit" value="1"
name="annullesuppression">{_('Keep this poll!')}</button>
<button type="submit" name="delete_confirm" value="{$poll_to_delete->id}"
<button type="submit" name="delete_confirm" value="{$poll_to_delete->id|html}"
class="btn btn-danger">{_('Remove this poll!')}</button>
</p>
</div>
@ -36,17 +36,17 @@
</tr>
{foreach $polls as $poll}
<tr align="center">
<td>{$poll->id}</td>
<td>{$poll->id|html}</td>
<td>
{if $poll->format === 'D'}
<span class="glyphicon glyphicon-calendar" aria-hidden="true"></span><span class="sr-only">{ _('Date')}</span>
<span class="glyphicon glyphicon-calendar" aria-hidden="true"></span><span class="sr-only">{_('Date')}</span>
{else}
<span class="glyphicon glyphicon-list-alt" aria-hidden="true"></span><span class="sr-only">{_('Classic')}</span>
{/if}
</td>
<td>{htmlentities($poll->title)}</td>
<td>{htmlentities($poll->admin_name)}</td>
<td>{htmlentities($poll->admin_mail)}</td>
<td>{$poll->title|html}</td>
<td>{$poll->admin_name|html}</td>
<td>{$poll->admin_mail|html}</td>
{if strtotime($poll->end_date) > time()}
<td>{date('d/m/y', strtotime($poll->end_date))}</td>
@ -54,9 +54,9 @@
<td><span class="text-danger">{strtotime($poll->end_date)|date_format:'d/m/Y'}</span></td>
{/if}
<td>TODO</td>
<td><a href="{$poll->id|poll_url}" class="btn btn-link" title="{_('See the poll')}"><span class="glyphicon glyphicon-eye-open"></span><span class="sr-only">{_('See the poll')}</span></a></td>
<td><a href="{$poll->admin_id|poll_url:true}" class="btn btn-link" title="{_('Change the poll')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Change the poll')}</span></a></td>
<td><button type="submit" name="delete_poll" value="{$poll->id}" class="btn btn-link" title="{_('Remove the poll')}"><span class="glyphicon glyphicon-trash text-danger"></span><span class="sr-only">{_('Remove the poll')}</span></td>
<td><a href="{$poll->id|poll_url|html}" class="btn btn-link" title="{_('See the poll')}"><span class="glyphicon glyphicon-eye-open"></span><span class="sr-only">{_('See the poll')}</span></a></td>
<td><a href="{$poll->admin_id|poll_url:true|html}" class="btn btn-link" title="{_('Change the poll')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Change the poll')}</span></a></td>
<td><button type="submit" name="delete_poll" value="{$poll->id|html}" class="btn btn-link" title="{_('Remove the poll')}"><span class="glyphicon glyphicon-trash text-danger"></span><span class="sr-only">{_('Remove the poll')}</span></td>
</tr>
{/foreach}
</table>

8
tpl/confirm/delete_comments.tpl
View File

@ -1,11 +1,11 @@
{extends file='page.tpl'}
{block name=main}
<form action="{$admin_poll_id|poll_url:true}" method="POST">
<form action="{$admin_poll_id|poll_url:true|html}" method="POST">
<div class="alert alert-danger text-center">
<h2>{_("Confirm removal of all comments of the poll")}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_("Keep comments")}</button>
<button type="submit" name="confirm_remove_all_comments" class="btn btn-danger">{_("Remove all comments!")}</button></p>
<h2>{_('Confirm removal of all comments of the poll')}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_('Keep comments')}</button>
<button type="submit" name="confirm_remove_all_comments" class="btn btn-danger">{_('Remove all comments!')}</button></p>
</div>
</form>
{/block}

8
tpl/confirm/delete_poll.tpl
View File

@ -1,11 +1,11 @@
{extends file='page.tpl'}
{block name=main}
<form action="{$admin_poll_id|poll_url:true}" method="POST">
<form action="{$admin_poll_id|poll_url:true|html}" method="POST">
<div class="alert alert-danger text-center">
<h2>{_("Confirm removal of your poll")}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_("Keep this poll")}</button>
<button type="submit" name="confirm_delete_poll" class="btn btn-danger">{_("Remove this poll!")}</button></p>
<h2>{_('Confirm removal of your poll')}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_('Keep this poll')}</button>
<button type="submit" name="confirm_delete_poll" class="btn btn-danger">{_('Remove this poll!')}</button></p>
</div>
</form>
{/block}

8
tpl/confirm/delete_votes.tpl
View File

@ -1,11 +1,11 @@
{extends file='page.tpl'}
{block name=main}
<form action="{$admin_poll_id|poll_url:true}" method="POST">
<form action="{$admin_poll_id|poll_url:true|html}" method="POST">
<div class="alert alert-danger text-center">
<h2>{_("Confirm removal of all votes of the poll")}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_("Keep votes")}</button>
<button type="submit" name="confirm_remove_all_votes" class="btn btn-danger">{_("Remove all votes!")}</button></p>
<h2>{_('Confirm removal of all votes of the poll')}</h2>
<p><button class="btn btn-default" type="submit" name="cancel">{_('Keep votes')}</button>
<button type="submit" name="confirm_remove_all_votes" class="btn btn-danger">{_('Remove all votes!')}</button></p>
</div>
</form>
{/block}

4
tpl/error.tpl
View File

@ -2,7 +2,7 @@
{block name=main}
<div class="alert alert-warning">
<h2>{$error}</h2>
<p>{_('Back to the homepage of')} <a href="{$SERVER_URL}">{$APPLICATION_NAME}</a></p>
<h2>{$error|html}</h2>
<p>{_('Back to the homepage of')} <a href="{$SERVER_URL|html}">{$APPLICATION_NAME|html}</a></p>
</div>
{/block}

4
tpl/head.tpl
View File

@ -4,9 +4,9 @@
<meta charset="utf-8">
{if !empty($title)}
<title>{$title} - {$APPLICATION_NAME}</title>
<title>{$title|html} - {$APPLICATION_NAME|html}</title>
{else}
<title>{$APPLICATION_NAME}</title>
<title>{$APPLICATION_NAME|html}</title>
{/if}
<link rel="stylesheet" href="{'css/bootstrap.min.css'|resource}">

6
tpl/header.tpl
View File

@ -4,7 +4,7 @@
<div class="input-group input-group-sm pull-right col-md-2 col-xs-4">
<select name="lang" class="form-control" title="{_("Select the language")}" >
{foreach $langs as $lang_key=>$lang_value}
<option lang="{substr($lang_key, 0, 2)}" {if substr($lang_key, 0, 2)==$lang}selected{/if} value="{$lang_key}">{$lang_value}</option>
<option lang="{substr($lang_key, 0, 2)}" {if substr($lang_key, 0, 2)==$lang}selected{/if} value="{$lang_key|html}">{$lang_value|html}</option>
{/foreach}
</select>
<span class="input-group-btn">
@ -14,8 +14,8 @@
</form>
{/if}
<h1><a href="{$SERVER_URL}" title="{_("Home")} - {$APPLICATION_NAME}"><img src="{$TITLE_IMAGE|resource}" alt="{$APPLICATION_NAME}"/></a></h1>
{if !empty($title)}<h2 class="lead"><i>{$title}</i></h2>{/if}
<h1><a href="{$SERVER_URL|html}" title="{_("Home")} - {$APPLICATION_NAME|html}"><img src="{$TITLE_IMAGE|resource}" alt="{$APPLICATION_NAME|html}"/></a></h1>
{if !empty($title)}<h2 class="lead"><i>{$title|html}</i></h2>{/if}
<hr class="trait" role="presentation" />
</header>
<main role="main">

6
tpl/part/comments.tpl
View File

@ -8,10 +8,10 @@
{foreach $comments as $comment}
<div class="comment">
{if $admin}
<button type="submit" name="delete_comment" value="{$comment->id}" class="btn btn-link" title="{_('Remove the comment')}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
<button type="submit" name="delete_comment" value="{$comment->id|html}" class="btn btn-link" title="{_('Remove the comment')}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
{/if}
<b>{$comment->name}</b>&nbsp;
<span class="comment">{nl2br($comment->comment)}</span>
<b>{$comment->name|html}</b>&nbsp;
<span class="comment">{nl2br($comment->comment|html)}</span>
</div>
{/foreach}
{/if}

39
tpl/part/poll_info.tpl
View File

@ -1,16 +1,15 @@
{* TODO Add a form maybe *}
{$admin = $admin|default:false}
{if $admin}<form action="{$admin_poll_id|poll_url:true}" method="POST">{/if}
<div class="jumbotron{if $admin} bg-danger{/if}">
<div class="row">
<div id="title-form" class="col-md-7">
<h3>{$poll->title}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the title')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</h3>
<h3>{$poll->title|html}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the title')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</h3>
{if $admin}
<div class="hidden js-title">
<label class="sr-only" for="newtitle">{_('Title')}</label>
<div class="input-group">
<input type="text" class="form-control" id="newtitle" name="title" size="40" value="{$poll->title}" />
<input type="text" class="form-control" id="newtitle" name="title" size="40" value="{$poll->title|html}" />
<span class="input-group-btn">
<button type="submit" class="btn btn-success" name="update_poll_info" value="title" title="{_('Save the new title')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button class="btn btn-link btn-cancel" title="{_('Cancel the title edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{_('Cancel')}</span></button>
@ -22,7 +21,7 @@
<div class="col-md-5 hidden-print">
<div class="btn-group pull-right">
<button onclick="print(); return false;" class="btn btn-default"><span class="glyphicon glyphicon-print"></span> {_('Print')}</button>
<a href="{$SERVER_URL}exportcsv.php?poll={$poll_id}" class="btn btn-default"><span class="glyphicon glyphicon-download-alt"></span> {_('Export to CSV')}</a>
<a href="{$SERVER_URL|html}exportcsv.php?poll={$poll_id|html}" class="btn btn-default"><span class="glyphicon glyphicon-download-alt"></span> {_('Export to CSV')}</a>
{if $admin}
<button type="button" class="btn btn-danger dropdown-toggle" data-toggle="dropdown">
<span class="glyphicon glyphicon-trash"></span> <span class="sr-only">{_("Remove")}</span> <span class="caret"></span>
@ -40,12 +39,12 @@
<div class="row">
<div id="name-form" class="form-group col-md-5">
<h4 class="control-label">{_('Initiator of the poll')}</h4>
<p class="form-control-static">{$poll->admin_name}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the initiator')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</p>
<p class="form-control-static">{$poll->admin_name|html}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the initiator')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</p>
{if $admin}
<div class="hidden js-name">
<label class="sr-only" for="newname">{_('Initiator of the poll')}</label>
<div class="input-group">
<input type="text" class="form-control" id="newname" name="name" size="40" value="{$poll->admin_name}" />
<input type="text" class="form-control" id="newname" name="name" size="40" value="{$poll->admin_name|html}" />
<span class="input-group-btn">
<button type="submit" class="btn btn-success" name="update_poll_info" value="name" title="{_('Save the new name')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button class="btn btn-link btn-cancel" title="{_('Cancel the name edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{_('Cancel')}</span></button>
@ -56,16 +55,14 @@
</div>
<div class="row">
<div class="form-group col-md-5">
{/if}
{if $admin}
<div id="email-form">
<p>{$poll->admin_mail} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the email adress')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button></p>
<p>{$poll->admin_mail|html} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the email adress')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button></p>
<div class="hidden js-email">
<label class="sr-only" for="admin_mail">{_('Email adress')}</label>
<div class="input-group">
<input type="text" class="form-control" id="admin_mail" name="admin_mail" size="40" value="{$poll->admin_mail}" />
<input type="text" class="form-control" id="admin_mail" name="admin_mail" size="40" value="{$poll->admin_mail|html}" />
<span class="input-group-btn">
<button type="submit" name="update_poll_info" value="admin_mail" class="btn btn-success" title="{_('Save the email address ')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button type="submit" name="update_poll_info" value="admin_mail" class="btn btn-success" title="{_('Save the email address')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button class="btn btn-link btn-cancel" title="{_('Cancel the email address edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{_('Cancel')}</span></button>
</span>
</div>
@ -76,11 +73,11 @@
{if !empty($poll->comment)}
<div class="form-group col-md-7" id="description-form">
<h4 class="control-label">{_("Description")}{if $admin}<button class="btn btn-link btn-sm btn-edit" title="{_('Edit the description')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</h4>
<p class="form-control-static well">{$poll->comment}</p>
<p class="form-control-static well">{$poll->comment|html}</p>
<div class="hidden js-desc text-right">
<label class="sr-only" for="newdescription">{_('Description')}</label>
<textarea class="form-control" id="newdescription" name="comment" rows="2" cols="40">{$poll->comment}</textarea>
<button type="submit" id="btn-new-desc" name="update_poll_info" value="comment" class="btn btn-sm btn-success" title="{_("Save the description")}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<textarea class="form-control" id="newdescription" name="comment" rows="2" cols="40">{$poll->comment|html}</textarea>
<button type="submit" id="btn-new-desc" name="update_poll_info" value="comment" class="btn btn-sm btn-success" title="{_('Save the description')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button class="btn btn-default btn-sm btn-cancel" title="{_('Cancel the description edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{_('Cancel')}</span></button>
</div>
</div>
@ -89,22 +86,22 @@
<div class="row">
<div class="form-group form-group {if $admin}col-md-4{else}col-md-6{/if}">
<label for="public-link"><a class="public-link" href="{$poll_id|poll_url}">{_('Public link of the poll')} <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<label for="public-link"><a class="public-link" href="{$poll_id|poll_url|html}">{_('Public link of the poll')} <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<input class="form-control" id="public-link" type="text" readonly="readonly" value="{$poll_id|poll_url}" />
</div>
{if $admin}
<div class="form-group col-md-4">
<label for="admin-link"><a class="admin-link" href="{$admin_poll_id|poll_url:true}">{_('Admin link of the poll')} <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<input class="form-control" id="admin-link" type="text" readonly="readonly" value="{$admin_poll_id|poll_url:true}" />
<label for="admin-link"><a class="admin-link" href="{$admin_poll_id|poll_url:true|html}">{_('Admin link of the poll')} <span class="btn-link glyphicon glyphicon-link"></span></a></label>
<input class="form-control" id="admin-link" type="text" readonly="readonly" value="{$admin_poll_id|poll_url:true|html}" />
</div>
<div id="expiration-form" class="form-group col-md-4">
<h4 class="control-label">{_('Expiration\'s date')}</h4>
<p>{$poll->end_date|date_format:$date_format['txt_date']}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the expiration\'s date')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</p>
<p>{$poll->end_date|date_format:$date_format['txt_date']|html}{if $admin} <button class="btn btn-link btn-sm btn-edit" title="{_('Edit the expiration\'s date')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button>{/if}</p>
{if $admin}
<div class="hidden js-expiration">
<label class="sr-only" for="newexpirationdate">{_('Expiration\'s date')}</label>
<div class="input-group">
<input type="text" class="form-control" id="newexpirationdate" name="expiration_date" size="40" value="{$poll->end_date|date_format:$date_format['txt_date']}" />
<input type="text" class="form-control" id="newexpirationdate" name="expiration_date" size="40" value="{$poll->end_date|date_format:$date_format['txt_date']|html}" />
<span class="input-group-btn">
<button type="submit" class="btn btn-success" name="update_poll_info" value="expiration_date" title="{_('Save the new expiration date')}"><span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Save')}</span></button>
<button class="btn btn-link btn-cancel" title="{_('Cancel the expiration date edit')}"><span class="glyphicon glyphicon-remove"></span><span class="sr-only">{_('Cancel')}</span></button>
@ -134,9 +131,9 @@
{$rule_icon = '<span class="glyphicon glyphicon-lock"></span>'}
{$rule_txt = _('Votes and comments are locked')}
{/if}
<p class="">{$rule_icon} {$rule_txt}<button class="btn btn-link btn-sm btn-edit" title="{_('Edit the poll rules')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button></p>
<p class="">{$rule_icon} {$rule_txt|html}<button class="btn btn-link btn-sm btn-edit" title="{_('Edit the poll rules')}"><span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span></button></p>
<div class="hidden js-poll-rules">
<label class="sr-only" for="rules">{_("Poll rules")}</label>
<label class="sr-only" for="rules">{_('Poll rules')}</label>
<div class="input-group">
<select class="form-control" id="rules" name="rules">
<option value="0"{if $rule_id==0} selected="selected"{/if}>{_("Votes and comments are locked")}</option>

36
tpl/part/vote_table_classic.tpl
View File

@ -7,14 +7,14 @@
<div id="tableContainer" class="tableContainer">
<form action="" method="POST">
<table class="results">
<caption class="sr-only">{_('Votes of the poll')} {$poll->title}</caption>
<caption class="sr-only">{_('Votes of the poll')} {$poll->title|html}</caption>
<thead>
{if $admin}
<tr class="hidden-print">
<th role="presentation"></th>
{foreach $slots as $id=>$slot}
<td headers="C{$id}">
<button type="submit" name="delete_column" value="{$slot->title}" class="btn btn-link btn-sm" title="{_('Remove the column')} {$slot->title}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
<button type="submit" name="delete_column" value="{$slot->title|html}" class="btn btn-link btn-sm" title="{_('Remove the column')} {$slot->title|html}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
</td>
{/foreach}
<td>
@ -25,7 +25,7 @@
<tr>
<th role="presentation"></th>
{foreach $slots as $id=>$slot}
<th class="bg-info" id="H{$id}">{$slot->title|markdown}</th>
<th class="bg-info" id="H{$id}">{$slot->title|html|markdown}</th>
{/foreach}
<th></th>
</tr>
@ -40,7 +40,7 @@
<td class="bg-info" style="padding:5px">
<div class="input-group input-group-sm">
<span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
<input type="text" id="name" name="name" value="{$vote->name}" class="form-control" title="{_('Your name')}" placeholder="{_('Your name')}" />
<input type="text" id="name" name="name" value="{$vote->name|html}" class="form-control" title="{_('Your name')}" placeholder="{_('Your name')}" />
</div>
</td>
@ -50,31 +50,31 @@
<ul class="list-unstyled choice">
<li class="yes">
<input type="radio" id="y-choice-{$id}" name="choices[{$id}]" value="2" {if $choice==2}checked {/if}/>
<label class="btn btn-default btn-xs" for="y-choice-{$id}" title="{_('Vote yes for ')} . $radio_title[$id] . '">
<label class="btn btn-default btn-xs" for="y-choice-{$id}" title="{_('Vote yes for ')} . $radio_title[$id] . '">{* TODO Replace $radio_title *}
<span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Yes')}</span>
</label>
</li>
<li class="ifneedbe">
<input type="radio" id="i-choice-{$id}" name="choices[{$id}]" value="1" {if $choice==1}checked {/if}/>
<label class="btn btn-default btn-xs" for="i-choice-{$id}" title="{_('Vote ifneedbe for ')} . $radio_title[$id] . '">
<label class="btn btn-default btn-xs" for="i-choice-{$id}" title="{_('Vote ifneedbe for ')} . $radio_title[$id] . '">{* TODO Replace $radio_title *}
(<span class="glyphicon glyphicon-ok"></span>)<span class="sr-only">{_('Ifneedbe')}</span>
</label>
</li>
<li class="no">
<input type="radio" id="n-choice-{$id}" name="choices[{$id}]" value="0" {if $choice==0}checked {/if}/>
<label class="btn btn-default btn-xs" for="n-choice-{$id}" title="{_('Vote no for ')} . $radio_title[$id] . '">
<label class="btn btn-default btn-xs" for="n-choice-{$id}" title="{_('Vote no for ')} . $radio_title[$id] . '">{* TODO Replace $radio_title *}
<span class="glyphicon glyphicon-ban-circle"></span><span class="sr-only">{_('No')}</span>
</label>
</li>
</ul>
</td>
{/foreach}
<td style="padding:5px"><button type="submit" class="btn btn-success btn-xs" name="save" value="{$vote->id}" title="{_('Save the choices')} {$vote->name}">{_('Save')}</button></td>
<td style="padding:5px"><button type="submit" class="btn btn-success btn-xs" name="save" value="{$vote->id|html}" title="{_('Save the choices')} {$vote->name|html}">{_('Save')}</button></td>
{else}
{* Voted line *}
<th class="bg-info">{$vote->name}</th>
<th class="bg-info">{$vote->name|html}</th>
{foreach $vote->choices as $choice}
@ -90,11 +90,11 @@
{if $active && $poll->editable}
<td>
<button type="submit" class="btn btn-link btn-sm" name="edit_vote" value="{$vote->id}" title="{_('Edit the line:')} {$vote->name}">
<button type="submit" class="btn btn-link btn-sm" name="edit_vote" value="{$vote->id|html}" title="{_('Edit the line:')} {$vote->name|html}">
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span>
</button>
{if $admin}
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id}" title="{_('Remove the line:')} {$vote->name}">
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id|html}" title="{_('Remove the line:')} {$vote->name|html}">
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span>
</button>
{/if}
@ -121,19 +121,19 @@
<ul class="list-unstyled choice">
<li class="yes">
<input type="radio" id="y-choice-{$id}" name="choices[{$id}]" value="2" />
<label class="btn btn-default btn-xs" for="y-choice-{$id}" title="{_('Vote yes for')} {$slot->title}">
<label class="btn btn-default btn-xs" for="y-choice-{$id}" title="{_('Vote yes for')} {$slot->title|html}">
<span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Yes')}</span>
</label>
</li>
<li class="ifneedbe">
<input type="radio" id="i-choice-{$id}" name="choices[{$id}]" value="1" />
<label class="btn btn-default btn-xs" for="i-choice-{$id}" title="{_('Vote ifneedbe for')} {$slot->title}">
<label class="btn btn-default btn-xs" for="i-choice-{$id}" title="{_('Vote ifneedbe for')} {$slot->title|html}">
(<span class="glyphicon glyphicon-ok"></span>)<span class="sr-only">{_('Ifneedbe')}</span>
</label>
</li>
<li class="no">
<input type="radio" id="n-choice-{$id}" name="choices[{$id}]" value="0" checked/>
<label class="btn btn-default btn-xs" for="n-choice-{$id}" title="{_('Vote no for')} {$slot->title}">
<label class="btn btn-default btn-xs" for="n-choice-{$id}" title="{_('Vote no for')} {$slot->title|html}">
<span class="glyphicon glyphicon-ban-circle"></span><span class="sr-only">{_('No')}</span>
</label>
</li>
@ -153,9 +153,9 @@
{foreach $best_choices as $best_choice}
{if $max == $best_choice}
{$count_bests = $count_bests +1}
<td><span class="glyphicon glyphicon-star text-warning"></span>{$best_choice}</td>
<td><span class="glyphicon glyphicon-star text-warning"></span>{$best_choice|html}</td>
{else}
<td>{$best_choice}</td>
<td>{$best_choice|html}</td>
{/if}
{/foreach}
</tr>
@ -185,12 +185,12 @@
<ul style="list-style:none">
{foreach $slots as $slot}
{if $best_choices[$i] == $max}
<li><strong>{$slot->title|markdown:true}</strong></li>
<li><strong>{$slot->title|html|markdown:true}</strong></li>
{/if}
{$i = $i+1}
{/foreach}
</ul>
<p>{_('with')} <b>{$max}</b> {if $max==1}{_('vote')}{else}{_('votes')}{/if}.</p>
<p>{_('with')} <b>{$max|html}</b> {if $max==1}{_('vote')}{else}{_('votes')}{/if}.</p>
</div>
</div>
{/if}

44
tpl/part/vote_table_date.tpl
View File

@ -7,7 +7,7 @@
<div id="tableContainer" class="tableContainer">
<form action="" method="POST">
<table class="results">
<caption class="sr-only">{_('Votes of the poll')} {$poll->title}</caption>
<caption class="sr-only">{_('Votes of the poll')} {$poll->title|html}</caption>
<thead>
{if $admin}
<tr class="hidden-print">
@ -16,7 +16,7 @@
{foreach $slots as $slot}
{foreach $slot->moments as $id=>$moment}
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
<button type="submit" name="delete_column" value="{$slot->day}@{$moment}" class="btn btn-link btn-sm" title="{_('Remove the column')} {$slot->day|date_format:$date_format.txt_short} - {$moment}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
<button type="submit" name="delete_column" value="{$slot->day|html}@{$moment|html}" class="btn btn-link btn-sm" title="{_('Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}"><span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span></button>
</td>
{$headersDCount = $headersDCount+1}
{/foreach}
@ -29,7 +29,7 @@
<tr>
<th role="presentation"></th>
{foreach $slots as $id=>$slot}
<th colspan="{$slot->moments|count}" class="bg-primary month" id="M{$id}">{$slot->day|date_format:'%B %Y'}</th>
<th colspan="{$slot->moments|count}" class="bg-primary month" id="M{$id}">{$slot->day|date_format:'%B %Y'|html}</th>
{for $foo=0 to ($slot->moments|count)-1}
{append var='headersM' value=$id}
{/for}
@ -39,7 +39,7 @@
<tr>
<th role="presentation"></th>
{foreach $slots as $id=>$slot}
<th colspan="{$slot->moments|count}" class="bg-primary day" id="D{$id}">{$slot->day|date_format:$date_format.txt_day}</th>
<th colspan="{$slot->moments|count}" class="bg-primary day" id="D{$id}">{$slot->day|date_format:$date_format.txt_day|html}</th>
{/foreach}
<th></th>
</tr>
@ -48,7 +48,7 @@
{$headersDCount=0}
{foreach $slots as $slot}
{foreach $slot->moments as $id=>$moment}
<th colspan="1" class="bg-info" id="H{$headersDCount}">{$moment}</th>
<th colspan="1" class="bg-info" id="H{$headersDCount}">{$moment|html}</th>
{append var='headersD' value=$headersDCount}
{$headersDCount = $headersDCount+1}
{/foreach}
@ -66,7 +66,7 @@
<td class="bg-info" style="padding:5px">
<div class="input-group input-group-sm">
<span class="input-group-addon"><span class="glyphicon glyphicon-user"></span></span>
<input type="text" id="name" name="name" value="{$vote->name}" class="form-control" title="{_('Your name')}" placeholder="{_('Your name')}" />
<input type="text" id="name" name="name" value="{$vote->name|html}" class="form-control" title="{_('Your name')}" placeholder="{_('Your name')}" />
</div>
</td>
@ -76,31 +76,31 @@
<ul class="list-unstyled choice">
<li class="yes">
<input type="radio" id="y-choice-{$k}" name="choices[{$k}]" value="2" {if $choice==2}checked {/if}/>
<label class="btn btn-default btn-xs" for="y-choice-{$k}" title="{_('Vote yes for ')} . $radio_title[$k] . '">
<label class="btn btn-default btn-xs" for="y-choice-{$k}" title="{_('Vote yes for ')} . $radio_title[$k] . '">{* TODO Replace $radio_title *}
<span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Yes')}</span>
</label>
</li>
<li class="ifneedbe">
<input type="radio" id="i-choice-{$k}" name="choices[{$k}]" value="1" {if $choice==1}checked {/if}/>
<label class="btn btn-default btn-xs" for="i-choice-{$k}" title="{_('Vote ifneedbe for ')} . $radio_title[$k] . '">
<label class="btn btn-default btn-xs" for="i-choice-{$k}" title="{_('Vote ifneedbe for ')} . $radio_title[$k] . '">{* TODO Replace $radio_title *}
(<span class="glyphicon glyphicon-ok"></span>)<span class="sr-only">{_('Ifneedbe')}</span>
</label>
</li>
<li class="no">
<input type="radio" id="n-choice-{$k}" name="choices[{$k}]" value="0" {if $choice==0}checked {/if}/>
<label class="btn btn-default btn-xs" for="n-choice-{$k}" title="{_('Vote no for ')} . $radio_title[$k] . '">
<label class="btn btn-default btn-xs" for="n-choice-{$k}" title="{_('Vote no for ')} . $radio_title[$k] . '">{* TODO Replace $radio_title *}
<span class="glyphicon glyphicon-ban-circle"></span><span class="sr-only">{_('No')}</span>
</label>
</li>
</ul>
</td>
{/foreach}
<td style="padding:5px"><button type="submit" class="btn btn-success btn-xs" name="save" value="{$vote->id}" title="{_('Save the choices')} {$vote->name}">{_('Save')}</button></td>
<td style="padding:5px"><button type="submit" class="btn btn-success btn-xs" name="save" value="{$vote->id|html}" title="{_('Save the choices')} {$vote->name|html}">{_('Save')}</button></td>
{else}
{* Voted line *}
<th class="bg-info">{$vote->name}</th>
<th class="bg-info">{$vote->name|html}</th>
{foreach $vote->choices as $k=>$choice}
@ -116,11 +116,11 @@
{if $active && $poll->editable}
<td>
<button type="submit" class="btn btn-link btn-sm" name="edit_vote" value="{$vote->id}" title="{_('Edit the line:')} {$vote->name}">
<button type="submit" class="btn btn-link btn-sm" name="edit_vote" value="{$vote->id|html}" title="{_('Edit the line:')} {$vote->name|html}">
<span class="glyphicon glyphicon-pencil"></span><span class="sr-only">{_('Edit')}</span>
</button>
{if $admin}
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id}" title="{_('Remove the line:')} {$vote->name}">
<button type="submit" class="btn btn-link btn-sm" name="delete_vote" value="{$vote->id|html}" title="{_('Remove the line:')} {$vote->name|html}">
<span class="glyphicon glyphicon-remove text-danger"></span><span class="sr-only">{_('Remove')}</span>
</button>
{/if}
@ -149,19 +149,19 @@
<ul class="list-unstyled choice">
<li class="yes">
<input type="radio" id="y-choice-{$i}" name="choices[{$i}]" value="2" />
<label class="btn btn-default btn-xs" for="y-choice-{$i}" title="{_('Vote yes for')} {$slot->day|date_format:$date_format.txt_short} - {$moment}">
<label class="btn btn-default btn-xs" for="y-choice-{$i}" title="{_('Vote yes for')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
<span class="glyphicon glyphicon-ok"></span><span class="sr-only">{_('Yes')}</span>
</label>
</li>
<li class="ifneedbe">
<input type="radio" id="i-choice-{$i}" name="choices[{$i}]" value="1" />
<label class="btn btn-default btn-xs" for="i-choice-{$i}" title="{_('Vote ifneedbe for')} {$slot->day|date_format:$date_format.txt_short} - {$moment}">
<label class="btn btn-default btn-xs" for="i-choice-{$i}" title="{_('Vote ifneedbe for')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
(<span class="glyphicon glyphicon-ok"></span>)<span class="sr-only">{_('Ifneedbe')}</span>
</label>
</li>
<li class="no">
<input type="radio" id="n-choice-{$i}" name="choices[{$i}]" value="0" checked/>
<label class="btn btn-default btn-xs" for="n-choice-{$i}" title="{_('Vote no for')} {$slot->day|date_format:$date_format.txt_short} - {$moment}">
<label class="btn btn-default btn-xs" for="n-choice-{$i}" title="{_('Vote no for')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
<span class="glyphicon glyphicon-ban-circle"></span><span class="sr-only">{_('No')}</span>
</label>
</li>
@ -183,9 +183,9 @@
{foreach $best_choices as $best_moment}
{if $max == $best_moment}
{$count_bests = $count_bests +1}
<td><i class="glyphicon glyphicon-star text-warning"></i>{$best_moment}</td>
<td><i class="glyphicon glyphicon-star text-warning"></i>{$best_moment|html}</td>
{else}
<td>{$best_moment}</td>
<td>{$best_moment|html}</td>
{/if}
{/foreach}
</tr>
@ -201,11 +201,11 @@
{if $max > 0}
<div class="row">
{if $count_bests == 1}
<div class="col-sm-12"><h3>{_("Best choice")}</h3></div>
<div class="col-sm-12"><h3>{_('Best choice')}</h3></div>
<div class="col-sm-6 col-sm-offset-3 alert alert-success">
<p><span class="glyphicon glyphicon-star text-warning"></span>{_('The best choice at this time is:')}</p>
{elseif $count_bests > 1}
<div class="col-sm-12"><h3>{_("Best choices")}</h3></div>
<div class="col-sm-12"><h3>{_('Best choices')}</h3></div>
<div class="col-sm-6 col-sm-offset-3 alert alert-success">
<p><span class="glyphicon glyphicon-star text-warning"></span>{_('The bests choices at this time are:')}</p>
{/if}
@ -216,13 +216,13 @@
{foreach $slots as $slot}
{foreach $slot->moments as $moment}
{if $best_choices[$i] == $max}
<li><strong>{$slot->day|date_format:$date_format.txt_full} - {$moment}</strong></li>
<li><strong>{$slot->day|date_format:$date_format.txt_full|html} - {$moment|html}</strong></li>
{/if}
{$i = $i+1}
{/foreach}
{/foreach}
</ul>
<p>{_('with')} <b>{$max}</b> {if $max==1}{_('vote')}{else}{_('votes')}{/if}.</p>
<p>{_('with')} <b>{$max|html}</b> {if $max==1}{_('vote')}{else}{_('votes')}{/if}.</p>
</div>
</div>
{/if}

2
tpl/poll_deleted.tpl
View File

@ -3,6 +3,6 @@
{block name=main}
<div class="alert alert-success text-center">
<h2>{_("Your poll has been removed!")}</h2>
<p>{_('Back to the homepage of')} <a href="{$SERVER_URL}">{$APPLICATION_NAME}</a></p>
<p>{_('Back to the homepage of')} <a href="{$SERVER_URL|html}">{$APPLICATION_NAME|html}</a></p>
</div>
{/block}

2
tpl/studs.tpl
View File

@ -3,7 +3,7 @@
{block name=main}
{if !empty($message)}
<div class="alert alert-dismissible alert-{$message->type}" role="alert">{$message->message}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button></div>
<div class="alert alert-dismissible alert-{$message->type|html}" role="alert">{$message->message|html}<button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true">&times;</span></button></div>
{/if}
{* Global informations about the current poll *}