Move URL encore to Utils::getUrlSondage
This commit is contained in:
parent
afe8eac89b
commit
171d45938c
@ -104,6 +104,9 @@ class Utils {
|
|||||||
* @return string The poll's URL.
|
* @return string The poll's URL.
|
||||||
*/
|
*/
|
||||||
public static function getUrlSondage($id, $admin = false, $vote_id = '', $action = null, $action_value = null) {
|
public static function getUrlSondage($id, $admin = false, $vote_id = '', $action = null, $action_value = null) {
|
||||||
|
// URL-Encode $action_value
|
||||||
|
$action_value = $action_value == null ? null : urlencode($action_value);
|
||||||
|
|
||||||
if (URL_PROPRE) {
|
if (URL_PROPRE) {
|
||||||
if ($admin === true) {
|
if ($admin === true) {
|
||||||
$url = self::get_server_name() . $id . '/admin';
|
$url = self::get_server_name() . $id . '/admin';
|
||||||
|
@ -49,7 +49,7 @@ function smarty_function_poll_url($params, Smarty_Internal_Template $template) {
|
|||||||
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
$poll_id = filter_var($params['id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]);
|
||||||
$admin = (isset($params['admin']) && $params['admin']) ? true : false;
|
$admin = (isset($params['admin']) && $params['admin']) ? true : false;
|
||||||
$action = (isset($params['action']) && !empty($params['action'])) ? Utils::htmlEscape($params['action']) : false;
|
$action = (isset($params['action']) && !empty($params['action'])) ? Utils::htmlEscape($params['action']) : false;
|
||||||
$action_value = (isset($params['action_value']) && !empty($params['action_value'])) ? Utils::htmlEscape($params['action_value']) : false;
|
$action_value = (isset($params['action_value']) && !empty($params['action_value'])) ? $params['action_value'] : false;
|
||||||
$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';
|
$vote_unique_id = isset($params['vote_id']) ? filter_var($params['vote_id'], FILTER_VALIDATE_REGEXP, ['options' => ['regexp' => POLL_REGEX]]) : '';
|
||||||
|
|
||||||
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
|
// If filter_var fails (i.e.: hack tentative), it will return false. At least no leak is possible from this.
|
||||||
|
@ -14,7 +14,7 @@
|
|||||||
<th role="presentation"></th>
|
<th role="presentation"></th>
|
||||||
{foreach $slots as $id=>$slot}
|
{foreach $slots as $id=>$slot}
|
||||||
<td headers="C{$id}">
|
<td headers="C{$id}">
|
||||||
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=urlencode($slot->title)}"
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->title}"
|
||||||
class="btn btn-link btn-sm" title="{__('adminstuds', 'Remove the column')} {$slot->title|html}">
|
class="btn btn-link btn-sm" title="{__('adminstuds', 'Remove the column')} {$slot->title|html}">
|
||||||
<i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span>
|
<i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span>
|
||||||
</a>
|
</a>
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
{foreach $slots as $slot}
|
{foreach $slots as $slot}
|
||||||
{foreach $slot->moments as $id=>$moment}
|
{foreach $slot->moments as $id=>$moment}
|
||||||
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
|
<td headers="M{$slot@key} D{$headersDCount} H{$headersDCount}">
|
||||||
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->day|cat:'@'|cat:urlencode($moment)}"
|
<a href="{poll_url id=$admin_poll_id admin=true action='delete_column' action_value=$slot->day|cat:'@'|cat:$moment}"
|
||||||
class="btn btn-link btn-sm"
|
class="btn btn-link btn-sm"
|
||||||
title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
|
title="{__('adminstuds', 'Remove the column')} {$slot->day|date_format:$date_format.txt_short|html} - {$moment|html}">
|
||||||
<i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span>
|
<i class="glyphicon glyphicon-remove text-danger"></i><span class="sr-only">{__('Generic', 'Remove')}</span>
|
||||||
|
Loading…
Reference in New Issue
Block a user