Chapril/date.chapril.org-framadate
Chapril/date.chapril.org-framadate
24
1
Fork 0
Code Issues Pull Requests Releases Activity

Adapting html escape for emails

Browse Source
This commit is contained in:
Antonin 2016-05-02 17:44:14 +02:00
parent c5c1dee6a7
commit f4aa091b80
2 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
app/classes/Framadate/Utils.php
View File

@ -190,6 +190,10 @@ class Utils {
return htmlentities($html, ENT_HTML5 | ENT_QUOTES); return htmlentities($html, ENT_HTML5 | ENT_QUOTES);
} }
public static function htmlMailEscape($html) {
return htmlspecialchars($html, ENT_HTML5 | ENT_QUOTES, 'UTF-8');
}
public static function csvEscape($text) { public static function csvEscape($text) {
$escaped = str_replace('"', '""', $text); $escaped = str_replace('"', '""', $text);
$escaped = str_replace("\r\n", '', $escaped); $escaped = str_replace("\r\n", '', $escaped);

13
create_classic_poll.php
View File

@ -100,18 +100,15 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
if ($config['use_smtp'] === true) { if ($config['use_smtp'] === true) {
$message = __('Mail', "This is the message you have to send to the people you want to poll. \nNow, you have to send this message to everyone you want to poll."); $message = __('Mail', "This is the message you have to send to the people you want to poll. \nNow, you have to send this message to everyone you want to poll.");
$message .= '<br/><br/>'; $message .= '<br/><br/>';
$message .= Utils::htmlEscape($_SESSION['form']->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlEscape($_SESSION['form']->title) . '".<br/>'; $message .= Utils::htmlMailEscape($_SESSION['form']->admin_name) . ' ' . __('Mail', 'hast just created a poll called') . ' : "' . Utils::htmlMailEscape($_SESSION['form']->title) . '".<br/>';
$message .= __('Mail', 'Thanks for filling the poll at the link above') . ' :<br/><br/><a href="%1$s">%1$s</a>'; $message .= sprintf(__('Mail', 'Thanks for filling the poll at the link above') . ' :<br/><br/><a href="%1$s">%1$s</a>', Utils::getUrlSondage($poll_id));
$message_admin = __('Mail', "This message should NOT be sent to the polled people. It is private for the poll's creator.\n\nYou can now modify it at the link above"); $message_admin = __('Mail', "This message should NOT be sent to the polled people. It is private for the poll's creator.\n\nYou can now modify it at the link above");
$message_admin .= ' :<br/><br/><a href="%1$s">%1$s</a>'; $message_admin .= sprintf(' :<br/><br/><a href="%1$s">%1$s</a>', Utils::getUrlSondage($admin_poll_id, true));
$message = sprintf($message, Utils::getUrlSondage($poll_id));
$message_admin = sprintf($message_admin, Utils::getUrlSondage($admin_poll_id, true));
if ($mailService->isValidEmail($_SESSION['form']->admin_mail)) { if ($mailService->isValidEmail($_SESSION['form']->admin_mail)) {
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($_SESSION['form']->title), $message_admin); $mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'Author\'s message') . '] ' . __('Generic', 'Poll') . ': ' . $_SESSION['form']->title, $message_admin);
$mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . Utils::htmlEscape($_SESSION['form']->title), $message); $mailService->send($_SESSION['form']->admin_mail, '[' . NOMAPPLICATION . '][' . __('Mail', 'For sending to the polled users') . '] ' . __('Generic', 'Poll') . ': ' . $_SESSION['form']->title, $message);
} }
} }