From 9a2ca0ae6404169062c2d66b89b8bc5fe2fc45af Mon Sep 17 00:00:00 2001 From: Michael Gapczynski Date: Tue, 26 Feb 2013 13:31:15 -0500 Subject: [PATCH 01/94] Check resharing setting --- lib/public/share.php | 26 ++++++++++++++++++++++++-- tests/lib/share/share.php | 5 ++++- 2 files changed, 28 insertions(+), 3 deletions(-) diff --git a/lib/public/share.php b/lib/public/share.php index 37cf0838ed1..8146a23f360 100644 --- a/lib/public/share.php +++ b/lib/public/share.php @@ -61,6 +61,7 @@ class Share { private static $shareTypeGroupUserUnique = 2; private static $backends = array(); private static $backendTypes = array(); + private static $isResharingAllowed; /** * @brief Register a sharing backend class that implements OCP\Share_Backend for an item type @@ -567,6 +568,24 @@ class Share { throw new \Exception($message); } + /** + * @brief Check if resharing is allowed + * @return Returns true if allowed or false + * + * Resharing is allowed by default if not configured + * + */ + private static function isResharingAllowed() { + if (!isset(self::$isResharingAllowed)) { + if (\OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes') == 'yes') { + self::$isResharingAllowed = true; + } else { + self::$isResharingAllowed = false; + } + } + return self::$isResharingAllowed; + } + /** * @brief Get a list of collection item types for the specified item type * @param string Item type @@ -840,7 +859,10 @@ class Share { continue; } } - + // Check if resharing is allowed, if not remove share permission + if (isset($row['permissions']) && !self::isResharingAllowed()) { + $row['permissions'] &= ~PERMISSION_SHARE; + } // Add display names to result if ( isset($row['share_with']) && $row['share_with'] != '') { $row['share_with_displayname'] = \OCP\User::getDisplayName($row['share_with']); @@ -978,7 +1000,7 @@ class Share { throw new \Exception($message); } // Check if share permissions is granted - if ((int)$checkReshare['permissions'] & PERMISSION_SHARE) { + if (self::isResharingAllowed() && (int)$checkReshare['permissions'] & PERMISSION_SHARE) { if (~(int)$checkReshare['permissions'] & $permissions) { $message = 'Sharing '.$itemSource .' failed, because the permissions exceed permissions granted to '.$uidOwner; diff --git a/tests/lib/share/share.php b/tests/lib/share/share.php index ab43e47726b..e7d441a7e78 100644 --- a/tests/lib/share/share.php +++ b/tests/lib/share/share.php @@ -28,7 +28,7 @@ class Test_Share extends PHPUnit_Framework_TestCase { protected $groupBackend; protected $group1; protected $group2; - + protected $resharing; public function setUp() { OC_User::clearBackends(); @@ -56,11 +56,14 @@ class Test_Share extends PHPUnit_Framework_TestCase { OCP\Share::registerBackend('test', 'Test_Share_Backend'); OC_Hook::clear('OCP\\Share'); OC::registerShareHooks(); + $this->resharing = OC_Appconfig::getValue('core', 'shareapi_allow_resharing', 'yes'); + OC_Appconfig::setValue('core', 'shareapi_allow_resharing', 'yes'); } public function tearDown() { $query = OC_DB::prepare('DELETE FROM `*PREFIX*share` WHERE `item_type` = ?'); $query->execute(array('test')); + OC_Appconfig::setValue('core', 'shareapi_allow_resharing', $this->resharing); } public function testShareInvalidShareType() { From 470fc3817f67c4f13217e14bf8040668d5374e4b Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 20:53:52 +0100 Subject: [PATCH 02/94] Remove the template autoescaping Ref #1963 --- lib/template.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/lib/template.php b/lib/template.php index ce55e58d28d..fcf18fee415 100644 --- a/lib/template.php +++ b/lib/template.php @@ -341,7 +341,6 @@ class OC_Template{ * @brief Assign variables * @param string $key key * @param string $value value - * @param bool $sanitizeHTML false, if data shouldn't get passed through htmlentities * @return bool * * This function assigns a variable. It can be accessed via $_[$key] in @@ -349,8 +348,7 @@ class OC_Template{ * * If the key existed before, it will be overwritten */ - public function assign( $key, $value, $sanitizeHTML=true ) { - if($sanitizeHTML == true) $value=OC_Util::sanitizeHTML($value); + public function assign( $key, $value) { $this->vars[$key] = $value; return true; } From 4860d03270a9caa9c5e686c6eeb31fd8adfbedf5 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:14:15 +0100 Subject: [PATCH 03/94] [Files] Use p() instead of echo --- apps/files/index.php | 16 ++--- apps/files/templates/admin.php | 22 +++---- apps/files/templates/index.php | 74 ++++++++++++------------ apps/files/templates/part.breadcrumb.php | 10 ++-- apps/files/templates/part.list.php | 42 +++++++------- apps/files/templates/upgrade.php | 2 +- 6 files changed, 83 insertions(+), 83 deletions(-) diff --git a/apps/files/index.php b/apps/files/index.php index 434e98c6ea8..579e19cf115 100644 --- a/apps/files/index.php +++ b/apps/files/index.php @@ -90,13 +90,13 @@ foreach (explode('/', $dir) as $i) { // make breadcrumb und filelist markup $list = new OCP\Template('files', 'part.list', ''); -$list->assign('files', $files, false); -$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false); -$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/')), false); -$list->assign('disableSharing', false); +$list->assign('files', $files); +$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir='); +$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/'))); +$list->assign('disableSharing'); $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', ''); -$breadcrumbNav->assign('breadcrumb', $breadcrumb, false); -$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false); +$breadcrumbNav->assign('breadcrumb', $breadcrumb); +$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir='); $permissions = OCP\PERMISSION_READ; if (\OC\Files\Filesystem::isCreatable($dir . '/')) { @@ -125,8 +125,8 @@ if ($needUpgrade) { OCP\Util::addscript('files', 'files'); OCP\Util::addscript('files', 'keyboardshortcuts'); $tmpl = new OCP\Template('files', 'index', 'user'); - $tmpl->assign('fileList', $list->fetchPage(), false); - $tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage(), false); + $tmpl->assign('fileList', $list->fetchPage()); + $tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage()); $tmpl->assign('dir', \OC\Files\Filesystem::normalizePath($dir)); $tmpl->assign('isCreatable', \OC\Files\Filesystem::isCreatable($dir . '/')); $tmpl->assign('permissions', $permissions); diff --git a/apps/files/templates/admin.php b/apps/files/templates/admin.php index ad69b5519d9..0ab931a467c 100644 --- a/apps/files/templates/admin.php +++ b/apps/files/templates/admin.php @@ -2,27 +2,27 @@
- t('File handling');?> + t('File handling')); ?> - - '/> + + '/> - (t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>) + (t('max. possible: ')); p($_['maxPossibleUploadSize']) ?>)
checked="checked" /> -
+
- ' - title="t( '0 is unlimited' ); ?>" + ' + title="t( '0 is unlimited' )); ?>" disabled="disabled" />
- t( 'Maximum input size for ZIP files' ); ?>
+ t( 'Maximum input size for ZIP files' )); ?>
- + + value="t( 'Save' )); ?>"/>
diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php index c7bf0d21c13..ed6dd2f04cf 100644 --- a/apps/files/templates/index.php +++ b/apps/files/templates/index.php @@ -1,62 +1,62 @@
- +
- t('New');?> + t('New'));?>
    -

  • t('Text file');?>

    • -

  • t('Folder');?>

    • -

  • t('From link');?>

    • +

  • t('Text file'));?>

    • +

  • t('Folder'));?>

    • +

  • t('From link'));?>

+ title="t('Upload') . ' max. '.$_['uploadMaxHumanFilesize']) ?>">
+ value=""> - + - + value="(max )"> +
- + - +
-
t('Nothing in here. Upload something!')?>
+
t('Nothing in here. Upload something!'))?>
@@ -64,33 +64,33 @@ - + - +
- t( 'Name' ); ?> + t( 'Name' )); ?> Download" /> - t('Download')?> + src="" /> + t('Download'))?> t( 'Size' ); ?>t( 'Size' )); ?> - t( 'Modified' ); ?> + t( 'Modified' )); ?> - t('Unshare')?> - <?php echo $l->t('Unshare')?>" /> + t('Unshare'))?> + <?php p($l->t('Unshare'))?>" /> - t('Delete')?> - <?php echo $l->t('Delete')?>" /> + t('Delete'))?> + <?php p($l->t('Delete'))?>" /> @@ -98,24 +98,24 @@
-
+

- t('The files you are trying to upload exceed the maximum size for file uploads on this server.');?> + t('The files you are trying to upload exceed the maximum size for file uploads on this server.'));?>

- t('Files are being scanned, please wait.');?> + t('Files are being scanned, please wait.'));?>

- t('Current scanning');?> + t('Current scanning'));?>

- - + + diff --git a/apps/files/templates/part.breadcrumb.php b/apps/files/templates/part.breadcrumb.php index f01cb8d212a..7ea1755d1d7 100644 --- a/apps/files/templates/part.breadcrumb.php +++ b/apps/files/templates/part.breadcrumb.php @@ -1,7 +1,7 @@
- - + +
@@ -9,8 +9,8 @@ $crumb = $_["breadcrumb"][$i]; $dir = str_replace('+', '%20', urlencode($crumb["dir"])); $dir = str_replace('%2F', '/', $dir); ?> -
svg" - data-dir=''> - +
svg" + data-dir=''> +
"> + - ' - data-permissions=''> + ' + data-permissions=''> - style="background-image:url()" + style="background-image:url()" - style="background-image:url()" + style="background-image:url()" > - + - + - + - + @@ -47,17 +47,17 @@ - + title="" + style="color:rgb()"> + " + style="color:rgb()"> - + .$relative_date_color) ?>)"> + diff --git a/apps/files/templates/upgrade.php b/apps/files/templates/upgrade.php index de6cc713028..e03f086e47d 100644 --- a/apps/files/templates/upgrade.php +++ b/apps/files/templates/upgrade.php @@ -1,4 +1,4 @@
- t('Upgrading filesystem cache...');?> + t('Upgrading filesystem cache...'));?>
From 85209287bba82cbc274ac624737248fe27aae8a2 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:19:11 +0100 Subject: [PATCH 04/94] [Files] Use htmlspecialchars() --- apps/files/templates/part.list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/apps/files/templates/part.list.php b/apps/files/templates/part.list.php index 25763da57a8..86c2cc70766 100644 --- a/apps/files/templates/part.list.php +++ b/apps/files/templates/part.list.php @@ -34,9 +34,9 @@ - + - From 7f8eddffe4b728021666d598bd13088e17b7e713 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:20:37 +0100 Subject: [PATCH 05/94] [files_encryption] Use p() instead of echo() --- apps/files_encryption/templates/settings-personal.php | 8 ++++---- apps/files_encryption/templates/settings.php | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/apps/files_encryption/templates/settings-personal.php b/apps/files_encryption/templates/settings-personal.php index 8c3bf491d84..5f0accaed5f 100644 --- a/apps/files_encryption/templates/settings-personal.php +++ b/apps/files_encryption/templates/settings-personal.php @@ -1,19 +1,19 @@
- t( 'Encryption' ); ?> + t( 'Encryption' )); ?>

- t( 'File encryption is enabled.' ); ?> + t( 'File encryption is enabled.' )); ?>

- t( 'The following file types will not be encrypted:' ); ?> + t( 'The following file types will not be encrypted:' )); ?>

  • - +
diff --git a/apps/files_encryption/templates/settings.php b/apps/files_encryption/templates/settings.php index f7ef8a8efe6..b873d7f5aaf 100644 --- a/apps/files_encryption/templates/settings.php +++ b/apps/files_encryption/templates/settings.php @@ -2,17 +2,17 @@

- t( 'Encryption' ); ?> + t( 'Encryption' )); ?> - t( "Exclude the following file types from encryption:" ); ?> + t( "Exclude the following file types from encryption:" )); ?>

From 236507a19fe4d541c931944603cd38ec823cb3af Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:31:27 +0100 Subject: [PATCH 06/94] [files_external] From echo to p --- apps/files_external/personal.php | 4 +- apps/files_external/settings.php | 4 +- apps/files_external/templates/settings.php | 108 ++++++++++----------- 3 files changed, 58 insertions(+), 58 deletions(-) diff --git a/apps/files_external/personal.php b/apps/files_external/personal.php index 268d1880232..90f5e159535 100755 --- a/apps/files_external/personal.php +++ b/apps/files_external/personal.php @@ -26,9 +26,9 @@ $backends = OC_Mount_Config::getBackends(); // Remove local storage unset($backends['\OC\Files\Storage\Local']); $tmpl = new OCP\Template('files_external', 'settings'); -$tmpl->assign('isAdminPage', false, false); +$tmpl->assign('isAdminPage', false); $tmpl->assign('mounts', OC_Mount_Config::getPersonalMountPoints()); $tmpl->assign('certs', OC_Mount_Config::getCertificates()); -$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies(), false); +$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies()); $tmpl->assign('backends', $backends); return $tmpl->fetchPage(); diff --git a/apps/files_external/settings.php b/apps/files_external/settings.php index cd0bfa99585..1a39affe2e6 100644 --- a/apps/files_external/settings.php +++ b/apps/files_external/settings.php @@ -27,11 +27,11 @@ OCP\Util::addscript('3rdparty', 'chosen/chosen.jquery.min'); OCP\Util::addStyle('files_external', 'settings'); OCP\Util::addStyle('3rdparty', 'chosen/chosen'); $tmpl = new OCP\Template('files_external', 'settings'); -$tmpl->assign('isAdminPage', true, false); +$tmpl->assign('isAdminPage', true); $tmpl->assign('mounts', OC_Mount_Config::getSystemMountPoints()); $tmpl->assign('backends', OC_Mount_Config::getBackends()); $tmpl->assign('groups', OC_Group::getGroups()); $tmpl->assign('users', OCP\User::getUsers()); -$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies(), false); +$tmpl->assign('dependencies', OC_Mount_Config::checkDependencies()); $tmpl->assign('allowUserMounting', OCP\Config::getAppValue('files_external', 'allow_user_mounting', 'yes')); return $tmpl->fetchPage(); diff --git a/apps/files_external/templates/settings.php b/apps/files_external/templates/settings.php index 76d691eedb2..76d3db1404f 100644 --- a/apps/files_external/templates/settings.php +++ b/apps/files_external/templates/settings.php @@ -1,44 +1,44 @@
- t('External Storage'); ?> - '')) echo ''.$_['dependencies'].''; ?> - '> + t('External Storage')); ?> + '')) print_unescaped(''.$_['dependencies'].''); ?> +
'> - - - - - '.$l->t('Applicable').''; ?> + + + + + '.OC_Util::sanitizeHTML($l->t('Applicable')).''); ?> array())); ?> $mount): ?> - > + > + placeholder="t('Folder name')); ?>" /> + data-class=""> + src="" /> @@ -125,9 +125,9 @@ /> -
- t('Allow users to mount their own external storage'); ?> + value="1" /> +
+ t('Allow users to mount their own external storage')); ?> @@ -136,27 +136,27 @@ + action="">
- t('SSL root certificates');?> -
t('Folder name'); ?>t('External storage'); ?>t('Configuration'); ?>t('Folder name')); ?>t('External storage')); ?>t('Configuration')); ?> 
- + - '> + style="display:none;">t('Add storage')); ?> $backend): ?> - + @@ -47,29 +47,29 @@ + data-parameter="" + value="" + placeholder="" /> + /> + data-parameter="" + value="" + placeholder="" /> + data-parameter="" + value="" /> + data-parameter="" + value="" + placeholder="" /> @@ -82,27 +82,27 @@ ' + print_unescaped(json_encode($mount['applicable']['groups'])); ?>' data-applicable-users=''> + print_unescaped(json_encode($mount['applicable']['users'])); ?>'> @@ -110,10 +110,10 @@ class="remove" style="visibility:hidden;" - ><?php echo $l->t('Delete'); ?>><?php p($l->t('Delete')); ?>
'> + t('SSL root certificates'));?> +
'> - - + + + src="" />
class="remove" style="visibility:hidden;" - ><?php echo $l->t('Delete'); ?>><?php p($l->t('Delete')); ?>
- + - +
From 221ecf63ab92cfbdfe2204dfccbb90ff68e09426 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:37:14 +0100 Subject: [PATCH 07/94] [files_sharing] From echo to p --- apps/files_sharing/public.php | 17 ++++---- apps/files_sharing/templates/authenticate.php | 6 +-- apps/files_sharing/templates/public.php | 40 +++++++++---------- 3 files changed, 31 insertions(+), 32 deletions(-) diff --git a/apps/files_sharing/public.php b/apps/files_sharing/public.php index 243ee668f1f..e345b91e293 100644 --- a/apps/files_sharing/public.php +++ b/apps/files_sharing/public.php @@ -168,18 +168,17 @@ if (isset($path)) { } } $list = new OCP\Template('files', 'part.list', ''); - $list->assign('files', $files, false); + $list->assign('files', $files); $list->assign('disableSharing', true); - $list->assign('baseURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&path=', false); + $list->assign('baseURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&path='); $list->assign('downloadURL', - OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&download&path=', - false); + OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&download&path='); $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', ''); - $breadcrumbNav->assign('breadcrumb', $breadcrumb, false); - $breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&path=', false); + $breadcrumbNav->assign('breadcrumb', $breadcrumb); + $breadcrumbNav->assign('baseURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&path='); $folder = new OCP\Template('files', 'index', ''); - $folder->assign('fileList', $list->fetchPage(), false); - $folder->assign('breadcrumb', $breadcrumbNav->fetchPage(), false); + $folder->assign('fileList', $list->fetchPage()); + $folder->assign('breadcrumb', $breadcrumbNav->fetchPage()); $folder->assign('dir', $getPath); $folder->assign('isCreatable', false); $folder->assign('permissions', 0); @@ -188,7 +187,7 @@ if (isset($path)) { $folder->assign('uploadMaxHumanFilesize', 0); $folder->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); $folder->assign('usedSpacePercent', 0); - $tmpl->assign('folder', $folder->fetchPage(), false); + $tmpl->assign('folder', $folder->fetchPage()); $tmpl->assign('allowZipDownload', intval(OCP\Config::getSystemValue('allowZipDownload', true))); $tmpl->assign('downloadURL', OCP\Util::linkToPublic('files') . $urlLinkIdentifiers . '&download&path=' . urlencode($getPath)); diff --git a/apps/files_sharing/templates/authenticate.php b/apps/files_sharing/templates/authenticate.php index 6bce6857ac8..b6ef82da6f0 100644 --- a/apps/files_sharing/templates/authenticate.php +++ b/apps/files_sharing/templates/authenticate.php @@ -1,9 +1,9 @@ -
+

- + - +

\ No newline at end of file diff --git a/apps/files_sharing/templates/public.php b/apps/files_sharing/templates/public.php index f9ff12679bc..88692445ec3 100644 --- a/apps/files_sharing/templates/public.php +++ b/apps/files_sharing/templates/public.php @@ -1,43 +1,43 @@ - - - - + + + +
- +
- +

ownCloud – -t('web services under your control'); ?>

+t('web services under your control')); ?>

From c9415e65299e8588eb4e7fb52838eebcc0cae16f Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:40:06 +0100 Subject: [PATCH 08/94] [files] Unescape file size --- apps/files/templates/part.list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apps/files/templates/part.list.php b/apps/files/templates/part.list.php index 86c2cc70766..cdd157b27e4 100644 --- a/apps/files/templates/part.list.php +++ b/apps/files/templates/part.list.php @@ -49,7 +49,7 @@ - + Date: Wed, 27 Feb 2013 21:46:37 +0100 Subject: [PATCH 09/94] [files_trashbin] From echo to p --- apps/files_trashbin/index.php | 14 +++---- apps/files_trashbin/templates/index.php | 22 +++++----- apps/files_trashbin/templates/part.list.php | 46 ++++++++++----------- 3 files changed, 41 insertions(+), 41 deletions(-) diff --git a/apps/files_trashbin/index.php b/apps/files_trashbin/index.php index 2f1fb32f8ce..913bac1fbb7 100644 --- a/apps/files_trashbin/index.php +++ b/apps/files_trashbin/index.php @@ -82,18 +82,18 @@ foreach (explode('/', $dir) as $i) { } $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', ''); -$breadcrumbNav->assign('breadcrumb', $breadcrumb, false); -$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files_trashbin', 'index.php') . '?dir=', false); +$breadcrumbNav->assign('breadcrumb', $breadcrumb); +$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files_trashbin', 'index.php') . '?dir='); $list = new OCP\Template('files_trashbin', 'part.list', ''); -$list->assign('files', $files, false); -$list->assign('baseURL', OCP\Util::linkTo('files_trashbin', 'index.php'). '?dir='.$dir, false); -$list->assign('downloadURL', OCP\Util::linkTo('files_trashbin', 'download.php') . '?file='.$dir, false); +$list->assign('files', $files); +$list->assign('baseURL', OCP\Util::linkTo('files_trashbin', 'index.php'). '?dir='.$dir); +$list->assign('downloadURL', OCP\Util::linkTo('files_trashbin', 'download.php') . '?file='.$dir); $list->assign('disableSharing', true); $list->assign('dirlisting', $dirlisting); $list->assign('disableDownloadActions', true); -$tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage(), false); -$tmpl->assign('fileList', $list->fetchPage(), false); +$tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage()); +$tmpl->assign('fileList', $list->fetchPage()); $tmpl->assign('files', $files); $tmpl->assign('dirlisting', $dirlisting); $tmpl->assign('dir', OC_Filesystem::normalizePath($view->getAbsolutePath())); diff --git a/apps/files_trashbin/templates/index.php b/apps/files_trashbin/templates/index.php index aaeeb5c6f6e..4c865d8981c 100644 --- a/apps/files_trashbin/templates/index.php +++ b/apps/files_trashbin/templates/index.php @@ -1,12 +1,12 @@
- +
-
t('Nothing in here. Your trash bin is empty!')?>
+
t('Nothing in here. Your trash bin is empty!'))?>
@@ -14,28 +14,28 @@ - +
- t( 'Name' ); ?> + t( 'Name' )); ?> - <?php echo $l->t( 'Restore' ); ?>" /> - t('Restore')?> + <?php p($l->t( 'Restore' )); ?>" /> + t('Restore'))?> - t( 'Deleted' ); ?> + t( 'Deleted' )); ?> - t('Delete')?> - <?php echo $l->t('Delete')?>" /> + t('Delete'))?> + <?php p($l->t('Delete'))?>" />
diff --git a/apps/files_trashbin/templates/part.list.php b/apps/files_trashbin/templates/part.list.php index dea0a43cd4c..176ed6f03b3 100644 --- a/apps/files_trashbin/templates/part.list.php +++ b/apps/files_trashbin/templates/part.list.php @@ -1,4 +1,4 @@ - + - ' + ' - id="" - data-file="" + id="" + data-file="" data-timestamp='' data-dirlisting=1 - id="" - data-file="" - data-timestamp='' + id="" + data-file="" + data-timestamp='' data-dirlisting=0 > - style="background-image:url()" + style="background-image:url()" - style="background-image:url()" + style="background-image:url()" > - + - + - + - + - + - + @@ -60,11 +60,11 @@ " + style="color:rgb()"> - + .$relative_date_color) ?>)"> + From fc5331eaecdcb91073256a058890d22c3f2b093e Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 21:50:22 +0100 Subject: [PATCH 10/94] [files_versions] From echo to p --- apps/files_versions/templates/history.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/apps/files_versions/templates/history.php b/apps/files_versions/templates/history.php index c450af66ad5..f7284439041 100644 --- a/apps/files_versions/templates/history.php +++ b/apps/files_versions/templates/history.php @@ -5,29 +5,29 @@ if( isset( $_['message'] ) ) { - if( isset($_['path'] ) ) echo('File: '.$_['path'] ).'
'; - echo(''.$_['message'] ).'
'; + if( isset($_['path'] ) ) print_unescaped('File: '.OC_Util::sanitizeHTML($_['path'])).'
'; + print_unescaped(''.OC_Util::sanitizeHTML($_['message']) ).'
'; }else{ if( isset( $_['outcome_stat'] ) ) { - echo( '

'.$_['outcome_msg'] ).'


'; + print_unescaped( '

'.OC_Util::sanitizeHTML($_['outcome_msg']) ).'


'; } - echo( 'Versions of '.$_['path'] ).'
'; - echo('

'.$l->t('Revert a file to a previous version by clicking on its revert button').'


'); + print_unescaped( 'Versions of '.OC_Util::sanitizeHTML($_['path']) ).'
'; + print_unescaped('

'.OC_Util::sanitizeHTML($l->t('Revert a file to a previous version by clicking on its revert button')).'


'); foreach ( $_['versions'] as $v ) { - echo ' '; - echo OCP\Util::formatDate( doubleval($v['version']) ); - echo ' Revert

'; + p(' '); + p(OCP\Util::formatDate( doubleval($v['version']))); + print_unescaped(' Revert

'); if ( $v['cur'] ) { - echo ' (Current)'; + print_unescaped(' (Current)'); } - echo '

'; + print_unescaped('

'); } } From df1d90433dd21699a8a7f4121ceef242b768ec2a Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 22:04:57 +0100 Subject: [PATCH 11/94] [user_ldap] From echo to p --- apps/user_ldap/settings.php | 2 +- apps/user_ldap/templates/settings.php | 108 +++++++++++++------------- 2 files changed, 55 insertions(+), 55 deletions(-) diff --git a/apps/user_ldap/settings.php b/apps/user_ldap/settings.php index d5d2f648b38..c55a718a82a 100644 --- a/apps/user_ldap/settings.php +++ b/apps/user_ldap/settings.php @@ -52,7 +52,7 @@ foreach($prefixes as $prefix) { if(count($prefixes) == 0) { $scoHtml .= ''; } -$tmpl->assign('serverConfigurationOptions', $scoHtml, false); +$tmpl->assign('serverConfigurationOptions', $scoHtml); // assign default values if(!isset($ldap)) { diff --git a/apps/user_ldap/templates/settings.php b/apps/user_ldap/templates/settings.php index a882e5b7548..cd004cec4b3 100644 --- a/apps/user_ldap/templates/settings.php +++ b/apps/user_ldap/templates/settings.php @@ -5,85 +5,85 @@
  • Advanced
    • '.$l->t('Warning: Apps user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour. Please ask your system administrator to disable one of them.').'

    '; + print_unescaped('

    '.$l->t('Warning: Apps user_ldap and user_webdavauth are incompatible. You may experience unexpected behaviour. Please ask your system administrator to disable one of them.').'

    '); } if(!function_exists('ldap_connect')) { - echo '

    '.$l->t('Warning: The PHP LDAP module is not installed, the backend will not work. Please ask your system administrator to install it.').'

    '; + print_unescaped('

    '.$l->t('Warning: The PHP LDAP module is not installed, the backend will not work. Please ask your system administrator to install it.').'

    '); } ?>
    -

    +

    -

    -

    -

    -

    -

    -

    -

    +

    +

    +

    +

    +

    +

    +

    -

    + data-default="" + title="t('For anonymous access, leave DN and Password empty.'));?>" />

    +

    -
    t('use %%uid placeholder, e.g. "uid=%%uid"');?>

    -

    + data-default="" + title="t('Defines the filter to apply, when login is attempted. %%uid replaces the username in the login action.'));?>" /> +
    t('use %%uid placeholder, e.g. "uid=%%uid"'));?>

    +

    -
    t('without any placeholder, e.g. "objectClass=person".');?>

    -

    + data-default="" + title="t('Defines the filter to apply, when retrieving users.'));?>" /> +
    t('without any placeholder, e.g. "objectClass=person".'));?>

    +

    -
    t('without any placeholder, e.g. "objectClass=posixGroup".');?>

    + data-default="" + title="t('Defines the filter to apply, when retrieving groups.'));?>" /> +
    t('without any placeholder, e.g. "objectClass=posixGroup".'));?>

    -

    t('Connection Settings');?>

    +

    t('Connection Settings'));?>

    -

    -

    -

    -

    -

    -

    -

    >

    -


    t('Not recommended, use for testing only.');?>

    -

    +

    +

    +

    +

    +

    +

    +

    >

    +


    t('Not recommended, use for testing only.'));?>

    +

    -

    t('Directory Settings');?>

    +

    t('Directory Settings'));?>

    -

    -

    -

    -

    -

    -

    -

    +

    +

    +

    +

    +

    +

    +

    -

    t('Special Attributes');?>

    +

    t('Special Attributes'));?>

    -

    -

    -

    -

    +

    +

    +

    +

    - t('Help');?> + t('Help'));?>
    From 0b5b4955357753e63ab1a88a04341836c37c24ae Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 22:06:50 +0100 Subject: [PATCH 12/94] [user_webdavauth] From echo to p --- apps/user_webdavauth/templates/settings.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/apps/user_webdavauth/templates/settings.php b/apps/user_webdavauth/templates/settings.php index 45f4d81aecf..ec6524ee4f7 100755 --- a/apps/user_webdavauth/templates/settings.php +++ b/apps/user_webdavauth/templates/settings.php @@ -1,9 +1,9 @@
    - t('WebDAV Authentication');?> -

    - + t('WebDAV Authentication'));?> +

    + -
    t('ownCloud will send the user credentials to this URL. This plugin checks the response and will interpret the HTTP statuscodes 401 and 403 as invalid credentials, and all other responses as valid credentials.'); ?> +
    t('ownCloud will send the user credentials to this URL. This plugin checks the response and will interpret the HTTP statuscodes 401 and 403 as invalid credentials, and all other responses as valid credentials.')); ?>

    From 40e51d13d2fd028fa13902b12814532d1de15f5a Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 22:35:37 +0100 Subject: [PATCH 13/94] Remove uneeded file --- core/templates/exception.php | 32 -------------------------------- 1 file changed, 32 deletions(-) delete mode 100644 core/templates/exception.php diff --git a/core/templates/exception.php b/core/templates/exception.php deleted file mode 100644 index 4059c7e047d..00000000000 --- a/core/templates/exception.php +++ /dev/null @@ -1,32 +0,0 @@ -
      -
    • -
      - We're sorry, but something went terribly wrong.
       -

      - bug tracker,' - .' please copy the following informations into the description.

      '; - } else { - echo 'Your administrator has disabled systeminformations.'; - } - ?> -

      -
      -
      • -
    From 229c907a57a4a64730e7b58f59cb8f7f627bfaf3 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Wed, 27 Feb 2013 22:55:39 +0100 Subject: [PATCH 14/94] [core] From echo to p --- core/templates/403.php | 4 +- core/templates/404.php | 4 +- core/templates/edit_categories_dialog.php | 6 +- core/templates/error.php | 4 +- core/templates/installation.php | 82 +++++++------- core/templates/layout.base.php | 16 +-- core/templates/layout.guest.php | 20 ++-- core/templates/layout.user.php | 52 ++++----- core/templates/login.php | 32 +++--- core/templates/part.pagenavi.php | 8 +- core/templates/update.php | 4 +- lib/setup.php | 2 +- lib/template.php | 6 +- lib/templatelayout.php | 10 +- settings/apps.php | 2 +- settings/templates/admin.php | 118 ++++++++++----------- settings/templates/apps.php | 28 ++--- settings/templates/help.php | 18 ++-- settings/templates/oauth-required-apps.php | 6 +- settings/templates/oauth.php | 4 +- settings/templates/personal.php | 68 ++++++------ settings/templates/settings.php | 2 +- settings/templates/users.php | 108 +++++++++---------- 23 files changed, 302 insertions(+), 302 deletions(-) diff --git a/core/templates/403.php b/core/templates/403.php index fbf0e64fdb6..6e910fd2e82 100644 --- a/core/templates/403.php +++ b/core/templates/403.php @@ -9,7 +9,7 @@ if(!isset($_)) {//also provide standalone error page ?>
    • - t( 'Access forbidden' ); ?>
      -

      + t( 'Access forbidden' )); ?>
      +

    diff --git a/core/templates/404.php b/core/templates/404.php index c111fd70fa9..ee17f0de8e1 100644 --- a/core/templates/404.php +++ b/core/templates/404.php @@ -9,7 +9,7 @@ if(!isset($_)) {//also provide standalone error page ?>
    • - t( 'Cloud not found' ); ?>
      -

      + t( 'Cloud not found' )); ?>
      +

    diff --git a/core/templates/edit_categories_dialog.php b/core/templates/edit_categories_dialog.php index d0b7b5ee62a..ea155bdf0ba 100644 --- a/core/templates/edit_categories_dialog.php +++ b/core/templates/edit_categories_dialog.php @@ -1,19 +1,19 @@ -
    +
      -
      • +
    - +
    diff --git a/core/templates/error.php b/core/templates/error.php index 4f05e008f99..3305f3fba9c 100644 --- a/core/templates/error.php +++ b/core/templates/error.php @@ -1,8 +1,8 @@
    • -
      -

      +
      +

    diff --git a/core/templates/installation.php b/core/templates/installation.php index aca9648d0bf..f8c91e37eb4 100644 --- a/core/templates/installation.php +++ b/core/templates/installation.php @@ -1,8 +1,8 @@ -'> -'> -'> -'> -'> +'> +'> +'> +'> +'>
    0): ?> @@ -10,10 +10,10 @@
  • - -

    + +

    - +
    • @@ -21,54 +21,54 @@
    - t('Security Warning');?> -

    t('No secure random number generator is available, please enable the PHP OpenSSL extension.');?>
    - t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.');?>

    + t('Security Warning'));?> +

    t('No secure random number generator is available, please enable the PHP OpenSSL extension.'));?>
    + t('Without a secure random number generator an attacker may be able to predict password reset tokens and take over your account.'));?>

    - t('Security Warning');?> -

    t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.');?>
    - t('For information how to properly configure your server, please see the documentation.');?>

    + t('Security Warning'));?> +

    t('Your data directory and files are probably accessible from the internet because the .htaccess file does not work.'));?>
    + t('For information how to properly configure your server, please see the documentation.'));?>

    - t( 'Create an admin account' ); ?> + t( 'Create an admin account' )); ?>

    - - + value="" autocomplete="off" autofocus required /> + +

    - - + value="" /> + +

    - t( 'Advanced' ); ?> + t( 'Advanced' )); ?>
    - + + value="" />
    - t( 'Configure the database' ); ?> + t( 'Configure the database' ); ?>
    -

    SQLite t( 'will be used' ); ?>.

    +

    SQLite t( 'will be used' )); ?>.

    -

    MySQL t( 'will be used' ); ?>.

    +

    MySQL t( 'will be used' )); ?>.

    -

    PostgreSQL t( 'will be used' ); ?>.

    +

    PostgreSQL t( 'will be used' )); ?>.

    @@ -102,7 +102,7 @@ -

    Oracle t( 'will be used' ); ?>.

    +

    Oracle t( 'will be used' )); ?>.

    @@ -114,7 +114,7 @@ -

    MS SQL t( 'will be used' ); ?>.

    +

    MS SQL t( 'will be used' )); ?>.

    @@ -126,19 +126,19 @@

    - + + value="" autocomplete="off" />

    - + + value="" />

    - +

    @@ -146,18 +146,18 @@

    - + + value="" autocomplete="off" />

    - + + value="" />

    -
    +
    diff --git a/core/templates/layout.base.php b/core/templates/layout.base.php index 47d552069a0..0ada957478e 100644 --- a/core/templates/layout.base.php +++ b/core/templates/layout.base.php @@ -3,26 +3,26 @@ ownCloud - - + + - + - + $value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>)'; ?> - + diff --git a/core/templates/layout.guest.php b/core/templates/layout.guest.php index a84e2b8cef7..03d58c9eae1 100644 --- a/core/templates/layout.guest.php +++ b/core/templates/layout.guest.php @@ -4,22 +4,22 @@ ownCloud - - + + - + - + $value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>'); ?> @@ -27,11 +27,11 @@
    - +

    ownCloud – - t( 'web services under your control' ); ?>

    + t( 'web services under your control' )); ?>

    diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php index 10540cfe362..2b53cc0ae5d 100644 --- a/core/templates/layout.user.php +++ b/core/templates/layout.user.php @@ -1,56 +1,56 @@ - <?php echo !empty($_['application'])?$_['application'].' | ':'' ?>ownCloud - <?php echo !empty($_['user_displayname'])?' ('.$_['user_displayname'].') ':'' ?> + <?php p(!empty($_['application'])?$_['application'].' | ':'') ?>ownCloud + <?php p(!empty($_['user_displayname'])?' ('.$_['user_displayname'].') ':'') ?> - - + + - + - + $value) { - echo "$name='$value' "; + print_unescaped("$name='$value' "); }; - echo '/>'; + print_unescaped('/>'); ?> - +
    @@ -66,11 +66,11 @@