Fixes #1310

agentejo · Jun 17, 2020 · 74de99d · 74de99d
1 parent 0023068
commit 74de99d
Show file tree

Hide file tree

Showing 16 changed files with 23 additions and 23 deletions.
diff --git a/modules/Cockpit/views/layouts/login.php b/modules/Cockpit/views/layouts/login.php
@@ -102,7 +102,7 @@
             this.error = false;
             this.$user  = null;
 
-            var redirectTo = '{{ $redirectTo }}';
+            var redirectTo = '{{ htmlspecialchars($redirectTo, ENT_QUOTES, 'UTF-8') }}';
 
             submit(e) {
 

diff --git a/modules/Collections/views/entries.php b/modules/Collections/views/entries.php
@@ -33,7 +33,7 @@ function CollectionHasFieldAccess(field) {
         <li><a href="@route('/collections')">@lang('Collections')</a></li>
         <li class="uk-active" data-uk-dropdown="mode:'hover', delay:300">
 
-            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('collections')->hasaccess($collection['name'], 'collection_edit'))
             <div class="uk-dropdown">

diff --git a/modules/Collections/views/entry.php b/modules/Collections/views/entry.php
@@ -25,7 +25,7 @@
             <ul class="uk-breadcrumb">
                 <li><a href="@route('/collections')">@lang('Collections')</a></li>
                 <li data-uk-dropdown="mode:'hover', delay:300">
-                    <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+                    <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
                     @if($app->module('collections')->hasaccess($collection['name'], 'collection_edit'))
                     <div class="uk-dropdown">

diff --git a/modules/Collections/views/import/collection.php b/modules/Collections/views/import/collection.php
@@ -6,7 +6,7 @@
         <li><a href="@route('/collections')">@lang('Collections')</a></li>
         <li data-uk-dropdown="mode:'hover, delay:300'">
 
-            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             <div class="uk-dropdown">
                 <ul class="uk-nav uk-nav-dropdown">

diff --git a/modules/Collections/views/locked.php b/modules/Collections/views/locked.php
@@ -8,7 +8,7 @@
     <ul class="uk-breadcrumb">
         <li><a href="@route('/collections')">@lang('Collections')</a></li>
         <li data-uk-dropdown="mode:'hover', delay:300">
-            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('collections')->hasaccess($collection['name'], 'collection_edit'))
             <div class="uk-dropdown">

diff --git a/modules/Collections/views/partials/entries.php b/modules/Collections/views/partials/entries.php
@@ -36,7 +36,7 @@
         <img class="uk-svg-adjust" src="@url($collection['icon'] ? 'assets:app/media/icons/'.$collection['icon']:'collections:icon.svg')" width="50" alt="icon" data-uk-svg>
         @if($collection['description'])
         <div class="uk-container-center uk-margin-top uk-width-medium-1-2">
-            {{ htmlspecialchars($collection['description']) }}
+            {{ htmlspecialchars($collection['description'], ENT_QUOTES, 'UTF-8') }}
         </div>
         @endif
     </div>
@@ -61,7 +61,7 @@
                 <img class="uk-svg-adjust" src="@url($collection['icon'] ? 'assets:app/media/icons/'.$collection['icon']:'collections:icon.svg')" width="50" alt="icon" data-uk-svg>
                 @if($collection['description'])
                 <div class="uk-margin-top uk-text-small uk-text-muted">
-                    {{ htmlspecialchars($collection['description']) }}
+                    {{ htmlspecialchars($collection['description'], ENT_QUOTES, 'UTF-8') }}
                 </div>
                 @endif
                 <hr>

diff --git a/modules/Collections/views/partials/entries.sortable.php b/modules/Collections/views/partials/entries.sortable.php
@@ -19,7 +19,7 @@
         <img class="uk-svg-adjust" src="@url($collection['icon'] ? 'assets:app/media/icons/'.$collection['icon']:'collections:icon.svg')" width="50" alt="icon" data-uk-svg>
         @if($collection['description'])
         <div class="uk-container-center uk-margin-top uk-width-medium-1-2">
-            {{ htmlspecialchars($collection['description']) }}
+            {{ htmlspecialchars($collection['description'], ENT_QUOTES, 'UTF-8') }}
         </div>
         @endif
     </div>
@@ -33,7 +33,7 @@
                 <img class="uk-svg-adjust" src="@url($collection['icon'] ? 'assets:app/media/icons/'.$collection['icon']:'collections:icon.svg')" width="50" alt="icon" data-uk-svg>
                 @if($collection['description'])
                 <div class="uk-margin-top uk-text-small uk-text-muted">
-                    {{ htmlspecialchars($collection['description']) }}
+                    {{ htmlspecialchars($collection['description'], ENT_QUOTES, 'UTF-8') }}
                 </div>
                 @endif
                 <hr>

diff --git a/modules/Collections/views/revisions.php b/modules/Collections/views/revisions.php
@@ -17,7 +17,7 @@
     <ul class="uk-breadcrumb">
         <li><a href="@route('/collections')">@lang('Collections')</a></li>
         <li data-uk-dropdown="mode:'hover', delay:300">
-            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+            <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('collections')->hasaccess($collection['name'], 'collection_edit'))
             <div class="uk-dropdown">

diff --git a/modules/Collections/views/trash/collection.php b/modules/Collections/views/trash/collection.php
@@ -10,7 +10,7 @@
         <li><a href="@route('/collections')">@lang('Collections')</a></li>
         <li class="uk-active" data-uk-dropdown="mode:'hover', delay:300">
 
-        <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</a>
+        <a href="@route('/collections/entries/'.$collection['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('collections')->hasaccess($collection['name'], 'collection_edit'))
             <div class="uk-dropdown">
@@ -65,7 +65,7 @@
                 </div>
 
                 <h3>
-                    <strong>{{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name']) }}</strong>
+                    <strong>{{ htmlspecialchars(@$collection['label'] ? $collection['label']:$collection['name'], ENT_QUOTES, 'UTF-8') }}</strong>
                     @lang('Trash')
                 </h3>
             </div>

diff --git a/modules/Collections/views/widgets/dashboard.php b/modules/Collections/views/widgets/dashboard.php
@@ -28,7 +28,7 @@
 
                                     <img class="uk-margin-small-right uk-svg-adjust" src="@url(isset($col['icon']) && $col['icon'] ? 'assets:app/media/icons/'.$col['icon']:'collections:icon.svg')" width="18px" alt="icon" data-uk-svg>
 
-                                    {{ htmlspecialchars(@$col['label'] ? $col['label'] : $col['name']) }}
+                                    {{ htmlspecialchars(@$col['label'] ? $col['label'] : $col['name'], ENT_QUOTES, 'UTF-8') }}
                                 </a>
                             </div>
                             <div>

diff --git a/modules/Forms/views/entries.php b/modules/Forms/views/entries.php
@@ -10,7 +10,7 @@
         <li><a href="@route('/forms')">@lang('Forms')</a></li>
         <li class="uk-active" data-uk-dropdown>
 
-            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$form['label'] ? $form['label']:$form['name']) }}</a>
+            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$form['label'] ? $form['label']:$form['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             <div class="uk-dropdown">
                 <ul class="uk-nav uk-nav-dropdown">
@@ -33,7 +33,7 @@
         <img class="uk-svg-adjust" src="@url($form['icon'] ? 'assets:app/media/icons/'.$form['icon']:'forms:icon.svg')" width="50" alt="icon" data-uk-svg>
         @if($form['description'])
         <div class="uk-container-center uk-margin-top uk-width-medium-1-2">
-            {{ htmlspecialchars($form['description']) }}
+            {{ htmlspecialchars($form['description'], ENT_QUOTES, 'UTF-8') }}
         </div>
         @endif
     </div>
@@ -57,7 +57,7 @@
                 <img class="uk-svg-adjust" src="@url($form['icon'] ? 'assets:app/media/icons/'.$form['icon']:'forms:icon.svg')" width="50" alt="icon" data-uk-svg>
                 @if($form['description'])
                 <div class="uk-margin-top uk-text-small">
-                    {{ htmlspecialchars($form['description']) }}
+                    {{ htmlspecialchars($form['description'], ENT_QUOTES, 'UTF-8') }}
                 </div>
                 @endif
                 <hr>
@@ -71,7 +71,7 @@
 
             <div class="uk-flex-item-1 uk-flex uk-flex-middle uk-h3">
                 <div class="uk-margin-small-right"><img src="@url($form['icon'] ? 'assets:app/media/icons/'.$form['icon']:'forms:icon.svg')" width="40" alt="icon"></div>
-                <strong class="uk-margin-small-right">{{ htmlspecialchars(@$form['label'] ? $form['label']:$form['name']) }}</strong> 
+                <strong class="uk-margin-small-right">{{ htmlspecialchars(@$form['label'] ? $form['label']:$form['name'], ENT_QUOTES, 'UTF-8') }}</strong> 
                 @lang('Entries')
             </div>
 

diff --git a/modules/Forms/views/widgets/dashboard.php b/modules/Forms/views/widgets/dashboard.php
@@ -27,7 +27,7 @@
 
                             <img class="uk-margin-small-right uk-svg-adjust" src="@url(isset($form['icon']) && $form['icon'] ? 'assets:app/media/icons/'.$form['icon']:'forms:icon.svg')" width="18px" alt="icon" data-uk-svg>
 
-                            {{ htmlspecialchars(@$form['label'] ? $form['label'] : $form['name']) }}
+                            {{ htmlspecialchars(@$form['label'] ? $form['label'] : $form['name'], ENT_QUOTES, 'UTF-8') }}
                         </a>
                     </li>
                     @endforeach

diff --git a/modules/Singletons/views/form.php b/modules/Singletons/views/form.php
@@ -19,7 +19,7 @@
                 <li><a href="@route('/singletons')">@lang('Singletons')</a></li>
                 <li class="uk-active" data-uk-dropdown>
 
-                    <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name']) }}</a>
+                    <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
                     @if($app->module('singletons')->hasaccess($singleton['name'], 'edit'))
                     <div class="uk-dropdown">
@@ -73,7 +73,7 @@
 
         @if($singleton['description'])
         <div class="uk-margin uk-text-muted">
-            {{ htmlspecialchars($singleton['description']) }}
+            {{ htmlspecialchars($singleton['description'], ENT_QUOTES, 'UTF-8') }}
         </div>
         @endif
 

diff --git a/modules/Singletons/views/locked.php b/modules/Singletons/views/locked.php
@@ -10,7 +10,7 @@
         <li><a href="@route('/singletons')">@lang('Singletons')</a></li>
         <li class="uk-active" data-uk-dropdown>
 
-            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name']) }}</a>
+            <a><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('singletons')->hasaccess($singleton['name'], 'edit'))
             <div class="uk-dropdown">

diff --git a/modules/Singletons/views/revisions.php b/modules/Singletons/views/revisions.php
@@ -17,7 +17,7 @@
     <ul class="uk-breadcrumb">
         <li><a href="@route('/singletons')">@lang('Singletons')</a></li>
         <li data-uk-dropdown="mode:'hover', delay:300">
-            <a href="@route('/singletons/form/'.$singleton['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name']) }}</a>
+            <a href="@route('/singletons/form/'.$singleton['name'])"><i class="uk-icon-bars"></i> {{ htmlspecialchars(@$singleton['label'] ? $singleton['label']:$singleton['name'], ENT_QUOTES, 'UTF-8') }}</a>
 
             @if($app->module('singletons')->hasaccess($singleton['name'], 'edit'))
             <div class="uk-dropdown">

diff --git a/modules/Singletons/views/widgets/dashboard.php b/modules/Singletons/views/widgets/dashboard.php
@@ -27,7 +27,7 @@
 
                             <img class="uk-margin-small-right uk-svg-adjust" src="@url(isset($singleton['icon']) && $singleton['icon'] ? 'assets:app/media/icons/'.$singleton['icon']:'singletons:icon.svg')" width="18px" alt="icon" data-uk-svg>
 
-                            {{ htmlspecialchars(@$singleton['label'] ? $singleton['label'] : $singleton['name']) }}
+                            {{ htmlspecialchars(@$singleton['label'] ? $singleton['label'] : $singleton['name'], ENT_QUOTES, 'UTF-8') }}
                         </a>
                     </li>
                     @endforeach