diff --git a/concrete/controllers/dialog/area/layout/presets.php b/concrete/controllers/dialog/area/layout/presets.php
index 1aaa957df06..edf5b819db1 100644
--- a/concrete/controllers/dialog/area/layout/presets.php
+++ b/concrete/controllers/dialog/area/layout/presets.php
@@ -32,7 +32,7 @@ public function view($arLayoutID)
$presets = array();
$presets['-1'] = t('** New');
foreach ($presetlist as $preset) {
- $presets[$preset->getAreaLayoutPresetID()] = $preset->getAreaLayoutPresetName();
+ $presets[$preset->getAreaLayoutPresetID()] = h($preset->getAreaLayoutPresetName());
}
$this->set('arLayout', $arLayout);
@@ -64,6 +64,7 @@ public function getPresetData($cID, $arLayoutPresetID)
public function submit($arLayoutID)
{
if ($this->validateAction()) {
+ $existingPreset = null;
$arLayout = AreaLayout::getByID($arLayoutID);
if (!is_object($arLayout)) {
throw new Exception(t('Invalid layout object.'));
diff --git a/concrete/controllers/dialog/event/delete.php b/concrete/controllers/dialog/event/delete.php
index ece1bd454d2..fe6afa7991c 100644
--- a/concrete/controllers/dialog/event/delete.php
+++ b/concrete/controllers/dialog/event/delete.php
@@ -38,42 +38,47 @@ public function __construct()
public function submit()
{
- $event = $this->eventService->getByID($_REQUEST['eventID'], EventService::EVENT_VERSION_RECENT);
- $e = \Core::make('error');
- if (!$event) {
- $e->add(t('Invalid event.'));
- }
- if (!$this->canAccess()) {
- $e->add(t('Access Denied.'));
- }
+ if ($this->validateAction()) {
+ $event = $this->eventService->getByID($_REQUEST['eventID'], EventService::EVENT_VERSION_RECENT);
+ $e = \Core::make('error');
+ if (!$event) {
+ $e->add(t('Invalid event.'));
+ }
+ if (!$this->canAccess()) {
+ $e->add(t('Access Denied.'));
+ }
- $r = new EditResponse($e);
- $year = date('Y');
- $month = date('m');
- $r->setRedirectURL(
- \URL::to(
- $this->preferences->getPreferredViewPath(),
- 'view',
- $event->getCalendar()->getID(),
- $year,
- $month
- )
- );
-
- if (!$e->has()) {
- $u = $this->app->make(User::class);
- $pkr = new DeleteCalendarEventRequest();
- $pkr->setCalendarEventVersionID($event->getRecentVersion()->getID());
- $pkr->setRequesterUserID($u->getUserID());
- $response = $pkr->trigger();
- if ($response instanceof Response) {
- $this->flash('success', t('Event deleted successfully.'));
- } else {
- $this->flash('success', t('Event deletion pending. This request must be approved before the event is fully removed.'));
+ $r = new EditResponse($e);
+ $year = date('Y');
+ $month = date('m');
+ $r->setRedirectURL(
+ \URL::to(
+ $this->preferences->getPreferredViewPath(),
+ 'view',
+ $event->getCalendar()->getID(),
+ $year,
+ $month
+ )
+ );
+
+ if (!$e->has()) {
+ $u = $this->app->make(User::class);
+ $pkr = new DeleteCalendarEventRequest();
+ $pkr->setCalendarEventVersionID($event->getRecentVersion()->getID());
+ $pkr->setRequesterUserID($u->getUserID());
+ $response = $pkr->trigger();
+ if ($response instanceof Response) {
+ $this->flash('success', t('Event deleted successfully.'));
+ } else {
+ $this->flash(
+ 'success',
+ t('Event deletion pending. This request must be approved before the event is fully removed.')
+ );
+ }
}
- }
- $r->outputJSON();
+ $r->outputJSON();
+ }
}
diff --git a/concrete/views/dialogs/area/layout/presets/manage.php b/concrete/views/dialogs/area/layout/presets/manage.php
index 93500d41d86..9b1cf7bb332 100644
--- a/concrete/views/dialogs/area/layout/presets/manage.php
+++ b/concrete/views/dialogs/area/layout/presets/manage.php
@@ -10,19 +10,19 @@
- - getAreaLayoutPresetName()?>
+
- getAreaLayoutPresetName())?>
-
-
-