Skip to content

Commit

Permalink
[Templates] Escape sitename (#21008)
Browse files Browse the repository at this point in the history
  • Loading branch information
@SharkyKZ
SharkyKZ authored and Michael Babker committed Jul 11, 2018
1 parent c3349f2 commit 364c9e8
Show file tree
Hide file tree
Showing 4 changed files with 6 additions and 6 deletions.
2 changes: 1 addition & 1 deletion administrator/templates/isis/error.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@
$layout = $input->get('layout', '');
$task = $input->get('task', '');
$itemid = $input->get('Itemid', 0, 'int');
$sitename = $app->get('sitename');
$sitename = htmlspecialchars($app->get('sitename'), ENT_QUOTES, 'UTF-8');

$cpanel = ($option === 'com_cpanel');

Expand Down
2 changes: 1 addition & 1 deletion templates/protostar/error.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
$layout = $app->input->getCmd('layout', '');
$task = $app->input->getCmd('task', '');
$itemid = $app->input->getCmd('Itemid', '');
$sitename = $app->get('sitename');
$sitename = htmlspecialchars($app->get('sitename'), ENT_QUOTES, 'UTF-8');

if ($task === 'edit' || $layout === 'form')
{
Expand Down
2 changes: 1 addition & 1 deletion templates/protostar/index.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@
$layout = $app->input->getCmd('layout', '');
$task = $app->input->getCmd('task', '');
$itemid = $app->input->getCmd('Itemid', '');
$sitename = $app->get('sitename');
$sitename = htmlspecialchars($app->get('sitename'), ENT_QUOTES, 'UTF-8');

if ($task === 'edit' || $layout === 'form')
{
Expand Down
6 changes: 3 additions & 3 deletions templates/protostar/offline.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@
JHtml::_('bootstrap.loadCss', false, $this->direction);

// Logo file or site title param
$sitename = $app->get('sitename');
$sitename = htmlspecialchars($app->get('sitename'), ENT_QUOTES, 'UTF-8');

if ($this->params->get('logoFile'))
{
Expand Down Expand Up @@ -104,10 +104,10 @@
<?php if (!empty($logo)) : ?>
<h1><?php echo $logo; ?></h1>
<?php else : ?>
<h1><?php echo htmlspecialchars($app->get('sitename')); ?></h1>
<h1><?php echo $sitename; ?></h1>
<?php endif; ?>
<?php if ($app->get('offline_image') && file_exists($app->get('offline_image'))) : ?>
<img src="<?php echo $app->get('offline_image'); ?>" alt="<?php echo htmlspecialchars($app->get('sitename')); ?>" />
<img src="<?php echo $app->get('offline_image'); ?>" alt="<?php echo $sitename; ?>" />
<?php endif; ?>
<?php if ($app->get('display_offline_message', 1) == 1 && str_replace(' ', '', $app->get('offline_message')) !== '') : ?>
<p><?php echo $app->get('offline_message'); ?></p>
Expand Down

0 comments on commit 364c9e8

Please sign in to comment.