[Files] Use p() instead of echo

11 years ago · 4860d03270
parent 470fc3817f
commit 4860d03270
6 changed files with 83 additions and 83 deletions
--- a/apps/files/index.php
+++ b/apps/files/index.php
@ -90,13 +90,13 @@ foreach (explode('/', $dir) as $i) {

 // make breadcrumb und filelist markup
 $list = new OCP\Template('files', 'part.list', '');
-$list->assign('files', $files, false);
-$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
-$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/')), false);
-$list->assign('disableSharing', false);
+$list->assign('files', $files);
+$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=');
+$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/')));
+$list->assign('disableSharing');
 $breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '');
-$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
-$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
+$breadcrumbNav->assign('breadcrumb', $breadcrumb);
+$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=');

 $permissions = OCP\PERMISSION_READ;
 if (\OC\Files\Filesystem::isCreatable($dir . '/')) {
@ -125,8 +125,8 @@ if ($needUpgrade) {
 	OCP\Util::addscript('files', 'files');
 	OCP\Util::addscript('files', 'keyboardshortcuts');
 	$tmpl = new OCP\Template('files', 'index', 'user');
-	$tmpl->assign('fileList', $list->fetchPage(), false);
-	$tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
+	$tmpl->assign('fileList', $list->fetchPage());
+	$tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage());
 	$tmpl->assign('dir', \OC\Files\Filesystem::normalizePath($dir));
 	$tmpl->assign('isCreatable', \OC\Files\Filesystem::isCreatable($dir . '/'));
 	$tmpl->assign('permissions', $permissions);
--- a/apps/files/templates/admin.php
+++ b/apps/files/templates/admin.php
@ -2,27 +2,27 @@

 <form name="filesForm" action='#' method='post'>
 	<fieldset class="personalblock">
-		<legend><strong><?php echo $l->t('File handling');?></strong></legend>
+		<legend><strong><?php p($l->t('File handling')); ?></strong></legend>
 		<?php if($_['uploadChangable']):?>
-			<label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label>
-			<input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/>
+			<label for="maxUploadSize"><?php p($l->t( 'Maximum upload size' )); ?> </label>
+			<input name='maxUploadSize' id="maxUploadSize" value='<?php p($_['uploadMaxFilesize']) ?>'/>
 			<?php if($_['displayMaxPossibleUploadSize']):?>
-				(<?php echo $l->t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>)
+				(<?php p($l->t('max. possible: ')); p($_['maxPossibleUploadSize']) ?>)
 			<?php endif;?>
 			<br/>
 		<?php endif;?>
 		<input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1"
-			   title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"
+			   title="<?php p($l->t( 'Needed for multi-file and folder downloads.' )); ?>"
 			   <?php if ($_['allowZipDownload']): ?> checked="checked"<?php endif; ?> />
-		<label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label><br/>
+		<label for="allowZipDownload"><?php p($l->t( 'Enable ZIP-download' )); ?></label><br/>

-		<input name="maxZipInputSize" id="maxZipInputSize" style="width:180px;" value='<?php echo $_['maxZipInputSize'] ?>'
-			   title="<?php echo $l->t( '0 is unlimited' ); ?>"
+		<input name="maxZipInputSize" id="maxZipInputSize" style="width:180px;" value='<?php p($_['maxZipInputSize']) ?>'
+			   title="<?php p($l->t( '0 is unlimited' )); ?>"
 			   <?php if (!$_['allowZipDownload']): ?> disabled="disabled"<?php endif; ?> /><br />
-		<em><?php echo $l->t( 'Maximum input size for ZIP files' ); ?> </em><br />
+		<em><?php p($l->t( 'Maximum input size for ZIP files' )); ?> </em><br />

-		<input type="hidden" value="<?php echo $_['requesttoken']; ?>" name="requesttoken" />
+		<input type="hidden" value="<?php p($_['requesttoken']); ?>" name="requesttoken" />
 		<input type="submit" name="submitFilesAdminSettings" id="submitFilesAdminSettings"
-			   value="<?php echo $l->t( 'Save' ); ?>"/>
+			   value="<?php p($l->t( 'Save' )); ?>"/>
 	</fieldset>
 </form>
--- a/apps/files/templates/index.php
+++ b/apps/files/templates/index.php
@ -1,62 +1,62 @@
 <!--[if IE 8]><style>input[type="checkbox"]{padding:0;}table td{position:static !important;}</style><![endif]-->
 <div id="controls">
-	<?php echo($_['breadcrumb']); ?>
+	<?php print_unescaped($_['breadcrumb']); ?>
 	<?php if ($_['isCreatable']):?>
 		<div class="actions <?php if (isset($_['files']) and count($_['files'])==0):?>emptyfolder<?php endif; ?>">
 			<div id="new" class="button">
-				<a><?php echo $l->t('New');?></a>
+				<a><?php p($l->t('New'));?></a>
 				<ul>
-					<li style="background-image:url('<?php echo OCP\mimetype_icon('text/plain') ?>')"
-						data-type='file'><p><?php echo $l->t('Text file');?></p></li>
-					<li style="background-image:url('<?php echo OCP\mimetype_icon('dir') ?>')"
-						data-type='folder'><p><?php echo $l->t('Folder');?></p></li>
-					<li style="background-image:url('<?php echo OCP\image_path('core', 'actions/public.png') ?>')"
-						data-type='web'><p><?php echo $l->t('From link');?></p></li>
+					<li style="background-image:url('<?php p(OCP\mimetype_icon('text/plain')) ?>')"
+						data-type='file'><p><?php p($l->t('Text file'));?></p></li>
+					<li style="background-image:url('<?php p(OCP\mimetype_icon('dir')) ?>')"
+						data-type='folder'><p><?php p($l->t('Folder'));?></p></li>
+					<li style="background-image:url('<?php p(OCP\image_path('core', 'actions/public.png')) ?>')"
+						data-type='web'><p><?php p($l->t('From link'));?></p></li>
 				</ul>
 			</div>
 			<div id="upload" class="button"
-				 title="<?php echo $l->t('Upload') . ' max. '.$_['uploadMaxHumanFilesize'] ?>">
+				 title="<?php p($l->t('Upload') . ' max. '.$_['uploadMaxHumanFilesize']) ?>">
 				<form data-upload-id='1'
 					  id="data-upload-form"
 					  class="file_upload_form"
-					  action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>"
+					  action="<?php print_unescaped(OCP\Util::linkTo('files', 'ajax/upload.php')); ?>"
 					  method="post"
 					  enctype="multipart/form-data"
 					  target="file_upload_target_1">
 					<input type="hidden" name="MAX_FILE_SIZE" id="max_upload"
-						   value="<?php echo $_['uploadMaxFilesize'] ?>">
+						   value="<?php p($_['uploadMaxFilesize']) ?>">
 					<!-- Send the requesttoken, this is needed for older IE versions
 						 because they don't send the CSRF token via HTTP header in this case -->
-					<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken">
+					<input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" id="requesttoken">
 					<input type="hidden" class="max_human_file_size"
-						   value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
-					<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
+						   value="(max <?php p($_['uploadMaxHumanFilesize']); ?>)">
+					<input type="hidden" name="dir" value="<?php p($_['dir']) ?>" id="dir">
 					<input type="file" id="file_upload_start" name='files[]'/>
 					<a href="#" class="svg" onclick="return false;"></a>
 				</form>
 			</div>
 			<?php if ($_['trash'] ): ?>
 			<div id="trash" class="button">
-				<a><?php echo $l->t('Deleted files');?></a>
+				<a><?php p($l->t('Deleted files'));?></a>
 			</div>
 			<?php endif; ?>
 			<div id="uploadprogresswrapper">
 				<div id="uploadprogressbar"></div>
 				<input type="button" class="stop" style="display:none"
-					value="<?php echo $l->t('Cancel upload');?>"
+					value="<?php p($l->t('Cancel upload'));?>"
 					onclick="javascript:Files.cancelUploads();"
 				/>
 			</div>
 		</div>
 		<div id="file_action_panel"></div>
 	<?php else:?>
-		<input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
+		<input type="hidden" name="dir" value="<?php p($_['dir']) ?>" id="dir">
 	<?php endif;?>
-	<input type="hidden" name="permissions" value="<?php echo $_['permissions']; ?>" id="permissions">
+	<input type="hidden" name="permissions" value="<?php p($_['permissions']); ?>" id="permissions">
 </div>

 <?php if (isset($_['files']) and $_['isCreatable'] and count($_['files'])==0):?>
-	<div id="emptyfolder"><?php echo $l->t('Nothing in here. Upload something!')?></div>
+	<div id="emptyfolder"><?php p($l->t('Nothing in here. Upload something!'))?></div>
 <?php endif; ?>

 <table>
@ -64,33 +64,33 @@
 		<tr>
 			<th id='headerName'>
 				<input type="checkbox" id="select_all" />
-				<span class='name'><?php echo $l->t( 'Name' ); ?></span>
+				<span class='name'><?php p($l->t( 'Name' )); ?></span>
 				<span class='selectedActions'>
 					<?php if($_['allowZipDownload']) : ?>
 						<a href="" class="download">
 							<img class="svg" alt="Download"
-								 src="<?php echo OCP\image_path("core", "actions/download.svg"); ?>" />
-							<?php echo $l->t('Download')?>
+								 src="<?php print_unescaped(OCP\image_path("core", "actions/download.svg")); ?>" />
+							<?php p($l->t('Download'))?>
 						</a>
 					<?php endif; ?>
 				</span>
 			</th>
-			<th id="headerSize"><?php echo $l->t( 'Size' ); ?></th>
+			<th id="headerSize"><?php p($l->t( 'Size' )); ?></th>
 			<th id="headerDate">
-				<span id="modified"><?php echo $l->t( 'Modified' ); ?></span>
+				<span id="modified"><?php p($l->t( 'Modified' )); ?></span>
 				<?php if ($_['permissions'] & OCP\PERMISSION_DELETE): ?>
 <!-- 					NOTE: Temporary fix to allow unsharing of files in root of Shared folder -->
 					<?php if ($_['dir'] == '/Shared'): ?>
 						<span class="selectedActions"><a href="" class="delete">
-							<?php echo $l->t('Unshare')?>
-							<img class="svg" alt="<?php echo $l->t('Unshare')?>"
-								 src="<?php echo OCP\image_path("core", "actions/delete.svg"); ?>" />
+							<?php p($l->t('Unshare'))?>
+							<img class="svg" alt="<?php p($l->t('Unshare'))?>"
+								 src="<?php print_unescaped(OCP\image_path("core", "actions/delete.svg")); ?>" />
 						</a></span>
 					<?php else: ?>
 						<span class="selectedActions"><a href="" class="delete">
-							<?php echo $l->t('Delete')?>
-							<img class="svg" alt="<?php echo $l->t('Delete')?>"
-								 src="<?php echo OCP\image_path("core", "actions/delete.svg"); ?>" />
+							<?php p($l->t('Delete'))?>
+							<img class="svg" alt="<?php p($l->t('Delete'))?>"
+								 src="<?php print_unescaped(OCP\image_path("core", "actions/delete.svg")); ?>" />
 						</a></span>
 					<?php endif; ?>
 				<?php endif; ?>
@ -98,24 +98,24 @@
 		</tr>
 	</thead>
 	<tbody id="fileList">
-		<?php echo($_['fileList']); ?>
+		<?php print_unescaped($_['fileList']); ?>
 	</tbody>
 </table>
 <div id="editor"></div>
-<div id="uploadsize-message" title="<?php echo $l->t('Upload too large')?>">
+<div id="uploadsize-message" title="<?php p($l->t('Upload too large'))?>">
 	<p>
-	<?php echo $l->t('The files you are trying to upload exceed the maximum size for file uploads on this server.');?>
+	<?php p($l->t('The files you are trying to upload exceed the maximum size for file uploads on this server.'));?>
 	</p>
 </div>
 <div id="scanning-message">
 	<h3>
-		<?php echo $l->t('Files are being scanned, please wait.');?> <span id='scan-count'></span>
+		<?php p($l->t('Files are being scanned, please wait.'));?> <span id='scan-count'></span>
 	</h3>
 	<p>
-		<?php echo $l->t('Current scanning');?> <span id='scan-current'></span>
+		<?php p($l->t('Current scanning'));?> <span id='scan-current'></span>
 	</p>
 </div>

 <!-- config hints for javascript -->
-<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php echo $_['allowZipDownload']; ?>" />
-<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php echo $_['usedSpacePercent']; ?>" />
+<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php p($_['allowZipDownload']); ?>" />
+<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php p($_['usedSpacePercent']); ?>" />
--- a/apps/files/templates/part.breadcrumb.php
+++ b/apps/files/templates/part.breadcrumb.php
@ -1,7 +1,7 @@
 <?php if(count($_["breadcrumb"])):?>
 	<div class="crumb">
-		<a href="<?php echo $_['baseURL']; ?>">
-			<img src="<?php echo OCP\image_path('core', 'places/home.svg');?>" class="svg" />
+		<a href="<?php print_unescaped($_['baseURL']); ?>">
+			<img src="<?php print_unescaped(OCP\image_path('core', 'places/home.svg'));?>" class="svg" />
 		</a>
 	</div>
 <?php endif;?>
@ -9,8 +9,8 @@
 	$crumb = $_["breadcrumb"][$i];
 	$dir = str_replace('+', '%20', urlencode($crumb["dir"]));
 	$dir = str_replace('%2F', '/', $dir); ?>
-	<div class="crumb <?php if($i == count($_["breadcrumb"])-1) echo 'last';?> svg"
-		 data-dir='<?php echo $dir;?>'>
-	<a href="<?php echo $_['baseURL'].$dir; ?>"><?php echo OCP\Util::sanitizeHTML($crumb["name"]); ?></a>
+	<div class="crumb <?php if($i == count($_["breadcrumb"])-1) p('last');?> svg"
+		 data-dir='<?php p($dir);?>'>
+	<a href="<?php p($_['baseURL'].$dir); ?>"><?php p($crumb["name"]); ?></a>
 	</div>
 <?php endfor;
--- a/apps/files/templates/part.list.php
+++ b/apps/files/templates/part.list.php
@ -1,4 +1,4 @@
-<input type="hidden" id="disableSharing" data-status="<?php echo $_['disableSharing']; ?>">
+<input type="hidden" id="disableSharing" data-status="<?php p($_['disableSharing']); ?>">

 <?php foreach($_['files'] as $file):
 	$simple_file_size = OCP\simple_file_size($file['size']);
@ -13,31 +13,31 @@
 	$name = str_replace('%2F', '/', $name);
 	$directory = str_replace('+', '%20', urlencode($file['directory']));
 	$directory = str_replace('%2F', '/', $directory); ?>
-	<tr data-id="<?php echo $file['fileid']; ?>"
-		data-file="<?php echo $name;?>"
-		data-type="<?php echo ($file['type'] == 'dir')?'dir':'file'?>"
-		data-mime="<?php echo $file['mimetype']?>"
-		data-size='<?php echo $file['size'];?>'
-		data-permissions='<?php echo $file['permissions']; ?>'>
+	<tr data-id="<?php p($file['fileid']); ?>"
+		data-file="<?php p($name);?>"
+		data-type="<?php p($file['type'] == 'dir')?'dir':'file'?>"
+		data-mime="<?php p($file['mimetype'])?>"
+		data-size='<?php p($file['size']);?>'
+		data-permissions='<?php p($file['permissions']); ?>'>
 		<td class="filename svg"
 		<?php if($file['type'] == 'dir'): ?>
-			style="background-image:url(<?php echo OCP\mimetype_icon('dir'); ?>)"
+			style="background-image:url(<?php print_unescaped(OCP\mimetype_icon('dir')); ?>)"
 		<?php else: ?>
-			style="background-image:url(<?php echo OCP\mimetype_icon($file['mimetype']); ?>)"
+			style="background-image:url(<?php print_unescaped(OCP\mimetype_icon($file['mimetype'])); ?>)"
 		<?php endif; ?>
 			>
 		<?php if(!isset($_['readonly']) || !$_['readonly']): ?><input type="checkbox" /><?php endif; ?>
 		<?php if($file['type'] == 'dir'): ?>
-			<a class="name" href="<?php echo $_['baseURL'].$directory.'/'.$name; ?>" title="">
+			<a class="name" href="<?php p($_['baseURL'].$directory.'/'.$name); ?>" title="">
 		<?php else: ?>
-			<a class="name" href="<?php echo $_['downloadURL'].$directory.'/'.$name; ?>" title="">
+			<a class="name" href="<?php p($_['downloadURL'].$directory.'/'.$name); ?>" title="">
 		<?php endif; ?>
 			<span class="nametext">
 				<?php if($file['type'] == 'dir'):?>
-					<?php echo htmlspecialchars($file['name']);?>
+					<?php p($file['name']);?>
 				<?php else:?>
-					<?php echo htmlspecialchars($file['basename']);?><span
-						class='extension'><?php echo $file['extension'];?></span>
+					<?php p($file['basename']);?><span
+						class='extension'><?php p($file['extension']);?></span>
 				<?php endif;?>
 			</span>
 			<?php if($file['type'] == 'dir'):?>
@ -47,17 +47,17 @@
 			</a>
 		</td>
 		<td class="filesize"
-			title="<?php echo OCP\human_file_size($file['size']); ?>"
-			style="color:rgb(<?php echo $simple_size_color.','.$simple_size_color.','.$simple_size_color ?>)">
-				<?php echo $simple_file_size; ?>
+			title="<?php p(OCP\human_file_size($file['size'])); ?>"
+			style="color:rgb(<?php p($simple_size_color.','.$simple_size_color.','.$simple_size_color) ?>)">
+				<?php p($simple_file_size); ?>
 		</td>
 		<td class="date">
 			<span class="modified"
-				  title="<?php echo $file['date']; ?>"
-				  style="color:rgb(<?php echo $relative_date_color.','
+				  title="<?php p($file['date']); ?>"
+				  style="color:rgb(<?php p($relative_date_color.','
 												.$relative_date_color.','
-												.$relative_date_color ?>)">
-				<?php echo $relative_modified_date; ?>
+												.$relative_date_color) ?>)">
+				<?php p($relative_modified_date); ?>
 			</span>
 		</td>
 	</tr>
--- a/apps/files/templates/upgrade.php
+++ b/apps/files/templates/upgrade.php
@ -1,4 +1,4 @@
 <div id="upgrade">
-	<?php echo $l->t('Upgrading filesystem cache...');?>
+	<?php p($l->t('Upgrading filesystem cache...'));?>
 	<div id="progressbar" />
 </div>