diff --git a/app/classes/Framadate/Utils.php b/app/classes/Framadate/Utils.php
index 700fb85fea620ebfa8f3aec51391a73f4b190d4d..04348e2f19d4cedabcdb252e3afa6dea5fa069a6 100644
--- a/app/classes/Framadate/Utils.php
+++ b/app/classes/Framadate/Utils.php
@@ -30,7 +30,7 @@ class Utils {
$dirname = str_replace('/admin', '', $dirname);
$server_name = $_SERVER['SERVER_NAME'] . $port . $dirname;
- return $scheme . '://' . preg_replace('#//+#', '/', $server_name);
+ return $scheme . '://' . preg_replace('#//+#', '/', $server_name);
}
public static function is_error($cerr) {
@@ -51,10 +51,10 @@ class Utils {
* @deprecated
*/
public static function print_header($title = '') {
- global $html_lang;
+ global $locale;
echo '<!DOCTYPE html>
- <html lang="' . $html_lang . '">
+ <html lang="' . $locale . '">
<head>
<meta charset="utf-8" />';
@@ -73,7 +73,7 @@ class Utils {
<script type="text/javascript" src="' . self::get_server_name() . 'js/jquery-1.11.1.min.js"></script>
<script type="text/javascript" src="' . self::get_server_name() . 'js/bootstrap.min.js"></script>
<script type="text/javascript" src="' . self::get_server_name() . 'js/bootstrap-datepicker.js"></script>
- <script type="text/javascript" src="' . self::get_server_name() . 'js/locales/bootstrap-datepicker.' . $html_lang . '.js"></script>
+ <script type="text/javascript" src="' . self::get_server_name() . 'js/locales/bootstrap-datepicker.' . $locale . '.js"></script>
<script type="text/javascript" src="' . self::get_server_name() . 'js/core.js"></script>';
if (file_exists($_SERVER['DOCUMENT_ROOT'] . "/nav/nav.js")) {
echo '<script src="/nav/nav.js" id="nav_js" type="text/javascript" charset="utf-8"></script><!-- /Framanav -->';
@@ -103,18 +103,18 @@ class Utils {
* @param string $vote_id (optional) The vote's unique id
* @return string The poll's URL.
*/
- public static function getUrlSondage($id, $admin = false, $vote_id='', $action=null, $action_value=null) {
+ public static function getUrlSondage($id, $admin = false, $vote_id = '', $action = null, $action_value = null) {
if (URL_PROPRE) {
if ($admin === true) {
$url = self::get_server_name() . $id . '/admin';
} else {
- $url = self::get_server_name() . $id;
+ $url = self::get_server_name() . $id;
}
if ($vote_id != '') {
- $url .= '/vote/'.$vote_id."#edit";
+ $url .= '/vote/' . $vote_id . "#edit";
}
if ($action != null && $action_value != null) {
- $url .= '/action/'.$action.'/'.$action_value;
+ $url .= '/action/' . $action . '/' . $action_value;
}
} else {
if ($admin === true) {
@@ -123,10 +123,10 @@ class Utils {
$url = self::get_server_name() . 'studs.php?poll=' . $id;
}
if ($vote_id != '') {
- $url .= '&vote='.$vote_id."#edit";
+ $url .= '&vote=' . $vote_id . "#edit";
}
if ($action != null && $action_value != null) {
- $url .= '&'.$action."=".$action_value;
+ $url .= '&' . $action . "=" . $action_value;
}
}
@@ -154,22 +154,22 @@ class Utils {
preg_match_all('/\[(.*?)\]\((.*?)\)/', $md, $md_a); // Markdown [text](href)
if (isset($md_a_img[2][0]) && $md_a_img[2][0] != '' && isset($md_a_img[3][0]) && $md_a_img[3][0] != '') { // [](href)
- $text = stripslashes($md_a_img[1][0]);
- $html = '<a href="' . $md_a_img[3][0] . '"><img src="' . $md_a_img[2][0] . '" class="img-responsive" alt="' . $text . '" title="' . $text . '" /></a>';
+ $text = self::htmlEscape($md_a_img[1][0]);
+ $html = '<a href="' . self::htmlEscape($md_a_img[3][0]) . '"><img src="' . self::htmlEscape($md_a_img[2][0]) . '" class="img-responsive" alt="' . $text . '" title="' . $text . '" /></a>';
} elseif (isset($md_img[2][0]) && $md_img[2][0] != '') { // 
- $text = stripslashes($md_img[1][0]);
- $html = '<img src="' . $md_img[2][0] . '" class="img-responsive" alt="' . $text . '" title="' . $text . '" />';
+ $text = self::htmlEscape($md_img[1][0]);
+ $html = '<img src="' . self::htmlEscape($md_img[2][0]) . '" class="img-responsive" alt="' . $text . '" title="' . $text . '" />';
} elseif (isset($md_a[2][0]) && $md_a[2][0] != '') { // [text](href)
- $text = stripslashes($md_a[1][0]);
+ $text = self::htmlEscape($md_a[1][0]);
$html = '<a href="' . $md_a[2][0] . '">' . $text . '</a>';
} else { // text only
- $text = stripslashes($md);
+ $text = self::htmlEscape($md);
$html = $text;
}
diff --git a/app/inc/i18n.php b/app/inc/i18n.php
index c3e7c1ddf17d2ad12b6f91ed703ec2e085061318..257ac18995b24997bbf42ed2d4a731359fb929ca 100644
--- a/app/inc/i18n.php
+++ b/app/inc/i18n.php
@@ -27,7 +27,7 @@ if (isset($_POST['lang']) && is_string($_POST['lang']) && in_array($_POST['lang'
$_SESSION['lang'] = $_POST['lang'];
}
-/* <html lang="$html_lang"> */
+/* <html lang="$locale"> */
$i18n->get('Something, just to load the dictionary');
$locale = $i18n->getLoadedLang();
diff --git a/bandeaux.php b/bandeaux.php
index ce3a4d8914c27836e561302a2828217693fb8add..9f0e073219a6a371d76523ba046a0863163abd65 100644
--- a/bandeaux.php
+++ b/bandeaux.php
@@ -57,12 +57,12 @@ function bandeau_titre($titre)
function liste_lang()
{
- global $ALLOWED_LANGUAGES; global $html_lang;
+ global $ALLOWED_LANGUAGES; global $locale;
$str = '';
foreach ($ALLOWED_LANGUAGES as $k => $v ) {
- if (substr($k,0,2)==$html_lang) {
+ if (substr($k,0,2)==$locale) {
$str .= '<option lang="'.substr($k,0,2).'" selected value="' . $k . '">' . $v . '</option>' . "\n" ;
} else {
$str .= '<option lang="'.substr($k,0,2).'" value="' . $k . '">' . $v . '</option>' . "\n" ;
diff --git a/create_classic_poll.php b/create_classic_poll.php
index ef26cda747748239cec97b3ec284b6ebaf1456ae..2c9d3ce7b2f66669085d6415fa47fc1ef2f8fbec 100644
--- a/create_classic_poll.php
+++ b/create_classic_poll.php
@@ -232,7 +232,7 @@ if (empty($_SESSION['form']->title) || empty($_SESSION['form']->admin_name) || (
<p>' . __('Step 2 classic', 'To make a generic poll you need to propose at least two choices between differents subjects.') . '</p>
<p>' . __('Step 2 classic', 'You can add or remove additional choices with the buttons') . ' <span class="glyphicon glyphicon-minus text-info"></span><span class="sr-only">' . __('Generic', 'Remove') . '</span> <span class="glyphicon glyphicon-plus text-success"></span><span class="sr-only">' . __('Generic', 'Add') . '</span></p>';
if ($config['user_can_add_img_or_link']) {
- echo ' <p>' . __('Step 2 classic', 'It\'s possible to propose links or images by using') . ' <a href="http://' . $html_lang . '.wikipedia.org/wiki/Markdown">' . __('Step 2 classic', 'the Markdown syntax') . '</a>.</p>';
+ echo ' <p>' . __('Step 2 classic', 'It\'s possible to propose links or images by using') . ' <a href="http://' . $locale . '.wikipedia.org/wiki/Markdown">' . __('Step 2 classic', 'the Markdown syntax') . '</a>.</p>';
}
echo ' </div>' . "\n";
diff --git a/tpl/page.tpl b/tpl/page.tpl
index 8312531810946e0e7259a0da1ad5e1b7b42e9ca7..3bc2d29c97d3100402b472d2194c322efd5d181c 100644
--- a/tpl/page.tpl
+++ b/tpl/page.tpl
@@ -17,7 +17,7 @@
<script type="text/javascript" src="{'js/jquery-1.11.1.min.js'|resource}"></script>
<script type="text/javascript" src="{'js/bootstrap.min.js'|resource}"></script>
<script type="text/javascript" src="{'js/bootstrap-datepicker.js'|resource}"></script>
- <script type="text/javascript" src="{"js/locales/bootstrap-datepicker.$html_lang.js"|resource}"></script>
+ <script type="text/javascript" src="{"js/locales/bootstrap-datepicker.$locale.js"|resource}"></script>
<script type="text/javascript" src="{'js/core.js'|resource}"></script>
{if !empty($nav_js)}
diff --git a/tpl/part/vote_table_classic.tpl b/tpl/part/vote_table_classic.tpl
index 89516f5d2f5bfb46c9decdde797a880bb902abfa..840f4bd10224424b06a70eac8b10dc9b3a4f0a33 100644
--- a/tpl/part/vote_table_classic.tpl
+++ b/tpl/part/vote_table_classic.tpl
@@ -31,7 +31,7 @@
<tr>
<th role="presentation"></th>
{foreach $slots as $id=>$slot}
- <th class="bg-info" id="C{$id}">{$slot->title|html|markdown}</th>
+ <th class="bg-info" id="C{$id}">{$slot->title|markdown}</th>
{/foreach}
<th></th>
</tr>
@@ -196,7 +196,7 @@
<ul style="list-style:none">
{foreach $slots as $slot}
{if $best_choices[$i] == $max}
- <li><strong>{$slot->title|html|markdown:true}</strong></li>
+ <li><strong>{$slot->title|markdown:true}</strong></li>
{/if}
{$i = $i+1}
{/foreach}