From 2af04c3b1accff957d30561d66e99ff7c854589e Mon Sep 17 00:00:00 2001
From: Antonin <antonin.murtin@gmail.com>
Date: Thu, 30 Jun 2016 23:10:47 +0200
Subject: [PATCH] Removing php escape and completing template ones.
---
app/classes/Framadate/Utils.php | 2 +-
tpl/create_poll.tpl | 4 ++--
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/app/classes/Framadate/Utils.php b/app/classes/Framadate/Utils.php
index 1fae70e4..4f2997f1 100644
--- a/app/classes/Framadate/Utils.php
+++ b/app/classes/Framadate/Utils.php
@@ -190,7 +190,7 @@ class Utils {
}
public static function fromPostOrDefault($postKey, $default = '') {
- return !empty($_POST[$postKey]) ? Utils::htmlEscape($_POST[$postKey]) : $default;
+ return !empty($_POST[$postKey]) ? $_POST[$postKey] : $default;
}
public static function base64url_encode($input) {
diff --git a/tpl/create_poll.tpl b/tpl/create_poll.tpl
index 3e42d9b0..780431ea 100644
--- a/tpl/create_poll.tpl
+++ b/tpl/create_poll.tpl
@@ -42,7 +42,7 @@
<input id="customize_id" name="customize_id" type="checkbox"/>
</span>
<input id="poll_id" type="text" name="id" class="form-control" {$errors['id']['aria']}
- value="{$poll_id}" aria-describedBy="pollIdDesc" disabled="disabled" maxlength="64"
+ value="{$poll_id|html}" aria-describedBy="pollIdDesc" disabled="disabled" maxlength="64"
pattern="[A-Za-z0-9-]+"/>
</div>
<span id="pollIdDesc" class="help-block">{__('Step 1', 'Poll id rules')}</span>
@@ -104,7 +104,7 @@
{if $useRemoteUser}
<input type="hidden" name="mail" value="{$form->admin_mail}">{$form->admin_mail}
{else}
- <input id="email" type="text" name="mail" class="form-control" {$errors['email']['aria']} value="{$poll_mail}" />
+ <input id="email" type="text" name="mail" class="form-control" {$errors['email']['aria']} value="{$poll_mail|html}" />
{/if}
</div>
</div>
--
GitLab