diff --git a/apps/files/index.php b/apps/files/index.php
index 434e98c6ea847a8b2f2316c570685be84b1446d4..579e19cf115dc7f98f41212f8571776ada9432e7 100644
--- a/apps/files/index.php
+++ b/apps/files/index.php
@@ -90,13 +90,13 @@ foreach (explode('/', $dir) as $i) {
// make breadcrumb und filelist markup
$list = new OCP\Template('files', 'part.list', '');
-$list->assign('files', $files, false);
-$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
-$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/')), false);
-$list->assign('disableSharing', false);
+$list->assign('files', $files);
+$list->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=');
+$list->assign('downloadURL', OCP\Util::linkToRoute('download', array('file' => '/')));
+$list->assign('disableSharing');
$breadcrumbNav = new OCP\Template('files', 'part.breadcrumb', '');
-$breadcrumbNav->assign('breadcrumb', $breadcrumb, false);
-$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=', false);
+$breadcrumbNav->assign('breadcrumb', $breadcrumb);
+$breadcrumbNav->assign('baseURL', OCP\Util::linkTo('files', 'index.php') . '?dir=');
$permissions = OCP\PERMISSION_READ;
if (\OC\Files\Filesystem::isCreatable($dir . '/')) {
@@ -125,8 +125,8 @@ if ($needUpgrade) {
OCP\Util::addscript('files', 'files');
OCP\Util::addscript('files', 'keyboardshortcuts');
$tmpl = new OCP\Template('files', 'index', 'user');
- $tmpl->assign('fileList', $list->fetchPage(), false);
- $tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage(), false);
+ $tmpl->assign('fileList', $list->fetchPage());
+ $tmpl->assign('breadcrumb', $breadcrumbNav->fetchPage());
$tmpl->assign('dir', \OC\Files\Filesystem::normalizePath($dir));
$tmpl->assign('isCreatable', \OC\Files\Filesystem::isCreatable($dir . '/'));
$tmpl->assign('permissions', $permissions);
diff --git a/apps/files/templates/admin.php b/apps/files/templates/admin.php
index ad69b5519d9a616a354256f4aea247ce3428d5b0..0ab931a467cbb5f51b9fb65524cb8e417ad8cac9 100644
--- a/apps/files/templates/admin.php
+++ b/apps/files/templates/admin.php
@@ -2,27 +2,27 @@
<form name="filesForm" action='#' method='post'>
<fieldset class="personalblock">
- <legend><strong><?php echo $l->t('File handling');?></strong></legend>
+ <legend><strong><?php p($l->t('File handling')); ?></strong></legend>
<?php if($_['uploadChangable']):?>
- <label for="maxUploadSize"><?php echo $l->t( 'Maximum upload size' ); ?> </label>
- <input name='maxUploadSize' id="maxUploadSize" value='<?php echo $_['uploadMaxFilesize'] ?>'/>
+ <label for="maxUploadSize"><?php p($l->t( 'Maximum upload size' )); ?> </label>
+ <input name='maxUploadSize' id="maxUploadSize" value='<?php p($_['uploadMaxFilesize']) ?>'/>
<?php if($_['displayMaxPossibleUploadSize']):?>
- (<?php echo $l->t('max. possible: '); echo $_['maxPossibleUploadSize'] ?>)
+ (<?php p($l->t('max. possible: ')); p($_['maxPossibleUploadSize']) ?>)
<?php endif;?>
<br/>
<?php endif;?>
<input type="checkbox" name="allowZipDownload" id="allowZipDownload" value="1"
- title="<?php echo $l->t( 'Needed for multi-file and folder downloads.' ); ?>"
+ title="<?php p($l->t( 'Needed for multi-file and folder downloads.' )); ?>"
<?php if ($_['allowZipDownload']): ?> checked="checked"<?php endif; ?> />
- <label for="allowZipDownload"><?php echo $l->t( 'Enable ZIP-download' ); ?></label><br/>
+ <label for="allowZipDownload"><?php p($l->t( 'Enable ZIP-download' )); ?></label><br/>
- <input name="maxZipInputSize" id="maxZipInputSize" style="width:180px;" value='<?php echo $_['maxZipInputSize'] ?>'
- title="<?php echo $l->t( '0 is unlimited' ); ?>"
+ <input name="maxZipInputSize" id="maxZipInputSize" style="width:180px;" value='<?php p($_['maxZipInputSize']) ?>'
+ title="<?php p($l->t( '0 is unlimited' )); ?>"
<?php if (!$_['allowZipDownload']): ?> disabled="disabled"<?php endif; ?> /><br />
- <em><?php echo $l->t( 'Maximum input size for ZIP files' ); ?> </em><br />
+ <em><?php p($l->t( 'Maximum input size for ZIP files' )); ?> </em><br />
- <input type="hidden" value="<?php echo $_['requesttoken']; ?>" name="requesttoken" />
+ <input type="hidden" value="<?php p($_['requesttoken']); ?>" name="requesttoken" />
<input type="submit" name="submitFilesAdminSettings" id="submitFilesAdminSettings"
- value="<?php echo $l->t( 'Save' ); ?>"/>
+ value="<?php p($l->t( 'Save' )); ?>"/>
</fieldset>
</form>
diff --git a/apps/files/templates/index.php b/apps/files/templates/index.php
index c7bf0d21c13dcf021d68b106ce22926bd4bc8bb7..ed6dd2f04cfa36393962ca9bc4f05235a0529da0 100644
--- a/apps/files/templates/index.php
+++ b/apps/files/templates/index.php
@@ -1,62 +1,62 @@
<!--[if IE 8]><style>input[type="checkbox"]{padding:0;}table td{position:static !important;}</style><![endif]-->
<div id="controls">
- <?php echo($_['breadcrumb']); ?>
+ <?php print_unescaped($_['breadcrumb']); ?>
<?php if ($_['isCreatable']):?>
<div class="actions <?php if (isset($_['files']) and count($_['files'])==0):?>emptyfolder<?php endif; ?>">
<div id="new" class="button">
- <a><?php echo $l->t('New');?></a>
+ <a><?php p($l->t('New'));?></a>
<ul>
- <li style="background-image:url('<?php echo OCP\mimetype_icon('text/plain') ?>')"
- data-type='file'><p><?php echo $l->t('Text file');?></p></li>
- <li style="background-image:url('<?php echo OCP\mimetype_icon('dir') ?>')"
- data-type='folder'><p><?php echo $l->t('Folder');?></p></li>
- <li style="background-image:url('<?php echo OCP\image_path('core', 'actions/public.png') ?>')"
- data-type='web'><p><?php echo $l->t('From link');?></p></li>
+ <li style="background-image:url('<?php p(OCP\mimetype_icon('text/plain')) ?>')"
+ data-type='file'><p><?php p($l->t('Text file'));?></p></li>
+ <li style="background-image:url('<?php p(OCP\mimetype_icon('dir')) ?>')"
+ data-type='folder'><p><?php p($l->t('Folder'));?></p></li>
+ <li style="background-image:url('<?php p(OCP\image_path('core', 'actions/public.png')) ?>')"
+ data-type='web'><p><?php p($l->t('From link'));?></p></li>
</ul>
</div>
<div id="upload" class="button"
- title="<?php echo $l->t('Upload') . ' max. '.$_['uploadMaxHumanFilesize'] ?>">
+ title="<?php p($l->t('Upload') . ' max. '.$_['uploadMaxHumanFilesize']) ?>">
<form data-upload-id='1'
id="data-upload-form"
class="file_upload_form"
- action="<?php echo OCP\Util::linkTo('files', 'ajax/upload.php'); ?>"
+ action="<?php print_unescaped(OCP\Util::linkTo('files', 'ajax/upload.php')); ?>"
method="post"
enctype="multipart/form-data"
target="file_upload_target_1">
<input type="hidden" name="MAX_FILE_SIZE" id="max_upload"
- value="<?php echo $_['uploadMaxFilesize'] ?>">
+ value="<?php p($_['uploadMaxFilesize']) ?>">
<!-- Send the requesttoken, this is needed for older IE versions
because they don't send the CSRF token via HTTP header in this case -->
- <input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>" id="requesttoken">
+ <input type="hidden" name="requesttoken" value="<?php p($_['requesttoken']) ?>" id="requesttoken">
<input type="hidden" class="max_human_file_size"
- value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
- <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
+ value="(max <?php p($_['uploadMaxHumanFilesize']); ?>)">
+ <input type="hidden" name="dir" value="<?php p($_['dir']) ?>" id="dir">
<input type="file" id="file_upload_start" name='files[]'/>
<a href="#" class="svg" onclick="return false;"></a>
</form>
</div>
<?php if ($_['trash'] ): ?>
<div id="trash" class="button">
- <a><?php echo $l->t('Deleted files');?></a>
+ <a><?php p($l->t('Deleted files'));?></a>
</div>
<?php endif; ?>
<div id="uploadprogresswrapper">
<div id="uploadprogressbar"></div>
<input type="button" class="stop" style="display:none"
- value="<?php echo $l->t('Cancel upload');?>"
+ value="<?php p($l->t('Cancel upload'));?>"
onclick="javascript:Files.cancelUploads();"
/>
</div>
</div>
<div id="file_action_panel"></div>
<?php else:?>
- <input type="hidden" name="dir" value="<?php echo $_['dir'] ?>" id="dir">
+ <input type="hidden" name="dir" value="<?php p($_['dir']) ?>" id="dir">
<?php endif;?>
- <input type="hidden" name="permissions" value="<?php echo $_['permissions']; ?>" id="permissions">
+ <input type="hidden" name="permissions" value="<?php p($_['permissions']); ?>" id="permissions">
</div>
<?php if (isset($_['files']) and $_['isCreatable'] and count($_['files'])==0):?>
- <div id="emptyfolder"><?php echo $l->t('Nothing in here. Upload something!')?></div>
+ <div id="emptyfolder"><?php p($l->t('Nothing in here. Upload something!'))?></div>
<?php endif; ?>
<table>
@@ -64,33 +64,33 @@
<tr>
<th id='headerName'>
<input type="checkbox" id="select_all" />
- <span class='name'><?php echo $l->t( 'Name' ); ?></span>
+ <span class='name'><?php p($l->t( 'Name' )); ?></span>
<span class='selectedActions'>
<?php if($_['allowZipDownload']) : ?>
<a href="" class="download">
<img class="svg" alt="Download"
- src="<?php echo OCP\image_path("core", "actions/download.svg"); ?>" />
- <?php echo $l->t('Download')?>
+ src="<?php print_unescaped(OCP\image_path("core", "actions/download.svg")); ?>" />
+ <?php p($l->t('Download'))?>
</a>
<?php endif; ?>
</span>
</th>
- <th id="headerSize"><?php echo $l->t( 'Size' ); ?></th>
+ <th id="headerSize"><?php p($l->t( 'Size' )); ?></th>
<th id="headerDate">
- <span id="modified"><?php echo $l->t( 'Modified' ); ?></span>
+ <span id="modified"><?php p($l->t( 'Modified' )); ?></span>
<?php if ($_['permissions'] & OCP\PERMISSION_DELETE): ?>
<!-- NOTE: Temporary fix to allow unsharing of files in root of Shared folder -->
<?php if ($_['dir'] == '/Shared'): ?>
<span class="selectedActions"><a href="" class="delete">
- <?php echo $l->t('Unshare')?>
- <img class="svg" alt="<?php echo $l->t('Unshare')?>"
- src="<?php echo OCP\image_path("core", "actions/delete.svg"); ?>" />
+ <?php p($l->t('Unshare'))?>
+ <img class="svg" alt="<?php p($l->t('Unshare'))?>"
+ src="<?php print_unescaped(OCP\image_path("core", "actions/delete.svg")); ?>" />
</a></span>
<?php else: ?>
<span class="selectedActions"><a href="" class="delete">
- <?php echo $l->t('Delete')?>
- <img class="svg" alt="<?php echo $l->t('Delete')?>"
- src="<?php echo OCP\image_path("core", "actions/delete.svg"); ?>" />
+ <?php p($l->t('Delete'))?>
+ <img class="svg" alt="<?php p($l->t('Delete'))?>"
+ src="<?php print_unescaped(OCP\image_path("core", "actions/delete.svg")); ?>" />
</a></span>
<?php endif; ?>
<?php endif; ?>
@@ -98,24 +98,24 @@
</tr>
</thead>
<tbody id="fileList">
- <?php echo($_['fileList']); ?>
+ <?php print_unescaped($_['fileList']); ?>
</tbody>
</table>
<div id="editor"></div>
-<div id="uploadsize-message" title="<?php echo $l->t('Upload too large')?>">
+<div id="uploadsize-message" title="<?php p($l->t('Upload too large'))?>">
<p>
- <?php echo $l->t('The files you are trying to upload exceed the maximum size for file uploads on this server.');?>
+ <?php p($l->t('The files you are trying to upload exceed the maximum size for file uploads on this server.'));?>
</p>
</div>
<div id="scanning-message">
<h3>
- <?php echo $l->t('Files are being scanned, please wait.');?> <span id='scan-count'></span>
+ <?php p($l->t('Files are being scanned, please wait.'));?> <span id='scan-count'></span>
</h3>
<p>
- <?php echo $l->t('Current scanning');?> <span id='scan-current'></span>
+ <?php p($l->t('Current scanning'));?> <span id='scan-current'></span>
</p>
</div>
<!-- config hints for javascript -->
-<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php echo $_['allowZipDownload']; ?>" />
-<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php echo $_['usedSpacePercent']; ?>" />
+<input type="hidden" name="allowZipDownload" id="allowZipDownload" value="<?php p($_['allowZipDownload']); ?>" />
+<input type="hidden" name="usedSpacePercent" id="usedSpacePercent" value="<?php p($_['usedSpacePercent']); ?>" />
diff --git a/apps/files/templates/part.breadcrumb.php b/apps/files/templates/part.breadcrumb.php
index f01cb8d212a8eb0a7dac203a491509da912e0183..7ea1755d1d7459c8ac8ce2d01c8013328e876671 100644
--- a/apps/files/templates/part.breadcrumb.php
+++ b/apps/files/templates/part.breadcrumb.php
@@ -1,7 +1,7 @@
<?php if(count($_["breadcrumb"])):?>
<div class="crumb">
- <a href="<?php echo $_['baseURL']; ?>">
- <img src="<?php echo OCP\image_path('core', 'places/home.svg');?>" class="svg" />
+ <a href="<?php print_unescaped($_['baseURL']); ?>">
+ <img src="<?php print_unescaped(OCP\image_path('core', 'places/home.svg'));?>" class="svg" />
</a>
</div>
<?php endif;?>
@@ -9,8 +9,8 @@
$crumb = $_["breadcrumb"][$i];
$dir = str_replace('+', '%20', urlencode($crumb["dir"]));
$dir = str_replace('%2F', '/', $dir); ?>
- <div class="crumb <?php if($i == count($_["breadcrumb"])-1) echo 'last';?> svg"
- data-dir='<?php echo $dir;?>'>
- <a href="<?php echo $_['baseURL'].$dir; ?>"><?php echo OCP\Util::sanitizeHTML($crumb["name"]); ?></a>
+ <div class="crumb <?php if($i == count($_["breadcrumb"])-1) p('last');?> svg"
+ data-dir='<?php p($dir);?>'>
+ <a href="<?php p($_['baseURL'].$dir); ?>"><?php p($crumb["name"]); ?></a>
</div>
<?php endfor;
diff --git a/apps/files/templates/part.list.php b/apps/files/templates/part.list.php
index 3c6c5dbd26776b605046d9c6dcf4bb0e3eb95cf7..25763da57a8f6da57ef2275a43e6ddea384ca4d7 100644
--- a/apps/files/templates/part.list.php
+++ b/apps/files/templates/part.list.php
@@ -1,4 +1,4 @@
-<input type="hidden" id="disableSharing" data-status="<?php echo $_['disableSharing']; ?>">
+<input type="hidden" id="disableSharing" data-status="<?php p($_['disableSharing']); ?>">
<?php foreach($_['files'] as $file):
$simple_file_size = OCP\simple_file_size($file['size']);
@@ -13,31 +13,31 @@
$name = str_replace('%2F', '/', $name);
$directory = str_replace('+', '%20', urlencode($file['directory']));
$directory = str_replace('%2F', '/', $directory); ?>
- <tr data-id="<?php echo $file['fileid']; ?>"
- data-file="<?php echo $name;?>"
- data-type="<?php echo ($file['type'] == 'dir')?'dir':'file'?>"
- data-mime="<?php echo $file['mimetype']?>"
- data-size='<?php echo $file['size'];?>'
- data-permissions='<?php echo $file['permissions']; ?>'>
+ <tr data-id="<?php p($file['fileid']); ?>"
+ data-file="<?php p($name);?>"
+ data-type="<?php p($file['type'] == 'dir')?'dir':'file'?>"
+ data-mime="<?php p($file['mimetype'])?>"
+ data-size='<?php p($file['size']);?>'
+ data-permissions='<?php p($file['permissions']); ?>'>
<td class="filename svg"
<?php if($file['type'] == 'dir'): ?>
- style="background-image:url(<?php echo OCP\mimetype_icon('dir'); ?>)"
+ style="background-image:url(<?php print_unescaped(OCP\mimetype_icon('dir')); ?>)"
<?php else: ?>
- style="background-image:url(<?php echo OCP\mimetype_icon($file['mimetype']); ?>)"
+ style="background-image:url(<?php print_unescaped(OCP\mimetype_icon($file['mimetype'])); ?>)"
<?php endif; ?>
>
<?php if(!isset($_['readonly']) || !$_['readonly']): ?><input type="checkbox" /><?php endif; ?>
<?php if($file['type'] == 'dir'): ?>
- <a class="name" href="<?php echo $_['baseURL'].$directory.'/'.$name; ?>" title="">
+ <a class="name" href="<?php p($_['baseURL'].$directory.'/'.$name); ?>" title="">
<?php else: ?>
- <a class="name" href="<?php echo $_['downloadURL'].$directory.'/'.$name; ?>" title="">
+ <a class="name" href="<?php p($_['downloadURL'].$directory.'/'.$name); ?>" title="">
<?php endif; ?>
<span class="nametext">
<?php if($file['type'] == 'dir'):?>
- <?php echo htmlspecialchars($file['name']);?>
+ <?php p($file['name']);?>
<?php else:?>
- <?php echo htmlspecialchars($file['basename']);?><span
- class='extension'><?php echo $file['extension'];?></span>
+ <?php p($file['basename']);?><span
+ class='extension'><?php p($file['extension']);?></span>
<?php endif;?>
</span>
<?php if($file['type'] == 'dir'):?>
@@ -47,17 +47,17 @@
</a>
</td>
<td class="filesize"
- title="<?php echo OCP\human_file_size($file['size']); ?>"
- style="color:rgb(<?php echo $simple_size_color.','.$simple_size_color.','.$simple_size_color ?>)">
- <?php echo $simple_file_size; ?>
+ title="<?php p(OCP\human_file_size($file['size'])); ?>"
+ style="color:rgb(<?php p($simple_size_color.','.$simple_size_color.','.$simple_size_color) ?>)">
+ <?php p($simple_file_size); ?>
</td>
<td class="date">
<span class="modified"
- title="<?php echo $file['date']; ?>"
- style="color:rgb(<?php echo $relative_date_color.','
+ title="<?php p($file['date']); ?>"
+ style="color:rgb(<?php p($relative_date_color.','
.$relative_date_color.','
- .$relative_date_color ?>)">
- <?php echo $relative_modified_date; ?>
+ .$relative_date_color) ?>)">
+ <?php p($relative_modified_date); ?>
</span>
</td>
</tr>
diff --git a/apps/files/templates/upgrade.php b/apps/files/templates/upgrade.php
index de6cc7130284ca37c0148a18c8059e1ebc625c11..e03f086e47d487518539afdc6d0b8c345c1de706 100644
--- a/apps/files/templates/upgrade.php
+++ b/apps/files/templates/upgrade.php
@@ -1,4 +1,4 @@
<div id="upgrade">
- <?php echo $l->t('Upgrading filesystem cache...');?>
+ <?php p($l->t('Upgrading filesystem cache...'));?>
<div id="progressbar" />
</div>