Commit 4b293dff authored by Lukas Reschke's avatar Lukas Reschke
Browse files

Use \OCP\Util::sanitizeHTML instead of \OC_Util::sanitizeHTML

parent 70c228a7
......@@ -12,7 +12,7 @@ script('core', [
<form method="post" name="login">
<fieldset>
<?php if (!empty($_['redirect_url'])) {
print_unescaped('<input type="hidden" name="redirect_url" value="' . OC_Util::sanitizeHTML($_['redirect_url']) . '">');
print_unescaped('<input type="hidden" name="redirect_url" value="' . \OCP\Util::sanitizeHTML($_['redirect_url']) . '">');
} ?>
<?php if (isset($_['apacheauthfailed']) && ($_['apacheauthfailed'])): ?>
<div class="warning">
......
......@@ -226,12 +226,12 @@ class OC_Template extends \OC\Template\Base {
// Add custom headers
$headers = '';
foreach(OC_Util::$headers as $header) {
$headers .= '<'.OC_Util::sanitizeHTML($header['tag']);
$headers .= '<'.\OCP\Util::sanitizeHTML($header['tag']);
foreach($header['attributes'] as $name=>$value) {
$headers .= ' '.OC_Util::sanitizeHTML($name).'="'.OC_Util::sanitizeHTML($value).'"';
$headers .= ' '.\OCP\Util::sanitizeHTML($name).'="'.\OCP\Util::sanitizeHTML($value).'"';
}
if ($header['text'] !== null) {
$headers .= '>'.OC_Util::sanitizeHTML($header['text']).'</'.OC_Util::sanitizeHTML($header['tag']).'>';
$headers .= '>'.\OCP\Util::sanitizeHTML($header['text']).'</'.\OCP\Util::sanitizeHTML($header['tag']).'>';
} else {
$headers .= '/>';
}
......
......@@ -33,7 +33,7 @@
* @param string $string the string which will be escaped and printed
*/
function p($string) {
print(OC_Util::sanitizeHTML($string));
print(\OCP\Util::sanitizeHTML($string));
}
/**
......@@ -262,7 +262,7 @@ function html_select_options($options, $selected, $params=array()) {
$label = $label[$label_name];
}
$select = in_array($value, $selected) ? ' selected="selected"' : '';
$html .= '<option value="' . OC_Util::sanitizeHTML($value) . '"' . $select . '>' . OC_Util::sanitizeHTML($label) . '</option>'."\n";
$html .= '<option value="' . \OCP\Util::sanitizeHTML($value) . '"' . $select . '>' . \OCP\Util::sanitizeHTML($label) . '</option>'."\n";
}
return $html;
}
......@@ -497,11 +497,11 @@ class Util {
* string or array of strings before displaying it on a web page.
*
* @param string|array $value
* @return string|array an array of sanitized strings or a single sinitized string, depends on the input parameter.
* @return string|array an array of sanitized strings or a single sanitized string, depends on the input parameter.
* @since 4.5.0
*/
public static function sanitizeHTML( $value ) {
return(\OC_Util::sanitizeHTML($value));
public static function sanitizeHTML($value) {
return \OC_Util::sanitizeHTML($value);
}
/**
......
......@@ -56,7 +56,7 @@ if ($_['mail_smtpmode'] == 'qmail') {
if (isset($form['anchor'])) {
$anchor = '#' . $form['anchor'];
$sectionName = $form['section-name'];
print_unescaped(sprintf("<li><a href='%s'>%s</a></li>", OC_Util::sanitizeHTML($anchor), OC_Util::sanitizeHTML($sectionName)));
print_unescaped(sprintf("<li><a href='%s'>%s</a></li>", \OCP\Util::sanitizeHTML($anchor), \OCP\Util::sanitizeHTML($sectionName)));
}
}?>
</ul>
......
......@@ -14,7 +14,7 @@
if (isset($form['anchor'])) {
$anchor = '#' . $form['anchor'];
$sectionName = $form['section-name'];
print_unescaped(sprintf("<li><a href='%s'>%s</a></li>", OC_Util::sanitizeHTML($anchor), OC_Util::sanitizeHTML($sectionName)));
print_unescaped(sprintf("<li><a href='%s'>%s</a></li>", \OCP\Util::sanitizeHTML($anchor), \OCP\Util::sanitizeHTML($sectionName)));
}
}?>
</ul>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment