Commit bcc24281 authored by Côme Bernigaud's avatar Côme Bernigaud Committed by Benoit Mortier

Fixes: #2140 the template don't escape the html inside itself

parent a5ca0915
......@@ -123,9 +123,9 @@ class gotomasses extends management
{
if (isset($name[0]) && $name[0] != "none") {
// TODO ajouter lien machine.
return $name[0]." (".$mac[0].")";
return htmlentities($name[0]." (".$mac[0].")", ENT_COMPAT, 'UTF-8');
}
return $mac[0];
return htmlentities($mac[0], ENT_COMPAT, 'UTF-8');
}
static function filterTask($tag, $progress)
......@@ -145,12 +145,14 @@ class gotomasses extends management
$str = substr($str, 0, 18)."...";
}
$str = htmlentities($str, ENT_COMPAT, 'UTF-8');
if (isset($infos['listimg']) && !empty($infos['listimg'])) {
$str = $infos['listimg']." ".$str;
}
}
if ($progress) {
$str .= " (".$progress."%)";
$str .= " (".htmlentities($progress, ENT_COMPAT, 'UTF-8')."%)";
}
return $str;
}
......@@ -161,7 +163,7 @@ class gotomasses extends management
if (isset($periodic[0]) && !preg_match("/none/i", $periodic[0])) {
$tmp = explode("_", $periodic[0]);
if (count($tmp) == 2) {
$period = $tmp[0]." "._($tmp[1]);
$period = htmlentities($tmp[0], ENT_COMPAT, 'UTF-8')." ".htmlentities(_($tmp[1]), ENT_COMPAT, 'UTF-8');
}
}
return $period;
......
......@@ -57,8 +57,6 @@ class systemManagement extends management
// Build headpage
$headpage = new listing(get_template_path("system-list.xml", true));
$headpage->registerElementFilter("systemRelease", "systemManagement::systemRelease");
$headpage->registerElementFilter("ipOf", "systemManagement::ipOf");
$headpage->registerElementFilter("macOf", "systemManagement::macOf");
$headpage->registerElementFilter("listServices", "systemManagement::listServices");
$headpage->setFilter($filter);
......@@ -1057,7 +1055,7 @@ class systemManagement extends management
if ($class && is_array($class)) {
foreach (explode(' ', $class[0]) as $element) {
if ($element[0] == ":") {
return " ".mb_substr($element, 1);
return " ".htmlentities(mb_substr($element, 1), ENT_COMPAT, 'UTF-8');
}
}
}
......@@ -1066,16 +1064,16 @@ class systemManagement extends management
$ldap = $config->get_ldap_link();
$ldap->cd($config->current['BASE']);
$ldap->search("(&(objectClass=gosaGroupOfNames)(FAIclass=*)(member=".$b."))",array('FAIclass','cn'));
while($attrs = $ldap->fetch()){
$rel = preg_replace("/^.*:/","",$attrs['FAIclass'][0]);
$sys = sprintf(_("Inherited from %s"),$attrs['cn'][0]);
while ($attrs = $ldap->fetch()) {
$rel = htmlentities(preg_replace("/^.*:/", "", $attrs['FAIclass'][0]), ENT_COMPAT, 'UTF-8');
$sys = htmlentities(sprintf(_("Inherited from %s"), $attrs['cn'][0]), ENT_COMPAT, 'UTF-8');
$str = "&nbsp;<img class='center' src='plugins/ogroups/images/ogroup.png'
title='".$sys."'
alt='".$sys."' >&nbsp;".$rel;
return($str);
return $str;
}
return("&nbsp;");
return "&nbsp;";
}
static function listServices($row, $dn)
......@@ -1118,36 +1116,6 @@ class systemManagement extends management
return $str;
}
static function ipOf($dn)
{
global $config;
// Load information if needed
$ldap = $config->get_ldap_link();
$ldap->cd($dn);
$ldap->search("(ipHostNumber=*)",array('ipHostNumber'));
$str = "&nbsp;";
if($attrs = $ldap->fetch()){
$str = $attrs['ipHostNumber'][0];
}
return($str);
}
static function macOf($dn)
{
global $config;
// Load information if needed
$ldap = $config->get_ldap_link();
$ldap->cd($dn);
$ldap->search("(macAddress=*)",array('macAddress'));
$str = "&nbsp;";
if($attrs = $ldap->fetch()){
$str = $attrs['macAddress'][0];
}
return($str);
}
/*! \brief !! Incoming dummy acls, required to defined acls for incoming objects
*/
static function plInfo()
......
......@@ -20,6 +20,7 @@
<attribute>FAIstate</attribute>
<attribute>FAIclass</attribute>
<attribute>macAddress</attribute>
<attribute>ipHostNumber</attribute>
</query>
<scope>auto</scope>
</search>
......
......@@ -169,7 +169,7 @@
<label>IP</label>
<sortAttribute>ip</sortAttribute>
<sortType>string</sortType>
<value>%{filter:ipOf(dn)}</value>
<value>%{ipHostNumber}</value>
<export>true</export>
</column>
......@@ -177,7 +177,7 @@
<label>MAC</label>
<sortAttribute>mac</sortAttribute>
<sortType>string</sortType>
<value>%{filter:macOf(dn)}</value>
<value>%{macAddress}</value>
<export>true</export>
</column>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment