mirror of
https://github.com/webmin/webmin.git
synced 2026-02-03 06:03:28 +00:00
Escape all the places where the module description is displayed
This commit is contained in:
Jamie Cameron
@@ -16,7 +16,8 @@ print &ui_table_row($text{'acl_mods'},
|
||||
[ [ 1, $text{'acl_all'} ],
|
||||
[ 0, $text{'acl_sel'} ] ])."<br>\n".
|
||||
&ui_select("mods", [ split(/\s+/, $o->{'mods'}) ],
|
||||
[ map { [ $_->{'dir'}, $_->{'desc'} ] } &list_modules() ],
|
||||
[ map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
&list_modules() ],
|
||||
10, 1));
|
||||
|
||||
print &ui_table_row($text{'acl_stop'},
|
||||
|
||||
@@ -21,7 +21,8 @@ for($i=0; defined($tmod = $in{'tmod_'.$i}); $i++) {
|
||||
next if (!$tmod);
|
||||
$tdir = $in{'tdir_'.$i};
|
||||
%minfo = &get_usermin_module_info($tmod);
|
||||
-d $tdir || &error(&text('advanced_etdir', $minfo{'desc'}));
|
||||
-d $tdir || &error(&text('advanced_etdir',
|
||||
&html_escape($minfo{'desc'})));
|
||||
push(@tdirs, [ $tmod, $tdir ]);
|
||||
}
|
||||
&webmin::save_tempdirs(\%uconfig, \@tdirs);
|
||||
|
||||
@@ -27,8 +27,9 @@ foreach $m (@mods) {
|
||||
%minfo = &get_usermin_module_info($m);
|
||||
%minfo = &get_usermin_theme_info($m) if (!%minfo);
|
||||
if (!-l "$miniserv{'root'}/$m" && $depends{$m}) {
|
||||
&error(&text('delete_edep', "<tt>$minfo{'desc'}</tt>",
|
||||
"<tt>$depends{$m}</tt>"));
|
||||
&error(&text('delete_edep',
|
||||
"<tt>".&html_escape($minfo{'desc'})."</tt>",
|
||||
"<tt>".&html_escape($depends{$m})."</tt>"));
|
||||
}
|
||||
}
|
||||
|
||||
@@ -46,7 +47,7 @@ if (!$in{'confirm'}) {
|
||||
$total += &disk_usage_kb("$miniserv{'root'}/$m")
|
||||
if (!-l "$miniserv{'root'}/$m");
|
||||
$descs .= " , " if ($descs);
|
||||
$descs .= "<b>$minfo{'desc'}</b>";
|
||||
$descs .= "<b>".&html_escape($minfo{'desc'})."</b>";
|
||||
}
|
||||
print "<center>",&text($theme ? 'delete_rusure2' : 'delete_rusure',
|
||||
int($total), $descs),"<p>",
|
||||
|
||||
@@ -12,7 +12,7 @@ print &ui_form_start("save_acl.cgi");
|
||||
@mods = &list_modules();
|
||||
@grid = ( );
|
||||
foreach $m (@mods) {
|
||||
push(@grid, &ui_checkbox("mod", $m->{'dir'}, $m->{'desc'},
|
||||
push(@grid, &ui_checkbox("mod", $m->{'dir'}, &html_escape($m->{'desc'}),
|
||||
$acl{'user',$m->{'dir'}}));
|
||||
}
|
||||
print &ui_grid_table(\@grid, 3, 100, [ "width=33%", "width=33%", "width=33%" ]);
|
||||
|
||||
@@ -14,7 +14,7 @@ $access{'assignment'} || &error($text{'acl_ecannot'});
|
||||
print &ui_form_start("save_assignment.cgi", "post");
|
||||
@grid = ( );
|
||||
foreach (@modules){
|
||||
push(@grid, $_->{'desc'} || $_->{'dir'});
|
||||
push(@grid, &html_escape($_->{'desc'} || $_->{'dir'}));
|
||||
push(@grid, &cats($_->{'dir'}, $_->{'category'}));
|
||||
}
|
||||
print &ui_grid_table(\@grid, 4, 100, [ "valign=middle","valign=middle","valign=middle","valign=middle" ], undef, $text{'assignment_header'});
|
||||
|
||||
@@ -13,7 +13,7 @@ print ui_form_start("edit_categories.cgi");
|
||||
print "<b>$text{'categories_lang'}</b>\n";
|
||||
print ui_select("lang", $in{'lang'},
|
||||
[ [ "", "<$text{'default'}>" ],
|
||||
map { [ $_->{'lang'}, "$_->{'desc'}" ] }
|
||||
map { [ $_->{'lang'}, &html_escape($_->{'desc'}) ] }
|
||||
list_languages() ]),"\n";
|
||||
print ui_submit($text{'categories_langok'}),"\n";
|
||||
print ui_form_end();
|
||||
|
||||
@@ -28,8 +28,9 @@ if (-r "$miniserv{'root'}/$in{'mod'}/config.info") {
|
||||
%minfo = &get_usermin_module_info($in{'mod'});
|
||||
print &ui_form_start("save_configs.cgi", "post");
|
||||
print &ui_hidden("mod", $in{'mod'}),"\n";
|
||||
print &ui_table_start(&text('config_header', $minfo{'desc'}),
|
||||
"width=100%", 2);
|
||||
print &ui_table_start(
|
||||
&text('config_header', &html_escape($minfo{'desc'})),
|
||||
"width=100%", 2);
|
||||
|
||||
# Use config.info to create config inputs
|
||||
&generate_config(\%mconfig, "$miniserv{'root'}/$in{'mod'}/config.info");
|
||||
@@ -45,8 +46,9 @@ if (-r "$miniserv{'root'}/$in{'mod'}/uconfig.info") {
|
||||
%minfo = &get_usermin_module_info($in{'mod'});
|
||||
print &ui_form_start("save_uconfigs.cgi", "post");
|
||||
print &ui_hidden("mod", $in{'mod'}),"\n";
|
||||
print &ui_table_start(&text('configs_uheader', $minfo{'desc'}),
|
||||
"width=100%", 2);
|
||||
print &ui_table_start(
|
||||
&text('configs_uheader', &html_escape($minfo{'desc'})),
|
||||
"width=100%", 2);
|
||||
|
||||
&read_file("$miniserv{'root'}/$in{'mod'}/defaultuconfig", \%uconfig);
|
||||
&read_file("$config{'usermin_dir'}/$in{'mod'}/uconfig", \%uconfig);
|
||||
|
||||
@@ -16,7 +16,7 @@ print &ui_table_start($text{'lang_title2'}, undef, 2);
|
||||
$clang = $uconfig{'lang'} ? safe_language($uconfig{'lang'}) : $default_lang;
|
||||
print &ui_table_row($text{'lang_lang'},
|
||||
&ui_select("lang", $clang,
|
||||
[ map { [ $_->{'lang'}, "$_->{'desc'}" ] }
|
||||
[ map { [ $_->{'lang'}, &html_escape($_->{'desc'}) ] }
|
||||
&list_languages() ]));
|
||||
|
||||
# Old datetime format or a new locale
|
||||
|
||||
@@ -15,7 +15,8 @@ $m = $miniserv{'mobile_preroot'};
|
||||
print &ui_table_row($text{'mobile_theme'},
|
||||
&ui_select("theme", defined($m) ? $m : "*",
|
||||
[ [ "*", $text{'mobile_themeglob'} ],
|
||||
map { [ $_->{'dir'}, $_->{'desc'} ] } @themes ]));
|
||||
map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
@themes ]));
|
||||
|
||||
# Skip session login for mobile devices
|
||||
print &ui_table_row($text{'mobile_nosession'},
|
||||
|
||||
@@ -49,7 +49,7 @@ print &ui_table_start($text{'mods_clone'}, undef, 2);
|
||||
# Source module
|
||||
print &ui_table_row($text{'mods_cname'},
|
||||
&ui_select("mod", undef,
|
||||
[ map { [ $_->{'dir'}, $_->{'desc'} ] }
|
||||
[ map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
grep { !$_->{'clone'} } @mlist ]));
|
||||
|
||||
# New description
|
||||
@@ -100,7 +100,8 @@ foreach $m (@mlist) {
|
||||
$home ? "" :
|
||||
sprintf "(%d/%d/%d)",
|
||||
$tm[3], $tm[4]+1, $tm[5]+1900;
|
||||
push(@opts, [ $m->{'dir'}, $m->{'desc'}." ".$vstr ]);
|
||||
push(@opts, [ $m->{'dir'},
|
||||
&html_escape($m->{'desc'})." ".$vstr ]);
|
||||
}
|
||||
}
|
||||
print &ui_table_row(undef,
|
||||
@@ -119,7 +120,8 @@ print &ui_table_start($text{'mods_header4'}, undef, 2);
|
||||
|
||||
print &ui_table_row($text{'mods_exportmods'},
|
||||
&ui_select("mod", undef,
|
||||
[ map { [ $_->{'dir'}, $_->{'desc'} ] } @mlist ], 10, 1));
|
||||
[ map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] } @mlist ],
|
||||
10, 1));
|
||||
|
||||
print &ui_table_row($text{'mods_exportto'},
|
||||
&ui_radio("to", 0,
|
||||
|
||||
@@ -39,10 +39,11 @@ print &ui_table_row($text{'restrict_who2'},
|
||||
my @mods = &list_modules();
|
||||
my @grid;
|
||||
foreach my $m (@mods) {
|
||||
my $hdesc = &html_escape($m->{'desc'});
|
||||
push(@grid,
|
||||
&ui_checkbox("mod", $m->{'dir'},
|
||||
$acl{"user",$m->{'dir'}} ? $m->{'desc'} :
|
||||
"<font color=#ff0000>$m->{'desc'}</font>",
|
||||
$acl{"user",$m->{'dir'}} ? $hdesc :
|
||||
"<font color=red>$hdesc</font>",
|
||||
&indexof($m->{'dir'}, @{$um->[2]}) >= 0));
|
||||
}
|
||||
print &ui_table_row($text{'restrict_mods'},
|
||||
|
||||
@@ -31,7 +31,8 @@ if (@themes) {
|
||||
print "<b>$text{'themes_sel'}</b>\n";
|
||||
print &ui_select("theme", $uconfig{'theme'},
|
||||
[ !$uconfig{'theme'} ? [ '', $text{'themes_default'} ] : (),
|
||||
map { [ $_->{'dir'}, $_->{'desc'} ] } @themes ]),"<p>\n";
|
||||
map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
@themes ]),"<p>\n";
|
||||
print &ui_form_end([ [ undef, $text{'themes_change'} ] ]);
|
||||
print &ui_tabs_end_tab("mode", "change");
|
||||
}
|
||||
@@ -63,7 +64,8 @@ if (@delthemes) {
|
||||
print &ui_form_start("delete_mod.cgi");
|
||||
print "<b>$text{'themes_delok'}</b>\n";
|
||||
print &ui_select("mod", undef,
|
||||
[ map { [ $_->{'dir'}, $_->{'desc'} ] } @delthemes ]),"<br>\n";
|
||||
[ map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
@delthemes ]),"<br>\n";
|
||||
print &ui_form_end([ [ undef, $text{'delete'} ] ]);
|
||||
print &ui_tabs_end_tab("mode", "delete");
|
||||
}
|
||||
@@ -78,7 +80,8 @@ if (@themes) {
|
||||
|
||||
print &ui_table_row($text{'themes_exportmods'},
|
||||
&ui_select("mod", undef,
|
||||
[ map { [ $_->{'dir'}, $_->{'desc'} ] } @themes ], 5, 1));
|
||||
[ map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
@themes ], 5, 1));
|
||||
|
||||
print &ui_table_row($text{'mods_exportto'},
|
||||
&ui_radio("to", 0,
|
||||
|
||||
@@ -46,7 +46,7 @@ print &ui_table_row($text{'startpage_gotoone'},
|
||||
print &ui_table_row($text{'startpage_gotomodule'},
|
||||
&ui_select("gotomodule", $uconfig{'gotomodule'},
|
||||
[ [ "", $text{'startpage_gotonone'} ],
|
||||
map { [ $_->{'dir'}, $_->{'desc'} ] }
|
||||
map { [ $_->{'dir'}, &html_escape($_->{'desc'}) ] }
|
||||
sort { $a->{'desc'} cmp $b->{'desc'} } @modules ]));
|
||||
|
||||
print &ui_table_row($text{'ui_feedbackmode'},
|
||||
|
||||
@@ -16,7 +16,7 @@ foreach $m (@mods) {
|
||||
if ((-r "$miniserv{'root'}/$m->{'dir'}/config.info" ||
|
||||
-r "$miniserv{'root'}/$m->{'dir'}/uconfig.info") &&
|
||||
&can_use_module($m->{'dir'})) {
|
||||
push(@grid, &ui_link("edit_configs.cgi?mod=$m->{'dir'}","$m->{'desc'}"));
|
||||
push(@grid, &ui_link("edit_configs.cgi?mod=".&urlize($m->{'dir'}), &html_escape($m->{'desc'})));
|
||||
}
|
||||
}
|
||||
print &ui_grid_table(\@grid, 4, 100,
|
||||
|
||||
@@ -12,20 +12,20 @@ if ($type eq "restrict") {
|
||||
return &text("log_restrict_$action",
|
||||
$object eq "*" ? $text{'log_all'} :
|
||||
$object =~ /^\@(.*)$/ ? &text('log_group', "<tt>$1</tt>")
|
||||
: "<tt>$object</tt>");
|
||||
: "<tt>".&html_escape($object)."</tt>");
|
||||
}
|
||||
elsif ($action eq 'install') {
|
||||
return &text('log_install', "<i>$p->{'desc'}</i>");
|
||||
return &text('log_install', "<i>".&html_escape($p->{'desc'})."</i>");
|
||||
}
|
||||
elsif ($action eq 'tinstall') {
|
||||
return &text('log_tinstall', "<i>$p->{'desc'}</i>");
|
||||
return &text('log_tinstall', "<i>".&html_escape($p->{'desc'})."</i>");
|
||||
}
|
||||
elsif ($action eq 'clone') {
|
||||
return &text('log_clone', "<i>$p->{'desc'}</i>",
|
||||
return &text('log_clone', "<i>".&html_escape($p->{'desc'})."</i>",
|
||||
"<i>$p->{'dstdesc'}</i>");
|
||||
}
|
||||
elsif ($action eq 'delete') {
|
||||
return &text('log_delete', "<i>$p->{'desc'}</i>");
|
||||
return &text('log_delete', "<i>".&html_escape($p->{'desc'})."</i>");
|
||||
}
|
||||
elsif ($action eq 'upgrade') {
|
||||
return &text('log_upgrade', $p->{'version'});
|
||||
@@ -34,17 +34,18 @@ elsif ($action eq 'uinstall') {
|
||||
return &text('log_uinstall', $p->{'version'});
|
||||
}
|
||||
elsif ($action eq 'theme') {
|
||||
return $p->{'theme'} ? &text('log_theme', "<tt>$p->{'theme'}</tt>")
|
||||
: $text{'log_theme_def'};
|
||||
return $p->{'theme'} ?
|
||||
&text('log_theme', "<tt>".&html_escape($p->{'theme'})."</tt>") :
|
||||
$text{'log_theme_def'};
|
||||
}
|
||||
elsif ($action eq "config") {
|
||||
return &text('log_config', "<tt>$p->{'mod'}</tt>");
|
||||
return &text('log_config', "<tt>".&html_escape($p->{'mod'})."</tt>");
|
||||
}
|
||||
elsif ($action eq "uconfig") {
|
||||
return &text('log_uconfig', "<tt>$p->{'mod'}</tt>");
|
||||
return &text('log_uconfig', "<tt>".&html_escape($p->{'mod'})."</tt>");
|
||||
}
|
||||
elsif ($action eq 'switch') {
|
||||
return &text('log_switch', "<tt>$object</tt>");
|
||||
return &text('log_switch', "<tt>".&html_escape($object)."</tt>");
|
||||
}
|
||||
elsif ($text{"log_$action"}) {
|
||||
return $text{"log_$action"};
|
||||
|
||||
Reference in New Issue
Block a user