Skip to content

Commit

Permalink
bug 2859 fixed: sanitize of photo title before use in title/alt HTML …
Browse files Browse the repository at this point in the history 
…attributes

git-svn-id: http://piwigo.org/svn/trunk@21175 68402e56-0260-453c-a942-63ccdbb3a9ee
  • Loading branch information
@plegall
plegall committed Mar 4, 2013
1 parent 6c1e393 commit c1f445f
Show file tree
Hide file tree
Showing 3 changed files with 8 additions and 8 deletions.
8 changes: 4 additions & 4 deletions themes/default/template/picture.tpl
View file
Expand Up @@ -134,15 +134,15 @@ y.callService(
{if $DISPLAY_NAV_THUMB}
<div class="navThumbs">
{if isset($previous)}
<a class="navThumb" id="linkPrev" href="{$previous.U_IMG}" title="{'Previous'|@translate} : {$previous.TITLE}" rel="prev">
<a class="navThumb" id="linkPrev" href="{$previous.U_IMG}" title="{'Previous'|@translate} :: {$previous.TITLE|@escape}" rel="prev">
<span class="thumbHover prevThumbHover"></span>
<img src="{$previous.derivatives.square->get_url()}" alt="{$previous.TITLE}">
<img src="{$previous.derivatives.square->get_url()}" alt="{$previous.TITLE|@escape}">
</a>
{/if}
{if isset($next)}
<a class="navThumb" id="linkNext" href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE}" rel="next">
<a class="navThumb" id="linkNext" href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE|@escape}" rel="next">
<span class="thumbHover nextThumbHover"></span>
<img src="{$next.derivatives.square->get_url()}" alt="{$next.TITLE}">
<img src="{$next.derivatives.square->get_url()}" alt="{$next.TITLE|@escape}">
</a>
{/if}
</div>
Expand Down
4 changes: 2 additions & 2 deletions themes/default/template/picture_content.tpl
View file
Expand Up @@ -10,11 +10,11 @@
<map name="map{$derivative->get_type()}">
{assign var='size' value=$derivative->get_size()}
{if isset($previous)}
<area shape=rect coords="0,0,{$size[0]/4|@intval},{$size[1]}" href="{$previous.U_IMG}" title="{'Previous'|@translate} : {$previous.TITLE}" alt="{$previous.TITLE}">
<area shape=rect coords="0,0,{$size[0]/4|@intval},{$size[1]}" href="{$previous.U_IMG}" title="{'Previous'|@translate} : {$previous.TITLE|@escape}" alt="{$previous.TITLE|@escape}">
{/if}
<area shape=rect coords="{$size[0]/4|@intval},0,{$size[0]/1.34|@intval},{$size[1]/4|@intval}" href="{$U_UP}" title="{'Thumbnails'|@translate}" alt="{'Thumbnails'|@translate}">
{if isset($next)}
<area shape=rect coords="{$size[0]/1.33|@intval},0,{$size[0]},{$size[1]}" href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE}" alt="{$next.TITLE}">
<area shape=rect coords="{$size[0]/1.33|@intval},0,{$size[0]},{$size[1]}" href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE|@escape}" alt="{$next.TITLE|@escape}">
{/if}
</map>
{/strip}{/foreach}
4 changes: 2 additions & 2 deletions themes/default/template/picture_nav_buttons.tpl
View file
Expand Up @@ -45,7 +45,7 @@
</a>
{/if}{/strip}
{strip}{if isset($previous)}
<a href="{$previous.U_IMG}" title="{'Previous'|@translate} : {$previous.TITLE}" class="pwg-state-default pwg-button">
<a href="{$previous.U_IMG}" title="{'Previous'|@translate} : {$previous.TITLE|@escape}" class="pwg-state-default pwg-button">
<span class="pwg-icon pwg-icon-arrow-w">&nbsp;</span><span class="pwg-button-text">{'Previous'|@translate}</span>
</a>
{else}
Expand All @@ -64,7 +64,7 @@
</a>
{/if}
{strip}{if isset($next)}
<a href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE}" class="pwg-state-default pwg-button pwg-button-icon-right">
<a href="{$next.U_IMG}" title="{'Next'|@translate} : {$next.TITLE|@escape}" class="pwg-state-default pwg-button pwg-button-icon-right">
<span class="pwg-icon pwg-icon-arrow-e">&nbsp;</span><span class="pwg-button-text">{'Next'|@translate}</span>
</a>
{else}
Expand Down

0 comments on commit c1f445f

Please sign in to comment.