joomla/cms
29
0
Fork 0
mirror of https://github.com/joomla/joomla-cms.git synced 2024-06-27 07:33:41 +00:00
Code Packages Releases Activity

[#23877] Improve how HTML entities in meta data are handled

Browse Source 
git-svn-id: http://joomlacode.org/svn/joomla/development/trunk@19930 6f6e1ebd-4c2b-0410-823f-f34bde69bce9
This commit is contained in:
Christophe Demko 2010-12-21 08:37:51 +00:00
parent 3b1587c3d6
commit ecd64dc954
30 changed files with 55 additions and 54 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
administrator/components/com_config/models/application.php
View File

@ -111,17 +111,17 @@ class ConfigModelApplication extends JModelForm
*/
// Escape the sitename if present.
if (isset($data['sitename'])) {
$data['sitename'] = htmlspecialchars($data['sitename'], ENT_COMPAT, 'UTF-8');
$data['sitename'] = $data['sitename'];
}
// Escape the MetaDesc if present.
if (isset($data['MetaDesc'])) {
$data['MetaDesc'] = htmlspecialchars($data['MetaDesc'], ENT_COMPAT, 'UTF-8');
$data['MetaDesc'] = $data['MetaDesc'];
}
// Escape the MetaKeys if present.
if (isset($data['MetaKeys'])) {
$data['MetaKeys'] = htmlspecialchars($data['MetaKeys'], ENT_COMPAT, 'UTF-8');
$data['MetaKeys'] = $data['MetaKeys'];
}
// Escape the offline message if present.

2
administrator/includes/application.php
View File

@ -146,7 +146,7 @@ class JAdministrator extends JApplication
break;
}
$document->setTitle(htmlspecialchars_decode($this->getCfg('sitename')). ' - ' .JText::_('JADMINISTRATION'));
$document->setTitle($this->getCfg('sitename'). ' - ' .JText::_('JADMINISTRATION'));
$document->setDescription($this->getCfg('MetaDesc'));
$contents = JComponentHelper::renderComponent($component);

4
components/com_contact/views/categories/view.html.php
View File

@ -85,10 +85,10 @@ class ContactViewCategories extends JView
}
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_contact/views/category/view.html.php
View File

@ -162,10 +162,10 @@ class ContactViewCategory extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_contact/views/contact/view.html.php
View File

@ -220,10 +220,10 @@ class ContactViewContact extends JView
}
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
if (empty($title)) {

4
components/com_contact/views/featured/view.html.php
View File

@ -116,10 +116,10 @@ class ContactViewFeatured extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_content/views/archive/view.html.php
View File

@ -122,10 +122,10 @@ class ContentViewArchive extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_content/views/article/view.html.php
View File

@ -205,10 +205,10 @@ class ContentViewArticle extends JView
// Check for empty title and add site name if param is set
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
if (empty($title)) {
$title = $this->item->title;

4
components/com_content/views/categories/view.html.php
View File

@ -87,10 +87,10 @@ class ContentViewCategories extends JView
}
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_content/views/category/view.html.php
View File

@ -217,10 +217,10 @@ class ContentViewCategory extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_content/views/featured/view.html.php
View File

@ -155,10 +155,10 @@ class ContentViewFeatured extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

2
components/com_content/views/form/view.html.php
View File

@ -90,7 +90,7 @@ class ContentViewForm extends JView
$title = $this->params->def('page_title', JText::_('COM_CONTENT_FORM_EDIT_ARTICLE'));
if ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_newsfeeds/views/categories/view.html.php
View File

@ -86,10 +86,10 @@ class NewsfeedsViewCategories extends JView
}
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_newsfeeds/views/category/view.html.php
View File

@ -151,10 +151,10 @@ class NewsfeedsViewCategory extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_newsfeeds/views/newsfeed/view.html.php
View File

@ -254,10 +254,10 @@ class NewsfeedsViewNewsfeed extends JView
}
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
else if ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
if (empty($title)) {
$title = $this->item->name;

2
components/com_search/views/search/view.html.php
View File

@ -61,7 +61,7 @@ class SearchViewSearch extends JView
$title = $params->get('page_title');
if ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

4
components/com_users/views/login/view.html.php
View File

@ -73,10 +73,10 @@ class UsersViewLogin extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_users/views/profile/view.html.php
View File

@ -80,10 +80,10 @@ class UsersViewProfile extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_users/views/registration/view.html.php
View File

@ -72,10 +72,10 @@ class UsersViewRegistration extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_users/views/remind/view.html.php
View File

@ -70,10 +70,10 @@ class UsersViewRemind extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_users/views/reset/view.html.php
View File

@ -77,10 +77,10 @@ class UsersViewReset extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_weblinks/views/categories/view.html.php
View File

@ -85,10 +85,10 @@ class WeblinksViewCategories extends JView
}
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_weblinks/views/category/view.html.php
View File

@ -161,10 +161,10 @@ class WeblinksViewCategory extends JView
$title = $this->params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

2
components/com_weblinks/views/form/view.html.php
View File

@ -89,7 +89,7 @@ class WeblinksViewForm extends JView
}
$title = $this->params->def('page_title', JText::_('COM_WEBLINKS_FORM_EDIT_WEBLINK'));
if ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);
}

4
components/com_wrapper/views/wrapper/view.html.php
View File

@ -32,10 +32,10 @@ class WrapperViewWrapper extends JView
// right from the menu item itself
$title = $params->get('page_title', '');
if (empty($title)) {
$title = htmlspecialchars_decode($app->getCfg('sitename'));
$title = $app->getCfg('sitename');
}
elseif ($app->getCfg('sitename_pagetitles', 0)) {
$title = JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $title);
$title = JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $title);
}
$this->document->setTitle($title);

2
includes/application.php
View File

@ -343,7 +343,7 @@ final class JSite extends JApplication
$lang_code = JFactory::getLanguage()->getTag();
$languages = JLanguageHelper::getLanguages('lang_code');
$title = htmlspecialchars_decode($this->getCfg('sitename'));
$title = $this->getCfg('sitename');
if (isset($languages[$lang_code]) && $languages[$lang_code]->metadesc) {
$description = $languages[$lang_code]->metadesc;
} else {

1
installation/CHANGELOG
View File

@ -31,6 +31,7 @@ $ -> Language fix or change
# [#23894] Components menu item visible in disabled menu (Sander Potjer)
# [#23782] [PATCH] Fix router calls for components containing hyphens and full stops. (Tom Lee)
# [#23811] PHP Strict Compatibility (Elin Waring, Rune Sjøen)
^ [#23877] Improve how HTML entities in meta data are handled (Rouven Weßling)
20-Dec-2010 Jean-Marie Simonet
# [#23903] Menu item type external url issues

2
libraries/joomla/document/feed/renderer/atom.php
View File

@ -53,7 +53,7 @@ defined('JPATH_BASE') or die;
$feed_title = htmlspecialchars(
$app->getCfg('sitename_pagetitles',0)?
JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $data->title):
JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $data->title):
$data->title
, ENT_COMPAT, 'UTF-8');

2
libraries/joomla/document/feed/renderer/rss.php
View File

@ -47,7 +47,7 @@ class JDocumentRendererRSS extends JDocumentRenderer
$feed_title = htmlspecialchars(
$app->getCfg('sitename_pagetitles',0)?
JText::sprintf('JPAGETITLE', htmlspecialchars_decode($app->getCfg('sitename')), $data->title):
JText::sprintf('JPAGETITLE', $app->getCfg('sitename'), $data->title):
$data->title
, ENT_COMPAT, 'UTF-8');

8
libraries/joomla/document/html/renderer/head.php
View File

@ -63,10 +63,10 @@ class JDocumentRendererHead extends JDocumentRenderer
{
if ($type == 'http-equiv') {
$content.= '; charset=' . $document->getCharset();
$buffer .= $tab.'<meta http-equiv="'.$name.'" content="'.$content.'"'.$tagEnd.$lnEnd;
$buffer .= $tab.'<meta http-equiv="'.$name.'" content="'.htmlspecialchars($content).'"'.$tagEnd.$lnEnd;
}
else if ($type == 'standard') {
$buffer .= $tab.'<meta name="'.$name.'" content="'.$content.'"'.$tagEnd.$lnEnd;
$buffer .= $tab.'<meta name="'.$name.'" content="'.htmlspecialchars($content).'"'.$tagEnd.$lnEnd;
}
}
}
@ -74,10 +74,10 @@ class JDocumentRendererHead extends JDocumentRenderer
// dont add empty descriptions
$documentDescription = $document->getDescription();
if ($documentDescription) {
$buffer .= $tab.'<meta name="description" content="'.$documentDescription.'" />'.$lnEnd;
$buffer .= $tab.'<meta name="description" content="'.htmlspecialchars($documentDescription).'" />'.$lnEnd;
}
$buffer .= $tab.'<meta name="generator" content="'.$document->getGenerator().'" />'.$lnEnd;
$buffer .= $tab.'<meta name="generator" content="'.htmlspecialchars($document->getGenerator()).'" />'.$lnEnd;
$buffer .= $tab.'<title>'.htmlspecialchars($document->getTitle(), ENT_COMPAT, 'UTF-8').'</title>'.$lnEnd;
// Generate link declarations