Move server block list HTML escaping to templating
This commit is contained in:
parent
edcfeaf66d
commit
068c567b3d
2 changed files with 14 additions and 11 deletions
|
@ -40,20 +40,23 @@ class Server extends BaseAdmin
|
||||||
|
|
||||||
if (!empty($_POST['page_blocklist_save'])) {
|
if (!empty($_POST['page_blocklist_save'])) {
|
||||||
// Add new item to blocklist
|
// Add new item to blocklist
|
||||||
|
$domain = trim($_POST['newentry_domain']);
|
||||||
|
|
||||||
$blocklist = DI::config()->get('system', 'blocklist');
|
$blocklist = DI::config()->get('system', 'blocklist');
|
||||||
$blocklist[] = [
|
$blocklist[] = [
|
||||||
'domain' => Strings::escapeTags(trim($_POST['newentry_domain'])),
|
'domain' => $domain,
|
||||||
'reason' => Strings::escapeTags(trim($_POST['newentry_reason']))
|
'reason' => trim($_POST['newentry_reason']),
|
||||||
];
|
];
|
||||||
DI::config()->set('system', 'blocklist', $blocklist);
|
DI::config()->set('system', 'blocklist', $blocklist);
|
||||||
|
|
||||||
info(DI::l10n()->t('Server domain pattern added to blocklist.'));
|
info(DI::l10n()->t('Server domain pattern added to blocklist.'));
|
||||||
} else {
|
} else {
|
||||||
// Edit the entries from blocklist
|
// Edit the entries from blocklist
|
||||||
$blocklist = [];
|
$blocklist = [];
|
||||||
foreach ($_POST['domain'] as $id => $domain) {
|
foreach ($_POST['domain'] as $id => $domain) {
|
||||||
// Trimming whitespaces as well as any lingering slashes
|
// Trimming whitespaces as well as any lingering slashes
|
||||||
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
|
$domain = trim($domain);
|
||||||
$reason = Strings::escapeTags(trim($_POST['reason'][$id]));
|
$reason = trim($_POST['reason'][$id]);
|
||||||
if (empty($_POST['delete'][$id])) {
|
if (empty($_POST['delete'][$id])) {
|
||||||
$blocklist[] = [
|
$blocklist[] = [
|
||||||
'domain' => $domain,
|
'domain' => $domain,
|
||||||
|
@ -97,7 +100,7 @@ class Server extends BaseAdmin
|
||||||
</ul>'),
|
</ul>'),
|
||||||
'$addtitle' => DI::l10n()->t('Add new entry to block list'),
|
'$addtitle' => DI::l10n()->t('Add new entry to block list'),
|
||||||
'$newdomain' => ['newentry_domain', DI::l10n()->t('Server Domain Pattern'), '', DI::l10n()->t('The domain pattern of the new server to add to the block list. Do not include the protocol.'), DI::l10n()->t('Required'), '', ''],
|
'$newdomain' => ['newentry_domain', DI::l10n()->t('Server Domain Pattern'), '', DI::l10n()->t('The domain pattern of the new server to add to the block list. Do not include the protocol.'), DI::l10n()->t('Required'), '', ''],
|
||||||
'$newreason' => ['newentry_reason', DI::l10n()->t('Block reason'), '', DI::l10n()->t('The reason why you blocked this server domain pattern.'), DI::l10n()->t('Required'), '', ''],
|
'$newreason' => ['newentry_reason', DI::l10n()->t('Block reason'), '', DI::l10n()->t('The reason why you blocked this server domain pattern. This reason will be shown publicly in the server information page.'), DI::l10n()->t('Required'), '', ''],
|
||||||
'$submit' => DI::l10n()->t('Add Entry'),
|
'$submit' => DI::l10n()->t('Add Entry'),
|
||||||
'$savechanges' => DI::l10n()->t('Save changes to the blocklist'),
|
'$savechanges' => DI::l10n()->t('Save changes to the blocklist'),
|
||||||
'$currenttitle' => DI::l10n()->t('Current Entries in the Blocklist'),
|
'$currenttitle' => DI::l10n()->t('Current Entries in the Blocklist'),
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
|
|
||||||
<p>{{$visible_addons.title nofilter}}</p>
|
<p>{{$visible_addons.title nofilter}}</p>
|
||||||
{{if $visible_addons.list}}
|
{{if $visible_addons.list}}
|
||||||
<div style="margin-left: 25px; margin-right: 25px; margin-bottom: 25px;">{{$visible_addons.list nofilter}}</div>
|
<div style="margin-left: 25px; margin-right: 25px; margin-bottom: 25px;">{{$visible_addons.list}}</div>
|
||||||
{{/if}}
|
{{/if}}
|
||||||
|
|
||||||
{{if $tos}}
|
{{if $tos}}
|
||||||
|
@ -21,20 +21,20 @@
|
||||||
|
|
||||||
{{if $block_list}}
|
{{if $block_list}}
|
||||||
<div id="about_blocklist">
|
<div id="about_blocklist">
|
||||||
<p>{{$block_list.title nofilter}}</p>
|
<p>{{$block_list.title}}</p>
|
||||||
<br>
|
<br>
|
||||||
<table class="table">
|
<table class="table">
|
||||||
<thead>
|
<thead>
|
||||||
<tr>
|
<tr>
|
||||||
<th>{{$block_list.header[0] nofilter}}</th>
|
<th>{{$block_list.header[0]}}</th>
|
||||||
<th>{{$block_list.header[1] nofilter}}</th>
|
<th>{{$block_list.header[1]}}</th>
|
||||||
</tr>
|
</tr>
|
||||||
</thead>
|
</thead>
|
||||||
<tbody>
|
<tbody>
|
||||||
{{foreach $block_list.list as $blocked}}
|
{{foreach $block_list.list as $blocked}}
|
||||||
<tr>
|
<tr>
|
||||||
<td>{{$blocked.domain nofilter}}</td>
|
<td>{{$blocked.domain}}</td>
|
||||||
<td>{{$blocked.reason nofilter}}</td>
|
<td>{{$blocked.reason}}</td>
|
||||||
</tr>
|
</tr>
|
||||||
{{/foreach}}
|
{{/foreach}}
|
||||||
</tbody>
|
</tbody>
|
||||||
|
|
Loading…
Reference in a new issue