Move server block list HTML escaping to templating
This commit is contained in:
parent
edcfeaf66d
commit
068c567b3d
2 changed files with 14 additions and 11 deletions
|
@ -40,20 +40,23 @@ class Server extends BaseAdmin
|
|||
|
||||
if (!empty($_POST['page_blocklist_save'])) {
|
||||
// Add new item to blocklist
|
||||
$domain = trim($_POST['newentry_domain']);
|
||||
|
||||
$blocklist = DI::config()->get('system', 'blocklist');
|
||||
$blocklist[] = [
|
||||
'domain' => Strings::escapeTags(trim($_POST['newentry_domain'])),
|
||||
'reason' => Strings::escapeTags(trim($_POST['newentry_reason']))
|
||||
'domain' => $domain,
|
||||
'reason' => trim($_POST['newentry_reason']),
|
||||
];
|
||||
DI::config()->set('system', 'blocklist', $blocklist);
|
||||
|
||||
info(DI::l10n()->t('Server domain pattern added to blocklist.'));
|
||||
} else {
|
||||
// Edit the entries from blocklist
|
||||
$blocklist = [];
|
||||
foreach ($_POST['domain'] as $id => $domain) {
|
||||
// Trimming whitespaces as well as any lingering slashes
|
||||
$domain = Strings::escapeTags(trim($domain, "\x00..\x1F/"));
|
||||
$reason = Strings::escapeTags(trim($_POST['reason'][$id]));
|
||||
$domain = trim($domain);
|
||||
$reason = trim($_POST['reason'][$id]);
|
||||
if (empty($_POST['delete'][$id])) {
|
||||
$blocklist[] = [
|
||||
'domain' => $domain,
|
||||
|
@ -97,7 +100,7 @@ class Server extends BaseAdmin
|
|||
</ul>'),
|
||||
'$addtitle' => DI::l10n()->t('Add new entry to block list'),
|
||||
'$newdomain' => ['newentry_domain', DI::l10n()->t('Server Domain Pattern'), '', DI::l10n()->t('The domain pattern of the new server to add to the block list. Do not include the protocol.'), DI::l10n()->t('Required'), '', ''],
|
||||
'$newreason' => ['newentry_reason', DI::l10n()->t('Block reason'), '', DI::l10n()->t('The reason why you blocked this server domain pattern.'), DI::l10n()->t('Required'), '', ''],
|
||||
'$newreason' => ['newentry_reason', DI::l10n()->t('Block reason'), '', DI::l10n()->t('The reason why you blocked this server domain pattern. This reason will be shown publicly in the server information page.'), DI::l10n()->t('Required'), '', ''],
|
||||
'$submit' => DI::l10n()->t('Add Entry'),
|
||||
'$savechanges' => DI::l10n()->t('Save changes to the blocklist'),
|
||||
'$currenttitle' => DI::l10n()->t('Current Entries in the Blocklist'),
|
||||
|
|
|
@ -12,7 +12,7 @@
|
|||
|
||||
<p>{{$visible_addons.title nofilter}}</p>
|
||||
{{if $visible_addons.list}}
|
||||
<div style="margin-left: 25px; margin-right: 25px; margin-bottom: 25px;">{{$visible_addons.list nofilter}}</div>
|
||||
<div style="margin-left: 25px; margin-right: 25px; margin-bottom: 25px;">{{$visible_addons.list}}</div>
|
||||
{{/if}}
|
||||
|
||||
{{if $tos}}
|
||||
|
@ -21,20 +21,20 @@
|
|||
|
||||
{{if $block_list}}
|
||||
<div id="about_blocklist">
|
||||
<p>{{$block_list.title nofilter}}</p>
|
||||
<p>{{$block_list.title}}</p>
|
||||
<br>
|
||||
<table class="table">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>{{$block_list.header[0] nofilter}}</th>
|
||||
<th>{{$block_list.header[1] nofilter}}</th>
|
||||
<th>{{$block_list.header[0]}}</th>
|
||||
<th>{{$block_list.header[1]}}</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{{foreach $block_list.list as $blocked}}
|
||||
<tr>
|
||||
<td>{{$blocked.domain nofilter}}</td>
|
||||
<td>{{$blocked.reason nofilter}}</td>
|
||||
<td>{{$blocked.domain}}</td>
|
||||
<td>{{$blocked.reason}}</td>
|
||||
</tr>
|
||||
{{/foreach}}
|
||||
</tbody>
|
||||
|
|
Loading…
Reference in a new issue