Merge pull request #12313 from MrPetovan/bug/12312-calendar-JS
Escape HTML in event mapping callback
This commit is contained in:
commit
3d73c452df
4 changed files with 69 additions and 62 deletions
|
@ -152,7 +152,7 @@ class API extends BaseModule
|
|||
$share = intval($request['share'] ?? 0);
|
||||
$isPreview = intval($request['preview'] ?? 0);
|
||||
|
||||
$start = DateTimeFormat::convert($strStartDateTime ?? DBA::NULL_DATETIME, $this->timezone);
|
||||
$start = DateTimeFormat::convert($strStartDateTime ?? DBA::NULL_DATETIME, 'UTC', $this->timezone);
|
||||
if (!$noFinish) {
|
||||
$finish = DateTimeFormat::convert($strFinishDateTime ?? DBA::NULL_DATETIME, 'UTC', $this->timezone);
|
||||
} else {
|
||||
|
@ -170,12 +170,12 @@ class API extends BaseModule
|
|||
$type = 'event';
|
||||
|
||||
$params = [
|
||||
'summary' => $summary,
|
||||
'description' => $desc,
|
||||
'location' => $location,
|
||||
'start' => $strStartDateTime,
|
||||
'finish' => $strFinishDateTime,
|
||||
'nofinish' => $noFinish,
|
||||
'summary' => $summary,
|
||||
'desc' => $desc,
|
||||
'location' => $location,
|
||||
'start' => $strStartDateTime,
|
||||
'finish' => $strFinishDateTime,
|
||||
'nofinish' => $noFinish,
|
||||
];
|
||||
|
||||
$action = empty($eventId) ? 'new' : 'edit/' . $eventId;
|
||||
|
|
|
@ -234,13 +234,13 @@ class Form extends BaseModule
|
|||
'start_text'
|
||||
),
|
||||
|
||||
'$d_text' => $this->t('Description:'),
|
||||
'$d_orig' => $d_orig,
|
||||
'$l_text' => $this->t('Location:'),
|
||||
'$l_orig' => $l_orig,
|
||||
'$t_text' => $this->t('Title:') . ' <span class="required" title="' . $this->t('Required') . '">*</span>',
|
||||
'$t_text' => $this->t('Title (BBCode not allowed)') . ' <span class="required" title="' . $this->t('Required') . '">*</span>',
|
||||
'$t_orig' => $t_orig,
|
||||
'$summary' => ['summary', $this->t('Title:'), $t_orig, '', '*'],
|
||||
'$d_text' => $this->t('Description (BBCode allowed)'),
|
||||
'$d_orig' => $d_orig,
|
||||
'$l_text' => $this->t('Location (BBCode not allowed)'),
|
||||
'$l_orig' => $l_orig,
|
||||
'$summary' => ['summary', $this->t('Title (BBCode not allowed)'), $t_orig, '', '*'],
|
||||
'$sh_text' => $this->t('Share this event'),
|
||||
'$share' => ['share', $this->t('Share this event'), $share_checked, '', $share_disabled],
|
||||
'$sh_checked' => $share_checked,
|
||||
|
|
|
@ -34,6 +34,7 @@ use Friendica\Module\Response;
|
|||
use Friendica\Network\HTTPException;
|
||||
use Friendica\Util\DateTimeFormat;
|
||||
use Friendica\Util\Profiler;
|
||||
use Friendica\Util\Strings;
|
||||
use Psr\Log\LoggerInterface;
|
||||
|
||||
/**
|
||||
|
@ -82,12 +83,12 @@ class Get extends \Friendica\BaseModule
|
|||
|
||||
return [
|
||||
'id' => $event['id'],
|
||||
'title' => $event['summary'],
|
||||
'title' => Strings::escapeHtml($event['summary']),
|
||||
'start' => DateTimeFormat::local($event['start']),
|
||||
'end' => DateTimeFormat::local($event['finish']),
|
||||
'nofinish' => $event['nofinish'],
|
||||
'desc' => $event['desc'],
|
||||
'location' => $event['location'],
|
||||
'desc' => Strings::escapeHtml($event['desc']),
|
||||
'location' => Strings::escapeHtml($event['location']),
|
||||
'item' => $item,
|
||||
];
|
||||
}, $events);
|
||||
|
|
|
@ -8,7 +8,7 @@ msgid ""
|
|||
msgstr ""
|
||||
"Project-Id-Version: 2022.12-dev\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-12-03 21:11+0000\n"
|
||||
"POT-Creation-Date: 2022-12-04 06:41-0500\n"
|
||||
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
||||
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
||||
"Language-Team: LANGUAGE <LL@li.org>\n"
|
||||
|
@ -2151,9 +2151,8 @@ msgstr ""
|
|||
|
||||
#: src/Content/Widget/VCard.php:104 src/Model/Event.php:82
|
||||
#: src/Model/Event.php:109 src/Model/Event.php:471 src/Model/Event.php:958
|
||||
#: src/Model/Profile.php:373 src/Module/Calendar/Event/Form.php:239
|
||||
#: src/Module/Contact/Profile.php:369 src/Module/Directory.php:147
|
||||
#: src/Module/Notifications/Introductions.php:187
|
||||
#: src/Model/Profile.php:373 src/Module/Contact/Profile.php:369
|
||||
#: src/Module/Directory.php:147 src/Module/Notifications/Introductions.php:187
|
||||
#: src/Module/Profile/Profile.php:186
|
||||
msgid "Location:"
|
||||
msgstr ""
|
||||
|
@ -3295,7 +3294,7 @@ msgstr ""
|
|||
msgid "Contact information and Social Networks"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:212 src/Model/User.php:1100
|
||||
#: src/Model/User.php:212 src/Model/User.php:1102
|
||||
msgid "SERIOUS ERROR: Generation of security keys failed."
|
||||
msgstr ""
|
||||
|
||||
|
@ -3307,134 +3306,134 @@ msgstr ""
|
|||
msgid "Not enough information to authenticate"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:750
|
||||
#: src/Model/User.php:752
|
||||
msgid "Password can't be empty"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:792
|
||||
#: src/Model/User.php:794
|
||||
msgid "Empty passwords are not allowed."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:796
|
||||
#: src/Model/User.php:798
|
||||
msgid ""
|
||||
"The new password has been exposed in a public data dump, please choose "
|
||||
"another."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:800
|
||||
#: src/Model/User.php:802
|
||||
msgid "The password length is limited to 72 characters."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:804
|
||||
#: src/Model/User.php:806
|
||||
msgid ""
|
||||
"The password can't contain accentuated letters, white spaces or colons (:)"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:983
|
||||
#: src/Model/User.php:985
|
||||
msgid "Passwords do not match. Password unchanged."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:990
|
||||
#: src/Model/User.php:992
|
||||
msgid "An invitation is required."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:994
|
||||
#: src/Model/User.php:996
|
||||
msgid "Invitation could not be verified."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1002
|
||||
#: src/Model/User.php:1004
|
||||
msgid "Invalid OpenID url"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1015 src/Security/Authentication.php:241
|
||||
#: src/Model/User.php:1017 src/Security/Authentication.php:241
|
||||
msgid ""
|
||||
"We encountered a problem while logging in with the OpenID you provided. "
|
||||
"Please check the correct spelling of the ID."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1015 src/Security/Authentication.php:241
|
||||
#: src/Model/User.php:1017 src/Security/Authentication.php:241
|
||||
msgid "The error message was:"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1021
|
||||
#: src/Model/User.php:1023
|
||||
msgid "Please enter the required information."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1035
|
||||
#: src/Model/User.php:1037
|
||||
#, php-format
|
||||
msgid ""
|
||||
"system.username_min_length (%s) and system.username_max_length (%s) are "
|
||||
"excluding each other, swapping values."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1042
|
||||
#: src/Model/User.php:1044
|
||||
#, php-format
|
||||
msgid "Username should be at least %s character."
|
||||
msgid_plural "Username should be at least %s characters."
|
||||
msgstr[0] ""
|
||||
msgstr[1] ""
|
||||
|
||||
#: src/Model/User.php:1046
|
||||
#: src/Model/User.php:1048
|
||||
#, php-format
|
||||
msgid "Username should be at most %s character."
|
||||
msgid_plural "Username should be at most %s characters."
|
||||
msgstr[0] ""
|
||||
msgstr[1] ""
|
||||
|
||||
#: src/Model/User.php:1054
|
||||
#: src/Model/User.php:1056
|
||||
msgid "That doesn't appear to be your full (First Last) name."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1059
|
||||
#: src/Model/User.php:1061
|
||||
msgid "Your email domain is not among those allowed on this site."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1063
|
||||
#: src/Model/User.php:1065
|
||||
msgid "Not a valid email address."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1066
|
||||
#: src/Model/User.php:1068
|
||||
msgid "The nickname was blocked from registration by the nodes admin."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1070 src/Model/User.php:1076
|
||||
#: src/Model/User.php:1072 src/Model/User.php:1078
|
||||
msgid "Cannot use that email."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1082
|
||||
#: src/Model/User.php:1084
|
||||
msgid "Your nickname can only contain a-z, 0-9 and _."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1090 src/Model/User.php:1147
|
||||
#: src/Model/User.php:1092 src/Model/User.php:1149
|
||||
msgid "Nickname is already registered. Please choose another."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1134 src/Model/User.php:1138
|
||||
#: src/Model/User.php:1136 src/Model/User.php:1140
|
||||
msgid "An error occurred during registration. Please try again."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1161
|
||||
#: src/Model/User.php:1163
|
||||
msgid "An error occurred creating your default profile. Please try again."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1168
|
||||
#: src/Model/User.php:1170
|
||||
msgid "An error occurred creating your self contact. Please try again."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1173
|
||||
#: src/Model/User.php:1175
|
||||
msgid "Friends"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1177
|
||||
#: src/Model/User.php:1179
|
||||
msgid ""
|
||||
"An error occurred creating your default contact group. Please try again."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1216
|
||||
#: src/Model/User.php:1218
|
||||
msgid "Profile Photos"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1409
|
||||
#: src/Model/User.php:1411
|
||||
#, php-format
|
||||
msgid ""
|
||||
"\n"
|
||||
|
@ -3442,7 +3441,7 @@ msgid ""
|
|||
"\t\t\tthe administrator of %2$s has set up an account for you."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1412
|
||||
#: src/Model/User.php:1414
|
||||
#, php-format
|
||||
msgid ""
|
||||
"\n"
|
||||
|
@ -3480,12 +3479,12 @@ msgid ""
|
|||
"\t\tThank you and welcome to %4$s."
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1445 src/Model/User.php:1552
|
||||
#: src/Model/User.php:1447 src/Model/User.php:1554
|
||||
#, php-format
|
||||
msgid "Registration details for %s"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1465
|
||||
#: src/Model/User.php:1467
|
||||
#, php-format
|
||||
msgid ""
|
||||
"\n"
|
||||
|
@ -3501,12 +3500,12 @@ msgid ""
|
|||
"\t\t"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1484
|
||||
#: src/Model/User.php:1486
|
||||
#, php-format
|
||||
msgid "Registration at %s"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1508
|
||||
#: src/Model/User.php:1510
|
||||
#, php-format
|
||||
msgid ""
|
||||
"\n"
|
||||
|
@ -3515,7 +3514,7 @@ msgid ""
|
|||
"\t\t\t"
|
||||
msgstr ""
|
||||
|
||||
#: src/Model/User.php:1516
|
||||
#: src/Model/User.php:1518
|
||||
#, php-format
|
||||
msgid ""
|
||||
"\n"
|
||||
|
@ -5492,7 +5491,7 @@ msgid "Event Starts:"
|
|||
msgstr ""
|
||||
|
||||
#: src/Module/Calendar/Event/Form.php:209
|
||||
#: src/Module/Calendar/Event/Form.php:241 src/Module/Debug/Probe.php:59
|
||||
#: src/Module/Calendar/Event/Form.php:237 src/Module/Debug/Probe.php:59
|
||||
#: src/Module/Install.php:207 src/Module/Install.php:240
|
||||
#: src/Module/Install.php:245 src/Module/Install.php:264
|
||||
#: src/Module/Install.php:275 src/Module/Install.php:280
|
||||
|
@ -5523,14 +5522,17 @@ msgstr ""
|
|||
msgid "Event Finishes:"
|
||||
msgstr ""
|
||||
|
||||
#: src/Module/Calendar/Event/Form.php:237 src/Module/Profile/Profile.php:164
|
||||
#: src/Module/Settings/Profile/Index.php:247
|
||||
msgid "Description:"
|
||||
#: src/Module/Calendar/Event/Form.php:237
|
||||
#: src/Module/Calendar/Event/Form.php:243
|
||||
msgid "Title (BBCode not allowed)"
|
||||
msgstr ""
|
||||
|
||||
#: src/Module/Calendar/Event/Form.php:239
|
||||
msgid "Description (BBCode allowed)"
|
||||
msgstr ""
|
||||
|
||||
#: src/Module/Calendar/Event/Form.php:241
|
||||
#: src/Module/Calendar/Event/Form.php:243
|
||||
msgid "Title:"
|
||||
msgid "Location (BBCode not allowed)"
|
||||
msgstr ""
|
||||
|
||||
#: src/Module/Calendar/Event/Form.php:244
|
||||
|
@ -8239,6 +8241,10 @@ msgid_plural "%d years old"
|
|||
msgstr[0] ""
|
||||
msgstr[1] ""
|
||||
|
||||
#: src/Module/Profile/Profile.php:164 src/Module/Settings/Profile/Index.php:247
|
||||
msgid "Description:"
|
||||
msgstr ""
|
||||
|
||||
#: src/Module/Profile/Profile.php:226
|
||||
msgid "Forums:"
|
||||
msgstr ""
|
||||
|
|
Loading…
Reference in a new issue