diff options
| author | cash <cash.costello@gmail.com> | 2013-05-02 20:40:50 -0400 |
|---|---|---|
| committer | cash <cash.costello@gmail.com> | 2013-05-02 20:40:50 -0400 |
| commit | 0726860ca04b4f2ed9b010cc5c5692c23c32e2d2 (patch) | |
| tree | 111cc5fbc92da9d95d431281a46803f880f47d48 /views | |
| parent | 9864f0eeae607f77651c4ec09a344c8f72b6acdf (diff) | |
| download | elgg-0726860ca04b4f2ed9b010cc5c5692c23c32e2d2.tar.gz elgg-0726860ca04b4f2ed9b010cc5c5692c23c32e2d2.tar.bz2 | |
Fixes #5421 fixes some encoding issues where wrong context was used
Diffstat (limited to 'views')
| -rw-r--r-- | views/default/output/tag.php | 16 | ||||
| -rw-r--r-- | views/default/output/tags.php | 20 |
2 files changed, 18 insertions, 18 deletions
diff --git a/views/default/output/tag.php b/views/default/output/tag.php index 3e1f1c320..6bd9a72a7 100644 --- a/views/default/output/tag.php +++ b/views/default/output/tag.php @@ -8,25 +8,25 @@ * */ +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&subtype=" . rawurlencode($vars['subtype']); } else { $subtype = ""; } if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); + $object = "&object=" . rawurlencode($vars['object']); } else { $object = ""; } if (isset($vars['value'])) { + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}"; $vars['value'] = htmlspecialchars($vars['value'], ENT_QUOTES, 'UTF-8', false); - if (!empty($vars['type'])) { - $type = "&type={$vars['type']}"; - } else { - $type = ""; - } - $url = elgg_get_site_url() . 'search?q=' . urlencode($vars['value']) . "&search_type=tags{$type}{$subtype}{$object}"; echo elgg_view('output/url', array( 'href' => $url, 'text' => $vars['value'], diff --git a/views/default/output/tags.php b/views/default/output/tags.php index 41fd5f168..db096a3be 100644 --- a/views/default/output/tags.php +++ b/views/default/output/tags.php @@ -17,13 +17,18 @@ if (isset($vars['entity'])) { unset($vars['entity']); } +if (!empty($vars['type'])) { + $type = "&type=" . rawurlencode($vars['type']); +} else { + $type = ""; +} if (!empty($vars['subtype'])) { - $subtype = "&subtype=" . urlencode($vars['subtype']); + $subtype = "&subtype=" . rawurlencode($vars['subtype']); } else { $subtype = ""; } if (!empty($vars['object'])) { - $object = "&object=" . urlencode($vars['object']); + $object = "&object=" . rawurlencode($vars['object']); } else { $object = ""; } @@ -53,16 +58,11 @@ if (!empty($vars['tags'])) { $icon_class = elgg_extract('icon_class', $vars); $list_items = '<li>' . elgg_view_icon('tag', $icon_class) . '</li>'; - + foreach($vars['tags'] as $tag) { - $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); - if (!empty($vars['type'])) { - $type = "&type={$vars['type']}"; - } else { - $type = ""; - } - $url = elgg_get_site_url() . 'search?q=' . urlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}"; + $url = elgg_get_site_url() . 'search?q=' . rawurlencode($tag) . "&search_type=tags{$type}{$subtype}{$object}"; if (is_string($tag)) { + $tag = htmlspecialchars($tag, ENT_QUOTES, 'UTF-8', false); $list_items .= "<li class=\"$item_class\">"; $list_items .= elgg_view('output/url', array('href' => $url, 'text' => $tag, 'rel' => 'tag')); $list_items .= '</li>'; |