escape feed links properly and fix some bugs in the feed link parameters

author: Christian Weiske <cweiske@cweiske.de> 2011-06-27 23:03:31 +0200
committer: Christian Weiske <cweiske@cweiske.de> 2011-06-27 23:03:31 +0200
commit: 90b6e65b1193b780c9c363fee3b1e92a5d0fba30 (patch)
tree: dfa326e2313172d151f4a1b07fd297d0f129c875
parent: 3d11286cbcc3cb35efe11f6e4a4ef5ac81620bda (diff)
download: semanticscuttle-90b6e65b1193b780c9c363fee3b1e92a5d0fba30.tar.gz
semanticscuttle-90b6e65b1193b780c9c363fee3b1e92a5d0fba30.tar.bz2
5 files changed, 47 insertions, 20 deletions
diff --git a/data/templates/default/bookmarks.tpl.php b/data/templates/default/bookmarks.tpl.php
index 8753b7f..0ed9c1d 100644
--- a/data/templates/default/bookmarks.tpl.php
+++ b/data/templates/default/bookmarks.tpl.php
@@ -222,12 +222,12 @@ if ($currenttag!= '') {
 	$size = count($rsschannels);
 	for ($i = 0; $i < $size; $i++) {
             $brss =  '<a style="background:#FFFFFF"'
-            . ' href="'. htmlspecialchars($rsschannels[$i][1]) . '"'
-            . ' title="' . $rsschannels[$i][0] . '">'
-            . '<img src="' . $theme->resource('images/rss.gif') . '"'
-            . ' width="16" height="16"'
-            . ' alt="' . $rsschannels[$i][0] .'"/>'
-            . '</a>';
+                . ' href="'. htmlspecialchars($rsschannels[$i][1]) . '"'
+                . ' title="' . htmlspecialchars($rsschannels[$i][0]) . '">'
+                . '<img src="' . $theme->resource('images/rss.gif') . '"'
+                . ' width="16" height="16"'
+                . ' alt="' . htmlspecialchars($rsschannels[$i][0]) .'"/>'
+                . '</a>';
 	}
 
 	$pagesBanner = '<p class="paging">'. $bfirst .'<span> / </span>'. $bprev .'<span> / </span>'. $bnext .'<span> / </span>'. $blast .'<span> / </span>'. sprintf(T_('Page %d of %d'), $page, $totalpages) ." ". $brss ." </p>\n";
diff --git a/data/templates/default/top.inc.php b/data/templates/default/top.inc.php
index 9eed6ff..0f67a17 100644
--- a/data/templates/default/top.inc.php
+++ b/data/templates/default/top.inc.php
@@ -13,7 +13,7 @@ if (isset($rsschannels)) {
 	for ($i = 0; $i < $size; $i++) {
 		echo '  <link rel="alternate" type="application/rss+xml" title="'
             . htmlspecialchars($rsschannels[$i][0]) . '"'
-            . ' href="'. $rsschannels[$i][1] .'" />';
+            . ' href="'. htmlspecialchars($rsschannels[$i][1]) .'" />' . "\n";
 	}
 }
 ?>
diff --git a/www/bookmarks.php b/www/bookmarks.php
index 7056fa6..72c063e 100644
--- a/www/bookmarks.php
+++ b/www/bookmarks.php
@@ -229,14 +229,14 @@ if ($templatename == 'editbookmark.tpl') {
 	$tplVars['sidebar_blocks'] = array('watchstatus');
 
 	if (!$cat) { //user page without tags
-                $rssTitle = ": My Bookmarks";
+        $rssTitle = "My Bookmarks";
 		$cat = NULL;
 		$tplVars['currenttag'] = NULL;
 		//$tplVars['sidebar_blocks'][] = 'menu2';
 		$tplVars['sidebar_blocks'][] = 'linked';
 		$tplVars['sidebar_blocks'][] = 'popular';
 	} else { //pages with tags
-                $rssTitle = ": Tags" . $catTitle;
+        $rssTitle = "Tags" . $catTitle;
 		$rssCat = '/'. filter($cat, 'url');
 		$tplVars['currenttag'] = $cat;
 		$tplVars['sidebar_blocks'][] = 'tagactions';
@@ -266,7 +266,11 @@ if ($templatename == 'editbookmark.tpl') {
 
 	// Set template vars
 	$tplVars['rsschannels'] = array(
-	array(filter($sitename .$rssTitle), createURL('rss', filter($user, 'url') . $rssCat.'?sort='.getSortOrder()))
+        array(
+            sprintf(T_('%s: %s'), $sitename, $rssTitle),
+            createURL('rss', filter($user, 'url'))
+            . $rssCat . '?sort='.getSortOrder()
+        )
 	);
 
     if ($userservice->isLoggedOn()) {
@@ -275,8 +279,14 @@ if ($templatename == 'editbookmark.tpl') {
             array_push(
                 $tplVars['rsschannels'],
                 array(
-                    filter($sitename . $rssTitle. sprintf(T_(': (private) ')) . $currentUsername),
-                    createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&amp;privateKey='.$currentUser->getPrivateKey())
+                    sprintf(
+                        T_('%s: %s (+private %s)'),
+                        $sitename, $rssTitle, $currentUsername
+                    ),
+                    createURL('rss', filter($currentUsername, 'url'))
+                    . $rssCat
+                    . '?sort=' . getSortOrder()
+                    . '&privateKey=' . $currentUser->getPrivateKey()
                 )
             );
         }
diff --git a/www/index.php b/www/index.php
index f270f73..7fbb84c 100644
--- a/www/index.php
+++ b/www/index.php
@@ -42,17 +42,25 @@ if (GET_ACTION == "logout") {
 // Header variables
 $tplVars['loadjs'] = true;
 $tplVars['rsschannels'] = array(
-array(sprintf(T_('%s: Recent bookmarks'), htmlspecialchars($sitename)), createURL('rss').'?sort='.getSortOrder())
+    array(
+        sprintf(T_('%s: Recent bookmarks'), $sitename),
+        createURL('rss') . '?sort=' . getSortOrder()
+    )
 );
 
 if ($userservice->isLoggedOn()) {
-    $currentUsername = $currentUser->getUsername();
     if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
+        $currentUsername = $currentUser->getUsername();
         array_push(
             $tplVars['rsschannels'],
             array(
-                filter(sprintf(T_('%s: Recent bookmarks (+private) %s'), $sitename, $currentUsername)),
-                createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&amp;privateKey='.$currentUser->getPrivateKey())
+                sprintf(
+                    T_('%s: Recent bookmarks (+private %s)'),
+                    $sitename, $currentUsername
+                ),
+                createURL('rss')
+                . '?sort=' . getSortOrder()
+                . '&privateKey=' . $currentUser->getPrivateKey()
             )
         );
     }
diff --git a/www/tags.php b/www/tags.php
index fca8a04..127f6c5 100644
--- a/www/tags.php
+++ b/www/tags.php
@@ -67,17 +67,26 @@ if ($usecache) {
 $tplVars['pagetitle'] = T_('Tags') .': '. $cat;
 $tplVars['loadjs'] = true;
 $tplVars['rsschannels'] = array(
-array(filter($sitename .': Tags: '. $cat), createURL('rss', 'all/'. filter($cat, 'url')).'?sort='.getSortOrder())
+    array(
+        sprintf(T_('%s: tagged with "%s"'), $sitename, $cat),
+        createURL('rss', 'all/' . filter($cat, 'url'))
+        . '?sort='.getSortOrder()
+    )
 );
 
 if ($userservice->isLoggedOn()) {
-    $currentUsername = $currentUser->getUsername();
     if ($userservice->isPrivateKeyValid($currentUser->getPrivateKey())) {
+        $currentUsername = $currentUser->getUsername();
         array_push(
             $tplVars['rsschannels'],
             array(
-                filter($sitename .': Tags: '. $cat . sprintf(T_(': (private) ')) . $currentUsername),
-                createURL('rss', filter($currentUsername, 'url') . '?sort='.getSortOrder().'&amp;privateKey='.$currentUser->getPrivateKey())
+                sprintf(
+                    T_('%s: tagged with "%s" (+private %s)'),
+                    $sitename, $cat, $currentUsername
+                ),
+                createURL('rss', filter($currentUsername, 'url'))
+                . '?sort=' . getSortOrder()
+                . '&privateKey=' . $currentUser->getPrivateKey()
             )
         );
     }
author	Christian Weiske <cweiske@cweiske.de>	2011-06-27 23:03:31 +0200
committer	Christian Weiske <cweiske@cweiske.de>	2011-06-27 23:03:31 +0200
commit	90b6e65b1193b780c9c363fee3b1e92a5d0fba30 (patch)
tree	dfa326e2313172d151f4a1b07fd297d0f129c875
parent	3d11286cbcc3cb35efe11f6e4a4ef5ac81620bda (diff)
download	semanticscuttle-90b6e65b1193b780c9c363fee3b1e92a5d0fba30.tar.gz semanticscuttle-90b6e65b1193b780c9c363fee3b1e92a5d0fba30.tar.bz2