HTML URL & partial fix. v1.23.3

If you've made a patch to quick fix a bug or to add a new feature not yet in the main tree then post it here so others can try it out.
Post Reply
godsyn
Posts: 10
Joined: Sat Aug 16, 2008 6:27 am

HTML URL & partial fix. v1.23.3

Post by godsyn »

I noticed many of the HTML errors coming up from the source of the console were related to improperly formed URLS... specifically the lack of &amp.

To resolve some 100+ errors, see the diff below.

Code: Select all

--- zm_funcs.php        2008-05-03 22:37:10.000000000 -0400
+++ zm_funcs.php        2008-08-16 02:47:40.000000000 -0400
@@ -510,7 +510,7 @@
        $string = "";
        if ( $condition )
        {
-               $string .= '<a href="'.$url.'"'.($options?(' '.$options):'').'>';
+               $string .= '<a href="'.htmlspecialchars($url).'"'.($options?(' '.$options):'').'>';
        }
        $string .= $label;
        if ( $condition )
Last edited by godsyn on Sat Aug 16, 2008 7:00 am, edited 1 time in total.
User avatar
cordel
Posts: 5210
Joined: Fri Mar 05, 2004 4:47 pm
Location: /USA/Washington/Seattle

Post by cordel »

Care to include the version the diff reflects?
Or does this apply against all of them?
godsyn
Posts: 10
Joined: Sat Aug 16, 2008 6:27 am

Post by godsyn »

With the above, and this, console is compliant.

Code: Select all

--- zm_html_view_console.php    2008-08-16 00:12:02.000000000 -0400
+++ zm_html_view_console.php    2008-08-16 02:56:25.000000000 -0400
@@ -258,7 +258,7 @@
 ?>
 </script>
 </head>
-<body scroll="auto">
+<body style="overflow:auto;">
 <form name="monitor_form" method="get" action="<?= $PHP_SELF ?>" onSubmit="return(confirmDelete());">
 <input type="hidden" name="view" value="<?= $view ?>">
 <input type="hidden" name="action" value="delete">
@@ -450,7 +450,7 @@
 <tr>
 <td align="center"><input type="button" value="<?= $zmSlangRefresh ?>" class="form" onClick="javascript: location.reload(true);"></td>
 <td align="center"><input type="button" value="<?= $zmSlangAddNewMonitor ?>" class="form" onClick="javascript: newWindow( '<?= $PHP_SELF ?>?view=monitor', 'zmMonitor0', <?= $jws['monitor']['w'] ?>, <?= $jws['monitor']['h'] ?>);"<?php if ( !canEdit( 'Monitors' ) || $user['MonitorIds'] ) {?> disabled<?php } ?>></td>
-<td align="center"><input type="button" value="<?= $zmSlangFilters ?>" class="form" onClick="javascript: scrollWindow( '<?= $PHP_SELF ?>?view=filter&filter[terms][0][attr]=DateTime&filter[terms][0][op]=%3c&filter[terms][0][val]=now', 'zmFilter', <?= $jws['filter']['w'] ?>, <?= $jws['filter']['h'] ?> );"<?php if ( !canView( 'Events' ) ) {?> disabled<?php } ?>></td>
+<td align="center"><input type="button" value="<?= $zmSlangFilters ?>" class="form" onClick="javascript: scrollWindow( '<?= $PHP_SELF ?>?view=filter&filter[terms][0][attr]=DateTime&filter[terms][0][op]=%3c&filter[terms][0][val]=now', 'zmFilter', <?= $jws['filter']['w'] ?>, <?= $jws['filter']['h'] ?> );"<?php if ( !canView( 'Events' ) ) {?> disabled<?php } ?>></td>
 </tr>
 </table>
 </td>
godsyn
Posts: 10
Joined: Sat Aug 16, 2008 6:27 am

Post by godsyn »

cordel wrote:Care to include the version the diff reflects?
Or does this apply against all of them?
Sorry, v1.23.3
User avatar
cordel
Posts: 5210
Joined: Fri Mar 05, 2004 4:47 pm
Location: /USA/Washington/Seattle

Post by cordel »

Perfect, and thanks for this.
I'll move this to the contribs and get the patch in the wiki and the next version.

Cheers
godsyn
Posts: 10
Joined: Sat Aug 16, 2008 6:27 am

Post by godsyn »

I've redone options, and made it a little more CSS dependent. I'll continue through each page I come across until I am bored... Interested in the diffs, or shall we stop at above?

Disregard,
Will wait for next release as suggested.
Post Reply