}
sub PutHeader {
- ($vars->{'title'}, $vars->{'h1'}, $vars->{'h2'}) = (@_);
-
+ my ($title, $h1, $h2) = @_;
+
+ # We filter fields here.
+ $vars->{'title'} = html_quote($title) if defined $title;
+ $vars->{'h1'} = html_quote($h1) if defined $h1;
+ $vars->{'h2'} = html_quote($h2) if defined $h2;
+
$::template->process("global/header.html.tmpl", $::vars)
|| ThrowTemplateError($::template->error());
$vars->{'header_done'} = 1;
my ($name, $regexp) = $sth->fetchrow_array();
if ($action eq 'remove_all_regexp') {
PutHeader("Removing All Explicit Group Memberships Matching "
- . "Group RegExp from \'" . html_quote($name) . "\'");
+ . "Group RegExp from \'$name\'");
} else {
- PutHeader("Removing All Explicit Group Memberships from \'"
- . html_quote($name) . "\'");
+ PutHeader("Removing All Explicit Group Memberships from \'$name\'");
}
$dbh->do("LOCK TABLES
groups WRITE,
[% END %]
[% IF last_action == "copy" %]
- [% title = "Create Flag Type Based on $type.name" %]
+ [% title = BLOCK %]Create Flag Type Based on [% type.name FILTER html %][% END %]
[% ELSIF last_action == "edit" %]
- [% title = "Edit Flag Type $type.name" %]
+ [% title = BLOCK %]Edit Flag Type [% type.name FILTER html %][% END %]
[% END %]
[% PROCESS global/header.html.tmpl
[% PROCESS global/variables.none.tmpl %]
-[% PROCESS global/header.html.tmpl title="Confirm Group Control Change for product \'$product\'" %]
+[% title = BLOCK %]Confirm Group Control Change for product '[% product FILTER html %]'[% END %]
+
+[% PROCESS global/header.html.tmpl title = title %]
[% FOREACH group = mandatory_groups %]
<P>
[% filtered_desc = bug.short_desc FILTER html %]
[% filtered_timestamp = bug.delta_ts FILTER time %]
[% PROCESS global/header.html.tmpl
- title = "$terms.Bug $bug.bug_id - $bug.short_desc"
+ title = "$terms.Bug $bug.bug_id - $filtered_desc"
h1 = "$terms.Bugzilla $terms.Bug $bug.bug_id"
h2 = filtered_desc
h3 = "Last modified: $filtered_timestamp"
'bgcolor',
'onload',
'bodyattrs',
+ 'title',
'h1',
'h2',
'h3',
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
- <title>[% title FILTER html %]</title>
+ <title>[% title %]</title>
[%# Migration note: contents of the old Param 'headerhtml' would go here %]
[% title = "$terms.Bug List" %]
[% IF searchname %]
- [% title = title _ ": " _ searchname %]
+ [% title = title _ ": " _ searchname FILTER html %]
[% END %]
[% style_urls = [ "css/buglist.css" ] %]
[% filtered_product = product FILTER html %]
[% PROCESS global/header.html.tmpl
- title = "Components for $product"
+ title = "Components for $filtered_product"
h2 = filtered_product %]
[% IF Param("useqacontact") %]
[% PROCESS global/variables.none.tmpl %]
[% IF query_products.size %]
- [% title = "Most Frequently Reported $terms.Bugs for ${query_products.join(', ')}" %]
+ [% title = BLOCK %]
+ Most Frequently Reported [% terms.Bugs %] for [% query_products.join(', ') FILTER html %]
+ [% END %]
[% ELSE %]
[% title = "Most Frequently Reported $terms.Bugs" %]
[% END%]
projects / thirdparty / bugzilla.git / commitdiff
