From: David Lawrence Date: Tue, 5 Jul 2011 04:52:08 +0000 (-0400) Subject: Bug 666695 - Voting Extension templates have unfiltered directives X-Git-Tag: bugzilla-4.0.2~27 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=83c40fcf5d64de477647b3a685c7d7ab60e9ec0d;p=thirdparty%2Fbugzilla.git Bug 666695 - Voting Extension templates have unfiltered directives r/a=mkanat --- diff --git a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl index f799f12544..a753e3a66b 100644 --- a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl +++ b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl @@ -24,7 +24,7 @@ [% IF votes == 1 %] [%+ terms.abug %] [% ELSE %] - [%+ votes %] [%+ terms.bugs %] + [%+ votes FILTER html %] [%+ terms.bugs %] [% END %]. If you delete the user account, diff --git a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl index 606f981ee7..8e2d9beeaa 100644 --- a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl +++ b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl @@ -27,7 +27,7 @@ with - [%- bug.votes %] + [%- bug.votes FILTER html %] [% IF bug.votes == 1 %] vote [% ELSE %] diff --git a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl index c2ee2ae7af..6f67884318 100644 --- a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl +++ b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl @@ -100,7 +100,7 @@ [% IF product.maxperbug < product.maxvotes AND product.maxperbug > 1 %] - (Note: only [% product.maxperbug %] vote + (Note: only [% product.maxperbug FILTER html %] vote [% "s" IF product.maxperbug != 1 %] allowed per [% terms.bug %] in this product.) @@ -113,17 +113,17 @@ class="bz_bug_being_voted_on" [% END %]> [% IF bug.id == this_bug.id && canedit %]Enter New Vote here → [%- END %] - + [% IF canedit %] [% IF product.onevoteonly %] - + [% ELSE %] - + [% END %] [% ELSE %] - [% bug.count %] + [% bug.count FILTER html %] [% END %] @@ -131,15 +131,15 @@ [% bug.summary FILTER html %] - (Show Votes) + (Show Votes) [% END %] - [% product.total %] vote - [% "s" IF product.total != 1 %] used out of [% product.maxvotes %] + [% product.total FILTER html %] vote + [% "s" IF product.total != 1 %] used out of [% product.maxvotes FILTER html %] allowed.