From: David Lawrence Date: Tue, 5 Jul 2011 04:22:06 +0000 (-0400) Subject: Bug 666695 - Voting Extension templates have unfiltered directives X-Git-Tag: bugzilla-4.1.3~45 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e658f6a3e6af7bbcc68d235a58f2294a47074ab6;p=thirdparty%2Fbugzilla.git Bug 666695 - Voting Extension templates have unfiltered directives r/a=mkanat --- diff --git a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl index f799f12544..a753e3a66b 100644 --- a/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl +++ b/extensions/Voting/template/en/default/hook/admin/users/confirm-delete-warn_safe.html.tmpl @@ -24,7 +24,7 @@ [% IF votes == 1 %] [%+ terms.abug %] [% ELSE %] - [%+ votes %] [%+ terms.bugs %] + [%+ votes FILTER html %] [%+ terms.bugs %] [% END %]. If you delete the user account, diff --git a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl index 4ad8f5bc20..f73ffaebd4 100644 --- a/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl +++ b/extensions/Voting/template/en/default/hook/bug/edit-after_importance.html.tmpl @@ -23,7 +23,7 @@ with - [%- bug.votes %] + [%- bug.votes FILTER html %] [% IF bug.votes == 1 %] vote [% ELSE %] diff --git a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl index 8e886efe7b..61eaf84915 100644 --- a/extensions/Voting/template/en/default/pages/voting/user.html.tmpl +++ b/extensions/Voting/template/en/default/pages/voting/user.html.tmpl @@ -100,7 +100,7 @@ [% IF product.maxperbug < product.maxvotes AND product.maxperbug > 1 %] - (Note: only [% product.maxperbug %] vote + (Note: only [% product.maxperbug FILTER html %] vote [% "s" IF product.maxperbug != 1 %] allowed per [% terms.bug %] in this product.) @@ -120,17 +120,17 @@ [% END %] [%- END %] - + [% IF canedit %] [% IF product.onevoteonly %] - + [% ELSE %] - + [% END %] [% ELSE %] - [% bug.count %] + [% bug.count FILTER html %] [% END %] @@ -138,15 +138,15 @@ [% bug.summary FILTER html %] - (Show Votes) + (Show Votes) [% END %] - [% product.total %] vote - [% "s" IF product.total != 1 %] used out of [% product.maxvotes %] + [% product.total FILTER html %] vote + [% "s" IF product.total != 1 %] used out of [% product.maxvotes FILTER html %] allowed.