diff --git a/ext/forum/theme.php b/ext/forum/theme.php index 4e7a9e25..8508691f 100644 --- a/ext/forum/theme.php +++ b/ext/forum/theme.php @@ -12,7 +12,7 @@ class ForumTheme extends Themelet $page->set_title(html_escape("Forum")); $page->set_heading(html_escape("Forum")); $page->add_block(new Block("Forum", $html, "main", 10)); - + $this->display_paginator($page, "forum/index", null, $pageNumber, $totalPages); } @@ -24,7 +24,7 @@ class ForumTheme extends Themelet $max_characters = $config->get_int('forumMaxCharsPerPost'); $html = make_form(make_link("forum/create")); - + if (!is_null($threadTitle)) { $threadTitle = html_escape($threadTitle); } @@ -32,7 +32,7 @@ class ForumTheme extends Themelet if (!is_null($threadText)) { $threadText = html_escape($threadText); } - + $html .= " @@ -51,25 +51,25 @@ class ForumTheme extends Themelet $page->set_heading(html_escape($blockTitle)); $page->add_block(new Block($blockTitle, $html, "main", 120)); } - - - + + + public function display_new_post_composer(Page $page, $threadID) { global $config; - + $max_characters = $config->get_int('forumMaxCharsPerPost'); - + $html = make_form(make_link("forum/answer")); $html .= ''; - + $html .= "
Title:
"; - + $html .= "
Message:
Max characters alowed: $max_characters.
@@ -84,9 +84,9 @@ class ForumTheme extends Themelet public function display_thread($posts, $showAdminOptions, $threadTitle, $threadID, $pageNumber, $totalPages) { global $config, $page/*, $user*/; - + $posts_per_page = $config->get_int('forumPostsPerPage'); - + $current_post = 0; $html = @@ -96,7 +96,7 @@ class ForumTheme extends Themelet "User". "Message". ""; - + foreach ($posts as $post) { $current_post++; $message = $post["message"]; @@ -104,29 +104,29 @@ class ForumTheme extends Themelet $tfe = new TextFormattingEvent($message); send_event($tfe); $message = $tfe->formatted; - + $message = str_replace('\n\r', '
', $message); $message = str_replace('\r\n', '
', $message); $message = str_replace('\n', '
', $message); $message = str_replace('\r', '
', $message); - + $message = stripslashes($message); - + $userLink = "".$post["user_name"].""; $poster = User::by_name($post["user_name"]); $gravatar = $poster->get_avatar_html(); $rank = "{$post["user_class"]}"; - + $postID = $post['id']; - + //if($user->can(Permissions::FORUM_ADMIN)){ //$delete_link = "Delete"; //} else { //$delete_link = ""; //} - + if ($showAdminOptions) { $delete_link = "Delete"; } else { @@ -152,17 +152,17 @@ class ForumTheme extends Themelet "; } - + $html .= ""; - + $this->display_paginator($page, "forum/view/".$threadID, null, $pageNumber, $totalPages); $page->set_title(html_escape($threadTitle)); $page->set_heading(html_escape($threadTitle)); $page->add_block(new Block($threadTitle, $html, "main", 20)); } - - + + public function add_actions_block(Page $page, $threadID) { @@ -192,29 +192,29 @@ class ForumTheme extends Themelet $current_post = 0; foreach ($threads as $thread) { $oe = ($current_post++ % 2 == 0) ? "even" : "odd"; - + global $config; $titleSubString = $config->get_int('forumTitleSubString'); - + if ($titleSubString < strlen($thread["title"])) { $title = substr($thread["title"], 0, $titleSubString); $title = $title."..."; } else { $title = $thread["title"]; } - - if ($thread["sticky"] == "Y") { + + if (bool_escape($thread["sticky"])) { $sticky = "Sticky: "; } else { $sticky = ""; } - + $html .= "". ''.$sticky.''.$title."". ''.$thread["user_name"]."". "".autodate($thread["uptodate"])."". "".$thread["response_count"].""; - + if ($showAdminOptions) { $html .= 'Delete'; } diff --git a/ext/tips/theme.php b/ext/tips/theme.php index 8f70030d..597e55eb 100644 --- a/ext/tips/theme.php +++ b/ext/tips/theme.php @@ -70,7 +70,7 @@ class TipsTheme extends Themelet $html .= ""; foreach ($tips as $tip) { - $tip_enable = ($tip['enable'] == "Y") ? "Yes" : "No"; + $tip_enable = bool_escape($tip['enable']) ? "Yes" : "No"; $set_link = "".$tip_enable.""; $html .= "".