Fixed bug #15587: Bug: htmlspecialchars called twice (Thanks to Mickel Ricky)
authorSteffen Kamper <info@sk-typo3.de>
Sat, 6 Nov 2010 10:45:44 +0000 (10:45 +0000)
committerSteffen Kamper <info@sk-typo3.de>
Sat, 6 Nov 2010 10:45:44 +0000 (10:45 +0000)
git-svn-id: https://svn.typo3.org/TYPO3v4/Core/trunk@9293 709f56b5-9817-0410-a4d7-c38de5d9e867

ChangeLog
t3lib/class.t3lib_pagerenderer.php
typo3/sysext/cms/tslib/class.tslib_pagegen.php

index e7249b7..ae4af9a 100755 (executable)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,5 +1,6 @@
 2010-11-06  Steffen Kamper  <steffen@typo3.org>
 
+       * Fixed bug #15587: Bug: htmlspecialchars called twice (Thanks to Mickel Ricky)
        * Fixed bug #16214: Bug: Change value of Media(Flash) parameter (Thanks to Janos Thiele)
 
 2010-11-05  Stanislas Rolland  <typo3@sjbr.ca>
index bd54b27..6871ad5 100644 (file)
@@ -1340,9 +1340,9 @@ class t3lib_PageRenderer implements t3lib_Singleton {
                        foreach ($this->cssFiles as $file => $properties) {
                                $file = t3lib_div::resolveBackPath($file);
                                $file = t3lib_div::createVersionNumberedFilename($file);
-                               $tag = '<link rel="' . $properties['rel'] . '" type="text/css" href="' .
-                                       htmlspecialchars($file) . '" media="' . $properties['media'] . '"' .
-                                       ($properties['title'] ? ' title="' . $properties['title'] . '"' : '') .
+                               $tag = '<link rel="' . htmlspecialchars($properties['rel']) . '" type="text/css" href="' .
+                                       htmlspecialchars($file) . '" media="' . htmlspecialchars($properties['media']) . '"' .
+                                       ($properties['title'] ? ' title="' . htmlspecialchars($properties['title']) . '"' : '') .
                                        $endingSlash . '>';
                                if ($properties['allWrap'] && strpos($properties['allWrap'], '|') !== FALSE) {
                                        $tag = str_replace('|', $tag, $properties['allWrap']);
@@ -1370,7 +1370,7 @@ class t3lib_PageRenderer implements t3lib_Singleton {
                        foreach ($this->jsLibs as $name => $properties) {
                                $properties['file'] = t3lib_div::resolveBackPath($properties['file']);
                                $properties['file'] = t3lib_div::createVersionNumberedFilename($properties['file']);
-                               $tag = '<script src="' . htmlspecialchars($properties['file']) . '" type="' . $properties['type'] . '"></script>';
+                               $tag = '<script src="' . htmlspecialchars($properties['file']) . '" type="' . htmlspecialchars($properties['type']) . '"></script>';
                                if ($properties['allWrap'] && strpos($properties['allWrap'], '|') !== FALSE) {
                                        $tag = str_replace('|', $tag, $properties['allWrap']);
                                }
@@ -1394,7 +1394,7 @@ class t3lib_PageRenderer implements t3lib_Singleton {
                        foreach ($this->jsFiles as $file => $properties) {
                                $file = t3lib_div::resolveBackPath($file);
                                $file = t3lib_div::createVersionNumberedFilename($file);
-                               $tag = '<script src="' . htmlspecialchars($file) . '" type="' . $properties['type'] . '"></script>';
+                               $tag = '<script src="' . htmlspecialchars($file) . '" type="' . htmlspecialchars($properties['type']) . '"></script>';
                                if ($properties['allWrap'] && strpos($properties['allWrap'], '|') !== FALSE) {
                                        $tag = str_replace('|', $tag, $properties['allWrap']);
                                }
index 9b5cdfa..c69b6a3 100644 (file)
@@ -541,7 +541,7 @@ See <a href="http://wiki.typo3.org/index.php/TYPO3_3.8.1" target="_blank">wiki.t
                                                        );
                                                } else {
                                                        $pageRenderer->addCssFile(
-                                                               htmlspecialchars($ss),
+                                                               $ss,
                                                                $GLOBALS['TSFE']->pSetup['includeCSS.'][$key . '.']['alternate'] ? 'alternate stylesheet' : 'stylesheet',
                                                                $GLOBALS['TSFE']->pSetup['includeCSS.'][$key . '.']['media'] ? $GLOBALS['TSFE']->pSetup['includeCSS.'][$key . '.']['media'] : 'all',
                                                                $GLOBALS['TSFE']->pSetup['includeCSS.'][$key . '.']['title'] ? $GLOBALS['TSFE']->pSetup['includeCSS.'][$key . '.']['title'] : '',
@@ -687,9 +687,9 @@ See <a href="http://wiki.typo3.org/index.php/TYPO3_3.8.1" target="_blank">wiki.t
                                                        $type = 'text/javascript';
                                                }
                                                $pageRenderer->addJsLibrary(
-                                                       htmlspecialchars($key),
-                                                       htmlspecialchars($ss),
-                                                       htmlspecialchars($type),
+                                                       $key,
+                                                       $ss,
+                                                       $type,
                                                        $GLOBALS['TSFE']->pSetup['includeJSlibs.'][$key . '.']['compress'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSlibs.'][$key . '.']['forceOnTop'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSlibs.'][$key . '.']['allWrap']
@@ -709,9 +709,9 @@ See <a href="http://wiki.typo3.org/index.php/TYPO3_3.8.1" target="_blank">wiki.t
                                                        $type = 'text/javascript';
                                                }
                                                $pageRenderer->addJsFooterLibrary(
-                                                       htmlspecialchars($key),
-                                                       htmlspecialchars($ss),
-                                                       htmlspecialchars($type),
+                                                       $key,
+                                                       $ss,
+                                                       $type,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooterlibs.'][$key . '.']['compress'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooterlibs.'][$key . '.']['forceOnTop'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooterlibs.'][$key . '.']['allWrap']
@@ -732,8 +732,8 @@ See <a href="http://wiki.typo3.org/index.php/TYPO3_3.8.1" target="_blank">wiki.t
                                                        $type = 'text/javascript';
                                                }
                                                $pageRenderer->addJsFile(
-                                                       htmlspecialchars($ss),
-                                                       htmlspecialchars($type),
+                                                       $ss,
+                                                       $type,
                                                        $GLOBALS['TSFE']->pSetup['includeJS.'][$key . '.']['compress'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJS.'][$key . '.']['forceOnTop'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJS.'][$key . '.']['allWrap']
@@ -753,8 +753,8 @@ See <a href="http://wiki.typo3.org/index.php/TYPO3_3.8.1" target="_blank">wiki.t
                                                        $type = 'text/javascript';
                                                }
                                                $pageRenderer->addJsFooterFile(
-                                                       htmlspecialchars($ss),
-                                                       htmlspecialchars($type),
+                                                       $ss,
+                                                       $type,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooter.'][$key . '.']['compress'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooter.'][$key . '.']['forceOnTop'] ? TRUE : FALSE,
                                                        $GLOBALS['TSFE']->pSetup['includeJSFooter.'][$key . '.']['allWrap']
@@ -1187,4 +1187,4 @@ class FE_loadDBGroup extends t3lib_loadDBGroup {
        var $fromTC = 0;        // Means that everything is returned instead of only uid and label-field
 }
 
-?>
\ No newline at end of file
+?>