Commit 10e6f347 authored by Wouter Wolters's avatar Wouter Wolters Committed by Markus Klein
Browse files

[TASK] Remove second parameter of getLL part 2/3

Remove the second parameter of getLL and replace it
with htmlspecialchars directly in the code.

Resolves: #76321
Related: #71917
Releases: master
Change-Id: Ieabcf550883ebcf85fe13232caab249b0f37e4b1
Reviewed-on: https://review.typo3.org/48330

Reviewed-by: default avatarMorton Jonuschat <m.jonuschat@mojocode.de>
Tested-by: default avatarMorton Jonuschat <m.jonuschat@mojocode.de>
Reviewed-by: Markus Klein's avatarMarkus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein's avatarMarkus Klein <markus.klein@typo3.org>
parent d1ecab6f
......@@ -292,12 +292,12 @@ class NewContentElementController extends AbstractModule
$menuItems[$key]['content'] .= $this->elementWrapper['section'][1];
}
// Add the wizard table to the content, wrapped in tabs
$code = '<p>' . $lang->getLL('sel1', 1) . '</p>' . $this->moduleTemplate->getDynamicTabMenu(
$code = '<p>' . htmlspecialchars($lang->getLL('sel1')) . '</p>' . $this->moduleTemplate->getDynamicTabMenu(
$menuItems,
'new-content-element-wizard'
);
$this->content .= !$this->onClickEvent ? '<h2>' . $lang->getLL('1_selectType', true) . '</h2>' : '';
$this->content .= !$this->onClickEvent ? '<h2>' . htmlspecialchars($lang->getLL('1_selectType')) . '</h2>' : '';
$this->content .= '<div>' . $code . '</div>';
// If the user must also select a column:
......@@ -305,7 +305,7 @@ class NewContentElementController extends AbstractModule
// Add anchor "sel2"
$this->content .= '<div><a name="sel2"></a></div>';
// Select position
$code = '<p>' . $lang->getLL('sel2', 1) . '</p>';
$code = '<p>' . htmlspecialchars($lang->getLL('sel2')) . '</p>';
// Load SHARED page-TSconfig settings and retrieve column list from there, if applicable:
$colPosArray = GeneralUtility::callUserFunction(
......@@ -318,7 +318,7 @@ class NewContentElementController extends AbstractModule
$colPosList = implode(',', array_unique(array_map('intval', $colPosIds)));
// Finally, add the content of the column selector to the content:
$code .= $posMap->printContentElementColumns($this->id, 0, $colPosList, 1, $this->R_URI);
$this->content .= '<h2>' . $lang->getLL('2_selectPosition', true) . '</h2><div>' . $code . '</div>';
$this->content .= '<h2>' . htmlspecialchars($lang->getLL('2_selectPosition')) . '</h2><div>' . $code . '</div>';
}
} else {
// In case of no access:
......
......@@ -170,9 +170,9 @@ class FileUploadController extends AbstractModule
// Make checkbox for "overwrite"
$content = '
<div id="c-override">
<p><label for="overwriteExistingFiles"><input type="checkbox" class="checkbox" name="overwriteExistingFiles" id="overwriteExistingFiles" value="replace" /> ' . $this->getLanguageService()->getLL('overwriteExistingFiles', 1) . '</label></p>
<p><label for="overwriteExistingFiles"><input type="checkbox" class="checkbox" name="overwriteExistingFiles" id="overwriteExistingFiles" value="replace" /> ' . htmlspecialchars($this->getLanguageService()->getLL('overwriteExistingFiles')) . '</label></p>
<p>&nbsp;</p>
<p>' . $this->getLanguageService()->getLL('uploadMultipleFilesInfo', true) . '</p>
<p>' . htmlspecialchars($this->getLanguageService()->getLL('uploadMultipleFilesInfo')) . '</p>
</div>
';
// Produce the number of upload-fields needed:
......
......@@ -833,7 +833,7 @@ class PageLayoutController
}
} catch (AccessDeniedException $e) {
// If no edit access, print error message:
$content = '<h2>' . $lang->getLL('noAccess', true) . '</h2>';
$content = '<h2>' . htmlspecialchars($lang->getLL('noAccess')) . '</h2>';
$content .= '<div>' . $lang->getLL('noAccess_msg') . '<br /><br />' . ($beUser->errorMsg ? 'Reason: ' . $beUser->errorMsg . '<br /><br />' : '') . '</div>';
}
} else {
......@@ -861,7 +861,7 @@ class PageLayoutController
$content .= '<div class="checkbox">';
$content .= '<label for="checkTt_content_showHidden">';
$content .= BackendUtility::getFuncCheck($this->id, 'SET[tt_content_showHidden]', $this->MOD_SETTINGS['tt_content_showHidden'], '', '', 'id="checkTt_content_showHidden"');
$content .= (!$numberOfHiddenElements ? ('<span class="text-muted">' . $lang->getLL('hiddenCE', true) . '</span>') : $lang->getLL('hiddenCE', true) . ' (' . $numberOfHiddenElements . ')');
$content .= (!$numberOfHiddenElements ? ('<span class="text-muted">' . htmlspecialchars($lang->getLL('hiddenCE')) . '</span>') : htmlspecialchars($lang->getLL('hiddenCE')) . ' (' . $numberOfHiddenElements . ')');
$content .= '</label>';
$content .= '</div>';
}
......@@ -921,7 +921,7 @@ class PageLayoutController
<div class="checkbox">
<label for="checkTt_content_showHidden">
<input type="checkbox" id="checkTt_content_showHidden" class="checkbox" name="SET[tt_content_showHidden]" value="1" ' . ($this->MOD_SETTINGS['tt_content_showHidden'] ? 'checked="checked"' : '') . ' />
' . $this->getLanguageService()->getLL('hiddenCE', true) . ' (<span class="t3js-hidden-counter">' . $numberOfHiddenElements . '</span>)
' . htmlspecialchars($this->getLanguageService()->getLL('hiddenCE')) . ' (<span class="t3js-hidden-counter">' . $numberOfHiddenElements . '</span>)
</label>
</div>';
}
......@@ -1454,7 +1454,7 @@ class PageLayoutController
$inValue = 'pages_language_overlay:' . $languageOverlayRecord['uid'];
$isSelected += (int)$edit_record == $inValue;
$menuItem = $quickEditMenu->makeMenuItem()
->setTitle('[ ' . $lang->getLL('editLanguageHeader', true) . ' ]')
->setTitle('[ ' . $lang->getLL('editLanguageHeader') . ' ]')
->setHref(BackendUtility::getModuleUrl($this->moduleName) . '&id=' . $this->id . '&edit_record=' . $inValue . $retUrlStr)
->setActive($edit_record == $inValue);
$quickEditMenu->addMenuItem($menuItem);
......@@ -1462,7 +1462,7 @@ class PageLayoutController
$inValue = 'pages:' . $this->id;
$isSelected += (int)$edit_record == $inValue;
$menuItem = $quickEditMenu->makeMenuItem()
->setTitle('[ ' . $lang->getLL('editPageProperties', true) . ' ]')
->setTitle('[ ' . $lang->getLL('editPageProperties') . ' ]')
->setHref(BackendUtility::getModuleUrl($this->moduleName) . '&id=' . $this->id . '&edit_record=' . $inValue . $retUrlStr)
->setActive($edit_record == $inValue);
$quickEditMenu->addMenuItem($menuItem);
......@@ -1513,7 +1513,7 @@ class PageLayoutController
$inValue = 'tt_content:new/' . $prev . '/' . $colPos;
$isSelected += (int)$edit_record == $inValue;
$menuItem = $quickEditMenu->makeMenuItem()
->setTitle('[ ' . $lang->getLL('newLabel', 1) . ' ]')
->setTitle('[ ' . $lang->getLL('newLabel') . ' ]')
->setHref(BackendUtility::getModuleUrl($this->moduleName) . '&id=' . $this->id . '&edit_record=' . $inValue . $retUrlStr)
->setActive($edit_record == $inValue);
$quickEditMenu->addMenuItem($menuItem);
......@@ -1525,7 +1525,7 @@ class PageLayoutController
->setHref('#');
$quickEditMenu->addMenuItem($menuItem);
$menuItem = $quickEditMenu->makeMenuItem()
->setTitle('[ ' . $lang->getLL('newLabel', true) . ' ]')
->setTitle('[ ' . $lang->getLL('newLabel') . ' ]')
->setHref(BackendUtility::getModuleUrl($this->moduleName) . '&id=' . $this->id . '&edit_record=' . $edit_record . $retUrlStr)
->setActive($edit_record == $inValue);
$quickEditMenu->addMenuItem($menuItem);
......
......@@ -217,17 +217,17 @@ class ColorpickerController extends AbstractWizardController
' . $this->colorImage() . '
<!-- Value box: -->
<p class="c-head">' . $this->getLanguageService()->getLL('colorpicker_colorValue', true) . '</p>
<p class="c-head">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_colorValue')) . '</p>
<table border="0" cellpadding="0" cellspacing="3">
<tr>
<td>
<input id="colorValue" type="text" ' . $this->doc->formWidth(7) . ' maxlength="10" name="colorValue" value="' . htmlspecialchars($this->colorValue) . '" />
</td>
<td style="background-color:' . htmlspecialchars($this->colorValue) . '; border: 1px solid black;">
<span style="color: black;">' . $this->getLanguageService()->getLL('colorpicker_black', true) . '</span>&nbsp;<span style="color: white;">' . $this->getLanguageService()->getLL('colorpicker_white', true) . '</span>
<span style="color: black;">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_black')) . '</span>&nbsp;<span style="color: white;">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_white')) . '</span>
</td>
<td>
<input class="btn btn-default" type="submit" id="colorpicker-saveclose" value="' . $this->getLanguageService()->getLL('colorpicker_setClose', true) . '" />
<input class="btn btn-default" type="submit" id="colorpicker-saveclose" value="' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_setClose')) . '" />
</td>
</tr>
</table>
......@@ -242,7 +242,7 @@ class ColorpickerController extends AbstractWizardController
<input type="hidden" name="exampleImg" value="' . htmlspecialchars($this->exampleImg) . '" />
</form>';
$this->content .= '<h2>' . $this->getLanguageService()->getLL('colorpicker_title', true) . '</h2>';
$this->content .= '<h2>' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_title')) . '</h2>';
$this->content .= $content;
}
}
......@@ -320,7 +320,7 @@ class ColorpickerController extends AbstractWizardController
$tRows[] = '<tr>' . implode('', $tCells) . '</tr>';
$rows++;
}
return '<p class="c-head">' . $this->getLanguageService()->getLL('colorpicker_fromMatrix', true) . '</p>
return '<p class="c-head">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_fromMatrix')) . '</p>
<table style="width:100%; border: 1px solid black; cursor:crosshair;">' . implode('', $tRows) . '</table>';
}
......@@ -341,7 +341,7 @@ class ColorpickerController extends AbstractWizardController
$opt[] = '<option style="background-color: ' . $colorName . ';" value="' . htmlspecialchars($colorName) . '"' . ($currentValue === $colorName ? ' selected="selected"' : '') . '>' . htmlspecialchars($colorName) . '</option>';
}
// Compile selector box and return result:
return '<p class="c-head">' . $this->getLanguageService()->getLL('colorpicker_fromList', true) . '</p>
return '<p class="c-head">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_fromList')) . '</p>
<select class="t3js-colorpicker-selector">' . implode(LF, $opt) . '</select><br />';
}
......@@ -361,7 +361,7 @@ class ColorpickerController extends AbstractWizardController
$this->colorValue = '#' . $this->getIndex($image->imageCreateFromFile($this->pickerImage), GeneralUtility::_POST('coords_x'), GeneralUtility::_POST('coords_y'));
}
$pickerFormImage = '
<p class="c-head">' . $this->getLanguageService()->getLL('colorpicker_fromImage', true) . '</p>
<p class="c-head">' . htmlspecialchars($this->getLanguageService()->getLL('colorpicker_fromImage')) . '</p>
<input type="image" src="' . PathUtility::getAbsoluteWebPath($this->pickerImage) . '" name="coords" style="cursor:crosshair;" /><br />';
} else {
$pickerFormImage = '';
......
......@@ -216,9 +216,9 @@ class RteController extends AbstractWizardController
. $formResultCompiler->printNeededJSFunctions();
} else {
// ERROR:
$this->content .= '<h2>' . $this->getLanguageService()->getLL('forms_title', true) . '</h2>'
$this->content .= '<h2>' . htmlspecialchars($this->getLanguageService()->getLL('forms_title')) . '</h2>'
. '<div><span class="text-danger">'
. $this->getLanguageService()->getLL('table_noData', true)
. htmlspecialchars($this->getLanguageService()->getLL('table_noData'))
. '</span></div>';
}
// Setting up the buttons and markers for docHeader
......
......@@ -161,11 +161,11 @@ class TableController extends AbstractWizardController
{
$this->content .= '<form action="' . htmlspecialchars($rUri) . '" method="post" id="TableController" name="wizardForm">';
if ($this->P['table'] && $this->P['field'] && $this->P['uid']) {
$this->content .= '<h2>' . $this->getLanguageService()->getLL('table_title', true) . '</h2>'
$this->content .= '<h2>' . htmlspecialchars($this->getLanguageService()->getLL('table_title')) . '</h2>'
. '<div>' . $this->tableWizard() . '</div>';
} else {
$this->content .= '<h2>' . $this->getLanguageService()->getLL('table_title', true) . '</h2>'
. '<div><span class="text-danger">' . $this->getLanguageService()->getLL('table_noData', true) . '</span></div>';
$this->content .= '<h2>' . htmlspecialchars($this->getLanguageService()->getLL('table_title')) . '</h2>'
. '<div><span class="text-danger">' . htmlspecialchars($this->getLanguageService()->getLL('table_noData')) . '</span></div>';
}
$this->content .= '</form>';
// Setting up the buttons and markers for docHeader
......@@ -373,17 +373,17 @@ class TableController extends AbstractWizardController
$onClick = ' onclick="' . htmlspecialchars($onClick) . '"';
$ctrl = '';
if ($k !== 0) {
$ctrl .= '<button class="btn btn-default" name="TABLE[row_up][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_up', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-up"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_up][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_up')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-up"></span></button>';
} else {
$ctrl .= '<button class="btn btn-default" name="TABLE[row_bottom][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_bottom', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-double-down"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_bottom][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_bottom')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-double-down"></span></button>';
}
if ($k + 1 !== $countLines) {
$ctrl .= '<button class="btn btn-default" name="TABLE[row_down][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_down', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-down"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_down][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_down')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-down"></span></button>';
} else {
$ctrl .= '<button class="btn btn-default" name="TABLE[row_top][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_top', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-double-up"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_top][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_top')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-angle-double-up"></span></button>';
}
$ctrl .= '<button class="btn btn-default" name="TABLE[row_remove][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_removeRow', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-trash"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_add][' . ($k + 1) * 2 . ']" title="' . $this->getLanguageService()->getLL('table_addRow', true) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-plus"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_remove][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_removeRow')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-trash"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[row_add][' . ($k + 1) * 2 . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_addRow')) . '"' . $onClick . '><span class="t3-icon fa fa-fw fa-plus"></span></button>';
$tRows[] = '
<tr>
<td>
......@@ -408,17 +408,17 @@ class TableController extends AbstractWizardController
$b = $a * 2;
$ctrl = '';
if ($a !== 1) {
$ctrl .= '<button class="btn btn-default" name="TABLE[col_left][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_left', true) . '"><span class="t3-icon fa fa-fw fa-angle-left"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_left][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_left')) . '"><span class="t3-icon fa fa-fw fa-angle-left"></span></button>';
} else {
$ctrl .= '<button class="btn btn-default" name="TABLE[col_end][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_end', true) . '"><span class="t3-icon fa fa-fw fa-angle-double-right"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_end][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_end')) . '"><span class="t3-icon fa fa-fw fa-angle-double-right"></span></button>';
}
if ($a != $cols) {
$ctrl .= '<button class="btn btn-default" name="TABLE[col_right][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_right', true) . '"><span class="t3-icon fa fa-fw fa-angle-right"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_right][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_right')) . '"><span class="t3-icon fa fa-fw fa-angle-right"></span></button>';
} else {
$ctrl .= '<button class="btn btn-default" name="TABLE[col_start][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_start', true) . '"><span class="t3-icon fa fa-fw fa-angle-double-left"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_start][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_start')) . '"><span class="t3-icon fa fa-fw fa-angle-double-left"></span></button>';
}
$ctrl .= '<button class="btn btn-default" name="TABLE[col_remove][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_removeColumn', true) . '"><span class="t3-icon fa fa-fw fa-trash"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_add][' . $b . ']" title="' . $this->getLanguageService()->getLL('table_addColumn', true) . '"><span class="t3-icon fa fa-fw fa-plus"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_remove][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_removeColumn')) . '"><span class="t3-icon fa fa-fw fa-trash"></span></button>';
$ctrl .= '<button class="btn btn-default" name="TABLE[col_add][' . $b . ']" title="' . htmlspecialchars($this->getLanguageService()->getLL('table_addColumn')) . '"><span class="t3-icon fa fa-fw fa-plus"></span></button>';
$cells[] = '<span class="btn-group">' . $ctrl . '</span>';
}
$tRows[] = '
......
......@@ -388,7 +388,7 @@ class RecordHistory
$pid = $this->getRecord($elParts[0], $elParts[1]);
if ($this->hasPageAccess('pages', $pid['pid'])) {
$this->view->assign('fullHistoryLink', $this->linkPage($languageService->getLL('elementHistory_link', true), array('element' => 'pages:' . $pid['pid'])));
$this->view->assign('fullHistoryLink', $this->linkPage(htmlspecialchars($languageService->getLL('elementHistory_link')), array('element' => 'pages:' . $pid['pid'])));
}
}
}
......@@ -446,13 +446,13 @@ class RecordHistory
$this->generateTitle($entry['tablename'], $entry['recuid']),
array('element' => $entry['tablename'] . ':' . $entry['recuid']),
'',
$languageService->getLL('linkRecordHistory', true)
htmlspecialchars($languageService->getLL('linkRecordHistory'))
);
// add record UID
// Show insert/delete/diff/changed field names
if ($entry['action']) {
// insert or delete of element
$singleLine['action'] = htmlspecialchars($languageService->getLL($entry['action'], true));
$singleLine['action'] = htmlspecialchars($languageService->getLL($entry['action']));
} else {
// Display field names instead of full diff
if (!$this->showDiff) {
......@@ -477,10 +477,10 @@ class RecordHistory
// Show link to mark/unmark state
if (!$entry['action']) {
if ($entry['snapshot']) {
$title = $languageService->getLL('unmarkState', true);
$title = htmlspecialchars($languageService->getLL('unmarkState'));
$image = $this->iconFactory->getIcon('actions-unmarkstate', Icon::SIZE_SMALL)->render();
} else {
$title = $languageService->getLL('markState', true);
$title = htmlspecialchars($languageService->getLL('markState'));
$image = $this->iconFactory->getIcon('actions-markstate', Icon::SIZE_SMALL)->render();
}
$singleLine['markState'] = $this->linkPage($image, array('highlight' => $entry['uid']), '', $title);
......@@ -493,7 +493,7 @@ class RecordHistory
$this->view->assign('history', $lines);
if ($this->lastSyslogId) {
$this->view->assign('fullViewLink', $this->linkPage($languageService->getLL('fullView', true), array('diff' => '')));
$this->view->assign('fullViewLink', $this->linkPage(htmlspecialchars($languageService->getLL('fullView')), array('diff' => '')));
}
}
......@@ -528,11 +528,11 @@ class RecordHistory
$singleLine['differences'] = $this->renderDiff($tmpArr, $elParts[0], $elParts[1]);
}
$elParts = explode(':', $key);
$singleLine['revertRecordLink'] = $this->createRollbackLink($key, $languageService->getLL('revertRecord', true), 1);
$singleLine['revertRecordLink'] = $this->createRollbackLink($key, htmlspecialchars($languageService->getLL('revertRecord')), 1);
$singleLine['title'] = $this->generateTitle($elParts[0], $elParts[1]);
$lines[] = $singleLine;
}
$this->view->assign('revertAllLink', $this->createRollbackLink('ALL', $languageService->getLL('revertAll', true), 0));
$this->view->assign('revertAllLink', $this->createRollbackLink('ALL', htmlspecialchars($languageService->getLL('revertAll')), 0));
$this->view->assign('multipleDiff', $lines);
}
}
......@@ -562,7 +562,7 @@ class RecordHistory
BackendUtility::getProcessedValue($table, $fN, $entry['newRecord'][$fN], 0, true)
);
$lines[] = array(
'title' => ($rollbackUid ? $this->createRollbackLink(($table . ':' . $rollbackUid . ':' . $fN), $languageService->getLL('revertField', true), 2) : '') . '
'title' => ($rollbackUid ? $this->createRollbackLink(($table . ':' . $rollbackUid . ':' . $fN), htmlspecialchars($languageService->getLL('revertField')), 2) : '') . '
' . $languageService->sL(BackendUtility::getItemLabel($table, $fN), true),
'result' => str_replace('\n', PHP_EOL, str_replace('\r\n', '\n', $diffres))
);
......
......@@ -57,8 +57,8 @@ class ElementBrowserRecordList extends DatabaseRecordList
$title = BackendUtility::getRecordTitle($table, $row, false, true);
$ficon = $this->iconFactory->getIconForRecord($table, $row, Icon::SIZE_SMALL)->render();
$ATag = '<a href="#" data-close="0" title="' . $this->getLanguageService()->getLL('addToList', true) . '">';
$ATag_alt = '<a href="#" data-close="1" title="' . $this->getLanguageService()->getLL('addToList', true) . '">';
$ATag = '<a href="#" data-close="0" title="' . htmlspecialchars($this->getLanguageService()->getLL('addToList')) . '">';
$ATag_alt = '<a href="#" data-close="1" title="' . htmlspecialchars($this->getLanguageService()->getLL('addToList')) . '">';
$ATag_e = '</a>';
$out = '<span data-uid="' . htmlspecialchars($row['uid']) . '" data-table="' . htmlspecialchars($table) . '" data-title="' . htmlspecialchars($title) . '" data-icon="' . htmlspecialchars($ficon) . '">';
$out .= $ATag . $this->iconFactory->getIcon('actions-edit-add', Icon::SIZE_SMALL)->render() . $ATag_e . $ATag_alt . $code . $ATag_e;
......
......@@ -559,10 +559,10 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
}
$link = '<a href="' . htmlspecialchars($url) . '" title="'
. $this->getLanguageService()->getLL('newContentElement', true) . '" class="btn btn-default btn-sm">'
. htmlspecialchars($this->getLanguageService()->getLL('newContentElement')) . '" class="btn btn-default btn-sm">'
. $this->iconFactory->getIcon('actions-document-new', Icon::SIZE_SMALL)->render()
. ' '
. $this->getLanguageService()->getLL('content', true) . '</a>';
. htmlspecialchars($this->getLanguageService()->getLL('content')) . '</a>';
}
$content[$key] .= '
<div class="t3-page-ce t3js-page-ce" data-page="' . (int)$id . '" id="' . StringUtility::getUniqueId() . '">
......@@ -667,10 +667,10 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
}
$singleElementHTML .= '
<a href="' . htmlspecialchars($url) . '" title="'
. $this->getLanguageService()->getLL('newContentElement', true) . '" class="btn btn-default btn-sm">'
. htmlspecialchars($this->getLanguageService()->getLL('newContentElement')) . '" class="btn btn-default btn-sm">'
. $this->iconFactory->getIcon('actions-document-new', Icon::SIZE_SMALL)->render()
. ' '
. $this->getLanguageService()->getLL('content', true) . '</a>
. htmlspecialchars($this->getLanguageService()->getLL('content')) . '</a>
';
}
$singleElementHTML .= '</div></div><div class="t3-page-ce-dropzone-available t3js-page-ce-dropzone-available"></div></div>';
......@@ -837,7 +837,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
$editLink = ($this->getBackendUser()->check('tables_modify', 'pages_language_overlay')
? '<a href="' . htmlspecialchars($url) . '" class="btn btn-default btn-sm"'
. ' title="' . $this->getLanguageService()->getLL('edit', true) . '">'
. ' title="' . htmlspecialchars($this->getLanguageService()->getLL('edit')) . '">'
. $this->iconFactory->getIcon('actions-open', Icon::SIZE_SMALL)->render() . '</a>'
: ''
);
......@@ -869,7 +869,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
$editLink = ($this->getBackendUser()->check('tables_modify', 'pages_language_overlay')
? '<a href="' . htmlspecialchars($url) . '" class="btn btn-default btn-sm"'
. ' title="' . $this->getLanguageService()->getLL('edit', true) . '">'
. ' title="' . htmlspecialchars($this->getLanguageService()->getLL('edit')) . '">'
. $this->iconFactory->getIcon('actions-open', Icon::SIZE_SMALL)->render() . '</a>'
: ''
);
......@@ -985,7 +985,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
];
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
$theData['__cmds__'] = '<a href="' . htmlspecialchars($url) . '" '
. 'title="' . $this->getLanguageService()->getLL('new', true) . '">'
. 'title="' . htmlspecialchars($this->getLanguageService()->getLL('new')) . '">'
. $this->iconFactory->getIcon('actions-document-new', Icon::SIZE_SMALL)->render() . '</a>';
}
$out .= $this->addElement(1, '', $theData, ' class="c-headLine"', 15, '', 'th');
......@@ -1016,7 +1016,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
];
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
$Nrow['__editIconLink__'] = '<a href="' . htmlspecialchars($url)
. '" title="' . $this->getLanguageService()->getLL('edit', true) . '">'
. '" title="' . htmlspecialchars($this->getLanguageService()->getLL('edit')) . '">'
. $this->iconFactory->getIcon('actions-document-open', Icon::SIZE_SMALL)->render() . '</a>';
} else {
$Nrow['__editIconLink__'] = $this->noEditIcon();
......@@ -1233,7 +1233,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
];
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
$eI = '<a href="' . htmlspecialchars($url)
. '" title="' . $this->getLanguageService()->getLL('editThisPage', true) . '">'
. '" title="' . htmlspecialchars($this->getLanguageService()->getLL('editThisPage')) . '">'
. $this->iconFactory->getIcon('actions-document-open', Icon::SIZE_SMALL)->render() . '</a>';
} else {
$eI = '';
......@@ -1298,7 +1298,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
if ($editParams && $this->getBackendUser()->doesUserHaveAccess($this->pageinfo, Permission::CONTENT_EDIT) && $this->getBackendUser()->checkLanguageAccess(0)) {
$iconsArr['edit'] = '<a href="#" onclick="'
. htmlspecialchars(BackendUtility::editOnClick($editParams)) . '" title="'
. $this->getLanguageService()->getLL('editColumn', true) . '">'
. htmlspecialchars($this->getLanguageService()->getLL('editColumn')) . '">'
. $this->iconFactory->getIcon('actions-document-open', Icon::SIZE_SMALL)->render() . '</a>';
}
if ($pasteParams) {
......@@ -1308,9 +1308,9 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
'<a href="' . htmlspecialchars($this->clipboard->pasteUrl('tt_content', $this->id, true, $pasteParams)) . '"'
. ' class="t3js-modal-trigger"'
. ' data-severity="warning"'
. ' data-title="' . $this->getLanguageService()->getLL('pasteIntoColumn', true) . '"'
. ' data-title="' . htmlspecialchars($this->getLanguageService()->getLL('pasteIntoColumn')) . '"'
. ' data-content="' . htmlspecialchars($this->clipboard->confirmMsgText('pages', $this->pageRecord, 'into', $elFromTable, $colName)) . '"'
. ' title="' . $this->getLanguageService()->getLL('pasteIntoColumn', true) . '">'
. ' title="' . htmlspecialchars($this->getLanguageService()->getLL('pasteIntoColumn')) . '">'
. $this->iconFactory->getIcon('actions-document-paste-into', Icon::SIZE_SMALL)->render()
. '</a>';
}
......@@ -1421,7 +1421,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
$params = '&data[tt_content][' . ($row['_ORIG_uid'] ? $row['_ORIG_uid'] : $row['uid'])
. '][' . $hiddenField . ']=' . $value;
$out .= '<a class="btn btn-default" href="' . htmlspecialchars(BackendUtility::getLinkToDataHandlerAction($params))
. '" title="' . $this->getLanguageService()->getLL($label, true) . '">'
. '" title="' . htmlspecialchars($this->getLanguageService()->getLL($label)) . '">'
. $this->iconFactory->getIcon('actions-edit-' . strtolower($label), Icon::SIZE_SMALL)->render() . '</a>';
}
// Delete
......@@ -1434,7 +1434,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
. ' data-title="' . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_alt_doc.xlf:label.confirm.delete_record.title')) . '"'
. ' data-content="' . htmlspecialchars($confirm) . '" '
. ' data-button-close-text="' . htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_common.xlf:cancel')) . '"'
. ' title="' . $this->getLanguageService()->getLL('deleteItem', true) . '">'
. ' title="' . htmlspecialchars($this->getLanguageService()->getLL('deleteItem')) . '">'
. $this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL)->render() . '</a>';
if ($out && $this->getBackendUser()->doesUserHaveAccess($this->pageinfo, Permission::CONTENT_EDIT)) {
$out = '<div class="btn-group btn-group-sm" role="group">' . $out . '</div>';
......@@ -1449,7 +1449,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
$params = '&cmd[tt_content][' . $row['uid'] . '][move]=' . $this->tt_contentData['prev'][$row['uid']];
$moveButtonContent .= '<a class="btn btn-default" href="'
. htmlspecialchars(BackendUtility::getLinkToDataHandlerAction($params))
. '" title="' . $this->getLanguageService()->getLL('moveUp', true) . '">'
. '" title="' . htmlspecialchars($this->getLanguageService()->getLL('moveUp')) . '">'
. $this->iconFactory->getIcon('actions-move-up', Icon::SIZE_SMALL)->render() . '</a>';
if (!$dragDropEnabled) {
$displayMoveButtons = true;
......@@ -1462,7 +1462,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
$params = '&cmd[tt_content][' . $row['uid'] . '][move]= ' . $this->tt_contentData['next'][$row['uid']];
$moveButtonContent .= '<a class="btn btn-default" href="'
. htmlspecialchars(BackendUtility::getLinkToDataHandlerAction($params))
. '" title="' . $this->getLanguageService()->getLL('moveDown', true) . '">'
. '" title="' . htmlspecialchars($this->getLanguageService()->getLL('moveDown')) . '">'
. $this->iconFactory->getIcon('actions-move-down', Icon::SIZE_SMALL)->render() . '</a>';
if (!$dragDropEnabled) {
$displayMoveButtons = true;
......@@ -1823,7 +1823,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
. ' class="btn btn-default t3js-localize"'
. ' type="button"'
. ' disabled'
. ' value="' . htmlspecialchars($this->getLanguageService()->getLL('newPageContent_translate', true)) . '"'
. ' value="' . htmlspecialchars($this->getLanguageService()->getLL('newPageContent_translate')) . '"'
. ' data-has-elements="' . (int)!empty($this->contentElementCache[$lP][$colPos]) . '"'
. ' data-allow-copy="' . (int)$allowCopy . '"'
. ' data-allow-translate="' . (int)$allowTranslate . '"'
......@@ -1887,7 +1887,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
];
$url = BackendUtility::getModuleUrl('record_edit', $urlParameters);
// Return link
return '<a href="' . htmlspecialchars($url) . '" title="' . $this->getLanguageService()->getLL('edit', true) . '">' . $str . '</a>';
return '<a href="' . htmlspecialchars($url) . '" title="' . htmlspecialchars($this->getLanguageService()->getLL('edit')) . '">' . $str . '</a>';
} else {
return $str;
}
......@@ -1958,7 +1958,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
return '<div class="form-inline form-inline-spaced">'
. '<div class="form-group">'
. '<label for="createNewLanguage">'
. $this->getLanguageService()->getLL('new_language', true)
. htmlspecialchars($this->getLanguageService()->getLL('new_language'))
. '</label>'
. '<select class="form-control input-sm" name="createNewLanguage" onchange="' . htmlspecialchars($onChangeContent) . '">'
. implode('', $langSelItems)
......@@ -2160,7 +2160,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
*/
public function noEditIcon($label = 'noEditItems')
{
$title = $this->getLanguageService()->getLL($label, true);
$title = htmlspecialchars($this->getLanguageService()->getLL($label));
return '<span title="' . $title . '">' . $this->iconFactory->getIcon('status-status-edit-read-only', Icon::SIZE_SMALL)->render() . '</span>';
}
......@@ -2240,7 +2240,7 @@ class PageLayoutView extends \TYPO3\CMS\Recordlist\RecordList\AbstractDatabaseRe
. '</td>';
// ... and to the internal array, activeTables we also add table icon and title (for use elsewhere)
$title = $this->getLanguageService()->sL($GLOBALS['TCA'][$tName]['ctrl']['title'], true)
. ': ' . $c . ' ' . $this->getLanguageService()->getLL('records', true);
. ': ' . $c . ' ' . htmlspecialchars($this->getLanguageService()->getLL('records'));
$this->activeTables[$tName] = '<span title="' . $title . '">'
. $this->iconFactory->getIconForRecord($tName, array(), Icon::SIZE_SMALL)->render()
. '</span>'
......
......@@ -116,7 +116,7 @@ class TemplateAnalyzerModuleFunctionController extends AbstractFunctionModule
if ($existTemplate) {
$siteTitle = trim($GLOBALS['tplRow']['sitetitle']);
$iconFactory = GeneralUtility::makeInstance(IconFactory::class);
$theOutput .= '<h3>' . $lang->getLL('currentTemplate', true) . '</h3>';
$theOutput .= '<h3>' . htmlspecialchars($lang->getLL('currentTemplate')) . '</h3>';
$theOutput .= $iconFactory->getIconForRecord('sys_template', $GLOBALS['tplRow'], Icon::SIZE_SMALL)->render()
. '<strong>' . $this->pObj->linkWrapTemplateTitle($GLOBALS['tplRow']['title']) . '</strong>'
. htmlspecialchars($siteTitle ? ' (' . $siteTitle . ')' : '');
......@@ -130,18 +130,18 @@ class TemplateAnalyzerModuleFunctionController extends AbstractFunctionModule
$pointer = count($templateService->hierarchyInfo);
$hierarchyInfo = $templateService->ext_process_hierarchyInfo(array(), $pointer);
$head = '<thead><tr>';
$head .= '<th>' . $lang->getLL('title', true) . '</th>';
$head .= '<th>' . $lang->getLL('rootlevel', true) . '</th>';
$head .= '<th>' . $lang->getLL('clearSetup', true) . '</th>';
$head .= '<th>' . $lang->getLL('clearConstants', true) . '</th>';
$head .= '<th>' . $lang->getLL('pid', true) . '</th>';
$head .= '<th>' . $lang->getLL('rootline', true) . '</th>';
$head .= '<th>' . $lang->getLL('nextLevel', true) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('title')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('rootlevel')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('clearSetup')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('clearConstants')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('pid')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('rootline')) . '</th>';
$head .= '<th>' . htmlspecialchars($lang->getLL('nextLevel')) . '</th>';
$head .= '</tr></thead>';
$hierar = implode(array_reverse($templateService->ext_getTemplateHierarchyArr($hierarchyInfo, '', array(), 1)), '');
$hierar = '<div class="table-fit"><table class="table table-striped table-hover" id="ts-analyzer">' . $head . $hierar . '</table></div>';
$theOutput .= '<div style="padding-top: 5px;"></div>';
$theOutput .= '<h2>' . $lang->getLL('templateHierarchy', true) . '</h2>';
$theOutput .= '<h2>' . htmlspecialchars($lang->getLL('templateHierarchy')) . '</h2>';
$theOutput .= '<div>' . $hierar . '</div>'