Commit 4bc70359 authored by Nicole Cordes's avatar Nicole Cordes Committed by Markus Klein
Browse files

[BUGFIX] Prevent double encoding in button rendering

Multiple button settings are double encoded with htmlspecialchars. This
patch removes the hsc within the setters as the button settings are
already escaped during render method.

Resolves: #71915
Releases: master
Change-Id: I470b6e4ce42859d4147e21acf9e7b6334a776848
Reviewed-on: https://review.typo3.org/45014

Reviewed-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
Tested-by: Georg Ringer's avatarGeorg Ringer <georg.ringer@gmail.com>
Reviewed-by: default avatarMichael Oehlhof <typo3@oehlhof.de>
Tested-by: default avatarMichael Oehlhof <typo3@oehlhof.de>
Reviewed-by: Markus Klein's avatarMarkus Klein <markus.klein@typo3.org>
Tested-by: Markus Klein's avatarMarkus Klein <markus.klein@typo3.org>
parent 5e8e1cb4
......@@ -271,14 +271,14 @@ class BackendLayoutWizardController extends AbstractModule
$saveButton = $buttonBar->makeInputButton()
->setName('_savedok')
->setValue('1')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
->setOnClick('storeData(t3Grid.export2LayoutRecord());return true;')
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
$saveAndCloseButton = $buttonBar->makeInputButton()
->setName('_savedokandclose')
->setValue('1')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc'))
->setOnClick('storeData(t3Grid.export2LayoutRecord());window.close();return true;')
->setIcon(
$this->moduleTemplate->getIconFactory()->getIcon('actions-document-save-close', Icon::SIZE_SMALL)
......@@ -291,7 +291,7 @@ class BackendLayoutWizardController extends AbstractModule
$closeButton = $buttonBar->makeLinkButton()
->setHref('#')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setOnClick('window.close();return true;')
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-close', Icon::SIZE_SMALL));
$buttonBar->addButton($closeButton, ButtonBar::BUTTON_POSITION_LEFT, 30);
......
......@@ -154,7 +154,7 @@ class ElementHistoryController extends AbstractModule
if ($returnUrl) {
$backButton = $buttonBar->makeLinkButton()
->setHref($returnUrl)
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($backButton, ButtonBar::BUTTON_POSITION_LEFT, 10);
}
......
......@@ -270,7 +270,7 @@ class MoveElementController extends AbstractModule
if ($this->R_URI) {
$backButton = $buttonBar->makeLinkButton()
->setHref($this->R_URI)
->setTitle($this->getLanguageService()->getLL('goBack', true))
->setTitle($this->getLanguageService()->getLL('goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-view-go-back',
Icon::SIZE_SMALL
......
......@@ -363,7 +363,7 @@ class NewContentElementController extends AbstractModule
if ($this->R_URI) {
$backButton = $buttonBar->makeLinkButton()
->setHref($this->R_URI)
->setTitle($this->getLanguageService()->getLL('goBack', true))
->setTitle($this->getLanguageService()->getLL('goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-view-go-back',
Icon::SIZE_SMALL
......
......@@ -1219,7 +1219,7 @@ class EditDocumentController extends AbstractModule
$saveSplitButton = $buttonBar->makeSplitButton();
// SAVE button:
$saveButton = $buttonBar->makeInputButton()
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
->setName('_savedok')
->setValue('1')
->setForm('EditDocumentController')
......@@ -1247,7 +1247,7 @@ class EditDocumentController extends AbstractModule
|| isset($pagesTSconfig['TCEMAIN.']['preview.'][$this->firstEl['table'] . '.']['previewPageId'])
) {
$saveAndOpenButton = $buttonBar->makeInputButton()
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow'))
->setName('_savedokview')
->setValue('1')
->setForm('EditDocumentController')
......@@ -1266,7 +1266,7 @@ class EditDocumentController extends AbstractModule
->setClasses('t3js-editform-submitButton')
->setValue('1')
->setForm('EditDocumentController')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveNewDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveNewDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-new',
Icon::SIZE_SMALL
......@@ -1279,7 +1279,7 @@ class EditDocumentController extends AbstractModule
->setClasses('t3js-editform-submitButton')
->setValue('1')
->setForm('EditDocumentController')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-close',
Icon::SIZE_SMALL
......@@ -1291,7 +1291,7 @@ class EditDocumentController extends AbstractModule
->setName('_translation_savedok')
->setValue('1')
->setForm('EditDocumentController')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.translationSaveDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.translationSaveDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-cleartranslationcache',
Icon::SIZE_SMALL
......@@ -1301,7 +1301,7 @@ class EditDocumentController extends AbstractModule
->setName('_translation_savedokclear')
->setValue('1')
->setForm('EditDocumentController')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.translationSaveDocClear', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.translationSaveDocClear'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-cleartranslationcache',
Icon::SIZE_SMALL
......@@ -1314,7 +1314,7 @@ class EditDocumentController extends AbstractModule
$closeButton = $buttonBar->makeLinkButton()
->setHref('#')
->setClasses('t3js-editform-close')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-close',
Icon::SIZE_SMALL
......@@ -1334,7 +1334,7 @@ class EditDocumentController extends AbstractModule
$deleteButton = $buttonBar->makeLinkButton()
->setHref('#')
->setClasses('t3js-editform-delete-record')
->setTitle($lang->getLL('deleteItem', true))
->setTitle($lang->getLL('deleteItem'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-edit-delete',
Icon::SIZE_SMALL
......@@ -1374,7 +1374,7 @@ class EditDocumentController extends AbstractModule
$undoButton = $buttonBar->makeLinkButton()
->setHref('#')
->setOnClick(htmlspecialchars($aOnClick))
->setOnClick($aOnClick)
->setTitle(
sprintf(
$lang->getLL('undoLastChange'),
......@@ -1416,7 +1416,7 @@ class EditDocumentController extends AbstractModule
if ($this->columnsOnly) {
$columnsOnlyButton = $buttonBar->makeLinkButton()
->setHref($this->R_URI . '&columnsOnly=')
->setTitle($lang->getLL('editWholeRecord', true))
->setTitle($lang->getLL('editWholeRecord'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-open',
Icon::SIZE_SMALL
......@@ -1503,12 +1503,9 @@ class EditDocumentController extends AbstractModule
$openInNewWindowButton = $this->moduleTemplate->getDocHeaderComponent()->getButtonBar()
->makeLinkButton()
->setHref('#')
->setTitle($this->getLanguageService()->sL(
'LLL:EXT:lang/locallang_core.xlf:labels.openInNewWindow',
true
))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.openInNewWindow'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-window-open', Icon::SIZE_SMALL))
->setOnClick(htmlspecialchars($aOnClick));
->setOnClick($aOnClick);
$this->moduleTemplate->getDocHeaderComponent()->getButtonBar()->addButton(
$openInNewWindowButton,
ButtonBar::BUTTON_POSITION_RIGHT
......
......@@ -286,7 +286,7 @@ class CreateFolderController extends AbstractModule
if ($this->returnUrl) {
$backButton = $buttonBar->makeLinkButton()
->setHref(GeneralUtility::linkThisUrl($this->returnUrl))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($backButton);
}
......
......@@ -252,7 +252,7 @@ class EditFileController extends AbstractModule
->setName('_save')
->setValue('1')
->setOnClick('document.editform.submit();')
->setTitle(htmlspecialchars($lang->sL('LLL:EXT:lang/locallang_core.xlf:file_edit.php.submit')))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:file_edit.php.submit'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
// Save and Close button
......@@ -264,7 +264,7 @@ class EditFileController extends AbstractModule
. GeneralUtility::quoteJSvalue($this->returnUrl)
. '; document.editform.submit();'
)
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:file_edit.php.saveAndClose', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:file_edit.php.saveAndClose'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-close',
Icon::SIZE_SMALL
......@@ -279,7 +279,7 @@ class EditFileController extends AbstractModule
$closeButton = $buttonBar->makeLinkButton()
->setHref('#')
->setOnClick('backToList(); return false;')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.cancel', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.cancel'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-close', Icon::SIZE_SMALL));
$buttonBar->addButton($closeButton, ButtonBar::BUTTON_POSITION_LEFT, 10);
......
......@@ -150,7 +150,7 @@ class FileUploadController extends AbstractModule
if ($this->returnUrl) {
$backButton = $buttonBar->makeLinkButton()
->setHref(GeneralUtility::linkThisUrl($this->returnUrl))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($backButton);
}
......
......@@ -173,7 +173,7 @@ class RenameFileController extends AbstractModule
if ($this->returnUrl) {
$backButton = $buttonBar->makeLinkButton()
->sethref(GeneralUtility::linkThisUrl($this->returnUrl))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($backButton);
}
......
......@@ -207,7 +207,7 @@ class ReplaceFileController extends AbstractModule
if ($this->returnUrl) {
$returnButton = $buttonBar->makeLinkButton()
->setHref(GeneralUtility::linkThisUrl($this->returnUrl))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($returnButton);
}
......
......@@ -240,7 +240,7 @@ class FileSystemNavigationFrameController
// Refresh
$refreshButton = $buttonBar->makeLinkButton()
->setHref(GeneralUtility::getIndpEnv('REQUEST_URI'))
->setTitle(htmlspecialchars($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.reload')))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.reload'))
->setIcon($iconFactory->getIcon('actions-refresh', Icon::SIZE_SMALL));
$buttonBar->addButton($refreshButton, ButtonBar::BUTTON_POSITION_RIGHT);
......
......@@ -315,10 +315,7 @@ class NewRecordController extends AbstractModule
if ($this->showNewRecLink('pages')) {
$newPageButton = $buttonBar->makeLinkButton()
->setHref(GeneralUtility::linkThisScript(array('pagesOnly' => '1')))
->setTitle($lang->sL(
'LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newPage',
true
))
->setTitle($lang->sL('LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newPage'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-page-new', Icon::SIZE_SMALL));
$buttonBar->addButton($newPageButton, ButtonBar::BUTTON_POSITION_LEFT, 20);
}
......@@ -336,7 +333,7 @@ class NewRecordController extends AbstractModule
if ($this->returnUrl) {
$returnButton = $buttonBar->makeLinkButton()
->setHref($this->returnUrl)
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL));
$buttonBar->addButton($returnButton, ButtonBar::BUTTON_POSITION_LEFT, 10);
}
......@@ -366,7 +363,7 @@ class NewRecordController extends AbstractModule
'',
BackendUtility::BEgetRootLine($this->pageinfo['uid'])
))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-view',
Icon::SIZE_SMALL
......
......@@ -1001,7 +1001,7 @@ class PageLayoutController
$this->getPageRenderer()->loadRequireJsModule('TYPO3/CMS/Backend/ToggleSearchToolbox');
$toggleSearchFormButton = $this->buttonBar->makeLinkButton()
->setClasses('t3js-toggle-search-toolbox')
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.title.searchIcon', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.title.searchIcon'))
->setIcon($this->iconFactory->getIcon('actions-search', Icon::SIZE_SMALL))
->setHref('#');
$this->buttonBar->addButton($toggleSearchFormButton, ButtonBar::BUTTON_POSITION_LEFT, 4);
......@@ -1053,8 +1053,8 @@ class PageLayoutController
// View page
if (!VersionState::cast($this->pageinfo['t3ver_state'])->equals(VersionState::DELETE_PLACEHOLDER)) {
$viewButton = $this->buttonBar->makeLinkButton()
->setOnClick(htmlspecialchars(BackendUtility::viewOnClick($this->pageinfo['uid'], '', BackendUtility::BEgetRootLine($this->pageinfo['uid']))))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage', true))
->setOnClick(BackendUtility::viewOnClick($this->pageinfo['uid'], '', BackendUtility::BEgetRootLine($this->pageinfo['uid'])))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.showPage'))
->setIcon($this->iconFactory->getIcon('actions-document-view', Icon::SIZE_SMALL))
->setHref('#');
......@@ -1080,7 +1080,7 @@ class PageLayoutController
if (!$this->modTSconfig['properties']['disableAdvanced']) {
$clearCacheButton = $this->buttonBar->makeLinkButton()
->setHref(BackendUtility::getModuleUrl($this->moduleName, ['id' => $this->pageinfo['uid'], 'clear_cache' => '1']))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.clear_cache', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.clear_cache'))
->setIcon($this->iconFactory->getIcon('actions-system-cache-clear', Icon::SIZE_SMALL));
$this->buttonBar->addButton($clearCacheButton, ButtonBar::BUTTON_POSITION_RIGHT, 1);
}
......@@ -1094,7 +1094,7 @@ class PageLayoutController
];
$moveButton = $this->buttonBar->makeLinkButton()
->setHref(BackendUtility::getModuleUrl('move_element', $urlParameters))
->setTitle($lang->getLL('move_' . ($this->eRParts[0] == 'tt_content' ? 'record' : 'page'), true))
->setTitle($lang->getLL('move_' . ($this->eRParts[0] == 'tt_content' ? 'record' : 'page')))
->setIcon($this->iconFactory->getIcon('actions-' . ($this->eRParts[0] == 'tt_content' ? 'document' : 'page') . '-move', Icon::SIZE_SMALL));
$this->buttonBar->addButton($moveButton, ButtonBar::BUTTON_POSITION_LEFT, 2);
}
......@@ -1116,15 +1116,15 @@ class PageLayoutController
);
$editLanguageButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setTitle($lang->getLL('editPageLanguageOverlayProperties', true))
->setOnClick(htmlspecialchars(BackendUtility::editOnClick('&edit[pages_language_overlay][' . $overlayRecord['uid'] . ']=edit')))
->setTitle($lang->getLL('editPageLanguageOverlayProperties'))
->setOnClick(BackendUtility::editOnClick('&edit[pages_language_overlay][' . $overlayRecord['uid'] . ']=edit'))
->setIcon($this->iconFactory->getIcon('mimetypes-x-content-page-language-overlay', Icon::SIZE_SMALL));
$this->buttonBar->addButton($editLanguageButton, ButtonBar::BUTTON_POSITION_LEFT, 3);
}
$editPageButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setTitle($lang->getLL('editPageProperties', true))
->setOnClick(htmlspecialchars(BackendUtility::editOnClick('&edit[pages][' . $this->id . ']=edit')))
->setTitle($lang->getLL('editPageProperties'))
->setOnClick(BackendUtility::editOnClick('&edit[pages][' . $this->id . ']=edit'))
->setIcon($this->iconFactory->getIcon('actions-page-open', Icon::SIZE_SMALL));
$this->buttonBar->addButton($editPageButton, ButtonBar::BUTTON_POSITION_LEFT, 3);
}
......@@ -1140,8 +1140,8 @@ class PageLayoutController
// Close Record
$closeButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setOnClick(htmlspecialchars('jumpToUrl(' . GeneralUtility::quoteJSvalue($this->closeUrl) . '); return false;'))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setOnClick('jumpToUrl(' . GeneralUtility::quoteJSvalue($this->closeUrl) . '); return false;')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setIcon($this->iconFactory->getIcon('actions-document-close', Icon::SIZE_SMALL));
$this->buttonBar->addButton($closeButton, ButtonBar::BUTTON_POSITION_LEFT, 0);
......@@ -1151,7 +1151,7 @@ class PageLayoutController
->setName('_savedok')
->setValue('1')
->setForm('PageLayoutController')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
->setIcon($this->iconFactory->getIcon('actions-document-save', Icon::SIZE_SMALL));
$saveButtonDropdown->addItem($saveButton);
$saveAndCloseButton = $this->buttonBar->makeInputButton()
......@@ -1159,7 +1159,7 @@ class PageLayoutController
->setValue('1')
->setForm('PageLayoutController')
->setOnClick('document.editform.redirect.value=\'' . $this->closeUrl . '\';')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc'))
->setIcon($this->iconFactory->getIcon('actions-document-save-close', Icon::SIZE_SMALL));
$saveButtonDropdown->addItem($saveAndCloseButton);
$saveAndShowPageButton = $this->buttonBar->makeInputButton()
......@@ -1167,7 +1167,7 @@ class PageLayoutController
->setValue('1')
->setForm('PageLayoutController')
->setOnClick('document.editform.redirect.value+=\'&popView=1\';')
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow', true))
->setTitle($lang->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow'))
->setIcon($this->iconFactory->getIcon('actions-document-save-view', Icon::SIZE_SMALL));
$saveButtonDropdown->addItem($saveAndShowPageButton);
$this->buttonBar->addButton($saveButtonDropdown, ButtonBar::BUTTON_POSITION_LEFT, 1);
......@@ -1176,8 +1176,8 @@ class PageLayoutController
if ($this->deleteButton) {
$deleteButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setOnClick(htmlspecialchars('return deleteRecord(' . GeneralUtility::quoteJSvalue($this->eRParts[0]) . ',' . GeneralUtility::quoteJSvalue($this->eRParts[1]) . ',' . GeneralUtility::quoteJSvalue(GeneralUtility::getIndpEnv('SCRIPT_NAME') . '?id=' . $this->id) . ');'))
->setTitle($lang->getLL('deleteItem', true))
->setOnClick('return deleteRecord(' . GeneralUtility::quoteJSvalue($this->eRParts[0]) . ',' . GeneralUtility::quoteJSvalue($this->eRParts[1]) . ',' . GeneralUtility::quoteJSvalue(GeneralUtility::getIndpEnv('SCRIPT_NAME') . '?id=' . $this->id) . ');')
->setTitle($lang->getLL('deleteItem'))
->setIcon($this->iconFactory->getIcon('actions-edit-delete', Icon::SIZE_SMALL));
$this->buttonBar->addButton($deleteButton, ButtonBar::BUTTON_POSITION_LEFT, 4);
}
......@@ -1186,7 +1186,7 @@ class PageLayoutController
if ($this->undoButton) {
$undoButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setOnClick(htmlspecialchars('window.location.href=' .
->setOnClick('window.location.href=' .
GeneralUtility::quoteJSvalue(
BackendUtility::getModuleUrl(
'record_history',
......@@ -1197,13 +1197,13 @@ class PageLayoutController
'returnUrl' => $this->R_URI,
)
)
) . '; return false;'))
->setTitle(htmlspecialchars(sprintf($lang->getLL('undoLastChange'), BackendUtility::calcAge($GLOBALS['EXEC_TIME'] - $this->undoButtonR['tstamp'], $lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.minutesHoursDaysYears')))))
) . '; return false;')
->setTitle(sprintf($lang->getLL('undoLastChange'), BackendUtility::calcAge($GLOBALS['EXEC_TIME'] - $this->undoButtonR['tstamp'], $lang->sL('LLL:EXT:lang/locallang_core.xlf:labels.minutesHoursDaysYears'))))
->setIcon($this->iconFactory->getIcon('actions-edit-undo', Icon::SIZE_SMALL));
$this->buttonBar->addButton($undoButton, ButtonBar::BUTTON_POSITION_LEFT, 5);
$historyButton = $this->buttonBar->makeLinkButton()
->setHref('#')
->setOnClick(htmlspecialchars('jumpToUrl(' .
->setOnClick('jumpToUrl(' .
GeneralUtility::quoteJSvalue(
BackendUtility::getModuleUrl(
'record_history',
......@@ -1212,8 +1212,8 @@ class PageLayoutController
'returnUrl' => $this->R_URI,
)
) . '#latest'
) . ');return false;'))
->setTitle($lang->getLL('recordHistory', true))
) . ');return false;')
->setTitle($lang->getLL('recordHistory'))
->setIcon($this->iconFactory->getIcon('actions-document-history-open', Icon::SIZE_SMALL));
$this->buttonBar->addButton($historyButton, ButtonBar::BUTTON_POSITION_LEFT, 3);
}
......
......@@ -275,7 +275,7 @@ class RteController extends AbstractWizardController
// Close
$closeButton = $buttonBar->makeLinkButton()
->setHref($closeUrl)
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-close', Icon::SIZE_SMALL));
$buttonBar->addButton($closeButton, ButtonBar::BUTTON_POSITION_LEFT, 10);
......@@ -285,7 +285,7 @@ class RteController extends AbstractWizardController
->setValue('1')
->setForm('RteController')
->setOnClick('TBE_EDITOR.checkAndDoSubmit(1); return false;')
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL));
// Save & View
$saveAndViewButton = $buttonBar->makeInputButton()
......@@ -294,7 +294,7 @@ class RteController extends AbstractWizardController
->setForm('RteController')
->setOnClick('document.editform.redirect.value+= ' . GeneralUtility::quoteJSvalue('&popView=1') . '; '
. ' TBE_EDITOR.checkAndDoSubmit(1); return false;')
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDocShow'))
->setIcon(
$this->moduleTemplate->getIconFactory()->getIcon('actions-document-save-view', Icon::SIZE_SMALL)
);
......@@ -306,7 +306,7 @@ class RteController extends AbstractWizardController
->setForm('RteController')
->setOnClick('document.editform.redirect.value=' . GeneralUtility::quoteJSvalue($closeUrl)
. '; TBE_EDITOR.checkAndDoSubmit(1); return false;')
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-close',
Icon::SIZE_SMALL
......
......@@ -201,7 +201,7 @@ class TableController extends AbstractWizardController
// Close
$closeButton = $buttonBar->makeLinkButton()
->setHref($this->P['returnUrl'])
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.closeDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-close', Icon::SIZE_SMALL));
$buttonBar->addButton($closeButton);
// Save
......@@ -210,13 +210,13 @@ class TableController extends AbstractWizardController
->setValue('1')
->setForm('TableController')
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-document-save', Icon::SIZE_SMALL))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc', true));
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveDoc'));
// Save & Close
$saveAndCloseButton = $buttonBar->makeInputButton()
->setName('_saveandclosedok')
->setValue('1')
->setForm('TableController')
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc', true))
->setTitle($this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:rm.saveCloseDoc'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon(
'actions-document-save-close',
Icon::SIZE_SMALL
......@@ -231,7 +231,7 @@ class TableController extends AbstractWizardController
->setName('_refresh')
->setValue('1')
->setForm('TableController')
->setTitle($this->getLanguageService()->getLL('forms_refresh', true))
->setTitle($this->getLanguageService()->getLL('forms_refresh'))
->setIcon($this->moduleTemplate->getIconFactory()->getIcon('actions-refresh', Icon::SIZE_SMALL));
$buttonBar->addButton($reloadButton);
}
......
......@@ -159,7 +159,7 @@ class InputButton extends AbstractButton implements ButtonInterface
$labelText = ' ' . $this->title;
}
foreach ($this->dataAttributes as $attributeName => $attributeValue) {
$attributes['data-' . htmlspecialchars($attributeName)] = $attributeValue;
$attributes['data-' . $attributeName] = $attributeValue;
}
$attributesString = '';
foreach ($attributes as $key => $value) {
......
......@@ -99,7 +99,7 @@ class LinkButton extends AbstractButton implements ButtonInterface
$labelText = ' ' . $this->title;
}
foreach ($this->dataAttributes as $attributeName => $attributeValue) {
$attributes['data-' . htmlspecialchars($attributeName)] = $attributeValue;
$attributes['data-' . $attributeName] = $attributeValue;
}
if ($this->onClick !== '') {
$attributes['onclick'] = $this->onClick;
......
......@@ -138,7 +138,7 @@ class SplitButton extends AbstractButton implements ButtonInterface
$items = $this->getButton();
$attributes = [
'type' => 'submit',
'class' => 'btn btn-sm btn-default ' . htmlspecialchars($items['primary']->getClasses()),
'class' => 'btn btn-sm btn-default ' . $items['primary']->getClasses(),
'name' => $items['primary']->getName(),
'value' => $items['primary']->getValue()
];
......@@ -173,7 +173,7 @@ class SplitButton extends AbstractButton implements ButtonInterface
'data-form' => $option->getForm()
];
if (!empty($option->getClasses())) {
$optionAttributes['class'] = htmlspecialchars($option->getClasses());
$optionAttributes['class'] = $option->getClasses();
}
if (!empty($option->getOnClick())) {
$optionAttributes['onclick'] = $option->getOnClick();
......
......@@ -134,7 +134,7 @@ class BackendUserActionController extends ActionController
$returnUrl = rawurlencode(BackendUtility::getModuleUrl('system_BeuserTxBeuser'));
$parameters = GeneralUtility::explodeUrl2Array('edit[be_users][0]=new&returnUrl=' . $returnUrl);
$addUserLink = BackendUtility::getModuleUrl('record_edit', $parameters);
$title = $this->getLanguageService()->sL('LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newRecordGeneral', true);
$title = $this->getLanguageService()->sL('LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newRecordGeneral');
$icon = $this->view->getModuleTemplate()->getIconFactory()->getIcon('actions-document-new', Icon::SIZE_SMALL);
$addUserButton = $buttonBar->makeLinkButton()
->setHref($addUserLink)
......@@ -144,7 +144,7 @@ class BackendUserActionController extends ActionController
}
if ($this->request->getControllerActionName() === 'compare') {
$addUserLink = BackendUtility::getModuleUrl('system_BeuserTxBeuser');
$title = $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack', true);
$title = $this->getLanguageService()->sL('LLL:EXT:lang/locallang_core.xlf:labels.goBack');
$icon = $this->view->getModuleTemplate()->getIconFactory()->getIcon('actions-view-go-back', Icon::SIZE_SMALL);
$addUserButton = $buttonBar->makeLinkButton()
->setHref($addUserLink)
......@@ -166,7 +166,7 @@ class BackendUserActionController extends ActionController
)));
$parameters = GeneralUtility::explodeUrl2Array('edit[be_groups][0]=new&returnUrl=' . $returnUrl);
$addUserLink = BackendUtility::getModuleUrl('record_edit', $parameters);
$title = $this->getLanguageService()->sL('LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newRecordGeneral', true);
$title = $this->getLanguageService()->sL('LLL:EXT:backend/Resources/Private/Language/locallang_layout.xlf:newRecordGeneral');
$icon = $this->view->getModuleTemplate()->getIconFactory()->getIcon('actions-document-new', Icon::SIZE_SMALL);
$addUserGroupButton = $buttonBar->makeLinkButton()
->setHref($addUserLink)
......
......@@ -169,9 +169,9 @@ class PermissionController extends ActionController