Changeset 851 for trunk/Modules/User
- Timestamp:
- Jan 17, 2016, 10:07:13 PM (9 years ago)
- Location:
- trunk/Modules/User
- Files:
-
- 4 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/Modules/User/Options.php
r848 r851 30 30 '<tr><td>'.T('Preferred client version').': </td><td>'.ClientVersionSelection($this->System->User->PreferredVersion).'</td></tr>'. 31 31 '<tr><td>'.T('Public profile text').':</td><td>'. 32 '<textarea name="info" cols="60" rows="10">'. $this->System->User->Info.'</textarea></td></tr>';32 '<textarea name="info" cols="60" rows="10">'.htmlspecialchars($this->System->User->Info).'</textarea></td></tr>'; 33 33 34 34 $Output .= '<tr><td>'; … … 64 64 $Output .= '<option value="'.$LineTeam['Id'].'"'; 65 65 if ($LineTeam['Id'] == $this->System->User->Team) $Output .= ' selected="selected"'; 66 $Output .= '>'. $LineTeam['Name'].'</option>';66 $Output .= '>'.htmlspecialchars($LineTeam['Name']).'</option>'; 67 67 } 68 68 $Output .= '</select> <input type="submit" value="'.T('Enter').'" /> -
trunk/Modules/User/Profile.php
r850 r851 64 64 if($this->System->User->Id != null) $Action .= ' <a href="'.$this->System->Link('/export/?Action=Clone&ExportId='.$Export['Id']).'" onclick="return confirmAction(\''.T('Really clone item?').'\');">'.T('Clone').'</a>'; 65 65 $Output .= '<tr><td>'.HumanDate($Export['TimeCreate']).'</td>'. 66 '<td>'. $Export['Title'].'</td>'.66 '<td>'.htmlspecialchars($Export['Title']).'</td>'. 67 67 '<td>'.$Export['OutputType'].'</td>'. 68 68 '<td><a href="'.$this->System->Link('/client-version/?action=item&id='.$Export['ClientVersionId']).'">'.$Export['ClientVersion'].'</a></td>'. … … 109 109 { 110 110 $Output .= '<tr><td>'.HumanDate($DbRow['ModifyTime']).'</td>'. 111 112 113 111 '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&ID='.$DbRow['ID']).'">'.$DbRow['ID'].'</a></td>'. 112 '<td><a href="'.$this->System->Link('/form.php?group='.$DbRow['Group'].'&ID='.$DbRow['Take']).'">'.$DbRow['Take'].'</a></td>'. 113 '<td><a href="'.$this->System->Link('/TranslationList.php?group='.$DbRow['Group'].'&action=filter').'">'.T($DbRow['GroupName']).'</a></td></tr>'; 114 114 } 115 115 $Output .= '</table>'; … … 125 125 126 126 $Output .= '<div class="shoutbox">'; 127 $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, `ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` as `ThreadName`,`ForumText`.`Thread` FROM `ForumText` JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count); 127 $DbResult = $this->System->Database->query('SELECT `ForumText`.`Text`, '. 128 '`ForumText`.`Date`, `ForumText`.`UserName`,`ForumThread`.`Text` AS `ThreadName`, '. 129 '`ForumText`.`Thread` FROM `ForumText` '. 130 'JOIN `ForumThread` ON `ForumThread`.`ID` = `ForumText`.`Thread` '. 131 'WHERE `ForumText`.`User` = '.($_GET['user'] * 1).' ORDER BY `ForumText`.`Date` DESC LIMIT '.$Count); 128 132 while($Line = $DbResult->fetch_assoc()) 129 $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.$Line['ThreadName'].'</a><br /><strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.$parser->qparse($Line['Text']).'</div> '; 133 $Output .= '<div><a href="'.$this->System->Link('/forum/?Thread='.$Line['Thread']).'">'.htmlspecialchars($Line['ThreadName']).'</a><br />'. 134 '<strong>'.$Line['UserName'].'</strong> ('.HumanDate($Line['Date']).'): '.htmlspecialchars($parser->qparse($Line['Text'])).'</div> '; 130 135 $Output .= '</div>'; 131 136 return($Output); … … 159 164 T('Level:').' <strong>'.$XP['Level'].'</strong> '.T('experience:').' '.ProgressBar(150, round($XP['XP'] / $XP['MaxXP'] * 100, 2), $XP['XP'].' / '.$XP['MaxXP']).'<br/>'; 160 165 if($UserLine['TeamName'] != '') 161 $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&id='.$UserLine['Team']).'"><strong>'. $UserLine['TeamName'].'</strong></a><br />';166 $Output .= T('Member of team:').' <a href="'.$this->System->Link('/team/?action=team&id='.$UserLine['Team']).'"><strong>'.htmlspecialchars($UserLine['TeamName']).'</strong></a><br />'; 162 167 163 168 // User tags … … 175 180 } 176 181 177 $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'. str_replace("\n", '<br/>', $UserLine['Info']).'</fieldset><br/>';182 $Output .= '<br /><fieldset><legend>'.T('Profile text:').'</legend>'.htmlspecialchars(str_replace("\n", '<br/>', $UserLine['Info'])).'</fieldset><br/>'; 178 183 179 184 $Output .= '<table class="Home"><tr>'. … … 183 188 $Output .= '<br />'.$this->ShowLastForum().'<br />'; 184 189 if($this->System->User->Licence(LICENCE_MODERATOR)) 185 {190 { 186 191 $Output .= '<fieldset><legend>Moderování</legend>'; 187 192 188 193 $Output .= '<form action="?user='.($_GET['user'] * 1).'" method="post">Přidání tagu uživateli:<br />'; 189 $Query = 'SELECT * FROM UserTagType';194 $Query = 'SELECT * FROM `UserTagType`'; 190 195 $DbResult = $this->Database->query($Query); 191 196 while ($UserTag = $DbResult->fetch_array()) { -
trunk/Modules/User/Registration.php
r844 r851 19 19 <fieldset><legend>'.T('New user registration').'</legend> 20 20 <table> 21 <tr><td colspan="2">'.T('Please read carefully <a href="'.$this->System->Link('/info/').'">translation guidelines</a> and follow them. Translate with diacritics!').'<br/><br/></td></tr> 21 <tr><td colspan="2">'.sprintf(T('Please read carefully %s and follow them. Translate with diacritics!'), 22 '<a href="'.$this->System->Link('/info/').'">'.T('translation guidelines').'</a>'). 23 '<br/><br/></td></tr> 22 24 <tr> 23 25 <th class="Left">'.T('Are you human?').'</th>'; … … 27 29 </tr> 28 30 <tr> 29 <th class="Left">'.T('Name :').'</th>31 <th class="Left">'.T('Name').':</th> 30 32 <td><input type="text" name="user" value="'.$UserName.'"/></td> 31 33 </tr> 32 34 <tr> 33 <th class="Left">'.T('Password :').'</th>35 <th class="Left">'.T('Password').':</th> 34 36 <td><input type="password" name="pass" /></td> 35 37 </tr> 36 38 <tr> 37 <th class="Left">'.T('Password confirmation :').'</th>39 <th class="Left">'.T('Password confirmation').':</th> 38 40 <td><input type="password" name="pass2" /></td> 39 41 </tr> 40 42 <tr> 41 <th class="Left">'.T('E-mail :').'</th>43 <th class="Left">'.T('E-mail').':</th> 42 44 <td><input type="text" name="Email" value="'.$Email.'"/></td> 43 45 </tr> 44 46 <tr> 45 <th class="Left">'.T('I will translate normally to :').'</th>47 <th class="Left">'.T('I will translate normally to').':</th> 46 48 <td>'.WriteLanguages($Language).'</td> 47 49 </tr> 48 50 <tr> 49 <th class="Left">'.T('I belong to team :').'</th>';51 <th class="Left">'.T('I belong to team').':</th>'; 50 52 if($Team == '') $Selected = ' selected="selected"'; 51 53 else $Selected = ''; … … 56 58 if($Team == $Line['Id']) $Selected = ' selected="selected"'; 57 59 else $Selected = ''; 58 $Output .= '<option value="0'.$Line['Id'].'"'.$Selected.'>'. $Line['Name'].'</option>';60 $Output .= '<option value="0'.$Line['Id'].'"'.$Selected.'>'.htmlspecialchars($Line['Name']).'</option>'; 59 61 } 60 62 $Output .= '</select>'; 61 63 $Output .= '</td></tr>'. 62 '<tr><th class="Left">'.T('Preferred client version :').'</th><td>'.ClientVersionSelection('').'</td></tr>';64 '<tr><th class="Left">'.T('Preferred client version').':</th><td>'.ClientVersionSelection('').'</td></tr>'; 63 65 64 66 $Query = 'SELECT * FROM UserTagType'; 65 67 $DbResult = $this->Database->query($Query); 66 68 $Output .= '<tr><th class="Left">'. 67 T('Select rules which you will apply during translation :').'</th><td>';69 T('Select rules which you will apply during translation').':</th><td>'; 68 70 while ($UserTag = $DbResult->fetch_array()) 69 71 { -
trunk/Modules/User/UserList.php
r843 r851 20 20 { 21 21 $TeamId = $_GET['team'] * 1; 22 $DbResult = $this->Database->select('Team', 'Name', ' Id='.$TeamId);22 $DbResult = $this->Database->select('Team', 'Name', '`Id`='.$TeamId); 23 23 if($DbResult->num_rows > 0) 24 24 { 25 25 $Team = $DbResult->fetch_assoc(); 26 $Output .= '<h3>'.sprintf(T('Users in team %s'), $Team['Name']).'</h3>';26 $Output .= '<h3>'.sprintf(T('Users in team %s'), htmlspecialchars($Team['Name'])).'</h3>'; 27 27 $TeamFilter = ' AND (`Team`='.$_GET['team'].')'; 28 28 } else {
Note:
See TracChangeset
for help on using the changeset viewer.