|
|
@@ -502,7 +502,7 @@ function updateSettings($changeArray, $update = false, $debug = false)
|
|
|
*/
|
|
|
function constructPageIndex($base_url, &$start, $max_value, $num_per_page, $flexible_start = false, $show_prevnext = true)
|
|
|
{
|
|
|
- global $modSettings, $context, $txt;
|
|
|
+ global $modSettings, $context, $txt, $smcFunc;
|
|
|
|
|
|
// Save whether $start was less than 0 or not.
|
|
|
$start = (int) $start;
|
|
|
@@ -559,7 +559,7 @@ function constructPageIndex($base_url, &$start, $max_value, $num_per_page, $flex
|
|
|
|
|
|
// Show the ... after the first page. (prev page 1 >...< 6 7 [8] 9 10 ... 15 next page)
|
|
|
if ($start > $num_per_page * ($PageContiguous + 1))
|
|
|
- $pageindex .= '<span class="expand_pages" onclick="' . htmlspecialchars('expandPages(this, ' . JavaScriptEscape(($flexible_start ? $base_url : strtr($base_url, array('%' => '%%')) . ';start=%1$d')) . ', ' . $num_per_page . ', ' . ($start - $num_per_page * $PageContiguous) . ', ' . $num_per_page . ');') . '" onmouseover="this.style.cursor = \'pointer\';"><strong> ... </strong></span>';
|
|
|
+ $pageindex .= '<span class="expand_pages" onclick="' . $smcFunc['htmlspecialchars']('expandPages(this, ' . JavaScriptEscape(($flexible_start ? $base_url : strtr($base_url, array('%' => '%%')) . ';start=%1$d')) . ', ' . $num_per_page . ', ' . ($start - $num_per_page * $PageContiguous) . ', ' . $num_per_page . ');') . '" onmouseover="this.style.cursor = \'pointer\';"><strong> ... </strong></span>';
|
|
|
|
|
|
// Show the pages before the current one. (prev page 1 ... >6 7< [8] 9 10 ... 15 next page)
|
|
|
for ($nCont = $PageContiguous; $nCont >= 1; $nCont--)
|
|
|
@@ -586,7 +586,7 @@ function constructPageIndex($base_url, &$start, $max_value, $num_per_page, $flex
|
|
|
|
|
|
// Show the '...' part near the end. (prev page 1 ... 6 7 [8] 9 10 >...< 15 next page)
|
|
|
if ($start + $num_per_page * ($PageContiguous + 1) < $tmpMaxPages)
|
|
|
- $pageindex .= '<span class="expand_pages" onclick="' . htmlspecialchars('expandPages(this, ' . JavaScriptEscape(($flexible_start ? $base_url : strtr($base_url, array('%' => '%%')) . ';start=%1$d')) . ', ' . ($start + $num_per_page * ($PageContiguous + 1)) . ', ' . $tmpMaxPages . ', ' . $num_per_page . ');') . '" onmouseover="this.style.cursor=\'pointer\';"><strong> ... </strong></span>';
|
|
|
+ $pageindex .= '<span class="expand_pages" onclick="' . $smcFunc['htmlspecialchars']('expandPages(this, ' . JavaScriptEscape(($flexible_start ? $base_url : strtr($base_url, array('%' => '%%')) . ';start=%1$d')) . ', ' . ($start + $num_per_page * ($PageContiguous + 1)) . ', ' . $tmpMaxPages . ', ' . $num_per_page . ');') . '" onmouseover="this.style.cursor=\'pointer\';"><strong> ... </strong></span>';
|
|
|
|
|
|
// Show the last number in the list. (prev page 1 ... 6 7 [8] 9 10 ... >15< next page)
|
|
|
if ($start + $num_per_page * $PageContiguous < $tmpMaxPages)
|
|
|
@@ -2426,7 +2426,7 @@ function parsesmileys(&$message)
|
|
|
while ($row = $smcFunc['db_fetch_assoc']($result))
|
|
|
{
|
|
|
$smileysfrom[] = $row['code'];
|
|
|
- $smileysto[] = htmlspecialchars($row['filename']);
|
|
|
+ $smileysto[] = $smcFunc['htmlspecialchars']($row['filename']);
|
|
|
$smileysdescs[] = $row['description'];
|
|
|
}
|
|
|
$smcFunc['db_free_result']($result);
|
|
|
@@ -2443,12 +2443,12 @@ function parsesmileys(&$message)
|
|
|
// This smiley regex makes sure it doesn't parse smileys within code tags (so [url=mailto:[email protected]] doesn't parse the :D smiley)
|
|
|
$smileyPregReplacements = array();
|
|
|
$searchParts = array();
|
|
|
- $smileys_path = htmlspecialchars($modSettings['smileys_url'] . '/' . $user_info['smiley_set'] . '/');
|
|
|
+ $smileys_path = $smcFunc['htmlspecialchars']($modSettings['smileys_url'] . '/' . $user_info['smiley_set'] . '/');
|
|
|
|
|
|
for ($i = 0, $n = count($smileysfrom); $i < $n; $i++)
|
|
|
{
|
|
|
- $specialChars = htmlspecialchars($smileysfrom[$i], ENT_QUOTES);
|
|
|
- $smileyCode = '<img src="' . $smileys_path . $smileysto[$i] . '" alt="' . strtr($specialChars, array(':' => ':', '(' => '(', ')' => ')', '$' => '$', '[' => '[')). '" title="' . strtr(htmlspecialchars($smileysdescs[$i]), array(':' => ':', '(' => '(', ')' => ')', '$' => '$', '[' => '[')) . '" class="smiley" />';
|
|
|
+ $specialChars = $smcFunc['htmlspecialchars']($smileysfrom[$i], ENT_QUOTES);
|
|
|
+ $smileyCode = '<img src="' . $smileys_path . $smileysto[$i] . '" alt="' . strtr($specialChars, array(':' => ':', '(' => '(', ')' => ')', '$' => '$', '[' => '[')). '" title="' . strtr($smcFunc['htmlspecialchars']($smileysdescs[$i]), array(':' => ':', '(' => '(', ')' => ')', '$' => '$', '[' => '[')) . '" class="smiley" />';
|
|
|
|
|
|
$smileyPregReplacements[$smileysfrom[$i]] = $smileyCode;
|
|
|
|
|
|
@@ -2843,8 +2843,8 @@ function determineTopicClass(&$topic_context)
|
|
|
*/
|
|
|
function setupThemeContext($forceload = false)
|
|
|
{
|
|
|
- global $modSettings, $user_info, $scripturl, $context, $settings, $options, $txt, $maintenance;
|
|
|
- global $user_settings, $smcFunc;
|
|
|
+ global $modSettings, $user_info, $scripturl, $context, $settings;
|
|
|
+ global $user_settings, $smcFunc, $options, $txt, $maintenance;
|
|
|
static $loaded = false;
|
|
|
|
|
|
// Under SSI this function can be called more then once. That can cause some problems.
|
|
|
@@ -2911,7 +2911,7 @@ function setupThemeContext($forceload = false)
|
|
|
}
|
|
|
// Otherwise we assume it's server stored?
|
|
|
elseif ($user_info['avatar']['url'] != '')
|
|
|
- $context['user']['avatar']['href'] = $modSettings['avatar_url'] . '/' . htmlspecialchars($user_info['avatar']['url']);
|
|
|
+ $context['user']['avatar']['href'] = $modSettings['avatar_url'] . '/' . $smcFunc['htmlspecialchars']($user_info['avatar']['url']);
|
|
|
|
|
|
if (!empty($context['user']['avatar']))
|
|
|
$context['user']['avatar']['image'] = '<img src="' . $context['user']['avatar']['href'] . '"' . (isset($context['user']['avatar']['width']) ? ' width="' . $context['user']['avatar']['width'] . '"' : '') . (isset($context['user']['avatar']['height']) ? ' height="' . $context['user']['avatar']['height'] . '"' : '') . ' alt="" class="avatar" />';
|
Suki